On Sat, Feb 17, 2024 at 11:24:07AM +0100, Christophe Leroy wrote: > arch_protect_bpf_trampoline() and alloc_new_pack() call > set_memory_rox() which can fail, leading to unprotected memory. > > Take into account return from set_memory_XX() functions and add > __must_check flag to arch_protect_bpf_trampoline(). > > Signed-off-by: Christophe Leroy <christophe.leroy@xxxxxxxxxx> Thanks for doing this! This seems to hit all the right error paths that I can see. Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
