Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp4975646rdb; Tue, 12 Dec 2023 15:17:23 -0800 (PST) X-Google-Smtp-Source: AGHT+IEabwYyOwXTOoy2gRsQ/S7Ry7CB46fH+z/U4Ez8OEy+TrUe6zyuqkWXF3SuYsl/YeZA6JVg X-Received: by 2002:a05:6a00:cd3:b0:6ce:2e39:97d5 with SMTP id b19-20020a056a000cd300b006ce2e3997d5mr8969381pfv.38.1702423042798; Tue, 12 Dec 2023 15:17:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702423042; cv=none; d=google.com; s=arc-20160816; b=npxAxGIsCeqMnm3HO824VYalvDgHqSOrEzzDzOCkelAgKHC5wsNPRfPydfqg8e9/0d YBBWVTXxAs4yhAwIZ45Z0avcb+Oe3vNnL1kRZT0bsX3tFgkFNaBdBpJc+dhIbKS3GzEh vuWFPe1MGn81x691GsnFX7L7OEq17HfHKPV0cWheKAWxuxHNfryFrFE8buCTM2TwMW22 PIbrJeXETehRYu/+qDvEMkbQAeorY9oejzbRNPjLjm9vyl909tKCfU1j9y+YUbyazeBv WKJmRGcpRui9a5AfYkngoILmEqYm5WsBY/YBnPW5i7YUvLCdiO0CTYnvDpyLbMEZxD1G s8BQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Vgg0J3qxY24SnHD9sqtPXJJls+X5lh0PMbmZ3jrDVoQ=; fh=0mRPlJo0PPrkJQqE76MB2W/JiJzBa9Y7evJmiT9T7OE=; b=tuYwWdQOBYg5fZpoTIn1lV44fJWmmanC+owv/XXdZhlE8pOKSPnhGjEPDzY2AVYbWG j5D5DzwZ97lCnMdrM9gWScSIbFlHTD9r7zHgTLs+4fq82Em/6XVKBidXo/c2DNF6/kvD vAfrjAalqH8M94Px/sMbCkJISQsxM9+tA58cvFMyLqJOioPki7/i/1T/4FtBy7xnsOt+ 7uFVaZxCZgD8Z2KzQbKCmv2fLgufXYuaNBL4Dj8lP6R2DK6Q/EWCVH7pW0a04EgRSEMz s8lBhYRFLvxpgJuuHBo/BumPVA02hAgxJMa5v3RZoe8Mb6jVoZO8bbgKO0VfjcrVPrzt R68g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=T6wsIoUG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id g192-20020a636bc9000000b005c6faf0a668si7223184pgc.225.2023.12.12.15.17.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 15:17:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=T6wsIoUG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 9612180425B9; Tue, 12 Dec 2023 15:17:21 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377979AbjLLXRK (ORCPT + 99 others); Tue, 12 Dec 2023 18:17:10 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48182 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377975AbjLLXRJ (ORCPT ); Tue, 12 Dec 2023 18:17:09 -0500 Received: from mail-pg1-x534.google.com (mail-pg1-x534.google.com [IPv6:2607:f8b0:4864:20::534]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4452CD0 for ; Tue, 12 Dec 2023 15:17:14 -0800 (PST) Received: by mail-pg1-x534.google.com with SMTP id 41be03b00d2f7-5ca29c131ebso1716749a12.0 for ; Tue, 12 Dec 2023 15:17:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1702423034; x=1703027834; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Vgg0J3qxY24SnHD9sqtPXJJls+X5lh0PMbmZ3jrDVoQ=; b=T6wsIoUGX3fIwDf01FpNscoSVu4ubDm1E9zTDGFrSasB/SBA+rC/I52alm6lkdDh7m PqA/teR0nmJ7Hdgl+e/ylfl9d3bs1oKwrnNortNZZ67G6sZrRO+zazp3yadNcdjwxQtP BJ5VJ7ZYbEzS/lulvk5t77B4RRA68VnFkTfWM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702423034; x=1703027834; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Vgg0J3qxY24SnHD9sqtPXJJls+X5lh0PMbmZ3jrDVoQ=; b=Cnl4zEnW9iBoY4BmoYq/f15U7AGJFzyCNcdNx9uVLAiAeGZzTK93DdTGerkBc8fP9+ P6HQFBEjUAvQq5wbBZOBfY9qw7wdaafAuVqH5v+iP9dgu7seE52deft6AunzxqjJnDq8 RiZvn8gzf/YF7pP4YuxB/Tq7VfCyYiMIhDLupMuxrXuSO+xsxHrTSH6cZgHhUJ8eIfgR W6dzyBcyooQe7pLJM3xVANVrO8yV4dGlQwPQAmfvpJymywDtNMNP4qz5/o6L9JOuh+kW m/iUX3LnZS89sa/l0kNxHERm7JGbmKtp7vdaBTBt/NXjNZaRDoWbqWt3Vpe3ES+AwBpY d3iQ== X-Gm-Message-State: AOJu0Yyl+EQrE50BiXrynsvrAteAgVSKMfSM/85KpE7ZH/QtDV27RBey j9r7jojSA063uOjIeut99t0sOQ== X-Received: by 2002:a05:6a20:429a:b0:190:50ec:e2e4 with SMTP id o26-20020a056a20429a00b0019050ece2e4mr9563392pzj.45.1702423033741; Tue, 12 Dec 2023 15:17:13 -0800 (PST) Received: from localhost (34.133.83.34.bc.googleusercontent.com. [34.83.133.34]) by smtp.gmail.com with UTF8SMTPSA id b4-20020aa78704000000b006ce41b1ba8csm8575780pfo.131.2023.12.12.15.17.13 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 12 Dec 2023 15:17:13 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, sroettger@google.com, willy@infradead.org, gregkh@linuxfoundation.org, torvalds@linux-foundation.org Cc: jeffxu@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, pedro.falcato@gmail.com, dave.hansen@intel.com, linux-hardening@vger.kernel.org, deraadt@openbsd.org, Jeff Xu Subject: [RFC PATCH v3 03/11] mseal: add can_modify_mm and can_modify_vma Date: Tue, 12 Dec 2023 23:16:57 +0000 Message-ID: <20231212231706.2680890-4-jeffxu@chromium.org> X-Mailer: git-send-email 2.43.0.472.g3155946c3a-goog In-Reply-To: <20231212231706.2680890-1-jeffxu@chromium.org> References: <20231212231706.2680890-1-jeffxu@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 12 Dec 2023 15:17:21 -0800 (PST) From: Jeff Xu Two utilities to be used later. can_modify_mm: checks sealing flags for given memory range. can_modify_vma: checks sealing flags for given vma. Signed-off-by: Jeff Xu --- include/linux/mm.h | 18 ++++++++++++++++++ mm/mseal.c | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/include/linux/mm.h b/include/linux/mm.h index 3d1120570de5..2435acc1f44f 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -3339,6 +3339,12 @@ static inline unsigned long vma_seals(struct vm_area_struct *vma) return (vma->vm_seals & MM_SEAL_ALL); } +extern bool can_modify_mm(struct mm_struct *mm, unsigned long start, + unsigned long end, unsigned long checkSeals); + +extern bool can_modify_vma(struct vm_area_struct *vma, + unsigned long checkSeals); + #else static inline bool check_vma_seals_mergeable(unsigned long vm_seals1) { @@ -3349,6 +3355,18 @@ static inline unsigned long vma_seals(struct vm_area_struct *vma) { return 0; } + +static inline bool can_modify_mm(struct mm_struct *mm, unsigned long start, + unsigned long end, unsigned long checkSeals) +{ + return true; +} + +static inline bool can_modify_vma(struct vm_area_struct *vma, + unsigned long checkSeals) +{ + return true; +} #endif /* These take the mm semaphore themselves */ diff --git a/mm/mseal.c b/mm/mseal.c index 13bbe9ef5883..d12aa628ebdc 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -26,6 +26,44 @@ static bool can_do_mseal(unsigned long types, unsigned long flags) return true; } +/* + * check if a vma is sealed for modification. + * return true, if modification is allowed. + */ +bool can_modify_vma(struct vm_area_struct *vma, + unsigned long checkSeals) +{ + if (checkSeals & vma_seals(vma)) + return false; + + return true; +} + +/* + * Check if the vmas of a memory range are allowed to be modified. + * the memory ranger can have a gap (unallocated memory). + * return true, if it is allowed. + */ +bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned long end, + unsigned long checkSeals) +{ + struct vm_area_struct *vma; + + VMA_ITERATOR(vmi, mm, start); + + if (!checkSeals) + return true; + + /* going through each vma to check. */ + for_each_vma_range(vmi, vma, end) { + if (!can_modify_vma(vma, checkSeals)) + return false; + } + + /* Allow by default. */ + return true; +} + /* * Check if a seal type can be added to VMA. */ -- 2.43.0.472.g3155946c3a-goog