Re: [PATCH v2 1/1] mseal: update mseal.rst
From: Jeff Xu
Date: Mon Oct 07 2024 - 11:03:37 EST
Hi Theo
On Fri, Oct 4, 2024 at 12:11 PM Theo de Raadt <deraadt@xxxxxxxxxxx> wrote:
>
> Jeff Xu <jeffxu@xxxxxxxxxxxx> wrote:
>
> > > > + replacement with a new mapping with new set of attributes, or can
> > > > + overwrite the existing mapping with another mapping.
> > > > +
> > > > + mprotect and pkey_mprotect are blocked because they changes the
> > > > + protection bits (RWX) of the mapping.
> > > > +
> > > > + Some destructive madvise behaviors (MADV_DONTNEED, MADV_FREE,> + MADV_DONTNEED_LOCKED, MADV_FREE, MADV_DONTFORK, MADV_WIPEONFORK)
> > > > + for anonymous memory, when users don't have write permission to the
> > > > + memory. Those behaviors can alter region contents by discarding pages,
> > >
> > > above is not a sentence but I don't know how to fix it.
> > >
> > Would below work ?
> >
> > Certain destructive madvise behaviors, specifically MADV_DONTNEED,
> > MADV_FREE, MADV_DONTNEED_LOCKED, MADV_FREE, MADV_DONTFORK,
> > MADV_WIPEONFORK, can pose risks when applied to anonymous memory by
> > threads without write permissions. These behaviors have the potential
> > to modify region contents by discarding pages, effectively performing
> > a memset(0) operation on the anonymous memory.
>
>
> In OpenBSD, mimmutable blocks all those madvise() operations.
>
>
> I don't understand the sentence supplied above. Is it saying that
> mseal() solves that problem, or that mseal() does not solve that
> problem.
>
Yes. The mseal solved the problem, I will modify the sentence to clarify that.
thanks
> I would hope it solves that problem. But the sentence explains the
> problem without taking a position on what to do.
>