From patchwork Wed Oct 30 20:37:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 13857143 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C566FD6B6D4 for ; Wed, 30 Oct 2024 20:38:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3CFA18D0002; Wed, 30 Oct 2024 16:38:30 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 37F3E8D0001; Wed, 30 Oct 2024 16:38:30 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1F8708D0002; Wed, 30 Oct 2024 16:38:30 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id F0BB38D0001 for ; Wed, 30 Oct 2024 16:38:29 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 82FC1140E6B for ; Wed, 30 Oct 2024 20:38:29 +0000 (UTC) X-FDA: 82731430110.09.6E81BFD Received: from fhigh-b5-smtp.messagingengine.com (fhigh-b5-smtp.messagingengine.com [202.12.124.156]) by imf23.hostedemail.com (Postfix) with ESMTP id 44E2114001A for ; Wed, 30 Oct 2024 20:38:08 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=tycho.pizza header.s=fm2 header.b=c6L15Xnn; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=EIBGCnWG; dmarc=none; spf=pass (imf23.hostedemail.com: domain of tycho@tycho.pizza designates 202.12.124.156 as permitted sender) smtp.mailfrom=tycho@tycho.pizza ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1730320587; a=rsa-sha256; cv=none; b=bVKbDaE95CG01oh4P6yCoFUN9v9mMhkWYxFTASmIjjerjme7DXPkWWnjgoPR25l2WWiOON EjwxuuSMB5y47HINRm7oA9YL4Ct5V7DJB1ZZFxAcZIJK+GB3rZLaRiOF0W7QrioEYEK4zw vIkO5KoowdGIgvYRwLSSSmpiYiloYLY= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=tycho.pizza header.s=fm2 header.b=c6L15Xnn; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=EIBGCnWG; dmarc=none; spf=pass (imf23.hostedemail.com: domain of tycho@tycho.pizza designates 202.12.124.156 as permitted sender) smtp.mailfrom=tycho@tycho.pizza ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1730320587; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=jPlW8lpVwjQjFu6EM0sMGNKdNqoUomEoUkzIuxowlG4=; b=EQwLjtcrEL4selEjm//AZaPIRmNxpeeJCNtHxNB/WjytSXCxWLA+96kYNhjzRKcTAgAyTM XOyAkaDux5BCTG2KH1MTrODgrvdbk0Qyq/mHh/Ok1XzpyeV7ngrHB5CHUPoC/isXxr5vn+ IfskqKUClhVM/5fPZ9xaJzXsWHPyqQM= Received: from phl-compute-07.internal (phl-compute-07.phl.internal [10.202.2.47]) by mailfhigh.stl.internal (Postfix) with ESMTP id DB33E25400F2; Wed, 30 Oct 2024 16:38:23 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-07.internal (MEProxy); Wed, 30 Oct 2024 16:38:24 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho.pizza; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :subject:subject:to:to; s=fm2; t=1730320703; x=1730407103; bh=jP lW8lpVwjQjFu6EM0sMGNKdNqoUomEoUkzIuxowlG4=; b=c6L15XnnPdIx76gYls mLPF+Vj8HhekzJlPdwh00/LuPwaztVz5W6E3Zufy+9NAVbCq2Z34ALuRmg+yfkfQ CqbCs1vP4HxwOP+rviHSOW9P9vsyLWAUHg95cVoV6i4r5/WNaBradrCUROex6L0E uUW0yp3/O90QxV+uWh92Pdao1ZbtU8Qj75K5THQWjHka7OjxeefUFN9G8HaAAB0r x8G8w+G8KJZq4OFfdh8Ql2ZVpQhU84Q943CuA35v50+26eoaaAgCluJBubgM2nnj sotGQHnRDM+CrVOgtRpGNt60EuLZEzP0eFuq9+4OKgqjmKXlzjKUl1z+qaC519Wl cHEQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:message-id:mime-version:reply-to:subject :subject:to:to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1730320703; x=1730407103; bh=jPlW8lpVwjQjFu6EM0sMGNKdNqoU omEoUkzIuxowlG4=; b=EIBGCnWGiWp0ccL6z7gBbF+e04ercRMGUfkF1/9JGyaa Uiw8TaJ7jL2hkapoSh9KUwRp9nH0+ygGKKBzIzfJ2BG63fuhBC13iOV7VuOVSbOK sgFlaxjJgeSRV6K1aFYJK2cA4kZv6Xi034lAshJ+1vg8Zg4m6EPto4WPxfouKckP kV8U5RtcvHJU80rZa6u1s0+3rBtPxDzdZlVEgBs8OsOZnEsqTv34iKgGuNEwX86t qHKni9IFOjvTUaJdhpgQRNHzROi6s7tImOQuO69Yq0LftkWjzu3A5M2lpnJIsdzo Y7T6HG6h6d1EyugTzfgP0dtrYy7Z6+SAaxHUKYSsaw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdekfedgudefkecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivg hnthhsucdlqddutddtmdenucfjughrpefhvfevufffkffogggtgfesthekredtredtjeen ucfhrhhomhepvfihtghhohcutehnuggvrhhsvghnuceothihtghhohesthihtghhohdrph hiiiiirgeqnecuggftrfgrthhtvghrnhepueeuueejffffkeehvedviedufffgtdetvedu vdethfegudffheduvdejfffhgfeunecuffhomhgrihhnpehgihhthhhusgdrtghomhenuc evlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehthigthhho sehthigthhhordhpihiiiigrpdhnsggprhgtphhtthhopedugedpmhhouggvpehsmhhtph houhhtpdhrtghpthhtohepvhhirhhoseiivghnihhvrdhlihhnuhigrdhorhhgrdhukhdp rhgtphhtthhopegsrhgruhhnvghrsehkvghrnhgvlhdrohhrghdprhgtphhtthhopehjrg gtkhesshhushgvrdgtiidprhgtphhtthhopegvsghivgguvghrmhesgihmihhsshhiohhn rdgtohhmpdhrtghpthhtohepkhgvvghssehkvghrnhgvlhdrohhrghdprhgtphhtthhope hskhhhrghnsehlihhnuhigfhhouhhnuggrthhiohhnrdhorhhgpdhrtghpthhtohepiigs hihsiigvkhesihhnrdifrgifrdhplhdprhgtphhtthhopegthihphhgrrhestgihphhhrg hrrdgtohhmpdhrtghpthhtoheplhhinhhugidqfhhsuggvvhgvlhesvhhgvghrrdhkvghr nhgvlhdrohhrgh X-ME-Proxy: Feedback-ID: i21f147d5:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 30 Oct 2024 16:38:20 -0400 (EDT) From: Tycho Andersen To: Alexander Viro , Christian Brauner , Jan Kara , Eric Biederman , Kees Cook , Shuah Khan Cc: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Aleksa Sarai , linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Tycho Andersen , Tycho Andersen Subject: [PATCH 1/2] exec: fix up /proc/pid/comm in the execveat(AT_EMPTY_PATH) case Date: Wed, 30 Oct 2024 14:37:31 -0600 Message-Id: <20241030203732.248767-1-tycho@tycho.pizza> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Rspamd-Queue-Id: 44E2114001A X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: 9ztje1mfrarxjcit587jnuqagrt3ppxs X-HE-Tag: 1730320688-336828 X-HE-Meta: U2FsdGVkX1+B8adXunNoWxU5gKCQ7WrnK6IH2bkvDNwrZw1Y4A6TzpxRloa1s7m4935tGrKUrkfcGKmGxGCtzGy1EFtitnvUqLw0l8/inHLZex48z0ZAPhSMZ6d/usbjQTropROtuej07vO9gM7BpQAgjInHw4wGXCAqvxwrf6ERDhd19B3FnQLN1mDEkZNqak19QLZ3vD60MDJ02rQFWL9ODw6tsFsquy55Xl+OarA/4rdslSX6YFdL6xCsDNtKTDV+H1jXL5VG6CCif0rTJHdnTpPTP9TqFUMd87Cl+kTQ0CrBsL6KGDDFMoCnnoAgNY9TvxLf2it7UtnSpCdzl9FcpdDbtEidmfzqd/1DRmPrTZpDR0+1AfdBCMC4is/R07MwHKxaEkayT9KUi9SKpsJxsrOt+gfTR0umQeuY1nHXXIHoOpKqPB20Uzuh32xlyZPxpx4ydPT8GmWJJv/EEhCLawy6seJv4yj/Bm6ruiciOVlcmQ09pKy8qFoDTIspgQ8bMoMYFdfQdVFnFSu1QQ6XWeBGPEWvwchSNaSOKzAAvhGBlpowSDkDrAaQc6SSqpGYQSkzlBeimmFFG7WBxKVWTvwPEX9VWKUV22sbh8ErWTN8kMn2LOWM/z/mQaioAzpZu8u9qcOqezl9Zhi5MC76RNX+DikcQcO32UiTBje3qnlwFzrhEcQqMjpk2NfAkmY/HgcKfGroQsttyyhr4gEuErOCqJOLflHzJC28wMiHSN2oMOPgU9getr6QSTR0bxnDG/FdM7OFwzTMjXI3nkckVSn/KhExZa9itYJIKt3A2TOu89i01D5dA+iugnyFueM4dFXHk30dlCHq9Dk4BfvELK23FbIv/UP9eOUhR6gKmciP9RVUf7J36EOHNAoZ9iUvGKM3Br65mP0E8C036m1g5Ly5ix27iM9d+AGDpCH3/TUc/fdrzz4dx2KPgLx4N0NOO7mcsxKEqWsuvj0 QYHNU7n4 yZKJ3ZwUO4SShsZsAYSBkf0LLURjUPe1iyYHdyioQy1sOhw9YLgCc3v6zVNmomF5GPUXAxH2Y/T7F+iGnFs8g18kzqXR2JpzJd+KpbQT3w/r725aNnfHlxfaidk+ZU3taDk2JBphQ6m8ZZgtLB2OlT4SE3GV6mnxNtzpSDJ9ZsCxjNEjiSvm0doy1l/cQnjIOphOLoLIQBFoClrRqSsrF/Wae1g+1OUYMxgpg9XancNXrsuSbMmXl7KkhOC5wr86F2SUUkLx1XaRddc1xlGJ05k47RYJJsqcJv9URB7D81g+Y5CNxD8A5n08APgPdlAM9wttmkjXgSp4v8WSemEtsOgpLno1rYxBjcKpJAlYwaIw8z150qqPPWJ5c8SCfWI8lklwWX82SIP1HgpFTZU3oEF0Z8tXOvv4GIrWqo2c71Bdrpfg5n6UJEJYWshbqsFog3feRB93E0xPQVlid+eDK3knYzq++kZHQ+2nbZMZjCPYq+48= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Tycho Andersen Zbigniew mentioned at Linux Plumber's that systemd is interested in switching to execveat() for service execution, but can't, because the contents of /proc/pid/comm are the file descriptor which was used, instead of the path to the binary. This makes the output of tools like top and ps useless, especially in a world where most fds are opened CLOEXEC so the number is truly meaningless. Change exec path to fix up /proc/pid/comm in the case where we have allocated one of these synthetic paths in bprm_init(). This way the actual exec machinery is unchanged, but cosmetically the comm looks reasonable to admins investigating things. Signed-off-by: Tycho Andersen Suggested-by: Zbigniew Jędrzejewski-Szmek CC: Aleksa Sarai Link: https://github.com/uapi-group/kernel-features#set-comm-field-before-exec Reviewed-by: Christian Brauner --- v2: * drop the flag, everyone :) * change the rendered value to f_path.dentry->d_name.name instead of argv[0], Eric v3: * fix up subject line, Eric v4: * switch to no flag, always rewrite approach, with some cleanup suggested by Kees --- fs/exec.c | 36 +++++++++++++++++++++++++++++++++++- include/linux/binfmts.h | 1 + 2 files changed, 36 insertions(+), 1 deletion(-) base-commit: c1e939a21eb111a6d6067b38e8e04b8809b64c4e diff --git a/fs/exec.c b/fs/exec.c index 6c53920795c2..3b559f598c74 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1347,7 +1347,16 @@ int begin_new_exec(struct linux_binprm * bprm) set_dumpable(current->mm, SUID_DUMP_USER); perf_event_exec(); - __set_task_comm(me, kbasename(bprm->filename), true); + + /* + * If argv0 was set, alloc_bprm() made up a path that will + * probably not be useful to admins running ps or similar. + * Let's fix it up to be something reasonable. + */ + if (bprm->argv0) + __set_task_comm(me, kbasename(bprm->argv0), true); + else + __set_task_comm(me, kbasename(bprm->filename), true); /* An exec changes our domain. We are no longer part of the thread group */ @@ -1497,9 +1506,28 @@ static void free_bprm(struct linux_binprm *bprm) if (bprm->interp != bprm->filename) kfree(bprm->interp); kfree(bprm->fdpath); + kfree(bprm->argv0); kfree(bprm); } +static int bprm_add_fixup_comm(struct linux_binprm *bprm, + struct user_arg_ptr argv) +{ + const char __user *p = get_user_arg_ptr(argv, 0); + + /* + * If p == NULL, let's just fall back to fdpath. + */ + if (!p) + return 0; + + bprm->argv0 = strndup_user(p, MAX_ARG_STRLEN); + if (bprm->argv0) + return 0; + + return -EFAULT; +} + static struct linux_binprm *alloc_bprm(int fd, struct filename *filename, int flags) { struct linux_binprm *bprm; @@ -1906,6 +1934,12 @@ static int do_execveat_common(int fd, struct filename *filename, goto out_ret; } + if (unlikely(bprm->fdpath)) { + retval = bprm_add_fixup_comm(bprm, argv); + if (retval != 0) + goto out_free; + } + retval = count(argv, MAX_ARG_STRINGS); if (retval == 0) pr_warn_once("process '%s' launched '%s' with NULL argv: empty string added\n", diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h index e6c00e860951..bab5121a746b 100644 --- a/include/linux/binfmts.h +++ b/include/linux/binfmts.h @@ -55,6 +55,7 @@ struct linux_binprm { of the time same as filename, but could be different for binfmt_{misc,script} */ const char *fdpath; /* generated filename for execveat */ + const char *argv0; /* argv0 from execveat */ unsigned interp_flags; int execfd; /* File descriptor of the executable */ unsigned long loader, exec;