Re: [PATCH v7 6/7] mseal, system mappings: uprobe mapping

From: Oleg Nesterov
Date: Wed Feb 26 2025 - 11:46:41 EST

Next message: Laurentiu Mihalcea: "[PATCH v3 0/4] clk: imx8mp: fix parents of AUDIOMIX DSP/OCRAM_A"
Previous message: Lorenzo Stoakes: "Re: [PATCH v7 6/7] mseal, system mappings: uprobe mapping"
In reply to: Jeff Xu: "Re: [PATCH v7 6/7] mseal, system mappings: uprobe mapping"
Next in thread: jeffxu: "[PATCH v7 7/7] mseal, system mappings: update mseal.rst"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 02/26, Oleg Nesterov wrote:
>
> On 02/24, jeffxu@xxxxxxxxxxxx wrote:
> >
> > Unlike other system mappings, the uprobe mapping is not
> > established during program startup. However, its lifetime is the same
> > as the process's lifetime. It could be sealed from creation.
>
> Agreed, VM_SEALED should be always for the "[uprobes]" vma, regardless
> of config options.
>
> ACK,
>
> but can't we do
>
> #ifdef CONFIG_64BIT
> /* VM is sealed, in vm_flags */
> #define VM_SEALED _BITUL(63)
> + #else
> + #define VM_SEALED 0
> #endif
>
> and then simply
>
> vma = _install_special_mapping(mm, area->vaddr, PAGE_SIZE,
> - VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO,
> + VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO|VM_SEALED,
>
> ?
>
> But I am fine either way, feel free to ignore.

Yes, but either way, why your patch adds "unsigned long vm_flags" ?
OK, perhaps it makes sense for readability, but

vm_flags = VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO;
vm_flags |= VM_SEALED_SYSMAP;

looks a bit strange, why not

vm_flags = VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO|VM_SEALED_SYSMAP;

?

Oleg.

Next message: Laurentiu Mihalcea: "[PATCH v3 0/4] clk: imx8mp: fix parents of AUDIOMIX DSP/OCRAM_A"
Previous message: Lorenzo Stoakes: "Re: [PATCH v7 6/7] mseal, system mappings: uprobe mapping"
In reply to: Jeff Xu: "Re: [PATCH v7 6/7] mseal, system mappings: uprobe mapping"
Next in thread: jeffxu: "[PATCH v7 7/7] mseal, system mappings: update mseal.rst"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]