On 19/01/2024 10:45, Amit Daniel Kachhap wrote:
-unsigned long vm_mmap(struct file *file, unsigned long addr, +/* TODO [PCuABI] - Update the users of vm_mmap */ +user_uintptr_t vm_mmap(struct file *file, user_uintptr_t usrptr,
Provided that in-kernel users do not manipulate mappings with capabilities, do we need to change the prototypes of vm_* at all?
As discussed earlier, elf_map in binfmt_elf.c will use now MAP_FIXED to change mapping of individual elf segment so full capability has to be supplied. In case of vm_munmap() full capability may not be required but for consistency sake may be capability can be used there too.
My proposal in RFCv2 [1] is precisely not to use capabilities at all when calling vm_* directly from kernel subsystems, which is also why I am suggesting dropping patch 5 (no capability manipulation in get_unmapped_area). It seems to me that this makes things quite a bit more straightforward, but let's discuss if this approach is problematic in some ways.
Kevin
[1] https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org/...