Commit f225b34f authored Jul 25, 2025 by Lorenzo Stoakes Committed by Andrew Morton Aug 02, 2025

mm/mseal: always define VM_SEALED

Patch series "mseal cleanups", v4.

Perform a number of cleanups to the mseal logic.  Firstly, VM_SEALED is
treated differently from every other VMA flag, it really doesn't make
sense to do this, so we start by making this consistent with everything
else.

Next we place the madvise logic where it belongs - in mm/madvise.c.  It
really makes no sense to abstract this elsewhere.  In doing so, we go to
great lengths to explain very clearly the previously very confusing logic
as to what sealed mappings are impacted here.

In doing so, we retain existing logic regarding treatment of madvise()
discard operations for a sealed, read-only MAP_PRIVATE file-backed
mapping.  This is something we likely need to revisit.

We then abstract out and explain the 'are there are any gaps in this range
in the mm?' check being performed as a prerequisite to mseal being
performed.

Finally, we simplify the actual mseal logic which is really quite
straightforward.

No functional change is intended.


This patch (of 4):

There is no reason to treat VM_SEALED in a special way, in each other case
in which a VMA flag is unavailable due to configuration, we simply assign
that flag to VM_NONE, so make VM_SEALED consistent with all other VMA
flags in this respect.

Additionally, use the next available bit for VM_SEALED, 42, rather than
arbitrarily putting it at 63 and update the declaration to match all other
VMA flags.

No functional change intended.

Link: https://lkml.kernel.org/r/cover.1753431105.git.lorenzo.stoakes@oracle.com
Link: https://lkml.kernel.org/r/aeb398a77029b6e7377cd944328bc9bbc3c90537.1753431105.git.lorenzo.stoakes@oracle.com


Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Reviewed-by: Pedro Falcato <pfalcato@suse.de>
Acked-by: David Hildenbrand <david@redhat.com>
Cc: Jann Horn <jannh@google.com>
Cc: Jeff Xu <jeffxu@chromium.org>
Cc: Kees Cook <kees@kernel.org>
Cc: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

parent dee3ab62

include/linux/mm.h

+4 −2

Original line number	Diff line number	Diff line
		@@ -414,8 +414,10 @@ extern unsigned int kobjsize(const void *objp);
		#endif

		#ifdef CONFIG_64BIT
		/* VM is sealed, in vm_flags */
		#define VM_SEALED _BITUL(63)
		#define VM_SEALED_BIT 42
		#define VM_SEALED BIT(VM_SEALED_BIT)
		#else
		#define VM_SEALED VM_NONE
		#endif

		/* Bits set in the VMA until the stack is in its final location */

tools/testing/vma/vma_internal.h

+4 −2

Original line number	Diff line number	Diff line
		@@ -108,8 +108,10 @@ extern unsigned long dac_mmap_min_addr;
		#define CAP_IPC_LOCK 14

		#ifdef CONFIG_64BIT
		/* VM is sealed, in vm_flags */
		#define VM_SEALED _BITUL(63)
		#define VM_SEALED_BIT 42
		#define VM_SEALED BIT(VM_SEALED_BIT)
		#else
		#define VM_SEALED VM_NONE
		#endif

		#define FIRST_USER_ADDRESS 0UL