From: Pedro Falcato <pfalcato@suse.de>
To: Leon Hwang <leon.hwang@linux.dev>
Cc: linux-mm@kvack.org, "Jonathan Corbet" <corbet@lwn.net>,
"Shuah Khan" <skhan@linuxfoundation.org>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Liam R . Howlett" <liam@infradead.org>,
"Lorenzo Stoakes" <ljs@kernel.org>,
"Vlastimil Babka" <vbabka@kernel.org>,
"Jann Horn" <jannh@google.com>, "Paul Walmsley" <pjw@kernel.org>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
"Albert Ou" <aou@eecs.berkeley.edu>,
"Alexandre Ghiti" <alex@ghiti.fr>,
"Nathan Chancellor" <nathan@kernel.org>,
"Peter Zijlstra" <peterz@infradead.org>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Nicolas Schier" <nsc@kernel.org>,
"Thomas Gleixner" <tglx@kernel.org>,
"Thomas Weißschuh" <thomas.weissschuh@linutronix.de>,
"Alice Ryhl" <aliceryhl@google.com>,
"Douglas Anderson" <dianders@chromium.org>,
"Gary Guo" <gary@garyguo.net>,
"Anand Moon" <linux.amoon@gmail.com>,
"Randy Dunlap" <rdunlap@infradead.org>,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-riscv@lists.infradead.org
Subject: Re: [PATCH] mm/mseal: fix mseal documentation for 32-bit kernels
Date: Fri, 3 Jul 2026 10:44:19 +0100 [thread overview]
Message-ID: <akeDk49-pPgUDek1@pedro-suse> (raw)
In-Reply-To: <20260703022507.187457-1-leon.hwang@linux.dev>
On Fri, Jul 03, 2026 at 10:25:07AM +0800, Leon Hwang wrote:
> mseal.o is built only for 64-bit kernels, so 32-bit kernels fall back
> to sys_ni_syscall() and return -ENOSYS rather than -EPERM.
>
> Document the -EINTR return from mmap_write_lock_killable(), fix the
> CONFIG_MSEAL_SYSTEM_MAPPINGS typo, and describe system mappings in
> terms of VM_SEALED_SYSMAP.
>
> Signed-off-by: Leon Hwang <leon.hwang@linux.dev>
> ---
> Documentation/userspace-api/mseal.rst | 18 ++++++++++--------
> init/Kconfig | 2 +-
> mm/mseal.c | 4 ++--
> 3 files changed, 13 insertions(+), 11 deletions(-)
>
> diff --git a/Documentation/userspace-api/mseal.rst b/Documentation/userspace-api/mseal.rst
> index ea9b11a0bd89..1f1cf206670c 100644
> --- a/Documentation/userspace-api/mseal.rst
> +++ b/Documentation/userspace-api/mseal.rst
> @@ -50,8 +50,10 @@ mseal syscall signature
> * The start address (``addr``) is not allocated.
> * The end address (``addr`` + ``len``) is not allocated.
> * A gap (unallocated memory) between start and end address.
> - - **-EPERM**:
> - * sealing is supported only on 64-bit CPUs, 32-bit is not supported.
> + - **-EINTR**:
> + * Interrupted while waiting for the mmap write lock.
> + - **-ENOSYS**:
> + * The kernel does not implement ``mseal()``.
>
> **Note about error return**:
> - For above error cases, users can expect the given memory range is
Honestly, this whole thing needs to be deleted. We need a proper manpage.
> @@ -62,7 +64,8 @@ mseal syscall signature
> memory range could happen. However, those cases should be rare.
>
> **Architecture support**:
> - mseal only works on 64-bit CPUs, not 32-bit CPUs.
> + mseal is built only for 64-bit kernels. 32-bit kernels return
> + ``-ENOSYS``.
This LGTM.
>
> **Idempotent**:
> users can call mseal multiple times. mseal on an already sealed memory
> @@ -131,20 +134,19 @@ Use cases
> - Chrome browser: protect some security sensitive data structures.
>
> - System mappings:
> - The system mappings are created by the kernel and includes vdso, vvar,
> + The system mappings are created by the kernel and include vdso, vvar,
> vvar_vclock, vectors (arm compat-mode), sigpage (arm compat-mode), uprobes.
>
> Those system mappings are readonly only or execute only, memory sealing can
> - protect them from ever changing to writable or unmmap/remapped as different
> + protect them from ever changing to writable or unmapped/remapped as different
> attributes. This is useful to mitigate memory corruption issues where a
> corrupted pointer is passed to a memory management system.
Also LGTM.
>
> If supported by an architecture (CONFIG_ARCH_SUPPORTS_MSEAL_SYSTEM_MAPPINGS),
> - the CONFIG_MSEAL_SYSTEM_MAPPINGS seals all system mappings of this
> - architecture.
> + CONFIG_MSEAL_SYSTEM_MAPPINGS seals mappings marked with VM_SEALED_SYSMAP.
VM_SEALED_SYSMAP isn't meaningful to userspace.
>
> The following architectures currently support this feature: x86-64, arm64,
> - loongarch and s390.
> + loongarch, riscv, and s390.
This is also useless, every 64-bit architecture will support this.
>
> WARNING: This feature breaks programs which rely on relocating
> or unmapping system mappings. Known broken software at the time
> diff --git a/init/Kconfig b/init/Kconfig
> index 5230d4879b1c..12bb39f637b1 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -2112,7 +2112,7 @@ config ARCH_SUPPORTS_MSEAL_SYSTEM_MAPPINGS
> from a kernel perspective.
>
> After the architecture enables this, a distribution can set
> - CONFIG_MSEAL_SYSTEM_MAPPING to manage access to the feature.
> + CONFIG_MSEAL_SYSTEM_MAPPINGS to manage access to the feature.
>
> For complete descriptions of memory sealing, please see
> Documentation/userspace-api/mseal.rst
> diff --git a/mm/mseal.c b/mm/mseal.c
> index 9781647483d1..0464c7b94ab9 100644
> --- a/mm/mseal.c
> +++ b/mm/mseal.c
> @@ -132,8 +132,8 @@ static int mseal_apply(struct mm_struct *mm,
> * addr is not a valid address (not allocated).
> * end (start + len) is not a valid address.
> * a gap (unallocated memory) between start and end.
> - * -EPERM:
> - * - In 32 bit architecture, sealing is not supported.
> + * -EINTR:
> + * interrupted while waiting for the mmap write lock.
> * Note:
> * user can call mseal(2) multiple times, adding a seal on an
> * already sealed memory is a no-action (no error).
And this whole header needs to be deleted as well. No one's looking at
kernel code for documentation (and if they are, we did a horrendous job
at actually documenting the thing).
--
Pedro
next prev parent reply other threads:[~2026-07-03 9:44 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-03 2:25 [PATCH] mm/mseal: fix mseal documentation for 32-bit kernels Leon Hwang
2026-07-03 9:30 ` Lance Yang
2026-07-03 9:44 ` Thomas Weißschuh
2026-07-03 15:09 ` Leon Hwang
2026-07-03 9:44 ` Pedro Falcato [this message]
2026-07-03 14:50 ` Leon Hwang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=akeDk49-pPgUDek1@pedro-suse \
--to=pfalcato@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alex@ghiti.fr \
--cc=aliceryhl@google.com \
--cc=aou@eecs.berkeley.edu \
--cc=corbet@lwn.net \
--cc=dianders@chromium.org \
--cc=gary@garyguo.net \
--cc=jannh@google.com \
--cc=leon.hwang@linux.dev \
--cc=liam@infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux.amoon@gmail.com \
--cc=ljs@kernel.org \
--cc=nathan@kernel.org \
--cc=nsc@kernel.org \
--cc=ojeda@kernel.org \
--cc=palmer@dabbelt.com \
--cc=peterz@infradead.org \
--cc=pjw@kernel.org \
--cc=rdunlap@infradead.org \
--cc=skhan@linuxfoundation.org \
--cc=tglx@kernel.org \
--cc=thomas.weissschuh@linutronix.de \
--cc=vbabka@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox