From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1CA3DC77B7F for ; Mon, 8 May 2023 12:12:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4B7866B0078; Mon, 8 May 2023 08:12:30 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 467A56B007D; Mon, 8 May 2023 08:12:30 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 32F0D6B007E; Mon, 8 May 2023 08:12:30 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 243386B0078 for ; Mon, 8 May 2023 08:12:30 -0400 (EDT) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id D38CA400BD for ; Mon, 8 May 2023 12:12:29 +0000 (UTC) X-FDA: 80766975618.16.CADDEC1 Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by imf13.hostedemail.com (Postfix) with ESMTP id 0C19F20005 for ; Mon, 8 May 2023 12:12:26 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Py7muHYw; spf=pass (imf13.hostedemail.com: domain of revest@chromium.org designates 209.85.210.175 as permitted sender) smtp.mailfrom=revest@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1683547947; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=YomQZvLv9U8LydRAVDM7uH3rsydf2VckIT0qLaKYgH4=; b=2CtzlO3sqsGJSt1K1CSWCWHlvy5LJM8Tmu/ur0uJolApH5JyOFUYPNDMKFV5VQW8+y57xo H1WyzaYS6aaS8JzEFFQaw48bCAovHQ20dD9YLEymwt5DYO98wTFJAOdmuoF5VIsm1qRXwR dQjxUGFf/v7MAFqr1cz3d/N6/wojlPU= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Py7muHYw; spf=pass (imf13.hostedemail.com: domain of revest@chromium.org designates 209.85.210.175 as permitted sender) smtp.mailfrom=revest@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1683547947; a=rsa-sha256; cv=none; b=NV44mdQvX6Itnt+478tNk+IQNaXwr970In6H3SVc5mFm1hr689LbIy6ef+6fVAKoyZBR2A LR6kz8fQv9gzHf4wuX7ajkT7qagzChmb4ILoU/f0Vn8SXo6k/VWfhihAVbWci9SwmtdaIH qjWRBhsLZt7b+JsOLv4jxPejwpinD2o= Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-643b7b8f8ceso1337176b3a.1 for ; Mon, 08 May 2023 05:12:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1683547946; x=1686139946; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=YomQZvLv9U8LydRAVDM7uH3rsydf2VckIT0qLaKYgH4=; b=Py7muHYwG6zPRaX+oumvWzOw51CdAo3uRtkps3zvOagnhnvPdHNPQ4hj4BETg3uIY3 bw1MOFvCMil2kTbJk29QVjD7BiIg/oMwHlbe5nLO92s/vk7WffTRgxwSGi6ZHaur+mRH yO/zQLQLt26bqzF891XuY4xqbC5aM5Nv0Uw04= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683547946; x=1686139946; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YomQZvLv9U8LydRAVDM7uH3rsydf2VckIT0qLaKYgH4=; b=YWCX1KDFKzjN4YMhF6pSdpZXwACJYDhM4C+4Npth536QtVgAm1Zlc/uuxocvqCyT1M wbgjWx52dcuZIXJl9RoVE+goDCnHYI1FP9wvdQQy7grnhX056CRZqWwt/CDLZVUrr/qT b8rJ77WH+MUF0UIaiVpB9ZTmA9qjQrB/iZURIXojt/x1jAjb3KCxFv+7czixLwfi/IW1 XmhyjjoIdI/9cKbI1oPFj7OtBLJURVetzFpTFJtsVPY7jwYPxWRnOZHYzzd1uxQbfG6P rGMQq03o1vPUTQBEwkKxYbH8cNeL2dvD9fXVTTMIGyGPyGsdRncVzjA88ZRE/6C5Ev7c eJVg== X-Gm-Message-State: AC+VfDwEEW2Nmduopok9IBM9q7cvAeylNTep3YpV+dpE17dvqCDd/zG+ HCDWoUUCDyKDXypyDL3RAE7zSnXr5AGSAkCLCbY2Y8SvFdvKl2O5 X-Google-Smtp-Source: ACHHUZ7VFRVjNcNqpJzwYp7zp0ZTeknZGMvtFs1Y57kRo83uZmvZygCrpjIHaDKG8rxlno+Rrsl3kSNWXGC1Gi9q+F4= X-Received: by 2002:a05:6a20:3ca9:b0:100:1044:9ce2 with SMTP id b41-20020a056a203ca900b0010010449ce2mr6052128pzj.56.1683547945910; Mon, 08 May 2023 05:12:25 -0700 (PDT) MIME-Version: 1.0 References: <20230504170942.822147-1-revest@chromium.org> <20230504170942.822147-5-revest@chromium.org> <66900d0ad42797a55259061f757beece@ispras.ru> <3a38319a3b241e578729ffa5484ad24b@ispras.ru> In-Reply-To: <3a38319a3b241e578729ffa5484ad24b@ispras.ru> From: Florent Revest Date: Mon, 8 May 2023 14:12:14 +0200 Message-ID: Subject: Re: [PATCH 4/4] kselftest: vm: Add tests for no-inherit memory-deny-write-execute To: Alexey Izbyshev Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, akpm@linux-foundation.org, catalin.marinas@arm.com, anshuman.khandual@arm.com, joey.gouly@arm.com, mhocko@suse.com, keescook@chromium.org, david@redhat.com, peterx@redhat.com, nd@arm.com, broonie@kernel.org, szabolcs.nagy@arm.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 0C19F20005 X-Stat-Signature: e49nodpqo887u1w4s9k4y6x5cfsuyx6s X-HE-Tag: 1683547946-534876 X-HE-Meta: U2FsdGVkX1/7KVSK8D2i6kvyHgtF8/m5aolFfa/Al5ElNqCJAur/3y5ExMzqkO1MikJr72cfwGg6BfqbY58a/lIVJluMktY0z7E42/Q8g+pCms9ky+v/j27b+/aQVq8synN4OET48ODSLojZx6oDO2LEkJzwN/6wRzOXfAPxbZ9Vv0TozJa1bwudwRsA0ZAkjsiv7O5S7X5V2ju1yJBawySYzfMiitxSGnFXjd/q2JEvIVLscdNNaKnKPRw3ThwHIJ6iFy4GXeRw6QXGLVhadSfOqHD3kH7OPz6Xyrh/uQaZmjMvIzzNPDZCK+myFAnjtUSx498bQJsxMOp9IDasgrngpHVZLu5BmDEKuacZ9AKCghRVDDxQFI0CtdwRqYf2yb5w3rDrLKZ11uRlIhbv5B+L9mGy9bRbssEWpUMGzSN82jVp/qq7ZwEylFTpxIInh/eDsSLKBP+SUDU7l57AseOau5otZBC6U+OUvmWe5XLiYnqNOt5zo7tunWJWeXArZm1+Yh3HH2y58oRyeBKwjSkypffNRlshmWmyxIsa8oyK1ppCKR2Qh6iSwDu5fLoBf8d8JDBadg2NyGq2cfQf7fQvbYNEPPVqVfCFgJzc4g89wrUeyHJKlfVYTyPLs/1va1i5rQTeLTDxIkPjqmbPUjsxYoQkn62TuMNCkVyKxe6ScP46JdbxFuNHp15qQPHYEe0sYI0oGCThw7dU8QShy8mOOZP2AVs02IOW45MPbtzJyZqZiHTK3mtrnd/roTunRMuOrIbx/MTekAJpZLQkk3/PpJkcCGTqk0XXJS7gC7WfUXA5XHs5xMvoSKqsFgbdx7WPolLfVOAr1OKZUgqeC/H6/zWtS+Mecc53szS28m78BpExKJhctusqYFl2BoyNXTu02pI6/rqamwnNRo45nrg39RFxZp4cAk150TaqSI6KjYptDjjs6fB1Kpx9uTuSrd1UzRmHEceWgmNhBad jJtfRGup +zrriW8UDSH/PcpaahRT2ntRa2BMnVFZ2MmXU7J4wgcK1RWmNKj0gpBUvCCFNVtFW8WI2khbyM0m1/70Axn8x+rOiTkErauDZi2JOOBoH66IKrUSLoWJQUg9JkB25xegq//rYr1bhUBxM5R/9GmLd5sgXC0lxGX7TXzfqCc8StsYOcIaBvrII0b5mPvWfpghvBSMgBjxf+KM3b8FBe3zy25vkzNWvedv6qsCTOBmq5/eEZKsgQeziHWwzrTiQ3eBDH10N74K7ZLqTzTSfW7EQzyw5U/BVYwAl8BKg76IcDK0NuXGxUWZaTe/dLAgYW46zqhGFmi8h2z1mWvTuCFWbLjiX04giNdj3Wqgi X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, May 5, 2023 at 11:26=E2=80=AFPM Alexey Izbyshev wrote: > > On 2023-05-05 19:42, Florent Revest wrote: > > On Thu, May 4, 2023 at 10:30=E2=80=AFPM Alexey Izbyshev > > wrote: > >> > >> On 2023-05-04 20:09, Florent Revest wrote: > >> > Add some tests to cover the new PR_MDWE_NO_INHERIT flag of the > >> > PR_SET_MDWE prctl. > >> > > >> > Signed-off-by: Florent Revest > >> > --- > >> > tools/testing/selftests/mm/mdwe_test.c | 95 +++++++++++++++++++++++= +-- > >> > 1 file changed, 89 insertions(+), 6 deletions(-) > >> > > >> > diff --git a/tools/testing/selftests/mm/mdwe_test.c > >> > b/tools/testing/selftests/mm/mdwe_test.c > >> > index 91aa9c3099e7..9f08ed1b99ae 100644 > >> > --- a/tools/testing/selftests/mm/mdwe_test.c > >> > +++ b/tools/testing/selftests/mm/mdwe_test.c > >> > @@ -22,6 +22,8 @@ > >> > > >> > TEST(prctl_flags) > >> > { > >> > + EXPECT_LT(prctl(PR_SET_MDWE, PR_MDWE_NO_INHERIT, 0L, 0L, 7L), = 0); > >> > + > >> > >> PR_MDWE_NO_INHERIT is defined to an int constant, so passing it to > >> prctl() without a cast to long or similar may produce wrong code on > >> 64-bit targets (ABIs typically don't require the compiler to clear the > >> upper 32 bits of a 64-bit register when passing a 32-bit argument, so > >> va_arg(arg, unsigned long) in prctl() implementation might get junk). > > > > Ah, good catch Alexey! :) > > > >> Arguably, defining PR_MDWE_* to plain int constants is a bug, or at > >> least a footgun for users of uapi headers. > > > > As part of the next version of this series, I'm happy to: > > 1- change the existing PR_MDWE_REFUSE_EXEC_GAIN to 1UL > > 2- introduce PR_MDWE_NO_INHERIT as 2UL > > > Yes, I think it's the right thing to do. I suggest to spell them as (1UL > << 0), etc. for consistency with all other unsigned long flags in the > header. Ah yeah, absolutely! Good tip too, thank you :) > > But I'm surprised that most of the macros in > > include/uapi/linux/prctl.h are the same sort of footguns already ? > > Hasn't it been an issue for other prctls yet ? > > Yes, they are. I'm not aware of a public discussion of this specific > issue, but note that at least for some prctl() options the kernel > doesn't care about upper bits because arguments are truncated before > doing anything else with them (e.g. for PR_SCHED_CORE raw prctl() That makes sense > arguments are implicitly converted to what sched_core_share_pid() > expects). Also, actually getting junk in the upper bits might not always > be easy (e.g. on x86-64 all or almost all instructions with r32 > destination operand clear the upper bits). Unfortunately, I don't have a > better answer than this. Okay, I was just curious, that's good to know