[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wixGw88-OzcFbCLEuAzSe53oUUozdM-E_RJwvejgY6ySA@mail.gmail.com>
Date: Wed, 18 Oct 2023 11:27:08 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Jeff Xu <jeffxu@...gle.com>
Cc: jeffxu@...omium.org, akpm@...ux-foundation.org, keescook@...omium.org,
jannh@...gle.com, sroettger@...gle.com, willy@...radead.org,
gregkh@...uxfoundation.org, jorgelo@...omium.org, groeck@...omium.org,
linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org,
linux-mm@...ck.org, surenb@...gle.com, alex.sierra@....com,
apopple@...dia.com, aneesh.kumar@...ux.ibm.com, axelrasmussen@...gle.com,
ben@...adent.org.uk, catalin.marinas@....com, david@...hat.com,
dwmw@...zon.co.uk, ying.huang@...el.com, hughd@...gle.com, joey.gouly@....com,
corbet@....net, wangkefeng.wang@...wei.com, Liam.Howlett@...cle.com,
lstoakes@...il.com, mawupeng1@...wei.com, linmiaohe@...wei.com,
namit@...are.com, peterx@...hat.com, peterz@...radead.org,
ryan.roberts@....com, shr@...kernel.io, vbabka@...e.cz,
xiujianfeng@...wei.com, yu.ma@...el.com, zhangpeng362@...wei.com,
dave.hansen@...el.com, luto@...nel.org, linux-hardening@...r.kernel.org
Subject: Re: [RFC PATCH v2 5/8] mseal: Check seal flag for munmap(2)
On Wed, 18 Oct 2023 at 10:14, Jeff Xu <jeffxu@...gle.com> wrote:
>
> There is also alternative approach:
>
> For all the places that call do_vmi_munmap(), find out which
> case should ignore the sealing flag legitimately,
NO.
Christ.
THERE ARE NO LEGITIMATE CASES OF IGNORING SEALING FLAGS.
If you ignore a sealing flag, it's not a sealing flag. It's random
crap, and claiming that it has *anything* to do with security is just
a cruel joke.
Really.
Stop this. I do not want to hear your excuses for garbage any more.
We're done. If I hear any more arguments for this sh*t, I will
literally put you in my ignore file, and will auto-NAK any future
patches.
This is simply not up for discussion. Any flag for "ignore sealing" is wrong.
We do have one special "unmap" case, namely "unmap_vmas()' called at
last mmput() -> __mmput() -> exit_mmap().
And yes, that is called at munmap() time too, but that's after the
point of no return after we've already removed the vma's from the VM
lists. So it's long after any error cases have been checked.
Linus
Powered by blists - more mailing lists