Received: by 2002:a05:7412:e794:b0:fa:551:50a7 with SMTP id o20csp1383398rdd; Wed, 10 Jan 2024 18:59:12 -0800 (PST) X-Google-Smtp-Source: AGHT+IFZtczf+kHAA5qy0WbLTaD6cv20TxHDQBPhHOyPNXvDXoeFOUPnnOUBbnIneaq35vf1azb0 X-Received: by 2002:a05:6214:3f88:b0:681:304d:4913 with SMTP id ow8-20020a0562143f8800b00681304d4913mr428868qvb.119.1704941952097; Wed, 10 Jan 2024 18:59:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704941952; cv=none; d=google.com; s=arc-20160816; b=onywJ/P7y9wfNrFgiaY+Vaupl18I7JjVyNOBYBHzqqdwic0UViJ/cct2JSd6kScRzF Z2jv0jTrvc+9z0D65k65qvQycq+iAsXA9/tLk6HwRvR/3N409c9qeXTcmBJZuhbYYije WC1g2Og/Hv5iNFHDV5kcDNnEWALvhl4wzoXQyVwk7L3zXhOLhhWZ2cJozeR+jm/RtVG9 Z/KBi9c7I0Pu/lvxlpgoRKorVq2a//ncHhHLxtf/m5/zOlongj+PvgFLpRyE8cx7b47Z WeRlKTY4D1N+/K9EinSYScESaRwwkQRCgMifG7pPLdze5AHNQg2xvtTwXorzR3dyEvLf tZbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=iusV3IyQOZs3xOP+4u/FoLP2ed3pvxpbfjuW8JoG9bs=; fh=FSQ915nuY69rI0iQRPkC+teYCXlUI+dK69KuEq/HFUY=; b=S2wokCT1UEDwaZJjevvH85/iQS6FVozfCqrYsLPlrffeI+DXOTT7ugN8lIX+NnEc15 OwaI7cMHDpKySj96ABa6iBzBgN6miHEK32xvTHk/g6UHf/9/FswtBM8VUpA2pYLbWCZ6 8ynjnDaPpl0vUcHJcr4YOpmhwdBzgT5a3sRmShrVq2nd5nnDfEEgIPItcH64Ix+F31jy aEmprUVQRvjDbHrNiScJg+jggd0cfBlIlK408F+SZ0LTRgehAY+aWCPr3L9uuo6rt5Yf 0BOCEtMgsRBTG29WvCfZPtt2uHCn6xBgX/gcTyg5LQn9DBLK33PtzO2EcINHGic6MXKK LD3Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=j9vfgpIm; spf=pass (google.com: domain of linux-kernel+bounces-23003-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-23003-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id q15-20020a0c8ccf000000b0067f84fac63fsi9545qvb.10.2024.01.10.18.59.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Jan 2024 18:59:12 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-23003-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=j9vfgpIm; spf=pass (google.com: domain of linux-kernel+bounces-23003-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-23003-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id D51EA1C232D0 for ; Thu, 11 Jan 2024 02:59:11 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BF5E2EC9; Thu, 11 Jan 2024 02:59:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="j9vfgpIm" Received: from mail-oa1-f46.google.com (mail-oa1-f46.google.com [209.85.160.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CE3F5A4A for ; Thu, 11 Jan 2024 02:59:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-oa1-f46.google.com with SMTP id 586e51a60fabf-20503dc09adso3193028fac.2 for ; Wed, 10 Jan 2024 18:59:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1704941940; x=1705546740; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=iusV3IyQOZs3xOP+4u/FoLP2ed3pvxpbfjuW8JoG9bs=; b=j9vfgpImK4SrHWburcEebxx33c4qZ3HM34SDhqsD3U6lOcV+ODoYtvkQDlZJfPFTFz 5wPTSB863fTsc539mdqLqP2TFOAYl4SV2fm7bJxB1Mu7y7zFByOz6HzvpscDfF/qQSTF uW7z22BOLcRTAamCMl+XlijTB14OO0oWA3mcQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704941940; x=1705546740; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=iusV3IyQOZs3xOP+4u/FoLP2ed3pvxpbfjuW8JoG9bs=; b=uakq4EvZ3FbC6jTTp6RbdqQdRAYws7sycIYA2qYhmsRmEkx1f8sbI/YSBEZyBq6Yl3 1I7Q8oANcLe8oF3m6MZEL02Sw8tuim2PDWZ4PvC4UO6cOuC1YkGLdzcjbBNNDJzdAFDk Qj10Tph+nn6mfA5Ae4De1/TZx8Md+0yFbKfnxTJmslUZ0tOfvgCs4vzumuidsNLKCycz qT4rspDkr9ilzmY+nZrNRg2s6u/CDMqfipEmauqxjkbIkjDYMgNneIV9ZeOlnasPt+v0 la9Wx6aLH2UlUwfgCE2BwR2CzREsK8nN4H2ZxNAfh4gOeY7w7Zx7ysm1IKBiQXBAhNwp pHLw== X-Gm-Message-State: AOJu0YwXf6dsMiI7NV3rBRWwt4yflt/RjHd0wdOtF4QT2CfZYiA6KXeu TAMPeVmUV3YcxgoOUdl+tLhgWMeULfhkkvM+/DVtUEpeia57 X-Received: by 2002:a05:6871:4e97:b0:205:e3bd:6920 with SMTP id uk23-20020a0568714e9700b00205e3bd6920mr543948oab.95.1704941939966; Wed, 10 Jan 2024 18:58:59 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240109154547.1839886-1-jeffxu@chromium.org> <20240109154547.1839886-3-jeffxu@chromium.org> In-Reply-To: From: Jeff Xu Date: Wed, 10 Jan 2024 18:58:48 -0800 Message-ID: Subject: Re: [RFC PATCH v5 2/4] mseal: add mseal syscall To: Matthew Wilcox Cc: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, sroettger@google.com, gregkh@linuxfoundation.org, torvalds@linux-foundation.org, usama.anjum@collabora.com, jeffxu@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, pedro.falcato@gmail.com, dave.hansen@intel.com, linux-hardening@vger.kernel.org, deraadt@openbsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Jan 9, 2024 at 12:36=E2=80=AFPM Matthew Wilcox wrote: > > On Tue, Jan 09, 2024 at 03:45:40PM +0000, jeffxu@chromium.org wrote: > > +extern bool can_modify_mm(struct mm_struct *mm, unsigned long start, > > + unsigned long end); > > +extern bool can_modify_mm_madv(struct mm_struct *mm, unsigned long sta= rt, > > + unsigned long end, int behavior); > > unnecessary use of extern. > > > +static inline unsigned long get_mmap_seals(unsigned long prot, > > + unsigned long flags) > > needs more than one tab indent so it doesn't look like part of the body. > > > +{ > > + unsigned long vm_seals; > > + > > + if (prot & PROT_SEAL) > > + vm_seals =3D VM_SEALED | VM_SEALABLE; > > + else > > + vm_seals =3D (flags & MAP_SEALABLE) ? VM_SEALABLE:0; > > need spaces around the : > > > +++ b/include/uapi/asm-generic/mman-common.h > > @@ -17,6 +17,11 @@ > > #define PROT_GROWSDOWN 0x01000000 /* mprotect flag: extend = change to start of growsdown vma */ > > #define PROT_GROWSUP 0x02000000 /* mprotect flag: extend change t= o end of growsup vma */ > > > > +/* > > + * The PROT_SEAL defines memory sealing in the prot argument of mmap()= . > > + */ > > +#define PROT_SEAL _BITUL(26) /* 0x04000000 */ > > why not follow the existing style? > > > +static inline void set_vma_sealed(struct vm_area_struct *vma) > > +{ > > + vma->__vm_flags |=3D VM_SEALED; > > +} > > uhh ... vm_flags_set() ? > Thanks. I agree with all the comments above and will update in the next ver= sion. -Jeff