Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp2839907rdb;
        Fri, 22 Sep 2023 09:40:39 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IF590/ypJ7kvQGNO5CYo1CeSeXgoNDijfBkHhrg8jxC8odna9O0It+IDOkBF5I3cANfFbSr
X-Received: by 2002:a17:902:70cb:b0:1c5:daf1:2704 with SMTP id l11-20020a17090270cb00b001c5daf12704mr1507plt.67.1695400838690;
        Fri, 22 Sep 2023 09:40:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1695400838; cv=none;
        d=google.com; s=arc-20160816;
        b=Hc2Mls9XH4gVgYhkBatSBteWPIX6ZBwOVs5l3B6l+DvMjLgEdHhX6ceotOxWAVPCHI
         qPeRf04dZLqitXRpf2CiOko2aAMJs7E0DBTMgG4p2X7HyAfTrQMetC/KPyI4ut2cAFUX
         amxNF4YwTuFlrmxUB9OYR39CTeB/OLMfub5xvy2d8txuayL+8QRUzNXWH0I3frQtOcR8
         mnOI0tfPCXicsLrSrdmOIuZnn+1uHea0kGJ1QgKdswatt+u++uEOIyybELhTO+Lz8N3e
         0AEJf5cQjjh8CbwlHlRDRfAKHzn/pho5EyJKCrTpxw2+hvA46giOgtValRNAdCrpFNcO
         Mtnw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:cc:to:subject
         :message-id:date:from:in-reply-to:references:mime-version
         :dkim-signature;
        bh=d2oPeZhckOvgIexU3V5j2cMrv17aN9eNzF5o8qmXjZ4=;
        fh=fTL9FwiqRlBPwLH504t9dHGz7qbyOFEcXF1J0UeqObk=;
        b=IqXB9y3ozU96Nl7IWQsmOZ0AP+L5EsP+EVjgmrW0XLvsMUPk8C4DsACsyDgSaT+1wW
         N3sKk0Q50Ja7P7+VER3fgLWpLks1K6+LhA4nzlk4kEBc6R7U1RSaSNp5+IUfwpL9dxIB
         gz1+ao3JofAmyzy/OUWYHZSW/8/UzVXKZgTq5F2WTBshCGfYJ0k3FnaWpcHsEUhHGAqg
         oneTCZwM+51l70sj+1v74dc1mJE/0uV7g4KFBWjcmJWKiNr3tIiNhyvAgb1ebojpFgB9
         Q4IA3PaHQSDRZq8i9bFvY3I8wbz7Kv7ZY3k+oujAgBSSSL1PhXqdB55h9dWkHr1boU6p
         T7Mw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=YTBmpigE;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3])
        by mx.google.com with ESMTPS id lb14-20020a170902fa4e00b001b837f239c4si3781198plb.651.2023.09.22.09.40.37
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 22 Sep 2023 09:40:38 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=YTBmpigE;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by lipwig.vger.email (Postfix) with ESMTP id 80DD081489ED;
	Fri, 22 Sep 2023 06:11:16 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233353AbjIVNLH (ORCPT <rfc822;bharatb.linux@gmail.com>
        + 99 others); Fri, 22 Sep 2023 09:11:07 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39152 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233133AbjIVNLG (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 22 Sep 2023 09:11:06 -0400
Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 844F2CE
        for <linux-kernel@vger.kernel.org>; Fri, 22 Sep 2023 06:11:00 -0700 (PDT)
Received: by mail-pj1-x1030.google.com with SMTP id 98e67ed59e1d1-2767378ae15so1425740a91.1
        for <linux-kernel@vger.kernel.org>; Fri, 22 Sep 2023 06:11:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google; t=1695388259; x=1695993059; darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=d2oPeZhckOvgIexU3V5j2cMrv17aN9eNzF5o8qmXjZ4=;
        b=YTBmpigEMTjuQtFh9jo2FWlcyHdgdrnJ0yHlmXuMzxCtWwak16PIbNJDenVPEdLSuS
         hDtjGIxskka9Lglbo2li4gZsUwAJ86+uwDPNTZFV2qLnFEe2fHoVj0pRvJTj69r3XtR5
         XpRmPXh2klS4Bcs5OWMxd8fcpRWoEu4txHz34=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1695388259; x=1695993059;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=d2oPeZhckOvgIexU3V5j2cMrv17aN9eNzF5o8qmXjZ4=;
        b=v0DfFg0kEF90iKTyiYxlUOYOer2VV0kde0MndM3W25JoDCDFAYBESjUDhM7aASafXy
         fLglzmZp21zCiamOj40tX/yRZ0qqpCpdyNXfr1c0BDqm8fwye3PH+yXq5JzelMokninm
         74q0Pbn9HSVQYrAH+pRoYwThb3IWBj3AOolfhzmnEvxayJ0/RT5nfy0976Ibl+Al9bmA
         pmfFbYX8UnJxwZKH8aZsRZa/34HgDSM43LHpc+2VfZlBy9TYJOC+Um1GMAKVqDEIWRyE
         GHKVMYCKn4/AWJWCyA6RZG7lp5Ub8kSUZCVrF0yUoZUwRmbhFE5rMUCvnojEw8h5CCP+
         IaCg==
X-Gm-Message-State: AOJu0YwOY5WYzXFljlQ/0tFIaVEgoj6gRrfv0VfkCLVBj5DjPrniG86q
        1UM0b6Lh8SI4Y7XTfq9G+kqa++wQr1KnnSvc1TQ1lQ==
X-Received: by 2002:a17:90b:2396:b0:273:fa72:ba83 with SMTP id
 mr22-20020a17090b239600b00273fa72ba83mr8151795pjb.47.1695388259003; Fri, 22
 Sep 2023 06:10:59 -0700 (PDT)
MIME-Version: 1.0
References: <20230828150858.393570-1-revest@chromium.org> <20230828150858.393570-5-revest@chromium.org>
 <20230921182910.2fcce58b27b23f767050033c@linux-foundation.org>
In-Reply-To: <20230921182910.2fcce58b27b23f767050033c@linux-foundation.org>
From:   Florent Revest <revest@chromium.org>
Date:   Fri, 22 Sep 2023 15:10:47 +0200
Message-ID: <CABRcYmJzWLQ2jPH6WmugUrePX+=JMo5iqP0S=U4n191GCm9ChA@mail.gmail.com>
Subject: Re: [PATCH v4 4/6] mm: Make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long
To:     Andrew Morton <akpm@linux-foundation.org>
Cc:     linux-kernel@vger.kernel.org, linux-mm@kvack.org,
        catalin.marinas@arm.com, anshuman.khandual@arm.com,
        joey.gouly@arm.com, mhocko@suse.com, keescook@chromium.org,
        david@redhat.com, peterx@redhat.com, izbyshev@ispras.ru,
        broonie@kernel.org, szabolcs.nagy@arm.com, kpsingh@kernel.org,
        gthelen@google.com, toiwoton@gmail.com, ayush.jain3@amd.com,
        stable@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED
	autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Fri, 22 Sep 2023 06:11:16 -0700 (PDT)

On Fri, Sep 22, 2023 at 3:29=E2=80=AFAM Andrew Morton <akpm@linux-foundatio=
n.org> wrote:
>
> On Mon, 28 Aug 2023 17:08:56 +0200 Florent Revest <revest@chromium.org> w=
rote:
>
> > Defining a prctl flag as an int is a footgun because on a 64 bit machin=
e
> > and with a variadic implementation of prctl (like in musl and glibc),
> > when used directly as a prctl argument, it can get casted to long with
> > garbage upper bits which would result in unexpected behaviors.
> >
> > This patch changes the constant to an unsigned long to eliminate that
> > possibilities. This does not break UAPI.
> >
> > Fixes: b507808ebce2 ("mm: implement memory-deny-write-execute as a prct=
l")
> > Cc: stable@vger.kernel.org
> > Signed-off-by: Florent Revest <revest@chromium.org>
> > Suggested-by: Alexey Izbyshev <izbyshev@ispras.ru>
> > Reviewed-by: David Hildenbrand <david@redhat.com>
> > Reviewed-by: Kees Cook <keescook@chromium.org>
> > Acked-by: Catalin Marinas <catalin.marinas@arm.com>
>
> Why is this being offered to -stable?  Does it fix any known problem?

The background for this was discussed in these threads:
v1: https://lore.kernel.org/all/66900d0ad42797a55259061f757beece@ispras.ru/
v2: https://lore.kernel.org/all/d7e3749c-a718-df94-92af-1cb0fecab772@redhat=
.com/

Cc-ing stable was suggested by David and Alexey:

> On Mon, May 22, 2023 at 8:58=E2=80=AFPM Alexey Izbyshev <izbyshev@ispras.=
ru> wrote:
> > On 2023-05-22 19:22, David Hildenbrand wrote:
> > > Which raises the question if we want to tag this here with a "Fixes"
> > > and eventually cc stable (hmm ...)?
> >
> > Yes, IMO the faster we propagate this change, the better.
>
> Okay, will do

I think that a stable backport would be "nice to have": to reduce the
chances that users build binaries that could end up with garbage bits
in their MDWE prctl arguments. We are not aware of anyone having yet
encountered this corner case with MDWE prctls but a backport would
reduce the likelihood it happens, since this sort of issues has
happened with other prctls. But If this is perceived as a backporting
burden, I suppose we could also live without a stable backport.