Received: by 2002:a05:7412:b130:b0:e2:908c:2ebd with SMTP id az48csp1280335rdb; Sat, 18 Nov 2023 09:37:11 -0800 (PST) X-Google-Smtp-Source: AGHT+IFb7/GGQZQoYDTXUFuqEwFlfDY8/SSUGlzN2dQFhHXxpH/lPd5F4ozRJPqmNxwXioCX78sX X-Received: by 2002:a92:d6c7:0:b0:357:f3ad:8925 with SMTP id z7-20020a92d6c7000000b00357f3ad8925mr3401206ilp.14.1700329031394; Sat, 18 Nov 2023 09:37:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700329031; cv=none; d=google.com; s=arc-20160816; b=u0zPxztHNEZOBjZ7+Spf24EL2E00F3ySiNRTiPpp2BT1F1I9IjvnhVPo56TCBN+VXy qy5f9wyXeM5ZNByDu3xMkxcd8wngFSvjTH2liyKoFjKTETIaEhiBl1RXkUEnjW8UrSTD hZGL5eznUL/xA9zY7V0tTFIVdMB6pQVtUTGaN3wTev5v5GW0hx0OJ9dtzM+Gt2kL+d5O 6EYMxDPpzFZty1NiYoFDb3uhdVGtFbnm6eHVYYiL0KO3HdWR4aluq7CX+GXbvpBPMhl/ hVfG1xB0r/mgmO76Pvc36NXYZMKWhAai8rVyEMT8lzzJrd4VAV6Yd+DYF3ouJvvGCdVA Z6Cw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=1XdNJHQVOkcEDcIMedTCGqDVpo8YAzi1ivWNi4eRH88=; fh=8MbBkry6zA/NzXAF6htDIj+nwispL0xWOGhcqtk7SQE=; b=Q7GZXbEFRawzq+Ug7dtqHoaHa8xhPyMuTSiw3VdkVsgfjhIAFhb2vvIuDV09Lv7ryF XBG4CDGCbA2HER+0oHtQKZSZn+Zua1gZsSoNgBppUDDg9/eUitRQI0S8XrJojMIp0Q3e xEvmlMy4/AtoO+XjEOkZe8V7zmqfAlhlSRx5RcrrPc0vC3FrVMy0ak1YFpc/pkXfI31I y0Y99tBmphWcvNd7cTfkD2UO9oVf9MoPnC4Mb/6w6g18CW4pSOFPMh1RMFxlFSdsGBKo Oubyt80lYKn5e8lC5kWqJlXpcxsIt1lBG0wW4jbj09Dk5TokQm1/c3Gf6H9yQsn+m184 HkBg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b="Fodt7/i/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2]) by mx.google.com with ESMTPS id b38-20020a630c26000000b005b86119661esi4669921pgl.86.2023.11.18.09.37.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 18 Nov 2023 09:37:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b="Fodt7/i/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 6959B80407D8; Sat, 18 Nov 2023 09:37:08 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229463AbjKRRgj (ORCPT + 99 others); Sat, 18 Nov 2023 12:36:39 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35936 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230057AbjKRRgi (ORCPT ); Sat, 18 Nov 2023 12:36:38 -0500 Received: from mail-lj1-x22f.google.com (mail-lj1-x22f.google.com [IPv6:2a00:1450:4864:20::22f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61300AF for ; Sat, 18 Nov 2023 09:36:34 -0800 (PST) Received: by mail-lj1-x22f.google.com with SMTP id 38308e7fff4ca-2c79d8b67f3so38002281fa.0 for ; Sat, 18 Nov 2023 09:36:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; t=1700328992; x=1700933792; darn=vger.kernel.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=1XdNJHQVOkcEDcIMedTCGqDVpo8YAzi1ivWNi4eRH88=; b=Fodt7/i/X2dhCyuY4Zaf8nIDsWXufqYR2nt+9vitB2qXZmnwALU9E7s1qqTOqPgsrw UAbqi1awJwJIxT73Osxh/9lWlOtyu1sZkUS989ne0LDqtHFuUrmBWvHqIKnDtqyozupT 27X8x+acjm6O9Uw9A/8QwNv+VgM7l0esgDjqY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700328992; x=1700933792; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=1XdNJHQVOkcEDcIMedTCGqDVpo8YAzi1ivWNi4eRH88=; b=CmAA4r62p8Tu2M0EFLOymdOqS5024/UzA9o99BI7Rxsh7uCGB4+XiSfZw2yv01S0FO H/Xdtn25hMiqn0/u+BeNfVT80G6sqTwl4qBdaO6CANPE8g57DuboahF9LG0c4s4PZjjE WBOCAV/J3d/akeDCXgZI5II48boRG6MzRw0t0p1Fi9OPSRmgyn1RUwRW7wp2xvGSGHCn 67Kr+cuywpFesGJh/CD4ayt63etlUlJne2CFpBoEyiVKuruE9r3axrgK+O36E1j2/8Rg ODTbOEGkzrbyjB4wir1NP3oPVEwgipvQEdHXIC8mh/FQVRzyA87vaZu374nBCkXIAME6 8wmA== X-Gm-Message-State: AOJu0YwEBRChRKE081pGR7d0LsXBWcaRKrA28HX9dVto+XiU3sVhozhd NOdoejU+C2RF20vwvAAwC1RE4qN5DusEm5SgZC0Whg== X-Received: by 2002:a2e:a268:0:b0:2c0:a0c:be7 with SMTP id k8-20020a2ea268000000b002c00a0c0be7mr1981500ljm.8.1700328992375; Sat, 18 Nov 2023 09:36:32 -0800 (PST) Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com. [209.85.167.51]) by smtp.gmail.com with ESMTPSA id l20-20020a2ea314000000b002bffb3f8cebsm558273lje.54.2023.11.18.09.36.31 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 18 Nov 2023 09:36:31 -0800 (PST) Received: by mail-lf1-f51.google.com with SMTP id 2adb3069b0e04-507a62d4788so4381032e87.0 for ; Sat, 18 Nov 2023 09:36:31 -0800 (PST) X-Received: by 2002:a19:a418:0:b0:509:2b81:fc40 with SMTP id q24-20020a19a418000000b005092b81fc40mr2153660lfc.9.1700328991156; Sat, 18 Nov 2023 09:36:31 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Linus Torvalds Date: Sat, 18 Nov 2023 09:36:14 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [GIT PULL] parisc architecture fixes for v6.7-rc1 To: Helge Deller Cc: linux-kernel@vger.kernel.org, linux-parisc@vger.kernel.org, James Bottomley , John David Anglin , Kees Cook Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Sat, 18 Nov 2023 09:37:08 -0800 (PST) On Sat, 18 Nov 2023 at 05:58, Helge Deller wrote: > > On parisc we still sometimes need writeable stacks, e.g. if programs aren't > compiled with gcc-14. To avoid issues with the upcoming systemd-254 we > therefore have to disable prctl(PR_SET_MDWE) for now (for parisc only). Ugh. I pulled this, but I *really* cannot live with how ugly that is. Seriously, that code is just unacceptable. Doing something like + if (IS_ENABLED(CONFIG_PARISC)) + error = -EINVAL; + else + error = prctl_set_mdwe(arg2, arg3, arg4, arg5); in generic code with no comment is just truly crazy. If you have to go and do a "git blame -C" just to understand why the code exists, the code is a problem. But it goes beyond that. The code is just *ugly*, and it's done entirely in the wrong place. Things like "mdwe is special on parisc" should *NOT* be done in the generic "prctl()" function. This issue is not specific to prctl() - it's very much specific to mdwe. So I think it would have been both much more legible, and *much* more appropriate, to do it in prctl_set_mdwe() itself, where it makes more sense, and where it matches all the *other* mdwe-specific checks the code does wrt arguments and existing state. And honestly, why wouldn't 'get_mdwe' work? So the *other* hunk in that patch (which isn't even mentioned in the commit message) that returns -EINVAL for get_mdwe makes no sense at all, and shouldn't have existed. End result: I think the code should have been something like this (whitespace-damaged) thing: --- a/kernel/sys.c +++ b/kernel/sys.c @@ -2394,6 +2394,10 @@ static inline int prctl_set_mdwe(unsigned long bits, if (bits & PR_MDWE_NO_INHERIT && !(bits & PR_MDWE_REFUSE_EXEC_GAIN)) return -EINVAL; + /* PARISC cannot allow mdwe as it needs writable stacks */ + if (IS_ENABLED(CONFIG_PARISC)) + return -ENOSYS; + current_bits = get_current_mdwe(); if (current_bits && current_bits != bits) return -EPERM; /* Cannot unset the flags */ where I also picked another error code, because it's not that the prctl value or the arguments are invalid, I think the error should show that there's something else going on. No, I don't think -ENOSYS is necessarily the best possible error value, but I think it at least conceptually matches the "this prctl doesn't exist on PARISC". Maybe Maybe ENOSYS should be avoided (prctl() obvious does exist), but I do think this should be a different error than the EINVAL that the generic checks do. End result: I really hated this change so much that I ended up unpulling after doing the pull. This needs to be done right, or not at all. Linus