From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 215ADCF8856 for ; Fri, 4 Oct 2024 19:11:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 542156B0418; Fri, 4 Oct 2024 15:11:48 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4F2246B041A; Fri, 4 Oct 2024 15:11:48 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3E0E56B041B; Fri, 4 Oct 2024 15:11:48 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 201C96B0418 for ; Fri, 4 Oct 2024 15:11:48 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id B0333A0ADC for ; Fri, 4 Oct 2024 19:11:47 +0000 (UTC) X-FDA: 82636864254.06.9B2F296 Received: from cvs.openbsd.org (cvs.openbsd.org [199.185.137.3]) by imf20.hostedemail.com (Postfix) with ESMTP id AAE1F1C001E for ; Fri, 4 Oct 2024 19:11:44 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=openbsd.org header.s=selector1 header.b=OFWcBZ6+; dmarc=none; spf=pass (imf20.hostedemail.com: domain of deraadt@openbsd.org designates 199.185.137.3 as permitted sender) smtp.mailfrom=deraadt@openbsd.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1728068961; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=+ODODQ9zRrs4Bh06kHTCb0ASSY1XooGggTTzx1BEEjU=; b=2f7+cAGJGQEvGZ/mDRfXLVjuPMpxp8T1BWPDcsNzLURZOm9gKfESXoY6sXR+ZoJEc19eRV q8SCUNm8Nur8FF+CTZEcSZl8yC6SOGTT3+MuYjgdJMrafEEps0frMG/S+dqawB4hO4SbTW u5XXTbMLV4ejAUy83Lc+SkdWEerxItY= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1728068961; a=rsa-sha256; cv=none; b=VESGsUR2lgHJLXJR3PDWKrexUJzAX2gEWPKJdA8L7nAqH1GsLraMp8ufarc0O8iBNRz1CZ Ny2yqFTdTUvndzzjUt1KgjOv1VJdK7TzwrHRo/eGKIrqwdU4uTYFwduT6jFWOG/mYklbuu ZU5FGNM1h7E50648atVB9JAZH8ry3QI= ARC-Authentication-Results: i=1; imf20.hostedemail.com; dkim=pass header.d=openbsd.org header.s=selector1 header.b=OFWcBZ6+; dmarc=none; spf=pass (imf20.hostedemail.com: domain of deraadt@openbsd.org designates 199.185.137.3 as permitted sender) smtp.mailfrom=deraadt@openbsd.org DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; s=selector1; bh=6LD92QJ4Xe bEfFMsCs9B8yNyFeac4apJu4y37rt39aI=; h=date:references:in-reply-to: subject:cc:to:from; d=openbsd.org; b=OFWcBZ6+xSEw2Tt3FoRs5BusBaR550el6 FfBROrwB8uRdRboCZSiNSthykXJnBjLKYd+iouEIskglSmV1GBhiJ20t508SURLRgHCgsO ihWy1SzJK92zk3P0pv9N+NukSakaLaOZctoTDSTQrrZy4Gj8/1xSP8htmAql48fL40t17r Hb67vUiBl9O5AlMmKBs39920R6VdEC69YwiJatwGXfDP6GZ8AEXIo28ICVsBrm9zwrAYvK ph3P7Y+gk7ueIR8mWN1Abbk4WEMlaINuDgMnSSO1UXoKRq4o46IK5+2BpWx/Q0jRosoG1c hkiuqAGGGkfPuhe2KIgQxrVXbpsXA== Received: from cvs.openbsd.org (localhost [127.0.0.1]) by cvs.openbsd.org (OpenSMTPD) with ESMTP id c705fde2; Fri, 4 Oct 2024 13:11:42 -0600 (MDT) From: "Theo de Raadt" To: Jeff Xu cc: Randy Dunlap , akpm@linux-foundation.org, keescook@chromium.org, corbet@lwn.net, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, jannh@google.com, sroettger@google.com, pedro.falcato@gmail.com, linux-hardening@vger.kernel.org, willy@infradead.org, gregkh@linuxfoundation.org, torvalds@linux-foundation.org, usama.anjum@collabora.com, surenb@google.com, merimus@google.com, lorenzo.stoakes@oracle.com, Liam.Howlett@oracle.com, enh@google.com Subject: Re: [PATCH v2 1/1] mseal: update mseal.rst In-reply-to: References: <20241001002628.2239032-1-jeffxu@chromium.org> <20241001002628.2239032-2-jeffxu@chromium.org> <4544a4b3-d5b6-4f6b-b3d5-6c309eb8fa9d@infradead.org> Comments: In-reply-to Jeff Xu message dated "Fri, 04 Oct 2024 09:52:43 -0700." MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <13799.1728069102.1@cvs.openbsd.org> Date: Fri, 04 Oct 2024 13:11:42 -0600 Message-ID: <51463.1728069102@cvs.openbsd.org> X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: AAE1F1C001E X-Stat-Signature: db6ousaaxjhsjwhpdny6r34w8afmom3x X-Rspam-User: X-HE-Tag: 1728069104-298122 X-HE-Meta: U2FsdGVkX19B90R4ejvz9z5rRdS2eEe3fH31um+bh4zqwOZiY1PEC/Ti8wkziZZVVp/GBYgyzjd59gJZluy0hUYx0bKopnN+3fSo+S+JjZko5rJT7s0GHEtwt/aKb+1g4DAPWXTZ+UxEiCrDqCtooVuiBbPsxRaMpKejUnPG1O7fUUkVV0BcoYECW8qcRwOiTAqZ74Td+aN9AG4VWQBM2RIhOuqLDcCMmXHan/llBkPX/wy7K/Swr+ttkP19gUpHa5IrcrSSgdMZU/DU0lWFqoWyqaYma9W7HiVqSmjlRdBRW0FhaQSP5TZoCgs0Hx48EbaupTIsGCmhLqj6ikwoRFfU8wSGLUnw74aR8NDCmt0UkFtLpid3IW4DisA/g0lnJrD5EHh2fkjmbfp2gpyb7aNxpfL11mGBb9UcpHZno5MhGP/XhE/BaudcdbdAyGYsHufuIq5yDbhiKxXXYJ2qsU3am3sswozmxh/BgQ6nIvAwu1nvKZFxo7oMmHOPbWmrOmlSe24y2+3QKg8JEP/5AvrZuaZR+5cFhf3PiZkQFMkyrjrc5UWevyD03OsH5KjwFgfHx/t/ummVEHO9iSwwdDLMq9ASUzG18pkgryitskz41SOGinWewrwk64l496170VbeDBouiU+36OTg/OYKzzxuNg/z57TbIVd+SRSzaibZoYvJ4h+jxcjRV2lu4XzqcAVfU2/701MqZXiYZHRApmRrvjU89op+29ZxV3GBSTV3Q2PiGSoGQaKryrhW72rbsYb4RF5osPC1vjeTyjsnzqtXBeUER4JhbnZChPKd3g+xC/w1U2PlnhrT+Y/5/GGFtuxopGvJjZmkoEUOwFWwSF3+4N2DdKhEsp/76Vfoib0siL+Bxv/g1Ls0zt1irFeWeq9r+LYAmGqUG32rvx93/9B9rsJLEDdN7Nn9IYEMiW9ANODrgOGW9YS5VXxwl3bAd4DdnoPVIYCFuy8/C2i fIrjgjG1 4IsyuXUyvkJIwoz5mrVEtTSZOWovjVmGkLpJpbHY/SfbaQ9xdfmCc5SmwOz5S8pXdlpaq8t7yetKR7C0lo/znHIcRJIMZuoUafZ91249JJAz7W/uV71QzAKLR4uV9DQo7U3WinH5s3LfPogP2PBtq00laAFNjJ9guXNqvFjtjGSUDsi3TMwQSytm/qfKvCJCdUZjt6duOi5I9EsXFC4wzk6J1tChQbW4qGTmr9ZHmKAKy21U3kdSnA2XNf8Ieclr1peZPMVajYqTJSKjAuWNt2zwjCpvlrQP0p+Gc0yxg5cc5bUsfbbRHsM0+K/kXibJ4HpBD9KxtWpAznC8npN1Ny+bKhlPbJpKJ/wg3ZHLPvhjkMMg2Y1lqAo5Xq5FeXXw/1k5b X-Bogosity: Ham, tests=bogofilter, spamicity=0.000004, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Jeff Xu wrote: > > > + replacement with a new mapping with new set of attributes, or can > > > + overwrite the existing mapping with another mapping. > > > + > > > + mprotect and pkey_mprotect are blocked because they changes the > > > + protection bits (RWX) of the mapping. > > > + > > > + Some destructive madvise behaviors (MADV_DONTNEED, MADV_FREE,> + MADV_DONTNEED_LOCKED, MADV_FREE, MADV_DONTFORK, MADV_WIPEONFORK) > > > + for anonymous memory, when users don't have write permission to the > > > + memory. Those behaviors can alter region contents by discarding pages, > > > > above is not a sentence but I don't know how to fix it. > > > Would below work ? > > Certain destructive madvise behaviors, specifically MADV_DONTNEED, > MADV_FREE, MADV_DONTNEED_LOCKED, MADV_FREE, MADV_DONTFORK, > MADV_WIPEONFORK, can pose risks when applied to anonymous memory by > threads without write permissions. These behaviors have the potential > to modify region contents by discarding pages, effectively performing > a memset(0) operation on the anonymous memory. In OpenBSD, mimmutable blocks all those madvise() operations. I don't understand the sentence supplied above. Is it saying that mseal() solves that problem, or that mseal() does not solve that problem. I would hope it solves that problem. But the sentence explains the problem without taking a position on what to do.