Message ID | 20240613023044.45873-7-laoar.shao@gmail.com (mailing list archive) |
---|---|
State | Handled Elsewhere |
Delegated to: | Paul Moore |
Headers | show |
Series | Improve the copy of task comm | expand |
On Thu, Jun 13, 2024 at 10:30:40AM +0800, Yafang Shao wrote: > Using __get_task_comm() to read the task comm ensures that the name is > always NUL-terminated, regardless of the source string. This approach also > facilitates future extensions to the task comm. > > Signed-off-by: Yafang Shao <laoar.shao@gmail.com> > Cc: Catalin Marinas <catalin.marinas@arm.com> > Cc: Andrew Morton <akpm@linux-foundation.org> > --- > mm/kmemleak.c | 8 +------- > 1 file changed, 1 insertion(+), 7 deletions(-) > > diff --git a/mm/kmemleak.c b/mm/kmemleak.c > index d5b6fba44fc9..ef29aaab88a0 100644 > --- a/mm/kmemleak.c > +++ b/mm/kmemleak.c > @@ -663,13 +663,7 @@ static struct kmemleak_object *__alloc_object(gfp_t gfp) > strncpy(object->comm, "softirq", sizeof(object->comm)); > } else { > object->pid = current->pid; > - /* > - * There is a small chance of a race with set_task_comm(), > - * however using get_task_comm() here may cause locking > - * dependency issues with current->alloc_lock. In the worst > - * case, the command line is not correct. > - */ > - strncpy(object->comm, current->comm, sizeof(object->comm)); > + __get_task_comm(object->comm, sizeof(object->comm), current); > } You deleted the comment stating why it does not use get_task_comm() without explaining why it would be safe now. I don't recall the details but most likely lockdep warned of some potential deadlocks with this function being called with the task_lock held. So, you either show why this is safe or just use strscpy() directly here (not sure we'd need strscpy_pad(); I think strscpy() would do, we just need the NUL-termination).
On Thu, Jun 13, 2024 at 4:37 PM Catalin Marinas <catalin.marinas@arm.com> wrote: > > On Thu, Jun 13, 2024 at 10:30:40AM +0800, Yafang Shao wrote: > > Using __get_task_comm() to read the task comm ensures that the name is > > always NUL-terminated, regardless of the source string. This approach also > > facilitates future extensions to the task comm. > > > > Signed-off-by: Yafang Shao <laoar.shao@gmail.com> > > Cc: Catalin Marinas <catalin.marinas@arm.com> > > Cc: Andrew Morton <akpm@linux-foundation.org> > > --- > > mm/kmemleak.c | 8 +------- > > 1 file changed, 1 insertion(+), 7 deletions(-) > > > > diff --git a/mm/kmemleak.c b/mm/kmemleak.c > > index d5b6fba44fc9..ef29aaab88a0 100644 > > --- a/mm/kmemleak.c > > +++ b/mm/kmemleak.c > > @@ -663,13 +663,7 @@ static struct kmemleak_object *__alloc_object(gfp_t gfp) > > strncpy(object->comm, "softirq", sizeof(object->comm)); > > } else { > > object->pid = current->pid; > > - /* > > - * There is a small chance of a race with set_task_comm(), > > - * however using get_task_comm() here may cause locking > > - * dependency issues with current->alloc_lock. In the worst > > - * case, the command line is not correct. > > - */ > > - strncpy(object->comm, current->comm, sizeof(object->comm)); > > + __get_task_comm(object->comm, sizeof(object->comm), current); > > } > > You deleted the comment stating why it does not use get_task_comm() > without explaining why it would be safe now. I don't recall the details > but most likely lockdep warned of some potential deadlocks with this > function being called with the task_lock held. > > So, you either show why this is safe or just use strscpy() directly here > (not sure we'd need strscpy_pad(); I think strscpy() would do, we just > need the NUL-termination). The task_lock was dropped in patch #1 [0]. My apologies for not including you in the CC for that change. After this modification, it is now safe to use __get_task_comm(). [0] https://lore.kernel.org/all/20240613023044.45873-2-laoar.shao@gmail.com/
On Thu, Jun 13, 2024 at 08:10:17PM +0800, Yafang Shao wrote: > On Thu, Jun 13, 2024 at 4:37 PM Catalin Marinas <catalin.marinas@arm.com> wrote: > > On Thu, Jun 13, 2024 at 10:30:40AM +0800, Yafang Shao wrote: > > > Using __get_task_comm() to read the task comm ensures that the name is > > > always NUL-terminated, regardless of the source string. This approach also > > > facilitates future extensions to the task comm. > > > > > > Signed-off-by: Yafang Shao <laoar.shao@gmail.com> > > > Cc: Catalin Marinas <catalin.marinas@arm.com> > > > Cc: Andrew Morton <akpm@linux-foundation.org> > > > --- > > > mm/kmemleak.c | 8 +------- > > > 1 file changed, 1 insertion(+), 7 deletions(-) > > > > > > diff --git a/mm/kmemleak.c b/mm/kmemleak.c > > > index d5b6fba44fc9..ef29aaab88a0 100644 > > > --- a/mm/kmemleak.c > > > +++ b/mm/kmemleak.c > > > @@ -663,13 +663,7 @@ static struct kmemleak_object *__alloc_object(gfp_t gfp) > > > strncpy(object->comm, "softirq", sizeof(object->comm)); > > > } else { > > > object->pid = current->pid; > > > - /* > > > - * There is a small chance of a race with set_task_comm(), > > > - * however using get_task_comm() here may cause locking > > > - * dependency issues with current->alloc_lock. In the worst > > > - * case, the command line is not correct. > > > - */ > > > - strncpy(object->comm, current->comm, sizeof(object->comm)); > > > + __get_task_comm(object->comm, sizeof(object->comm), current); > > > } > > > > You deleted the comment stating why it does not use get_task_comm() > > without explaining why it would be safe now. I don't recall the details > > but most likely lockdep warned of some potential deadlocks with this > > function being called with the task_lock held. > > > > So, you either show why this is safe or just use strscpy() directly here > > (not sure we'd need strscpy_pad(); I think strscpy() would do, we just > > need the NUL-termination). > > The task_lock was dropped in patch #1 [0]. My apologies for not > including you in the CC for that change. After this modification, it > is now safe to use __get_task_comm(). > > [0] https://lore.kernel.org/all/20240613023044.45873-2-laoar.shao@gmail.com/ Ah, great. For this patch: Acked-by: Catalin Marinas <catalin.marinas@arm.com> You may want to add a comment in the commit log that since __get_task_comm() no longer takes a long, it's safe to call it from kmemleak.
On Fri, Jun 14, 2024 at 6:57 PM Catalin Marinas <catalin.marinas@arm.com> wrote: > > On Thu, Jun 13, 2024 at 08:10:17PM +0800, Yafang Shao wrote: > > On Thu, Jun 13, 2024 at 4:37 PM Catalin Marinas <catalin.marinas@arm.com> wrote: > > > On Thu, Jun 13, 2024 at 10:30:40AM +0800, Yafang Shao wrote: > > > > Using __get_task_comm() to read the task comm ensures that the name is > > > > always NUL-terminated, regardless of the source string. This approach also > > > > facilitates future extensions to the task comm. > > > > > > > > Signed-off-by: Yafang Shao <laoar.shao@gmail.com> > > > > Cc: Catalin Marinas <catalin.marinas@arm.com> > > > > Cc: Andrew Morton <akpm@linux-foundation.org> > > > > --- > > > > mm/kmemleak.c | 8 +------- > > > > 1 file changed, 1 insertion(+), 7 deletions(-) > > > > > > > > diff --git a/mm/kmemleak.c b/mm/kmemleak.c > > > > index d5b6fba44fc9..ef29aaab88a0 100644 > > > > --- a/mm/kmemleak.c > > > > +++ b/mm/kmemleak.c > > > > @@ -663,13 +663,7 @@ static struct kmemleak_object *__alloc_object(gfp_t gfp) > > > > strncpy(object->comm, "softirq", sizeof(object->comm)); > > > > } else { > > > > object->pid = current->pid; > > > > - /* > > > > - * There is a small chance of a race with set_task_comm(), > > > > - * however using get_task_comm() here may cause locking > > > > - * dependency issues with current->alloc_lock. In the worst > > > > - * case, the command line is not correct. > > > > - */ > > > > - strncpy(object->comm, current->comm, sizeof(object->comm)); > > > > + __get_task_comm(object->comm, sizeof(object->comm), current); > > > > } > > > > > > You deleted the comment stating why it does not use get_task_comm() > > > without explaining why it would be safe now. I don't recall the details > > > but most likely lockdep warned of some potential deadlocks with this > > > function being called with the task_lock held. > > > > > > So, you either show why this is safe or just use strscpy() directly here > > > (not sure we'd need strscpy_pad(); I think strscpy() would do, we just > > > need the NUL-termination). > > > > The task_lock was dropped in patch #1 [0]. My apologies for not > > including you in the CC for that change. After this modification, it > > is now safe to use __get_task_comm(). > > > > [0] https://lore.kernel.org/all/20240613023044.45873-2-laoar.shao@gmail.com/ > > Ah, great. For this patch: > > Acked-by: Catalin Marinas <catalin.marinas@arm.com> > > You may want to add a comment in the commit log that since > __get_task_comm() no longer takes a long, it's safe to call it from > kmemleak. I will add it. Thanks for your suggestion.
diff --git a/mm/kmemleak.c b/mm/kmemleak.c index d5b6fba44fc9..ef29aaab88a0 100644 --- a/mm/kmemleak.c +++ b/mm/kmemleak.c @@ -663,13 +663,7 @@ static struct kmemleak_object *__alloc_object(gfp_t gfp) strncpy(object->comm, "softirq", sizeof(object->comm)); } else { object->pid = current->pid; - /* - * There is a small chance of a race with set_task_comm(), - * however using get_task_comm() here may cause locking - * dependency issues with current->alloc_lock. In the worst - * case, the command line is not correct. - */ - strncpy(object->comm, current->comm, sizeof(object->comm)); + __get_task_comm(object->comm, sizeof(object->comm), current); } /* kernel backtrace */
Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao <laoar.shao@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Andrew Morton <akpm@linux-foundation.org> --- mm/kmemleak.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-)