From patchwork Fri Jun 28 09:05:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13715776 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D4B55C30659 for ; Fri, 28 Jun 2024 09:05:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 50D816B0092; Fri, 28 Jun 2024 05:05:33 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4BC486B0098; Fri, 28 Jun 2024 05:05:33 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 35CBC6B0099; Fri, 28 Jun 2024 05:05:33 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 188A76B0092 for ; Fri, 28 Jun 2024 05:05:33 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 9F8E2A049A for ; Fri, 28 Jun 2024 09:05:32 +0000 (UTC) X-FDA: 82279714104.20.9CD5729 Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by imf02.hostedemail.com (Postfix) with ESMTP id C5BD98001E for ; Fri, 28 Jun 2024 09:05:29 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Lbd+jj+l; spf=pass (imf02.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.182 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1719565512; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=/dYktotwfBu6Roz80A5YCXaIPxsklnKpN0JVw9YLBJ4=; b=YmOM4JwbOvs2rroW1kQMkEWwphV+mSj9eHsO/TVyDMUtXyD34hT4+n1cC3eD1X5mg8EAbB 4yMWbPzuJwfDNfKEsXwO4rLlThu7fP/O0X9cKPZxf20Zw+cYfbmPfH4+toqFUB8NSvDQ4M OoVHQE8UpepYgdBd8/qkEornYfOGMeE= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1719565512; a=rsa-sha256; cv=none; b=p/ORoaUpFVLmgp7llUP29zQfyXg6OGTk/ONL3uhqh7dnPv04PiCajkuLcrKO4p+9mxCrm5 iWTsG++onzRENhdbqvoxnzt9qvvbq5/tjvMnQ8MI3urhF+SBkTS0G65pVsqWUj3xoIZD9e XuHwoK2o/LrBiWfnLh6LQ8xRUWj0UJI= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Lbd+jj+l; spf=pass (imf02.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.182 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1f480624d0fso2168415ad.1 for ; Fri, 28 Jun 2024 02:05:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1719565529; x=1720170329; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/dYktotwfBu6Roz80A5YCXaIPxsklnKpN0JVw9YLBJ4=; b=Lbd+jj+lZ5J7JFwhDZAI6qQhgeO7F2UyAwWdrMbg+R+/3oCJunNKC/U232TMMWeeM8 8n/0esqwHlHEyPSKEAIZ8YYELhO98LLBpzSaJ/jyVjYGM4UFSeKrd3embD/Sto0M35Ho PcLSGo0JUF4RhE0WD3/OQmdrRCSdtyWgi1p/6ZUHLyfiwjvKOmTGanrK6rSGndQcR29G xYXas7vny1E2rJkLsehHduYvp+s86P9SnAy8V9M6g6d2g5FwVvZ555eOBghqsNFiS2xs ZhsBEamuU73PjlFT81kfcR67zg/qH3jntJdm6NNlTOSBeCklNVXUNBWzPKWykhsNvs9L Q+ww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719565529; x=1720170329; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/dYktotwfBu6Roz80A5YCXaIPxsklnKpN0JVw9YLBJ4=; b=fMsLJJhq7x1Nk4w/wehM/ykr34zzZfl3CoS/z3xqHimFKuQNAE3piuZZfsfc7jRozl /DpYdDbiydWAvua12u34g34rumxQLn90Mu9e6iMZzwtZj5CL0QJjZDvvcCVRGHH1qe2I xwHEhQaVKtJvXVXeqOyo8wtILPZid0TkmZ+CuKK/1iYcLw3eGVv2QC+8MMPF5K57Avz+ 6sGzMIi2QqinvWtS9GqK6gy2IUO+L1xqhcnYrsJoDbEYD49Q8zH7caHwR0W9TIbROA07 EK6R45WzfOQqpaxB7cTRtjOYRc4KCLasTMirdGjEPq4di3qyAaBmn3lRKiV38X/m0rpd 5g8w== X-Forwarded-Encrypted: i=1; AJvYcCUGHF3G9EYfRlnVGYEZx+a77KYWVQT0kwezUjgv1tcIz4FlJOEeW/hpSYwV4EtTau4o7NOG7ITH/bPHUDomyRXB5BE= X-Gm-Message-State: AOJu0YwaRjvy4oniAWI3v+FWRGNYCIC4iKJnr8m+5gCDY9cGOpaFs6lt mVey+rBKPPYX6OZJyph3Q9zTquIbObnZ7LrYCXfduZh8MuBVJCYs X-Google-Smtp-Source: AGHT+IHq12/wr4f/48x7wfiSbegh8HPUA/2boo4oAyw8ihJMGtAi4AloztlVccxiTIt0WgGf0DVrww== X-Received: by 2002:a17:902:eccf:b0:1fa:3f05:20b2 with SMTP id d9443c01a7336-1fa3f05244emr164534885ad.65.1719565528645; Fri, 28 Jun 2024 02:05:28 -0700 (PDT) Received: from localhost.localdomain ([39.144.106.153]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fac10e3a1dsm10473085ad.68.2024.06.28.02.05.21 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 28 Jun 2024 02:05:27 -0700 (PDT) From: Yafang Shao To: torvalds@linux-foundation.org, laoar.shao@gmail.com Cc: akpm@linux-foundation.org, alexei.starovoitov@gmail.com, audit@vger.kernel.org, bpf@vger.kernel.org, catalin.marinas@arm.com, dri-devel@lists.freedesktop.org, ebiederm@xmission.com, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-security-module@vger.kernel.org, linux-trace-kernel@vger.kernel.org, netdev@vger.kernel.org, penguin-kernel@i-love.sakura.ne.jp, rostedt@goodmis.org, selinux@vger.kernel.org, Alexander Viro , Christian Brauner , Jan Kara , Kees Cook , Matus Jokay Subject: [PATCH v4 01/11] fs/exec: Drop task_lock() inside __get_task_comm() Date: Fri, 28 Jun 2024 17:05:07 +0800 Message-Id: <20240628090517.17994-1-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240628085750.17367-1-laoar.shao@gmail.com> References: <20240628085750.17367-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: C5BD98001E X-Stat-Signature: hwaoqa1thpinetr6eijuz9ahaqx3cpnc X-Rspamd-Server: rspam09 X-Rspam-User: X-HE-Tag: 1719565529-129665 X-HE-Meta: U2FsdGVkX199Bm3ovTBAjZQkDPL7UK4Ov37adMmU/p1wic5huuVsep759k8aP6AaxrcodCQHs15VGfYWjT+vsO3KtliYkh3548QUUqpe/UF9ABIWagaktXYVbueeXlVadjiYUth5s6lchXerJS1kbYniOkYqupIgunk5Dx1i1mz50/2y7hNls4cIsKexehvWSPyU8Cd2WAfq6UEA5Z0Z7LnXNepz0tJMp+jYlqxVYfQ/QemO9NvGbgj0zPMpcdl4NGkuwyu+NBtmKJqolzjKz+EXXxzUy9BISRqMFjggZIgnjUWw0df+aEry1kzQJWNxu63VPwMjxr/+obVlrr/lISaH0h6KGNGeo4RbIPiTdoqBqG6x1NqFsSXMYoctap/l7s2seCW+MSRFSMDkh42+SABy1LziVB+l11iQ1a5KkAK4rPpvEQJfDOYv2M8RNkrfiI0LYzN4NG2xDvzWTQv/mFCBFsluwfyw3crWEELbsbyP3ZfIxspj8n7rXeKDQ9+gS+rDrpohG/io+3Th1fLn3foj9VnpuCcMV76ZK2BcA8cnsSmBWUSgBGHZCwUPPjnoQNNzTgou1BOXh+eN9XUKG8MSqZRtwlJ5RlqSA6UoICBItPl3w8IkCMAAXxNv86Lp43OivvAj/uMnZfCjHlnX6PR9eHZ+446r1bqb1SnzkGo64U7IGKV4WFETO6CGrp4AN7YuUz2WcX4GyfKqhz7gl6Y4dfY0ZbuIJmBwUMt7/m4/7mQ3gmfASAGOVGY0FCwhsE2D0tKGguXJTgPgG/zhnYEuGcSRojqoX/ZsZgGt2cbXQ3q3lKGCnmnn3S+A/0IVblXYiK/XONNwgwBTWU5DFPNDQ8I3vsV2sk2S5v0Nf6py2sAS5Pvz7rzvVx5lgYC9I13hSJ+uFf4qPN8R+W933/TK/guh7IFikf0ApCmQlOR+uX6TlAYa5fa8Z++sSi2AyLWIZfF6w3xi+ptMk8x jCaJaBGf LdhSYEvkSRnC7voebKKi2m0dEoQqi1uZ36JIoz9c7iDp7Wd3URYQ45DUKeGFkw9FIctEwnmwrLnTkmXy0v7+BXaEv8dXYoNCx373VFUlU69Zn4AwFtl21wqKnMsVt88/DxoWhZYcuQbCv6VKH/QF9WJMI5JcqymTa/4ixBQ2O7kmy6i/Rp3tQCllV7Wahzb5pDbPa5ype/HspPqB08p1kpzOiEgofeyG/8kJhbbs5R4QICM6SRHS1O+rldiOZAVflfmcThsNruS1Z00acJMetPTCU+kG7ltLbTezsnHE34Vv8UXgdkmHuJPXvQ084tcJq/KDo0DP39mI6c1eY7kMd81IngRUKurWdx5j8EcoAcFw/AxqHU41aWbx3W3cPZWKc55SbXgk/dfxeDRVX4pljqexfkHG+v58UW7NEvigQ49/lDPJv9NRH0sukHFXQoCBGF9hcbSYmWkHQTM9zjx3HLzrHPtvuH99AUvoRj5nckH3aGNFFnpABdwts58YZcdRUwOuIsbeLygOB9MTfmDEx5t9HJ8KHQGLiNmmDzFU9+sb/w9XmbqbHcofALyIRM4W5QzahU9SSHtM0NwwH4/U0UGZtg4Ezxob919cV0494K2tHWdR6x91HfED+sMnWC8rdxSKVp6IajwMGs6gS1eOC8bCe62iNFGA1nnML7qsseCtb24RnEyWnnlHZkGULKToN7Vv7Qd4f7RT8v5Ow9crPCfqMGBDLPtsP0IigXGkYLwWLpYRaxQTJi8T5GrIXbQJvxbKE+eKTzMEXszuwABDq5y/9BCnhUAVIZufLpVJ/7IztVtc= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Quoted from Linus [0]: Since user space can randomly change their names anyway, using locking was always wrong for readers (for writers it probably does make sense to have some lock - although practically speaking nobody cares there either, but at least for a writer some kind of race could have long-term mixed results Suggested-by: Linus Torvalds Link: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npJooP8chLPEfaFV0oNYTTBA@mail.gmail.com [0] Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc: Alexei Starovoitov Cc: Matus Jokay --- fs/exec.c | 10 ++++++++-- include/linux/sched.h | 4 ++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/fs/exec.c b/fs/exec.c index 40073142288f..fa6b61c79df8 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1238,12 +1238,18 @@ static int unshare_sighand(struct task_struct *me) return 0; } +/* + * User space can randomly change their names anyway, so locking for readers + * doesn't make sense. For writers, locking is probably necessary, as a race + * condition could lead to long-term mixed results. + * The strscpy_pad() in __set_task_comm() can ensure that the task comm is + * always NUL-terminated. Therefore the race condition between reader and writer + * is not an issue. + */ char *__get_task_comm(char *buf, size_t buf_size, struct task_struct *tsk) { - task_lock(tsk); /* Always NUL terminated and zero-padded */ strscpy_pad(buf, tsk->comm, buf_size); - task_unlock(tsk); return buf; } EXPORT_SYMBOL_GPL(__get_task_comm); diff --git a/include/linux/sched.h b/include/linux/sched.h index 61591ac6eab6..95888d1da49e 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -1086,9 +1086,9 @@ struct task_struct { /* * executable name, excluding path. * - * - normally initialized setup_new_exec() + * - normally initialized begin_new_exec() * - access it with [gs]et_task_comm() - * - lock it with task_lock() + * - lock it with task_lock() for writing */ char comm[TASK_COMM_LEN];