Re: [RFC PATCH v5 0/7] mseal system mappings

From: Johannes Berg
Date: Wed Feb 12 2025 - 09:09:19 EST

Next message: Louis Chauvet: "Re: [PATCH 07/13] drm/vkms: Allow to configure multiple planes"
Previous message: Markus Elfring: "Re: [PATCH] tls: Check return value of get_cipher_desc in fill_sg_out"
In reply to: Lorenzo Stoakes: "Re: [RFC PATCH v5 0/7] mseal system mappings"
Next in thread: Pedro Falcato: "Re: [RFC PATCH v5 0/7] mseal system mappings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2025-02-12 at 14:01 +0000, Lorenzo Stoakes wrote:
> Thanks, yeah that's a good point, it would have to be implemented as a
> personality or something similar otherwise you're essentially relying on
> 'unsealing' which can't be permitted.
>
> I'm not sure how useful that'd be for the likes of rr though. But I suppose
> if it makes everything exec'd by a child inherit it then maybe that works
> for a debugging session etc.?

For whatever that's worth, ARCH=um should not need 'unsealing' or 'not
sealing' it for *itself*, but rather only for the *children* it starts,
which are for the userspace processes inside of it. Which I suppose
could actually start without a VDSO in the first place, but I don't
think that's possible now?

Which I'll note should not have access to the host, so in a way this
outer security feature (sealing) breaks the inner ARCH=um security, I
think.

johannes

Next message: Louis Chauvet: "Re: [PATCH 07/13] drm/vkms: Allow to configure multiple planes"
Previous message: Markus Elfring: "Re: [PATCH] tls: Check return value of get_cipher_desc in fill_sg_out"
In reply to: Lorenzo Stoakes: "Re: [RFC PATCH v5 0/7] mseal system mappings"
Next in thread: Pedro Falcato: "Re: [RFC PATCH v5 0/7] mseal system mappings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]