Re: [PATCH v3 3/5] mm: Make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long

From: Kees Cook
Date: Fri Aug 25 2023 - 18:30:40 EST


On Tue, Jul 04, 2023 at 05:36:27PM +0200, Florent Revest wrote:
> Defining a prctl flag as an int is a footgun because on a 64 bit machine
> and with a variadic implementation of prctl (like in musl and glibc),
> when used directly as a prctl argument, it can get casted to long with
> garbage upper bits which would result in unexpected behaviors.
>
> This patch changes the constant to an unsigned long to eliminate that
> possibilities. This does not break UAPI.
>
> Fixes: b507808ebce2 ("mm: implement memory-deny-write-execute as a prctl")
> Cc: linux-stable@xxxxxxxxxxxxxxx
> Signed-off-by: Florent Revest <revest@xxxxxxxxxxxx>

Ah yes. I remember this pain with seccomp. :)

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

--
Kees Cook