Hi Jeff,
On Mon, Feb 24, 2025 at 10:52:42PM +, jef...@chromium.org wrote:
> From: Jeff Xu
>
> Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on x86-64,
> covering the vdso, vvar, vvar_vclock.
>
> Production release testing passes on Android and Chrome OS.
>
> Signed-off-by: Jeff Xu
> --
Hi,
On Tue, 2025-02-25 at 06:22 +, Lorenzo Stoakes wrote:
> On Mon, Feb 24, 2025 at 10:52:44PM +, jef...@chromium.org wrote:
> > From: Jeff Xu
> >
> > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on UML, covering
> > the vdso.
> >
> > Testing passes on UML.
>
> Maybe expand on this
On Tue, Feb 25, 2025 at 08:45:21AM +, Berg, Benjamin wrote:
> Hi,
>
> On Tue, 2025-02-25 at 06:22 +, Lorenzo Stoakes wrote:
> > On Mon, Feb 24, 2025 at 10:52:44PM +, jef...@chromium.org wrote:
> > > From: Jeff Xu
> > >
> > > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on UML, cove
BTW can we please drop the 'mseal, system mappings' prefixes on this
series, it's really weird and makes it really hard for me to actually read
the individual summary lines for each commit. 'mseal:' will do.
I mean really you could argue it's 'mm: mseal: ...' but I'm not quite
_that_ pedantic :)
Since kstrtol() requires a NUL-terminated string as input and strncpy()
is deprecated for NUL-terminated destination buffers, use strscpy()
instead.
Compile-tested only.
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Thorsten Blum
---
drivers/pl
-Wflex-array-member-not-at-end was introduced in GCC-14, and we are
getting ready to enable it, globally.
So, in this particular case, we create a new `struct mlx5e_umr_wqe_hdr`
to enclose the header part of flexible structure `struct mlx5e_umr_wqe`.
This is, all the members except the flexible ar
On February 25, 2025 1:14:01 PM PST, Andrew Cooper
wrote:
>Peter Zijlstra has added a FineIBT=paranoid mode which performs the hash
>check ahead of calling the function pointer, which ought to mitigate
>this but at even higher overhead.
Was kCFI vs FineIBT perf ever measured? Is the assumptio
-Wflex-array-member-not-at-end was introduced in GCC-14, and we are
getting ready to enable it, globally.
So, in this particular case, we create a new `struct mlx5e_umr_wqe_hdr`
to enclose the header part of flexible structure `struct mlx5e_umr_wqe`.
This is, all the members except the flexible ar
On Tue, Feb 25, 2025 at 10:38 AM Kees Cook wrote:
>
> On Tue, Feb 25, 2025 at 03:31:06PM +, Lorenzo Stoakes wrote:
> > On Tue, Feb 25, 2025 at 07:06:13AM -0800, Kees Cook wrote:
> > >
> > >
> > > On February 25, 2025 2:37:11 AM PST, Lorenzo Stoakes
> > > wrote:
> > > >On Tue, Feb 25, 2025 at
On Tue, Feb 25, 2025 at 7:23 AM Liam R. Howlett wrote:
>
> * jef...@chromium.org [250224 17:52]:
> > From: Jeff Xu
> >
> > Provide infrastructure to mseal system mappings. Establish
> > two kernel configs (CONFIG_MSEAL_SYSTEM_MAPPINGS,
> > ARCH_HAS_MSEAL_SYSTEM_MAPPINGS) and VM_SEALED_SYSMAP
> >
On Mon, Feb 24, 2025 at 10:24 PM Lorenzo Stoakes
wrote:
>
> On Mon, Feb 24, 2025 at 10:52:45PM +, jef...@chromium.org wrote:
> > From: Jeff Xu
> >
> > Provide support to mseal the uprobe mapping.
> >
> > Unlike other system mappings, the uprobe mapping is not
> > established during program st
On Mon, Feb 24, 2025 at 10:05 PM Lorenzo Stoakes
wrote:
> > +config ARCH_HAS_MSEAL_SYSTEM_MAPPINGS
> > + bool
> > + help
> > + Control MSEAL_SYSTEM_MAPPINGS access based on architecture.
> > +
> > + A 64-bit kernel is required for the memory sealing feature.
> > + No spec
On Mon, Feb 24, 2025 at 10:07 PM Lorenzo Stoakes
wrote:
>
> On Mon, Feb 24, 2025 at 05:45:13PM +, jef...@chromium.org wrote:
> > From: Jeff Xu
> >
> > Update memory sealing documentation to include details about system
> > mappings.
> >
> > Signed-off-by: Jeff Xu
> > ---
> > Documentation/u
On Mon, Feb 24, 2025 at 10:20 PM Lorenzo Stoakes
wrote:
>
> On Mon, Feb 24, 2025 at 10:52:43PM +, jef...@chromium.org wrote:
> > From: Jeff Xu
> >
> > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on arm64, covering
> > the vdso, vvar, and compat-mode vectors and sigpage mappings.
> >
> >
On Mon, Feb 24, 2025 at 10:15 PM Lorenzo Stoakes
wrote:
>
> On Mon, Feb 24, 2025 at 10:52:41PM +, jef...@chromium.org wrote:
> > From: Jeff Xu
> >
> > Add code to detect if the vdso is memory sealed, skip the test
> > if it is.
>
> I feel this is a little succinct of a commit message, but I g
Add str_tx_rx() helper to return "tx" or "rx" string literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index 120ca0f28e95..fbbf1e657806 100644
---
On Tue, Feb 25, 2025 at 04:06:37PM -0800, Jeff Xu wrote:
> On Mon, Feb 24, 2025 at 10:24 PM Lorenzo Stoakes
> wrote:
> >
> > On Mon, Feb 24, 2025 at 10:52:45PM +, jef...@chromium.org wrote:
> > > From: Jeff Xu
> > >
> > > Provide support to mseal the uprobe mapping.
> > >
> > > Unlike other s
On Tue, Feb 25, 2025 at 02:37:46PM -0800, Jeff Xu wrote:
> On Mon, Feb 24, 2025 at 10:15 PM Lorenzo Stoakes
> wrote:
> >
> > On Mon, Feb 24, 2025 at 10:52:41PM +, jef...@chromium.org wrote:
> > > From: Jeff Xu
> > >
> > > Add code to detect if the vdso is memory sealed, skip the test
> > > if
On Tue, Feb 25, 2025 at 04:17:01PM -0800, Jeff Xu wrote:
> On Tue, Feb 25, 2025 at 2:32 AM Lorenzo Stoakes
> wrote:
> >
> > BTW can we please drop the 'mseal, system mappings' prefixes on this
> > series, it's really weird and makes it really hard for me to actually read
> > the individual summary
On Tue, Feb 25, 2025 at 05:33:24PM -0800, Jeff Xu wrote:
> On Mon, Feb 24, 2025 at 10:05 PM Lorenzo Stoakes
> wrote:
> > > +config ARCH_HAS_MSEAL_SYSTEM_MAPPINGS
> > > + bool
> > > + help
> > > + Control MSEAL_SYSTEM_MAPPINGS access based on architecture.
> > > +
> > > + A 64-b
On Tue, Feb 25, 2025 at 04:48:47PM -0800, Jeff Xu wrote:
> On Tue, Feb 25, 2025 at 12:08 AM Thomas Weißschuh
> wrote:
> > On Mon, Feb 24, 2025 at 10:52:42PM +, jef...@chromium.org wrote:
> > > From: Jeff Xu
> > >
> > > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on x86-64,
> > > covering
Add str_enabling_disabling() helper to return "enabling" or "disabling"
string literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index fbbf1e657806
Hi Kees
I would like to use string_choices helper to cleanup the code, but it missing
some of well used string pair in kernel. This patch-set adds it.
Kuninori Morimoto (10):
lib/string_choices: Add str_tx_rx() helper
lib/string_choices: Add str_enabling_disabling() helper
lib/string_choice
On Tue, Feb 25, 2025 at 04:12:40PM -0800, Jeff Xu wrote:
> On Tue, Feb 25, 2025 at 7:18 AM Lorenzo Stoakes
> wrote:
> >
> > Jeff - looking further in this series, I asked for a couple things for this
> > series which you've not provided:
> >
> > 1. Some assurance based on code that the kernel-side
On Tue, Feb 25, 2025 at 02:26:50PM -0800, Jeff Xu wrote:
> On Mon, Feb 24, 2025 at 10:20 PM Lorenzo Stoakes
> wrote:
> >
> > On Mon, Feb 24, 2025 at 10:52:43PM +, jef...@chromium.org wrote:
> > > From: Jeff Xu
> > >
> > > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on arm64, covering
> >
On Tue, Feb 25, 2025 at 02:31:15PM -0800, Jeff Xu wrote:
> On Mon, Feb 24, 2025 at 10:07 PM Lorenzo Stoakes
> wrote:
> >
> > On Mon, Feb 24, 2025 at 05:45:13PM +, jef...@chromium.org wrote:
> > > From: Jeff Xu
> > >
> > > Update memory sealing documentation to include details about system
> >
Add str_attach_detach() helper to return "attach" or "detach" string
literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 7 +++
1 file changed, 7 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index 82c5927d50a9..12b26cb
Add str_kernel_user() helper to return "kernel" or "user" string literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index 1965d3a5976b..82c5927d50a9
Add str_to_from() helper to return "to" or "from" string literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index d52ced93e21e..e07a9a5e403e 100644
Add str_pass_fail() helper to return "pass" or "fail" string literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index 615ddbde4743..d52ced93e21e 100
Add str_level_edge() helper to return "level" or "edge" string literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index e07a9a5e403e..1965d3a5976b 1
Add str_input_output() helper to return "input" or "output" string
literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index 96b54874dc3a..cc7c771f4e
Add str_Y_N() helper to return "Y" or "N" string literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index cc7c771f4e84..615ddbde4743 100644
--- a/in
Add str_in_out() helper to return "in" or "out" string literal.
Signed-off-by: Kuninori Morimoto
---
include/linux/string_choices.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/string_choices.h b/include/linux/string_choices.h
index 2a6c8df585ea..96b54874dc3a 100644
--
On Tue, Feb 25, 2025 at 02:36:52PM -0800, Jeff Xu wrote:
> On Tue, Feb 25, 2025 at 2:31 PM Jeff Xu wrote:
> >
> > On Mon, Feb 24, 2025 at 10:07 PM Lorenzo Stoakes
> > wrote:
> > >
> > > On Mon, Feb 24, 2025 at 05:45:13PM +, jef...@chromium.org wrote:
> > > > From: Jeff Xu
> > > >
> > > > Upd
On Tue, Feb 25, 2025 at 12:08 AM Thomas Weißschuh
wrote:
>
> Hi Jeff,
>
> On Mon, Feb 24, 2025 at 10:52:42PM +, jef...@chromium.org wrote:
> > From: Jeff Xu
> >
> > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on x86-64,
> > covering the vdso, vvar, vvar_vclock.
> >
> > Production release
On Tue, Feb 25, 2025 at 2:31 PM Jeff Xu wrote:
>
> On Mon, Feb 24, 2025 at 10:07 PM Lorenzo Stoakes
> wrote:
> >
> > On Mon, Feb 24, 2025 at 05:45:13PM +, jef...@chromium.org wrote:
> > > From: Jeff Xu
> > >
> > > Update memory sealing documentation to include details about system
> > > mapp
On Tue, Feb 25, 2025 at 7:18 AM Lorenzo Stoakes
wrote:
>
> Jeff - looking further in this series, I asked for a couple things for this
> series which you've not provided:
>
> 1. Some assurance based on code that the kernel-side code doesn't rely on
>VDSO/VVAR etc. mapping. I gave up waiting fo
On Tue, Feb 25, 2025 at 2:32 AM Lorenzo Stoakes
wrote:
>
> BTW can we please drop the 'mseal, system mappings' prefixes on this
> series, it's really weird and makes it really hard for me to actually read
> the individual summary lines for each commit. 'mseal:' will do.
>
I am not sure.
I had com
On Mon, Feb 24, 2025 at 5:03 PM Kees Cook wrote:
>
> On Mon, Feb 24, 2025 at 10:52:42PM +, jef...@chromium.org wrote:
> > From: Jeff Xu
> >
> > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on x86-64,
> > covering the vdso, vvar, vvar_vclock.
> >
> > Production release testing passes on An
On 22/02/2025 8:43 pm, Rudolf Marek wrote:
> Hi,
>
> Dne 13. 02. 25 v 3:42 Andrew Cooper napsal(a):
>> The SYSCALL behaviour TLDR is:
>>
>> %rcx = %rip
>> %r11 = %eflags
>> %cs = fixed attr
>> %ss = fixed attr
>> %rip = MSR_LSTAR
>>
>> which means that %rcx (old rip) is the
On Tue, Feb 25, 2025 at 07:06:13AM -0800, Kees Cook wrote:
>
>
> On February 25, 2025 2:37:11 AM PST, Lorenzo Stoakes
> wrote:
> >On Tue, Feb 25, 2025 at 08:45:21AM +, Berg, Benjamin wrote:
> >> Hi,
> >>
> >> On Tue, 2025-02-25 at 06:22 +, Lorenzo Stoakes wrote:
> >> > On Mon, Feb 24, 202
On Sat, 22 Feb 2025 14:55:20 -0500, Ethan Carter Edwards wrote:
> We are trying to get rid of all multiplications from allocation
> functions to prevent integer overflows[1]. Here the multiplication is
> obviously safe, but using kcalloc() is more appropriate and improves
> readability. This patch
On Tue, Feb 25, 2025 at 03:31:06PM +, Lorenzo Stoakes wrote:
> On Tue, Feb 25, 2025 at 07:06:13AM -0800, Kees Cook wrote:
> >
> >
> > On February 25, 2025 2:37:11 AM PST, Lorenzo Stoakes
> > wrote:
> > >On Tue, Feb 25, 2025 at 08:45:21AM +, Berg, Benjamin wrote:
> > >> Hi,
> > >>
> > >> O
Hi Andrew,
Dne 25. 02. 25 v 19:10 Andrew Cooper napsal(a):
Very cunning. Yes it does, but the state needs to be safe to IRET back
to, and ...
... And intellectually very pleasing!
Would it work to have KERNEL_CS as last entry in the GDT table?
Therefore executing SYSCALL would set the CS as
On 25/02/2025 8:06 pm, Rudolf Marek wrote:
> Hi Andrew,
>
> Dne 25. 02. 25 v 19:10 Andrew Cooper napsal(a):
>> Very cunning. Yes it does, but the state needs to be safe to IRET back
>> to, and ...
>
> ... And intellectually very pleasing!
>
>>> Would it work to have KERNEL_CS as last entry in the
On February 25, 2025 2:37:11 AM PST, Lorenzo Stoakes
wrote:
>On Tue, Feb 25, 2025 at 08:45:21AM +, Berg, Benjamin wrote:
>> Hi,
>>
>> On Tue, 2025-02-25 at 06:22 +, Lorenzo Stoakes wrote:
>> > On Mon, Feb 24, 2025 at 10:52:44PM +, jef...@chromium.org wrote:
>> > > From: Jeff Xu
>>
Jeff - looking further in this series, I asked for a couple things for this
series which you've not provided:
1. Some assurance based on code that the kernel-side code doesn't rely on
VDSO/VVAR etc. mapping. I gave up waiting for this and went and checked
myself, it looks fine for arm64, x86
* jef...@chromium.org [250224 17:52]:
> From: Jeff Xu
>
> Provide infrastructure to mseal system mappings. Establish
> two kernel configs (CONFIG_MSEAL_SYSTEM_MAPPINGS,
> ARCH_HAS_MSEAL_SYSTEM_MAPPINGS) and VM_SEALED_SYSMAP
> macro for future patches.
>
> Signed-off-by: Jeff Xu
> ---
> includ
On Tue, Feb 25, 2025 at 10:22:56AM -0500, Liam R. Howlett wrote:
> * jef...@chromium.org [250224 17:52]:
> > From: Jeff Xu
> >
> > Provide infrastructure to mseal system mappings. Establish
> > two kernel configs (CONFIG_MSEAL_SYSTEM_MAPPINGS,
> > ARCH_HAS_MSEAL_SYSTEM_MAPPINGS) and VM_SEALED_SYS
Hi,
On Tue, 2025-02-25 at 10:37 +, Lorenzo Stoakes wrote:
> On Tue, Feb 25, 2025 at 08:45:21AM +, Berg, Benjamin wrote:
> > Hi,
> >
> > On Tue, 2025-02-25 at 06:22 +, Lorenzo Stoakes wrote:
> > > On Mon, Feb 24, 2025 at 10:52:44PM +, jef...@chromium.org wrote:
> > > > From: Jeff X
On Tue, 2025-02-25 at 13:41 +, Lorenzo Stoakes wrote:
> > I figured it is not a lot of churn and there isn't really any cost to
> > enabling the feature.
> >
> > That said, the only possible real-life use case I can see is doing MM
> > subsystem testing using UML. We certainly do not need the
On Tue, Feb 25, 2025 at 01:24:49PM +0100, Benjamin Berg wrote:
> Hi,
>
> On Tue, 2025-02-25 at 10:37 +, Lorenzo Stoakes wrote:
> > On Tue, Feb 25, 2025 at 08:45:21AM +, Berg, Benjamin wrote:
> > > Hi,
> > >
> > > On Tue, 2025-02-25 at 06:22 +, Lorenzo Stoakes wrote:
> > > > On Mon, Feb
53 matches
Mail list logo
