Received: by 2002:a05:7412:bbc7:b0:fc:a2b0:25d7 with SMTP id kh7csp486758rdb; Thu, 1 Feb 2024 14:48:56 -0800 (PST) X-Google-Smtp-Source: AGHT+IE4nHR4v9ZWBooJM8trBMTm7lwW9Wc4Sx/PRUCOWE59rrlSTAUQa4QeFUoRhLZN8Jv0R1b4 X-Received: by 2002:a05:6358:1908:b0:178:7540:999 with SMTP id w8-20020a056358190800b0017875400999mr6826337rwm.3.1706827736591; Thu, 01 Feb 2024 14:48:56 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCVFoDRzWyk8Yiq3/g8Ui232kJ3QECwYeQnuFpOOpygQ3HQIWTzXANfuAjm0sUaWqutuTmN0oeCJqeVf1Ez4bZQYjun4Ap0I+qUu9NlZtQ== Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id p7-20020a63f447000000b005d8b59b8da3si418798pgk.839.2024.02.01.14.48.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Feb 2024 14:48:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-48952-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@chromium.org header.s=google header.b=hCaxP0ny; arc=fail (body hash mismatch); spf=pass (google.com: domain of linux-kernel+bounces-48952-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-48952-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 1AD39B21E35 for ; Thu, 1 Feb 2024 22:38:00 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 99C333EA78; Thu, 1 Feb 2024 22:37:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="hCaxP0ny" Received: from mail-oa1-f42.google.com (mail-oa1-f42.google.com [209.85.160.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0FDD03FB1D for ; Thu, 1 Feb 2024 22:37:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.42 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706827072; cv=none; b=PcdrZqnj7L7Te6Tk3NPqTEHsasWEvEnVTaq+28usy6FOtOX7f4tOGrQK2u9wu9Kbyvz0dJzZqrQjMz6f5pwX6zkC7m8DTYsagozKOH9AvfIVbpIcgyfeif4fJW/Sr/JpsOQfHesMmR2eZZvyAhtmFMG/rRKfq7IH4aTdqKcEEIs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706827072; c=relaxed/simple; bh=9yIwFf6/pa2yEKL8hInept++VhBkk1WGuFw22mE/WcY=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Content-Type; b=TLNAybuWi++i8U1JjF/ewGAl/IZXbZzP06kV8nAjVqiiaT9iAAB6fCmgHVgi6j066kh0hjeZjCQCvWdiQw+1+VcXebPmIWlLxokJRBmg8Z3Dg0E3oyvkPP6kS77b+VUeEYM+zmKDXcCccn9F/4pizX6zPAmXi2lH7zYrpMPnTKk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org; spf=pass smtp.mailfrom=chromium.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b=hCaxP0ny; arc=none smtp.client-ip=209.85.160.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-oa1-f42.google.com with SMTP id 586e51a60fabf-218dcbd1584so951011fac.2 for ; Thu, 01 Feb 2024 14:37:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1706827067; x=1707431867; darn=vger.kernel.org; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=PmoKB9U9mw3t4FpnGtJps1mksky8tREvppcYUjjJHJs=; b=hCaxP0nyY9pgaZWKYE3aTnwHUpi0axiowGdpUByErW3qe1PkYpZAw4tYBA7yecZklw 6JDM5OnklC6i+4MIj/heypc8b9uSaiO3oAVwao+O4Kl+055HzYBsqvtgO7kif21DOqTU G7mYtBMx+SVUtpDO4p9eIkHEkvNi9zk4k8GhQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706827067; x=1707431867; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PmoKB9U9mw3t4FpnGtJps1mksky8tREvppcYUjjJHJs=; b=BqiPdIPAFjkPB2a9K9rI5UyxjXxIGfMZf7IFSDYTJcRq4nAeCfb/EaZHEvGVSpMryj tSkBG9UigdLhZIVxcQ3CHTfpP/DqOPC4QK/up06iB8JdwYQPMv+Gt6ULYGZmTvgXfBOt z9lCi/ez1EoxiI6rV0jCzEeJV+IiI3nwGmeVgYlrRlzqzzI0DNZZw78ltA96STxFu2p1 L8gtMxEdOrGolZ/eWBQxyJUqKBk4R+J0gtfnB387M3+vrpQd1nvLnQNQk22BeyszWgDb TTUfHUq6SwkH3CuA4869MDZUaBIbf3wFLnRRMwyk3lWKbwvKO7HPp8TvrsCntDNrajQt L5HQ== X-Gm-Message-State: AOJu0Ywb/zQx0Rjsfjr9LolX1HkY7J+vwgkCOEiWRxg/Q+rpqhxUp6PF 56KSrB9T4XX/tHONbFCyTdgy3bv9BmLZtijd6uM4zihsGWCvn2o1O10zm/dqGK/xxS4cVGndQMd YYNyGVsrUGletBN8ZJlpyjCQJFCswnAzSk/EF X-Received: by 2002:a05:6870:f228:b0:210:7f85:c208 with SMTP id t40-20020a056870f22800b002107f85c208mr7371815oao.46.1706827067224; Thu, 01 Feb 2024 14:37:47 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240131175027.3287009-1-jeffxu@chromium.org> <20240131193411.opisg5yoyxkwoyil@revolver> <20240201204512.ht3e33yj77kkxi4q@revolver> In-Reply-To: <20240201204512.ht3e33yj77kkxi4q@revolver> From: Jeff Xu Date: Thu, 1 Feb 2024 14:37:35 -0800 Message-ID: Subject: Re: [PATCH v8 0/4] Introduce mseal To: "Liam R. Howlett" , Jeff Xu , Jonathan Corbet , akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, sroettger@google.com, willy@infradead.org, gregkh@linuxfoundation.org, torvalds@linux-foundation.org, usama.anjum@collabora.com, rdunlap@infradead.org, jeffxu@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, pedro.falcato@gmail.com, dave.hansen@intel.com, linux-hardening@vger.kernel.org, deraadt@openbsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, Feb 1, 2024 at 12:45=E2=80=AFPM Liam R. Howlett wrote: > > > > I would love to hear more from Linux developers on this. > > Linus said it was really important to get the semantics correct, but you > took his (unfinished) list and kept going. I think there are some > unanswered questions and that's frustrating some people as you may not > be valuing the experience they have in this area. > Perhaps you didn't follow the discussions closely during the RFCs, so I like to clarify the timeline: - Dec.12: RFC V3 was out for comments: [1] This version added MAP_SEALABLE and sealing type in mmap() The sealing type in mmap() was suggested by Pedro Falcato during V1. [2] And MAP_SEALABLE is new to V3 and I added an open discussion in the cover letter. - Dec.14 Linus made a set of recommendations based on V3 [3], this is where Linus mentioned the semantics. Quoted below: "Particularly for new system calls with fairly specialized use, I think it's very important that the semantics are sensible on a conceptual level, and that we do not add system calls that are based on "random implementation issue of the day". - Jan.4: I sent out V4 of that patch for comments [5] This version implements all of Linus's recommendations made in V3. In V3, I didn't receive comments about MAP_SEALABLE, so I kept that as an open discussion item in V4 and specifically mentioned it in the first sentence of the V4 cover letter. "This is V4 of the patch, the patch has improved significantly since V1, thanks to diverse inputs, a few discussions remain, please read those in the open discussion section of v4 of change history." - Jan.4: Linus gave a comment on V4: [6] Quoted below: "Other than that, this seems all reasonable to me now." To me, this means Linus is OK with the general signatures of the APIs. -Jan.9 During comments for V5. [7] Kees suggested dropping RFC from subsequent versions, given Linus's general approval on the v4. [1] https://lore.kernel.org/all/80897.1705769947@cvs.openbsd.org/T/#mbf4749= d465b80a575e1eda3c6f0c66d995abfc39 [2] https://lore.kernel.org/lkml/CAKbZUD2A+=3Dbp_sd+Q0Yif7NJqMu8p__eb4yguq0agEc= mLH8SDQ@mail.gmail.com/ [3] https://lore.kernel.org/all/CAHk-=3DwiVhHmnXviy1xqStLRozC4ziSugTk=3D1JOc8OR= Wd2_0h7g@mail.gmail.com/ [4] https://lore.kernel.org/all/CABi2SkUTdF6PHrudHTZZ0oWK-oU+T-5+7Eqnei4yCj2fsW= 2jHg@mail.gmail.com/#t [5] https://lore.kernel.org/lkml/796b6877-0548-4d2a-a484-ba4156104a20@infradead= org/T/#mb5c8bfe234759589cadf0bcee10eaa7e07b2301a [6] https://lore.kernel.org/lkml/CAHk-=3Dwiy0nHG9+3rXzQa=3DW8gM8F6-MhsHrs_ZqWaH= tjmPK4=3DFA@mail.gmail.com/ [7] https://lore.kernel.org/lkml/20240109154547.1839886-1-jeffxu@chromium.org/T= /#m657fffd96ffff91902da53dc9dbc1bb093fe367c > You dropped the RFC from the topic and increment the version numbering > on the patch set. I thought it was customary to restart counting after > the RFC was complete? Maybe I'm wrong, but it seemed a bit odd to see > that happen. The documentation also implies there are still questions > to be answered, so it seems this is still an RFC in some ways? > The RFC has been dropped since V6. That said, I'm open to feedback from Linux developers. I will respond to the rest of your email in seperate emails. Best Regards. -Jeff