From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 036D6E6FE23 for ; Fri, 22 Sep 2023 13:11:04 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EAC796B02E0; Fri, 22 Sep 2023 09:11:03 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E35EB6B02E1; Fri, 22 Sep 2023 09:11:03 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CD6966B02E2; Fri, 22 Sep 2023 09:11:03 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id B894F6B02E0 for ; Fri, 22 Sep 2023 09:11:03 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 864D38066D for ; Fri, 22 Sep 2023 13:11:03 +0000 (UTC) X-FDA: 81264268806.03.ED29418 Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by imf03.hostedemail.com (Postfix) with ESMTP id 6CF4C20019 for ; Fri, 22 Sep 2023 13:11:00 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=imggzx+s; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf03.hostedemail.com: domain of revest@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1695388260; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=d2oPeZhckOvgIexU3V5j2cMrv17aN9eNzF5o8qmXjZ4=; b=mz/lB+4pfFoKd3KF8c9mj6NsNLkfNULCIhak6xnrCHdmJNdA5BG1hztQf51DZQepm6hPY6 IquvgkbIXmM7lQu8jLdYC7m53TOu1+IMP7Yv2ciYwpFCWs0oiX/St20qlgTZ9uB8qDET8+ JUYx8whcXdWL3RhHJuV7y7Md9Z0zdY4= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=imggzx+s; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf03.hostedemail.com: domain of revest@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1695388260; a=rsa-sha256; cv=none; b=SAW79QGR3vNWF1rpYX26xnWC1eff5dHhVwBD5ZtM5DVt9Bnp83AowSxfErHLT89LCnP4tg TBE0gMiL6JcvFyaYS1BlZUvdoks58J4dncb9GGNx7akjyePHpe+yNDL+zi2CCuETwKCRns rSHtgf1hRme4+HZVRZbSRJ/3YJ/4COQ= Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1bf55a81eeaso17415035ad.0 for ; Fri, 22 Sep 2023 06:11:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1695388259; x=1695993059; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=d2oPeZhckOvgIexU3V5j2cMrv17aN9eNzF5o8qmXjZ4=; b=imggzx+sN5qTEE4QyEEwUX1fQszL7atWm+HPm0QedZO/CzSa9hPyxZxaSUjCrguuO7 C9agMtcyXJlexx/NYfJPyEkwRwGnUD8hD1yvsAVLiDw3TNqETzILN3tYGDAktMra1AAH HBX4qbqeaPCx14KGIQXbvl7hThQZqVdRLWveE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695388259; x=1695993059; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=d2oPeZhckOvgIexU3V5j2cMrv17aN9eNzF5o8qmXjZ4=; b=IMllpKQ6AH3+3+KqL1Z9kAkymBUeD+weo9ihWu+KABR7aO+wvH9A6js3WjWe+0ynC8 b7S5pMN48dkzD4uVr2u2uc8zIyxssq3/X3uwjJXtYeTgxwHbTkFfwfQotLadoofVkIO9 poytGoFmXKddbr6TRyGEeAGbOrizpKUk1Ejck6Pms990ELzauel9r0yfWlc0SsSI06h0 XovJHe5Jd11fU5J2Pn5O1RlmRNppOXw0k9C92q8LyStFMsBaeBEq/4eK3vqr0UmH8irM 1OVAIASrwBcPwZdSgWEjd87SUlsAhLgTP1xw8fdkVZYeo2Jtz+uCBeo00gXypLYaZa83 pdOQ== X-Gm-Message-State: AOJu0YxnDYxrETSxQOn/Q4SWtxaq1E7Buw/sngn9VrIVS1SSMiUVaEM+ 4x+loXfRyqsgjOhdkKq4i8RWT9tsOuY6d3+cWW5AYQ== X-Google-Smtp-Source: AGHT+IFRIXNGRSiyeeGsj2os9DBwlJZoYk789nEzGMD9JjigPWdKYgad7HmRqJDcmKUsVwCJ+TDjHTw38JL3QO8ExJE= X-Received: by 2002:a17:90b:2396:b0:273:fa72:ba83 with SMTP id mr22-20020a17090b239600b00273fa72ba83mr8151795pjb.47.1695388259003; Fri, 22 Sep 2023 06:10:59 -0700 (PDT) MIME-Version: 1.0 References: <20230828150858.393570-1-revest@chromium.org> <20230828150858.393570-5-revest@chromium.org> <20230921182910.2fcce58b27b23f767050033c@linux-foundation.org> In-Reply-To: <20230921182910.2fcce58b27b23f767050033c@linux-foundation.org> From: Florent Revest Date: Fri, 22 Sep 2023 15:10:47 +0200 Message-ID: Subject: Re: [PATCH v4 4/6] mm: Make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long To: Andrew Morton Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, catalin.marinas@arm.com, anshuman.khandual@arm.com, joey.gouly@arm.com, mhocko@suse.com, keescook@chromium.org, david@redhat.com, peterx@redhat.com, izbyshev@ispras.ru, broonie@kernel.org, szabolcs.nagy@arm.com, kpsingh@kernel.org, gthelen@google.com, toiwoton@gmail.com, ayush.jain3@amd.com, stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 6CF4C20019 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: cggi54rmru7gn6jy1ddh83enytz637a6 X-HE-Tag: 1695388260-291694 X-HE-Meta: U2FsdGVkX18pyoL6PoMFIQY03D90bGSPwJP1aeeUzYKNiYJdZdy4opWG8AGbZ2AVxk17z8WGuc3rh4KHS5Hu5Wp6R764koY4MErLcGAYaqsRmV5Kb77YE1JSMT0eeoURQ2elRg7TdJXRLpgBtPsOo6nbg5YYw1n6MwcUYxfQL1lffFnwfHKSeZJ8Xxz0vZpjpdmY/jZUqzjeMrn8s3T0Os7ni1Ch5tgp1LDhGqMBLWsaqa8S6sxmkwlS+4d7PXcWyRmn+e2aWOpkKyOjffZYuxeFtmEcjvC/Iam5o3SWMqFYuzCFXznFVQ7q7pU4nw68WOJ1E7ya2P7xefU2lZ8z30sf2l/m5KKzIeAD9d2szDbL112nH5ovWLqILM5lw11zrdJblp+nuEtf2C5B3Cg9w8Pd6cpC+Ni3g9DV8o9MGLRyCgTl+x95oMh8ZQ0LfcwCqzuQZ6KfV0thH0JURNDjhqwrmT4T+b04YTJSVeI2qMX6XxjVvj+8ByLG8J3/aGT+F+0rdWIY8Cucaz2kWiuY9Wj1CTKFaplZoRsqHsX76YRgo4dG9Gep9dJT9tZtMS2ySpVVRV4QmwX8HkBIpFeTgWUebCHzqJIScDMkm05OvK3S3ZywWAJMzmkaUD0oLp2ybPR/dmBSo36V3Bc//z6X995nDCdaCw2e+t7/WclwDqmi9/dvxEFT44dpWNrRxT35DyuavwglW6NCw4B9pbqOW491qc7xtG5hZvq9V2mZtreXgctbebQudRLTBWyoYv+afYLaf71SoYWOZwEq8eMmZAPh1ed3z6Vnvr5emBczfyD1exlwR63vYZV8ykhorSiSbPcRNWwtH5GUuuMqkY5bxlX1nVbEVrDZxVMT9jve6lShNg949BuJj0p5LTVD3bJQZEIiDzZmUkWYozZFjz4AI0kn1A8lOjB43nSiJKi9vEhg6ZZnhnZeeJcLh6D1iL9nudbN49fW0ThHEWqwsUp gNHDixBx I05/mfbQgA6saAL/cpfItMD31yPeEcYtkxC5FzV0EuX1/KsstWTdFqV25TGg0HFqUKNKbDRCjlleHDvrBLGN0GDqiO/1qJVDW+/ssj58whMtzvuIBX3aIPIIlZmAGwt1hy+sM7q8DfC0QS09BWP6KrP56+I7yK/AdKoBGBVjf2tQ9J+4UZlII2gsvLGx/C7402Wxsa+orXfXCHkyeNiD134Nh3NSg8pNcKmb0lpeUPr4pX8AIH+gIOF5G1cTmCogJvsvcJrWv8sulljYVkp/ZfZTZc3dHgU54R4LeNCZSjBfmj8Dtj98ScNUOiqAILwe7EUzPi9OuZUaPj9VApKX3bSpvg9JBD0mnXQoGQYPYdXGptSIIBE7VUR3MpKTfpr0Tfc8vIMg2I3zEzXtHIoHDS+9RIHXo5Ies3jzlXrw6JovBpje8aChY8bB45iuf1buvHArTBFKNkCWOZNvEhSuZjqmFHi4vU2XzmQZ/tZ6wdXCAl0clQOlL6FXV7EhPh7thEH9dCBWGSMPkoNfSNkagAX48yW8Dhip5u8LUFxcK5hS/tz7BXHGODQCJBCUFGIB2o9SqwwI7eAx983f9tr+lkkR5itPk7ny8uFi8GSe+gbAQgcoHybDnTC2YyrNvo0/bTvGmUd36XyiadK0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Sep 22, 2023 at 3:29=E2=80=AFAM Andrew Morton wrote: > > On Mon, 28 Aug 2023 17:08:56 +0200 Florent Revest w= rote: > > > Defining a prctl flag as an int is a footgun because on a 64 bit machin= e > > and with a variadic implementation of prctl (like in musl and glibc), > > when used directly as a prctl argument, it can get casted to long with > > garbage upper bits which would result in unexpected behaviors. > > > > This patch changes the constant to an unsigned long to eliminate that > > possibilities. This does not break UAPI. > > > > Fixes: b507808ebce2 ("mm: implement memory-deny-write-execute as a prct= l") > > Cc: stable@vger.kernel.org > > Signed-off-by: Florent Revest > > Suggested-by: Alexey Izbyshev > > Reviewed-by: David Hildenbrand > > Reviewed-by: Kees Cook > > Acked-by: Catalin Marinas > > Why is this being offered to -stable? Does it fix any known problem? The background for this was discussed in these threads: v1: https://lore.kernel.org/all/66900d0ad42797a55259061f757beece@ispras.ru/ v2: https://lore.kernel.org/all/d7e3749c-a718-df94-92af-1cb0fecab772@redhat= .com/ Cc-ing stable was suggested by David and Alexey: > On Mon, May 22, 2023 at 8:58=E2=80=AFPM Alexey Izbyshev wrote: > > On 2023-05-22 19:22, David Hildenbrand wrote: > > > Which raises the question if we want to tag this here with a "Fixes" > > > and eventually cc stable (hmm ...)? > > > > Yes, IMO the faster we propagate this change, the better. > > Okay, will do I think that a stable backport would be "nice to have": to reduce the chances that users build binaries that could end up with garbage bits in their MDWE prctl arguments. We are not aware of anyone having yet encountered this corner case with MDWE prctls but a backport would reduce the likelihood it happens, since this sort of issues has happened with other prctls. But If this is perceived as a backporting burden, I suppose we could also live without a stable backport.