Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp3990544rdg;
        Wed, 18 Oct 2023 11:28:10 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFxwQDDpyaEIoZkTcE2xw5ZSrdKhHAWD9uHmPvJOg9zZuQibVsIFY82H0ion12XjQ88cSps
X-Received: by 2002:a17:903:191:b0:1c9:ec11:3e8 with SMTP id z17-20020a170903019100b001c9ec1103e8mr212794plg.0.1697653689861;
        Wed, 18 Oct 2023 11:28:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1697653689; cv=none;
        d=google.com; s=arc-20160816;
        b=qE90jz7AHV9j0JtKolL1/VLHGvYsOgUahIEM5w1mQEDWkuUZwcBMHQz8zMFaK+5jVV
         2Le5tzA5mpvqvJyteD0LEcP/nnioyDPC+s4S4jM5Ocgj2fQZrWD5HR5VtrYeZLtBRU10
         TXLZQo3gf8MXxaIJtRFHAWjcrByX0wwgYyS0zm1GK3JgymjhMtnEz8cba2mG5hZyvUV/
         KwSqqCwl7QB0QW0GYRNYz4uOEHWw5FD8Ul6kVp94zPTQRigoYKkBT42xrjqGnBqI6W8G
         E1bLvdFFuXiTvzrIX3gFhT2WH49ntjN2TbUWJzfacFTT7vkkBrx8OBaZ2R4mEWc2AIKT
         Uy7Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=4LSW7ZRKgP1lLxQuTMsxLUqNOunePLnj/+UPZS75Rc0=;
        fh=lHVRKCJ1BfciJXgvmh1lVetORwY0Sndy5DZtpRN6JAY=;
        b=O1B+7qLm9tj84/zaZn7xzTSy7b4Zb10JfZB5XyIC1XRaEhtSRS2aQyTGVxQk/JCwtn
         zK4gensbk9bpEZkWrzx7UPopW2C8R7vpYVK4RdDGMmVz2dI57s6stY9A+9XmjfgbWMF9
         Vzc6MRmaDZC4C4Zth9spafpWQRneaep95voF4v2vaU3V5MdR/iVvEaAe+8b5W1mc2EIy
         0GhgLG4anQuPi8PKUQbewUGA4jQJNnf8ngKaY4AT6AahhEm2djwXHAj9PBO2BQ0vrQ7N
         6pUbzRLCEEQ5eycYbi3Mmkyhv6Qo9w8Hy484UP6piL5tVs9Ll3kO2BmO0TaKSClM0GUp
         xMzw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=hcZXq2Uh;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2])
        by mx.google.com with ESMTPS id j8-20020a170903024800b001ca0963f11esi447498plh.459.2023.10.18.11.27.47
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 18 Oct 2023 11:28:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=hcZXq2Uh;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by agentk.vger.email (Postfix) with ESMTP id 7E7DF80FF2A0;
	Wed, 18 Oct 2023 11:27:43 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230198AbjJRS1e (ORCPT <rfc822;gvb.lkml@gmail.com> + 99 others);
        Wed, 18 Oct 2023 14:27:34 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32934 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231912AbjJRS1b (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 18 Oct 2023 14:27:31 -0400
Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [IPv6:2a00:1450:4864:20::62b])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 834AA122
        for <linux-kernel@vger.kernel.org>; Wed, 18 Oct 2023 11:27:28 -0700 (PDT)
Received: by mail-ej1-x62b.google.com with SMTP id a640c23a62f3a-9ae2cc4d17eso1156254966b.1
        for <linux-kernel@vger.kernel.org>; Wed, 18 Oct 2023 11:27:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linux-foundation.org; s=google; t=1697653646; x=1698258446; darn=vger.kernel.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=4LSW7ZRKgP1lLxQuTMsxLUqNOunePLnj/+UPZS75Rc0=;
        b=hcZXq2UhksD+Hh6t/eVWNVE2q+i+SJbnCiZv1j87hLr7Q8rBBnKAcFBcimRX+KK/d+
         Qgc33tayiY/lhVxSjqpMDVcb6awdrbLqeuRi3xJJyC9VjLh7baGPXAQhM2RixXb0O1lP
         m3LmCV7STOwysb6+YrGH22/ZuOoExylCYkI70=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1697653646; x=1698258446;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=4LSW7ZRKgP1lLxQuTMsxLUqNOunePLnj/+UPZS75Rc0=;
        b=pRzGM5LJKKpyoSW7VyENTIpMF3BkjXQbhIf5Q5CjnqdMVbaxfBpNhi2sknJv5hE65A
         j+loFAf+GTIpMq5HPbeg35TutgPkFsT6KLBZY35rfSURZHB4yGqgE0fVeiOeVmptEzfw
         uXp2G0x3abe1SFXR9A59zqPyAdRm+n2wc/h3WcY7m2jycrCiKPnbc/Hn/mkROuKIueJg
         9uB9l8nJg79PcivG+54dB85UFDpLeJQhTLEHJhW9bS3nYaEppWFg0jjjMJobxngF0NOy
         SgV8onpozcyJS0anipKT/pN//w5PZgUX++zLQd2J9koBwmDkJz3Ap3lcX4ll2otCO4/M
         D4uA==
X-Gm-Message-State: AOJu0Yz5XrPf8E7fSV+HZTyIOZViCAnMvUYBw1SzMmpTwd34E7oiMvQQ
        p/ovc+8SV/NeBKKjktDySCI+6tBkt6DTnS3K+pTEBB6V
X-Received: by 2002:a17:907:9623:b0:9bf:63b2:b6e2 with SMTP id gb35-20020a170907962300b009bf63b2b6e2mr28273ejc.26.1697653646407;
        Wed, 18 Oct 2023 11:27:26 -0700 (PDT)
Received: from mail-ej1-f53.google.com (mail-ej1-f53.google.com. [209.85.218.53])
        by smtp.gmail.com with ESMTPSA id 7-20020a170906018700b009a5f7fb51dcsm2143674ejb.42.2023.10.18.11.27.25
        for <linux-kernel@vger.kernel.org>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Wed, 18 Oct 2023 11:27:25 -0700 (PDT)
Received: by mail-ej1-f53.google.com with SMTP id a640c23a62f3a-9a58dbd5daeso1155502966b.2
        for <linux-kernel@vger.kernel.org>; Wed, 18 Oct 2023 11:27:25 -0700 (PDT)
X-Received: by 2002:a17:907:8687:b0:9c5:2806:72e9 with SMTP id
 qa7-20020a170907868700b009c5280672e9mr50945ejc.34.1697653645201; Wed, 18 Oct
 2023 11:27:25 -0700 (PDT)
MIME-Version: 1.0
References: <20231017090815.1067790-1-jeffxu@chromium.org> <20231017090815.1067790-6-jeffxu@chromium.org>
 <CAHk-=wgwdHzOY_mT3y9gDHSMXZ8Xb5OYrK40-u9uRXLv25fNPA@mail.gmail.com>
 <CALmYWFux2m=9189Gs0o8-xhPNW4dnFvtqj7ptcT5QvzxVgfvYQ@mail.gmail.com> <CALmYWFvgM7DOihdUpUC5SREhUMn9t53HYCX+YioeHHhLSD1KHw@mail.gmail.com>
In-Reply-To: <CALmYWFvgM7DOihdUpUC5SREhUMn9t53HYCX+YioeHHhLSD1KHw@mail.gmail.com>
From:   Linus Torvalds <torvalds@linux-foundation.org>
Date:   Wed, 18 Oct 2023 11:27:08 -0700
X-Gmail-Original-Message-ID: <CAHk-=wixGw88-OzcFbCLEuAzSe53oUUozdM-E_RJwvejgY6ySA@mail.gmail.com>
Message-ID: <CAHk-=wixGw88-OzcFbCLEuAzSe53oUUozdM-E_RJwvejgY6ySA@mail.gmail.com>
Subject: Re: [RFC PATCH v2 5/8] mseal: Check seal flag for munmap(2)
To:     Jeff Xu <jeffxu@google.com>
Cc:     jeffxu@chromium.org, akpm@linux-foundation.org,
        keescook@chromium.org, jannh@google.com, sroettger@google.com,
        willy@infradead.org, gregkh@linuxfoundation.org,
        jorgelo@chromium.org, groeck@chromium.org,
        linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
        linux-mm@kvack.org, surenb@google.com, alex.sierra@amd.com,
        apopple@nvidia.com, aneesh.kumar@linux.ibm.com,
        axelrasmussen@google.com, ben@decadent.org.uk,
        catalin.marinas@arm.com, david@redhat.com, dwmw@amazon.co.uk,
        ying.huang@intel.com, hughd@google.com, joey.gouly@arm.com,
        corbet@lwn.net, wangkefeng.wang@huawei.com,
        Liam.Howlett@oracle.com, lstoakes@gmail.com, mawupeng1@huawei.com,
        linmiaohe@huawei.com, namit@vmware.com, peterx@redhat.com,
        peterz@infradead.org, ryan.roberts@arm.com, shr@devkernel.io,
        vbabka@suse.cz, xiujianfeng@huawei.com, yu.ma@intel.com,
        zhangpeng362@huawei.com, dave.hansen@intel.com, luto@kernel.org,
        linux-hardening@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Wed, 18 Oct 2023 11:27:44 -0700 (PDT)

On Wed, 18 Oct 2023 at 10:14, Jeff Xu <jeffxu@google.com> wrote:
>
> There is also alternative approach:
>
> For all the places that call do_vmi_munmap(), find out which
> case should ignore the sealing flag legitimately,

NO.

Christ.

THERE ARE NO LEGITIMATE CASES OF IGNORING SEALING FLAGS.

If you ignore a sealing flag, it's not a sealing flag. It's random
crap, and claiming that it has *anything* to do with security is just
a cruel joke.

Really.

Stop this. I do not want to hear your excuses for garbage any more.
We're done. If I hear any more arguments for this sh*t, I will
literally put you in my ignore file, and will auto-NAK any future
patches.

This is simply not up for discussion. Any flag for "ignore sealing" is wrong.

We do have one special "unmap" case, namely "unmap_vmas()' called at
last mmput() -> __mmput() -> exit_mmap().

And yes, that is called at munmap() time too, but that's after the
point of no return after we've already removed the vma's from the VM
lists. So it's long after any error cases have been checked.

             Linus