| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABi2SkXa2n+csjXgb0UWQFi-f5q2caazRkswAGY1LJ9N91m8UQ@mail.gmail.com> Date: Thu, 24 Jul 2025 11:34:31 -0700 From: Jeff Xu <jeffxu@...omium.org> To: Lorenzo Stoakes <lorenzo.stoakes@...cle.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, "Liam R . Howlett" <Liam.Howlett@...cle.com>, David Hildenbrand <david@...hat.com>, Vlastimil Babka <vbabka@...e.cz>, Jann Horn <jannh@...gle.com>, Pedro Falcato <pfalcato@...e.de>, linux-mm@...ck.org, linux-kernel@...r.kernel.org, Kees Cook <kees@...nel.org>, linux-hardening@...r.kernel.org Subject: Re: [PATCH v3 1/5] mm/mseal: always define VM_SEALED Hi Lorenzo, On Wed, Jul 16, 2025 at 10:38 AM Lorenzo Stoakes <lorenzo.stoakes@...cle.com> wrote: > > There is no reason to treat VM_SEALED in a special way, in each other case > in which a VMA flag is unavailable due to configuration, we simply assign > that flag to VM_NONE, so make VM_SEALED consistent with all other VMA > flags in this respect. > Originally, I wanted to avoid using VM_NONE for VM_SEALED to catch compiler errors in 32-bit builds. This would serve as a safeguard against inadvertently using VM_SEALED in code paths shared between 32-bit and 64-bit architectures. Take an example of show_smap_vma_flags [1] : #ifdef CONFIG_64BIT [ilog2(VM_SEALED)] = "sl", #endif If a developer forgets to add #ifdef CONFIG_64BIT, the build will fail for 32-bit systems. With VM_SEALED redefined as VM_NONE, the problem will go unnoticed. This coding practice is more defensive and helps catch errors early on. It seems that you're working on introducing VM_SEALED for 32-bit systems. If that happens, we won't need this safeguard anymore. But until then, is it OK to keep it in place? That said, if VM_SEALED support for 32-bit is coming really soon, we can merge this change, however, perhaps you could update the description to explain why we're removing this safeguard, i.e. due to 32-bit support will soon be in place. Link: https://elixir.bootlin.com/linux/v6.15.7/source/fs/proc/task_mmu.c#L1001 [1] Thanks and regards, -Jeff > Additionally, use the next available bit for VM_SEALED, 42, rather than > arbitrarily putting it at 63 and update the declaration to match all other > VMA flags. > > No functional change intended. > > Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@...cle.com> > Reviewed-by: Liam R. Howlett <Liam.Howlett@...cle.com> > Reviewed-by: Pedro Falcato <pfalcato@...e.de> > Acked-by: David Hildenbrand <david@...hat.com> > --- > include/linux/mm.h | 6 ++++-- > tools/testing/vma/vma_internal.h | 6 ++++-- > 2 files changed, 8 insertions(+), 4 deletions(-) > > diff --git a/include/linux/mm.h b/include/linux/mm.h > index 805108d7bbc3..fbf2a1f7ffc6 100644 > --- a/include/linux/mm.h > +++ b/include/linux/mm.h > @@ -414,8 +414,10 @@ extern unsigned int kobjsize(const void *objp); > #endif > > #ifdef CONFIG_64BIT > -/* VM is sealed, in vm_flags */ > -#define VM_SEALED _BITUL(63) > +#define VM_SEALED_BIT 42 > +#define VM_SEALED BIT(VM_SEALED_BIT) > +#else > +#define VM_SEALED VM_NONE > #endif > > /* Bits set in the VMA until the stack is in its final location */ > diff --git a/tools/testing/vma/vma_internal.h b/tools/testing/vma/vma_internal.h > index 991022e9e0d3..0fe52fd6782b 100644 > --- a/tools/testing/vma/vma_internal.h > +++ b/tools/testing/vma/vma_internal.h > @@ -108,8 +108,10 @@ extern unsigned long dac_mmap_min_addr; > #define CAP_IPC_LOCK 14 > > #ifdef CONFIG_64BIT > -/* VM is sealed, in vm_flags */ > -#define VM_SEALED _BITUL(63) > +#define VM_SEALED_BIT 42 > +#define VM_SEALED BIT(VM_SEALED_BIT) > +#else > +#define VM_SEALED VM_NONE > #endif > > #define FIRST_USER_ADDRESS 0UL > -- > 2.50.1 >
Powered by blists - more mailing lists