lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAAhV-H4=SZrJjVwVv6fqxTZn9ODP-s1ZEgYKTmHMPH7aoJuvng@mail.gmail.com>
Date: Wed, 16 Apr 2025 15:53:51 +0800
From: Huacai Chen <chenhuacai@...nel.org>
To: Lorenzo Stoakes <lorenzo.stoakes@...cle.com>
Cc: WangYuli <wangyuli@...ontech.com>, corbet@....net, kernel@...0n.name, 
	akpm@...ux-foundation.org, jeffxu@...omium.org, Liam.Howlett@...cle.com, 
	kees@...nel.org, hca@...ux.ibm.com, linux-doc@...r.kernel.org, 
	linux-kernel@...r.kernel.org, loongarch@...ts.linux.dev, xry111@...111.site, 
	tglx@...utronix.de, thomas.weissschuh@...utronix.de, Jason@...c4.com, 
	zhanjun@...ontech.com, niecheng1@...ontech.com, guanwentao@...ontech.com
Subject: Re: [PATCH v2] mseal sysmap: enable LoongArch

Hi, Lorenzo,

On Tue, Apr 15, 2025 at 11:53 PM Lorenzo Stoakes
<lorenzo.stoakes@...cle.com> wrote:
>
> On Tue, Apr 15, 2025 at 11:39:03PM +0800, WangYuli wrote:
> > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on LoongArch,
> > covering the vdso.
>
> I've also checked and determined that, as far as I can tell, the loongarch
> arch-specific doe don't appear at any point to rely upon remapping the VDSO
> or VVAR areas so sealing these should not be problematic.
What does "remapping the VDSO" mean here? There is a function
vdso_mremap() in arch/loongarch/kernel/vdso.c.

Huacai

>
> >
> > Link: https://lore.kernel.org/all/25bad37f-273e-4626-999c-e1890be96182@lucifer.local/
> > Tested-by: Yuli Wang <wangyuli@...ontech.com>
> > Signed-off-by: Yuli Wang <wangyuli@...ontech.com>
>
> LGTM,
>
> Acked-by: Lorenzo Stoakes <lorenzo.stoakes@...cle.com>
>
> But let's get some R-b's from the arch people please!
>
> > ---
> > Changelog:
> >  *v1->v2: Modify mseal_sys_mappings/arch-support.txt.
> > ---
> >  .../features/core/mseal_sys_mappings/arch-support.txt         | 2 +-
> >  Documentation/userspace-api/mseal.rst                         | 2 +-
> >  arch/loongarch/Kconfig                                        | 1 +
> >  arch/loongarch/kernel/vdso.c                                  | 4 +++-
> >  4 files changed, 6 insertions(+), 3 deletions(-)
> >
> > diff --git a/Documentation/features/core/mseal_sys_mappings/arch-support.txt b/Documentation/features/core/mseal_sys_mappings/arch-support.txt
> > index c6cab9760d57..a3c24233eb9b 100644
> > --- a/Documentation/features/core/mseal_sys_mappings/arch-support.txt
> > +++ b/Documentation/features/core/mseal_sys_mappings/arch-support.txt
> > @@ -12,7 +12,7 @@
> >      |       arm64: |  ok  |
> >      |        csky: |  N/A |
> >      |     hexagon: |  N/A |
> > -    |   loongarch: | TODO |
> > +    |   loongarch: |  ok  |
> >      |        m68k: |  N/A |
> >      |  microblaze: |  N/A |
> >      |        mips: | TODO |
> > diff --git a/Documentation/userspace-api/mseal.rst b/Documentation/userspace-api/mseal.rst
> > index 1dabfc29be0d..ef733f69003d 100644
> > --- a/Documentation/userspace-api/mseal.rst
> > +++ b/Documentation/userspace-api/mseal.rst
> > @@ -144,7 +144,7 @@ Use cases
> >    architecture.
> >
> >    The following architectures currently support this feature: x86-64, arm64,
> > -  and s390.
> > +  loongarch and s390.
> >
> >    WARNING: This feature breaks programs which rely on relocating
> >    or unmapping system mappings. Known broken software at the time
> > diff --git a/arch/loongarch/Kconfig b/arch/loongarch/Kconfig
> > index 067c0b994648..54ed5b59a690 100644
> > --- a/arch/loongarch/Kconfig
> > +++ b/arch/loongarch/Kconfig
> > @@ -69,6 +69,7 @@ config LOONGARCH
> >       select ARCH_SUPPORTS_INT128 if CC_HAS_INT128
> >       select ARCH_SUPPORTS_LTO_CLANG
> >       select ARCH_SUPPORTS_LTO_CLANG_THIN
> > +     select ARCH_SUPPORTS_MSEAL_SYSTEM_MAPPINGS
> >       select ARCH_SUPPORTS_NUMA_BALANCING
> >       select ARCH_SUPPORTS_RT
> >       select ARCH_USE_BUILTIN_BSWAP
> > diff --git a/arch/loongarch/kernel/vdso.c b/arch/loongarch/kernel/vdso.c
> > index 10cf1608c7b3..7b888d9085a0 100644
> > --- a/arch/loongarch/kernel/vdso.c
> > +++ b/arch/loongarch/kernel/vdso.c
> > @@ -105,7 +105,9 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
> >
> >       vdso_addr = data_addr + VVAR_SIZE;
> >       vma = _install_special_mapping(mm, vdso_addr, info->size,
> > -                                    VM_READ | VM_EXEC | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC,
> > +                                    VM_READ | VM_EXEC |
> > +                                    VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC |
> > +                                    VM_SEALED_SYSMAP,
> >                                      &info->code_mapping);
> >       if (IS_ERR(vma)) {
> >               ret = PTR_ERR(vma);
> > --
> > 2.49.0
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ