Post Syndicated from corbet original https://lwn.net/Articles/948129/

Jeff Xu recently proposed
the addition of a new system call, named mseal(), that would allow
applications to prevent modifications to selected memory mappings. It
would enable the hardening of user-space applications against certain types
of attacks; some other operating systems have this type of feature already.
There is support for adding this type of mechanism to the Linux kernel as
well, but it has become clear that mseal() will not land in the
mainline in anything resembling its current form. Instead, it has become
an example of how not to do kernel development at a number of levels.