Now Reading
Google Proposes New mseal() Reminiscence Sealing Syscall For Linux

Google Proposes New mseal() Reminiscence Sealing Syscall For Linux

2023-10-17 07:42:46


Google is proposing a brand new mseal() reminiscence sealing system name for the Linux kernel. Google intends for this structure unbiased system name to be initially utilized by the Google Chrome net browser on Chrome OS whereas experiments are underway to be used by Glibc within the dynamic linker to seal all non-writable segments at startup.

Leveraging mseal() will forestall system calls from modifying the metadata of digital addresses. Initially supported is sealing towards mprotect/pkey_mprotect, munmap, mmap, and mremap calls. Making the digital reminiscence space’s metadata immutable is being hunted for higher protections inside Google Chrome and the V8 JavaScript engine. The work being executed by Glibc so as to add sealing into the dynamic linker for sealing all non-writable segments at start-up time would additionally profit all purposes mechanically. These can see extra background info inside this kernel patch series.

DDR5 memory

But it surely’s not going to be accepted straight-away and can probably take some revisions earlier than evolving into an acceptable kind for upstreaming… Linus Torvalds himself has already expressed some reservations across the proposed mannequin:

So I’ve no objections to including some sort of “lock down reminiscence mappings” mannequin, however this is not it.

First off, the easy stuff: the commit messages are nugatory. Having

test seal for mmap(2)

See Also

because the commit message just isn’t even remotely acceptable, to select one random instance from the collection (7/8).

However that does not matter a lot, since I feel the extra elementary issues are a lot worse:

– the entire “ON_BEHALF_OF_KERNEL” and “ON_BEHALF_OF_USERSPACE” is simply full noise and completely illogical. The entire idea must be redone.

Christ. That is *actually* the remap_file_pages() system name definition. No method in hell does “ON_BEHALF_OF_KERNEL” make any sense on this context.

Anyway, that is all a convincing NAK on this collection on this kind. My complaints aren’t some sort of small “repair this up”. These are elementary points.

So mseal() might want to return to the drafting board earlier than it is going to be thought-about by Linus Torvalds.

Source Link

What's Your Reaction?
In Love
Not Sure
View Comments (0)

Leave a Reply

Your email address will not be published.

2022 Blinking Robots.
WordPress by Doejo

Scroll To Top