Re: [PATCH v4 1/1] exec: seal system mappings

[Heiko Carstens]

Hi Kees,

On Thu, Jan 16, 2025 at 11:40:37AM -0800, Kees Cook wrote:
> On Thu, Jan 16, 2025 at 06:26:55AM +0100, Christoph Hellwig wrote:
> > On Wed, Jan 15, 2025 at 03:52:23PM -0800, Kees Cook wrote:
> > > > You seem to be saying you're pushing an internal feature on upstream and
> > > > only care about internal use cases, this is not how upstream works, as
> > > > Matthew alludes to.
> > > 
> > > Internal? No. Chrome OS and Android. Linux runs more Android devices
> > > than everything else in the world combined -- this is not some random
> > > experiment.
> > 
> > All of which are tightly controlled by Google and not actually open
> > to users.  Which doesn't say they don't matter, but they matter a
> > lot less than fetures widely useful to the open not locked down
> > userbase of classic Linux.
> 
> I get your point. Though in my proposal it would be available to anyone
> without CRIU too, which is, for example, defconfig builds (excepting
> s390 and riscv).

Just looking from time to time into this discussion, so I didn't
follow everything. What makes s390 and riscv special here?