From patchwork Mon Oct 7 14:49:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13824800 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 89F02CFB441 for ; Mon, 7 Oct 2024 14:49:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id F40ED6B0082; Mon, 7 Oct 2024 10:49:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id ECA6C6B0089; Mon, 7 Oct 2024 10:49:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D43DD6B0093; Mon, 7 Oct 2024 10:49:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id AD0F56B0082 for ; Mon, 7 Oct 2024 10:49:36 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 349E4A9D61 for ; Mon, 7 Oct 2024 14:49:36 +0000 (UTC) X-FDA: 82647089952.12.E3C6A2B Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by imf22.hostedemail.com (Postfix) with ESMTP id E705DC001A for ; Mon, 7 Oct 2024 14:49:32 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=XttFpiDv; spf=pass (imf22.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.210.181 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1728312505; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=LUiVT68fLR3vW4CyEtRR57v0fZ51pf3YQeR56Ep4krg=; b=NPXOJG6fwkmfavH5FZpDeiniRAbGQjc95S9cSnHXjikWsawijQfCXgPE5F9xwyHZleGGI9 03E3pa6+yqongwUY4Dat4uP68EmHy3Gkx1oQS58lSLD2cg3V893MBx96i8NgMm9sDYaSdj 2K6XNzti/2lVQqYGltu/0gRrG7ciYrQ= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=XttFpiDv; spf=pass (imf22.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.210.181 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1728312505; a=rsa-sha256; cv=none; b=W9F+GdC7TPf42cZJJTS23VI521L3c+1jngA2wHgkDFAD7i/Z3RVXPDPf0804FBb7ge/UU0 dOrTI17Gid0YzmfOhrr5QIfuV3hKs1aBo3mHLLa8YdpxYUbSK+ZOuipYlgWQCIcA3bzjzA Wti75TpDTkHD5OfBYQAUwHaZ2vrj0Vo= Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-71e0cd1f3b6so445049b3a.0 for ; Mon, 07 Oct 2024 07:49:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728312571; x=1728917371; darn=kvack.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=LUiVT68fLR3vW4CyEtRR57v0fZ51pf3YQeR56Ep4krg=; b=XttFpiDv6mNZ+7r2WJEm67uI2jchgnC5sRResOZEaY2sLWJdtjT8TJWfiaPEseXODG +PEfsJURnWKP7UoCj3ZALLl+m53bvKSoR14vvfrHlB3qjvwytUHSeJwKw5fpaAgwwmB1 6lUOB83g/O46PRRt4tWyi3eJIFLmIkxWQuDayeS5svCi9HamQbqnT2WIQJp8n7xXQZxt xRHlkT+E7puMtLtdSU6hFUFmQymOLmtpDLkpGjbraSbFmb2oJ3+IcbKq80ZtpiL/CTO/ 2f/6JuxaE1ENQo7O79ME29IucAHbwonE2U5VWZSrhYsbTklF3nnBIWwr3a7Xn5BJc8h4 bAsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728312571; x=1728917371; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LUiVT68fLR3vW4CyEtRR57v0fZ51pf3YQeR56Ep4krg=; b=onNSvvqtxFEEQPCQ4U2UlaSfQM7gWRg6ZnzTkbJMsvDeuiTKHrhNjNMLsfF87kmEq8 58oec9cQT/mFa6snTjHxY5Qa1OLTjw96nocBwH1MUbnagYxWeAZwovwi7OF2xIrH3bGk tBW+z1ca81x5euvmQOHz2H/7nIkGyBH1quihCUGyMz3MhIQ/hHRtCXzvvQr4/Tospf6V pyEq20iBO2XR815fSZAittBznruOwnGWWJvFj9OM/76F3M918xZYzScfO2Ng6eQi4nyI 2hA0/daI7+8jYr/B42jcDR/PW01GqmkAn51CsiZC6AK6VFGc7eFhfoGI14ndX6K3yno9 j6Xg== X-Forwarded-Encrypted: i=1; AJvYcCURiTbRNrE2ZTxAN9hXVCoSe0a6kmnsmv+tSuL1sSLRCjpedf8tpa9y7vYbvMX6QilwO3yaFpzLhQ==@kvack.org X-Gm-Message-State: AOJu0YxuNq8oLgFUuxNT2VFOhcttGzZmmPExHW7dC6Ka/lImDO9gjJ4m Uu3eG87SSjO8hQlhRsCK17f6MG+QEmn0+FHxTihgZmTOXOw8Rkc6VLtk8S/Uk/w= X-Google-Smtp-Source: AGHT+IFd5G5JZb9zGuck27vY3G5rfm6RRd7wrvlQcG7A8r1xXm54v9yJmOzv7wLCL4FHuPfrgLQA4A== X-Received: by 2002:a05:6a00:3a14:b0:717:9768:a4f0 with SMTP id d2e1a72fcca58-71de22eb62bmr20503670b3a.0.1728312571513; Mon, 07 Oct 2024 07:49:31 -0700 (PDT) Received: from localhost.localdomain ([223.104.210.43]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71df0d7cf82sm4466432b3a.200.2024.10.07.07.49.22 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 07 Oct 2024 07:49:30 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, keescook@chromium.org, alx@kernel.org, justinstitt@google.com, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao Subject: [PATCH v9 0/7] Improve the copy of task comm Date: Mon, 7 Oct 2024 22:49:04 +0800 Message-Id: <20241007144911.27693-1-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) MIME-Version: 1.0 X-Rspamd-Server: rspam03 X-Rspam-User: X-Rspamd-Queue-Id: E705DC001A X-Stat-Signature: gwhptg7ws4ybhg3be7dpobi9rycrs1aj X-HE-Tag: 1728312572-791405 X-HE-Meta: U2FsdGVkX1/i+H8hLxTBoPwA/mjxoUnedMXpMoSXBw+468hLZl8sCoDk0jgiDtVVHpM667AOcvOJQxxQhAhk6ZtPzQG8dsXREFHlHdtjRYZCoW6zhMcYVImFGYVjudWFFMuoAlXaF1HzxEPU0FCodecF602mzRuB8ERSy5cU7IM6RP3QJ8O7HjGh7bxtbo4p/6AIXDzAhGryodIiGZ16Qm2yjWahKT8OeP1j+8DyX0DBBkJ+OC2TrgmrNPT+LrBfarWA3af4PEu8M/0x7zjr9zV+aL3dhQe9otQLZkYgJ17RZH/khjDr787FGynbYxCAxW0MZUACrz9YGB+59TWzVA5tS7nkjVMdHkOoC8wLUTlEAsnZPL4MQSf1PtR9n74oYyAEN1Dmdix77Z+sjtOX3lx66OjegVFbasdx8Bh/n/oOjNQrrbx7BrOJLLZbVtHPyoYsXdLmGNMrxkPgtAXF4RiXCvzMBJhlZ2vU5LFi7oezJimIyDQM6csswgBj7zPT9kxI7/KYw6/Vt/wrlJlq88Sn8oIb5qtkBqHmmSOJ67u7dw3vGnLqVTthFVvr1lHT35QgNPQo55DbJHTP6gQO5ckOeQlYTmM3kFpxskjT82ZwSWiE3vZGUPm53eSQ3esZm1CM+tr1sIeTJke0VAVXqPfuLlznx9bho4IEtBWWmf8O8SFQ6tWjmX7uxcAi/Kb5VwjHbsOpUnzaKsHAkWGYh1hgLNEDGJtYQBPjxTbzCIUHvis0hpy2jm9afFfZT4mh/a8Assa4FcqQpXOcBzfNWHjO1S1it7c0aDBF4dgIOoOah4D81aC7ergVnsQHzPF9oONVJ15247kVQKetbg1z1LtUilyHNDw1UpSS7Va34KWhH7s5iGvhlBp3VkEml4BxKc9igIaDLCYBuDltzWjL8JOrEMppILq8LcYsPAte7yqYhxNOAbM9qBDMwERrdmIh0OGzEVEDKlS5TNbDqGM 6rscfzye aFCe7mnuFoLyp+R7IcpBw7oYOxn1M8yn7PaLu3wdLcZg1wAZcvnQHOCl9UkGXTeOTufI4KBpnfUQwH5tN0TwSLy3VnxCIj/pMHFrK0TOx3P3yzofJ3SS6b6zEjUCz7agYySADh66gPMvsjnqSHHTaYJNQS+5zxsbF3UXQsEMJTe6iUgOkJc+pxRvExoyiKlGQ944YkUH0jAscODWfcjnQLRi1DNqaWx0h60veh4VyfejuiM/iakV5Cd40/YzqY3Jy4tYWl1aNaLiJgvCbdLkpL+BCmInx7/DAymSs8pSPMKAiVpg/hbS5MN3bcWUQ92tHhGH9Zib7O8BRmghT3RmZ984ufZVP90KEX4mSoF02RDz8nww4NDk24vgMBxk2GKiWSV6OpoomQ0l7xn1kPepmxJcJklQInruXkSI8CQUDhSL6EnKSOOmf0ymJr5SSImukEL8UwEGGrRAR9JMNxuYk80JizvSM2uLxRcGVfh2Aq3aeNzX6ML/HQkoMGNe5x7Qk+Z7eeUc4HgCawqjjuHLUFQR/Dt6mkgriVO7vmIQ8UxfZ3tI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Using {memcpy,strncpy,strcpy,kstrdup} to copy the task comm relies on the length of task comm. Changes in the task comm could result in a destination string that is overflow. Therefore, we should explicitly ensure the destination string is always NUL-terminated, regardless of the task comm. This approach will facilitate future extensions to the task comm. As suggested by Linus [0], we can identify all relevant code with the following git grep command: git grep 'memcpy.*->comm\>' git grep 'kstrdup.*->comm\>' git grep 'strncpy.*->comm\>' git grep 'strcpy.*->comm\>' PATCH #2~#4: memcpy PATCH #5~#6: kstrdup PATCH #7: strcpy Please note that strncpy() is not included in this series as it is being tracked by another effort. [1] task_lock() is removed from get_task_comm() as it is unnecessary. Suggested-by: Linus Torvalds Link: https://lore.kernel.org/all/CAHk-=wjAmmHUg6vho1KjzQi2=psR30+CogFd4aXrThr2gsiS4g@mail.gmail.com/ [0] Changes: v8->v9: - Keep the BUILD_BUG_ON() in get_task_comm() (Kees) - Keep strscpy_pad() in get_task_comm() (Kees) - Replace more strcpy() with strscpy() in drivers/gpu/drm/i915/i915_gpu_error.c (Justin) - Fix typos and commit improvement in patch #5 (Andy) - Drop the change in net as it was fixed by b19f69a95830 ("net/ipv6: replace deprecated strcpy with strscpy") v7->v8: https://lore.kernel.org/all/20240828030321.20688-1-laoar.shao@gmail.com/ - Avoid '+1' and '-1' in string copy. (Alejandro) v6->v7: https://lore.kernel.org/all/20240817025624.13157-1-laoar.shao@gmail.com/ - Improve the comment (Alejandro) - Drop strncpy as it is being tracked by another effort (Justin) https://github.com/KSPP/linux/issues/90 [1] v5->v6: https://lore.kernel.org/linux-mm/20240812022933.69850-1-laoar.shao@gmail.com/ - Get rid of __get_task_comm() (Linus) - Use ARRAY_SIZE() in get_task_comm() (Alejandro) v4->v5: https://lore.kernel.org/all/20240804075619.20804-1-laoar.shao@gmail.com/ - Drop changes in the mm/kmemleak.c as it was fixed by commit 0b84780134fb ("mm/kmemleak: replace strncpy() with strscpy()") - Drop changes in kernel/tsacct.c as it was fixed by commit 0fe2356434e ("tsacct: replace strncpy() with strscpy()") v3->v4: https://lore.kernel.org/linux-mm/20240729023719.1933-1-laoar.shao@gmail.com/ - Rename __kstrndup() to __kmemdup_nul() and define it inside mm/util.c (Matthew) - Remove unused local variable (Simon) v2->v3: https://lore.kernel.org/all/20240621022959.9124-1-laoar.shao@gmail.com/ - Deduplicate code around kstrdup (Andrew) - Add commit log for dropping task_lock (Catalin) v1->v2: https://lore.kernel.org/bpf/20240613023044.45873-1-laoar.shao@gmail.com/ - Add comment for dropping task_lock() in __get_task_comm() (Alexei) - Drop changes in trace event (Steven) - Fix comment on task comm (Matus) v1: https://lore.kernel.org/all/20240602023754.25443-1-laoar.shao@gmail.com/ Yafang Shao (7): Get rid of __get_task_comm() auditsc: Replace memcpy() with strscpy() security: Replace memcpy() with get_task_comm() bpftool: Ensure task comm is always NUL-terminated mm/util: Fix possible race condition in kstrdup() mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} drm: Replace strcpy() with strscpy() drivers/gpu/drm/drm_framebuffer.c | 2 +- drivers/gpu/drm/i915/i915_gpu_error.c | 6 +-- fs/exec.c | 10 ----- fs/proc/array.c | 2 +- include/linux/sched.h | 28 +++++++++--- kernel/auditsc.c | 6 +-- kernel/kthread.c | 2 +- mm/util.c | 62 ++++++++++++--------------- security/lsm_audit.c | 4 +- security/selinux/selinuxfs.c | 2 +- tools/bpf/bpftool/pids.c | 2 + 11 files changed, 63 insertions(+), 63 deletions(-)