[RFC PATCH v5 0/7] mseal system mappings
From: jeffxu
Date: Tue Feb 11 2025 - 22:22:06 EST
From: Jeff Xu <jeffxu@xxxxxxxxxxxx>
The commit message in the first patch contains the full description of
this series.
------------------
History:
V5
- Remove kernel cmd line (Lorenzo Stoakes)
- Add test info (Lorenzo Stoakes)
- Add threat model info (Lorenzo Stoakes)
- Fix x86 selftest: test_mremap_vdso
- Restrict code change to ARM64/x86-64/UM arch only.
- Add userprocess.h to include seal_system_mapping().
- Remove sealing vsyscall.
- Split the patch.
V4:
https://lore.kernel.org/all/20241125202021.3684919-1-jeffxu@xxxxxxxxxx/
V3:
https://lore.kernel.org/all/20241113191602.3541870-1-jeffxu@xxxxxxxxxx/
V2:
https://lore.kernel.org/all/20241014215022.68530-1-jeffxu@xxxxxxxxxx/
V1:
https://lore.kernel.org/all/20241004163155.3493183-1-jeffxu@xxxxxxxxxx/
Jeff Xu (7):
mseal, system mappings: kernel config and header change
selftests: x86: test_mremap_vdso: skip if vdso is msealed
mseal, system mappings: enable x86-64
mseal, system mappings: enable arm64
mseal, system mappings: enable uml architecture
mseal, system mappings: uprobe mapping
mseal, system mappings: update mseal.rst
Documentation/userspace-api/mseal.rst | 5 +++
arch/arm64/Kconfig | 1 +
arch/arm64/kernel/vdso.c | 23 +++++++----
arch/um/Kconfig | 1 +
arch/x86/Kconfig | 1 +
arch/x86/entry/vdso/vma.c | 17 ++++++---
arch/x86/um/vdso/vma.c | 7 +++-
include/linux/userprocess.h | 18 +++++++++
init/Kconfig | 18 +++++++++
kernel/events/uprobes.c | 6 ++-
security/Kconfig | 18 +++++++++
.../testing/selftests/x86/test_mremap_vdso.c | 38 +++++++++++++++++++
12 files changed, 137 insertions(+), 16 deletions(-)
create mode 100644 include/linux/userprocess.h
--
2.48.1.502.g6dc24dfdaf-goog