Message ID | 20240602023754.25443-4-laoar.shao@gmail.com (mailing list archive) |
---|---|
State | Handled Elsewhere |
Delegated to: | Paul Moore |
Headers | show |
Series | kernel: Avoid memcpy of task comm | expand |
On Sat, Jun 1, 2024 at 10:38 PM Yafang Shao <laoar.shao@gmail.com> wrote: > > Using __get_task_comm() to read the task comm ensures that the name is > always NUL-terminated, regardless of the source string. This approach also > facilitates future extensions to the task comm. > > Signed-off-by: Yafang Shao <laoar.shao@gmail.com> > Cc: Paul Moore <paul@paul-moore.com> > Cc: Eric Paris <eparis@redhat.com> > --- > kernel/auditsc.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) Assuming you've sorted out all the problems identified earlier in the patchset and __get_task_comm() no longer takes task_lock() this should be okay from an audit perspective. Acked-by: Paul Moore <paul@paul-moore.com> > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > index 6f0d6fb6523f..0459a141dc86 100644 > --- a/kernel/auditsc.c > +++ b/kernel/auditsc.c > @@ -2730,7 +2730,7 @@ void __audit_ptrace(struct task_struct *t) > context->target_uid = task_uid(t); > context->target_sessionid = audit_get_sessionid(t); > security_task_getsecid_obj(t, &context->target_sid); > - memcpy(context->target_comm, t->comm, TASK_COMM_LEN); > + __get_task_comm(context->target_comm, TASK_COMM_LEN, t); > } > > /** > @@ -2757,7 +2757,7 @@ int audit_signal_info_syscall(struct task_struct *t) > ctx->target_uid = t_uid; > ctx->target_sessionid = audit_get_sessionid(t); > security_task_getsecid_obj(t, &ctx->target_sid); > - memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); > + __get_task_comm(ctx->target_comm, TASK_COMM_LEN, t); > return 0; > } > > @@ -2778,7 +2778,7 @@ int audit_signal_info_syscall(struct task_struct *t) > axp->target_uid[axp->pid_count] = t_uid; > axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); > security_task_getsecid_obj(t, &axp->target_sid[axp->pid_count]); > - memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); > + __get_task_comm(axp->target_comm[axp->pid_count], TASK_COMM_LEN, t); > axp->pid_count++; > > return 0; > -- > 2.39.1
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 6f0d6fb6523f..0459a141dc86 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -2730,7 +2730,7 @@ void __audit_ptrace(struct task_struct *t) context->target_uid = task_uid(t); context->target_sessionid = audit_get_sessionid(t); security_task_getsecid_obj(t, &context->target_sid); - memcpy(context->target_comm, t->comm, TASK_COMM_LEN); + __get_task_comm(context->target_comm, TASK_COMM_LEN, t); } /** @@ -2757,7 +2757,7 @@ int audit_signal_info_syscall(struct task_struct *t) ctx->target_uid = t_uid; ctx->target_sessionid = audit_get_sessionid(t); security_task_getsecid_obj(t, &ctx->target_sid); - memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); + __get_task_comm(ctx->target_comm, TASK_COMM_LEN, t); return 0; } @@ -2778,7 +2778,7 @@ int audit_signal_info_syscall(struct task_struct *t) axp->target_uid[axp->pid_count] = t_uid; axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); security_task_getsecid_obj(t, &axp->target_sid[axp->pid_count]); - memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); + __get_task_comm(axp->target_comm[axp->pid_count], TASK_COMM_LEN, t); axp->pid_count++; return 0;
Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao <laoar.shao@gmail.com> Cc: Paul Moore <paul@paul-moore.com> Cc: Eric Paris <eparis@redhat.com> --- kernel/auditsc.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)