Re: [PATCH v2 3/5] mm: Make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long

From: Alexey Izbyshev
Date: Tue May 23 2023 - 09:25:59 EST

On 2023-05-23 16:07, Catalin Marinas wrote:
On Tue, May 23, 2023 at 11:12:37AM +0200, David Hildenbrand wrote:
Also, how is passing "0"s to e.g., PR_GET_THP_DISABLE reliable? We need arg2
-> arg5 to be 0. But wouldn't the following also just pass a 0 "int" ?

prctl(PR_GET_THP_DISABLE, 0, 0, 0, 0)

I'm easily confused by such (va_args) things, so sorry for the dummy
questions.

Isn't the prctl() prototype in the user headers defined with the first
argument as int while the rest as unsigned long? At least from the man
page:

int prctl(int option, unsigned long arg2, unsigned long arg3,
unsigned long arg4, unsigned long arg5);

So there are no va_args tricks (which confuse me as well).

I have explicitly mentioned the problem with man pages in my response to David[1]. Quoting myself:

This stuff *is* confusing, and note that Linux man pages don't even tell
that prctl() is actually declared as a variadic function (and for
ptrace() this is mentioned only in the notes, but not in its signature).

The reality:

* glibc: https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/unix/sysv/linux/sys/prctl.h;h=821aeefc1339b35210e8918ecfe9833ed2792626;hb=glibc-2.37#l42

* musl: https://git.musl-libc.org/cgit/musl/tree/include/sys/prctl.h?h=v1.2.4#n180

Though there is a test in the kernel that does define its own prototype, avoiding the issue: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/testing/selftests/sched/cs_prctl_test.c?h=v6.3#n77

Thanks,
Alexey

[1] https://lore.kernel.org/lkml/7c572622c0d8e283fc880fe3f4ffac27@xxxxxxxxx//lkml/7c572622c0d8e283fc880fe3f4ffac27@xxxxxxxxx

Any int passed to arg[2-5] would be converted by the compiler to an
unsigned long before being passed to the kernel. So I think the change
in this patch is harmless as the conversion is happening anyway.

(well, unless I completely missed what the problem is)