From patchwork Sun Aug 4 07:56:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13752567 Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CD1DB18028; Sun, 4 Aug 2024 07:57:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.175 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758226; cv=none; b=PYssLBwGW8tAVKH4SMMus6vvd2grQwa1yGlVl+99+ecSP/n2sRuiQaXJAnbPUuWgyA05y9ywktG5/OWGRi1Wq1jl+oItdc+99F9DNhRdu0ySlCtOT1Sl9d0wyWr/5X0gmtAlRZXvodiwMArtXjK51ZM3h3+deoCRsHfoTnMEu/8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758226; c=relaxed/simple; bh=l2UdoLGIj5dmNTe7kniywtU84ZIetJS7/k5zo/1TUMg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=OTrScLG7pOe0d5Pe/fiIvhBH+pm0nRdGZ0ZA3yNZmUF+Pu+slB9tmALEVB0kvWYtlBK6Q6xmAOHMI3hvlSTiLWhaemNIJHwOPO3FkjKhPC7xm0hJ+d284Q07FTiHKt8zkCeeJ7Spe1yrFq1KONog0mmKVGMImPoL4Oc2lLgDYk4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=jkGHDiOH; arc=none smtp.client-ip=209.85.214.175 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="jkGHDiOH" Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-1ff1cd07f56so73160825ad.2; Sun, 04 Aug 2024 00:57:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722758224; x=1723363024; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3hHqe/dVMoVlxAlcEkx88W0WqBv09P0jej1HBEqhafw=; b=jkGHDiOHSxN246QcT1JU0j/fHblrWltNi4s0DwB333JXU4H76s5kXIyEmc0tA6XXsm LsYi+uzuk0KhtXIIfCeB3aBsijXjgSC5JGhBY3i6UUT6dSu4rIXgty1+3i9DB9MpjAop gd7b9G4jbRTdFurLedHEpp66f/SHacENp41UjI6IItjDkoHWztRZ90DCBuLXK5jIeu6x SFjGwtn9JHWXSq/TKI3EmWG+LO7LRMnF5JH3yhMQpa4YnOM+4X1rC+e8lqSyEHrK08xz FecxHOJCvXnAajBtDFJ1zptiG1yHFLvoaqrVDDWkaPgdWmCHI/eICHieaGda3nZQLYHk XOrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722758224; x=1723363024; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3hHqe/dVMoVlxAlcEkx88W0WqBv09P0jej1HBEqhafw=; b=hV48ReGT3MBsRuLjf9Jl1WUv7mJduGSfy2vsBBQl9Hkt5EOYwTwnrXb9gPMGey58Dl U4LDSte5v0mUo2LxaRJJEBDwRYO043WviAF5U0Ksj3V49uKxZVrejbTYgN8Ir9SyAKbd QurkYW24mblZkNxgM0HZIMJKqF+Y1aJbQRq/nM5gcTDGVmmuKqLzNwtnF4RMIexHdRmK PrKN5tRi8e17rGjUs/hPb8OpD+9522N925DfhPdk+lxx+WD3TGKtt+3Q1uQ2KHvcL4Wq alzX2j/IBYr5BGJV5fh63wXwDICGBegyjtfdvl3BPoLyuupQT4zy6NO8RtY55T1foZbd CLMg== X-Forwarded-Encrypted: i=1; AJvYcCVpZ6unoZDgzyywlJ4Lda6U/ZlftPY/1PR57Vr2HqrO6kIOAMnAdKXTamVTxhgfToygNkz/ewb7yMYEeiFjmTe3ei2BKLrwCPHoC5thIuDeDgGsYknSJpSdXCNS46hdXhXftvMtZ51sw59BVIyhRjyH94fWS9EJ7IZ89dDdJWHGuXAxpPXSMLQQt0mXa580lXrfPGeYoe2tpS2hIlGpBAPK/WuBFrx2ix2dw+lPMvnWojj8JSWtPYR1AJO9LH1dPqwxBb1lVE9qmA3TjKPfoXJsuHT2MHsljsNNug+/zBCXxeMwusPG4tUK4WOUcuJCrAedM8L7lw== X-Gm-Message-State: AOJu0Yx1tRUFV0stFpILkENcZqTpmppsKz3HuSKbmCW81ozlfc6FFlie KKVdpYWtvkc3FJlrrc5QXWxQzXqd3EoURDeExJ2Uy0R+eJBGIa1j X-Google-Smtp-Source: AGHT+IGGd4NHuT97uC6xOQQvHv4GaxRo9+Vf+VhHCShMz8IgX/0qP5KyCL4xcS6MgRK6pPd/R/ObqA== X-Received: by 2002:a17:902:f685:b0:1fc:719c:5f0 with SMTP id d9443c01a7336-1ff573e75a3mr134700565ad.49.1722758224055; Sun, 04 Aug 2024 00:57:04 -0700 (PDT) Received: from localhost.localdomain ([39.144.105.172]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ff59178248sm46387605ad.202.2024.08.04.00.56.47 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2024 00:57:03 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , Alexander Viro , Christian Brauner , Jan Kara , Kees Cook , Matus Jokay Subject: [PATCH v5 1/9] fs/exec: Drop task_lock() inside __get_task_comm() Date: Sun, 4 Aug 2024 15:56:11 +0800 Message-Id: <20240804075619.20804-2-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240804075619.20804-1-laoar.shao@gmail.com> References: <20240804075619.20804-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Quoted from Linus [0]: Since user space can randomly change their names anyway, using locking was always wrong for readers (for writers it probably does make sense to have some lock - although practically speaking nobody cares there either, but at least for a writer some kind of race could have long-term mixed results Suggested-by: Linus Torvalds Link: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npJooP8chLPEfaFV0oNYTTBA@mail.gmail.com [0] Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc: Alexei Starovoitov Cc: Matus Jokay --- fs/exec.c | 10 ++++++++-- include/linux/sched.h | 4 ++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/fs/exec.c b/fs/exec.c index e55efc761947..6a0ff2e3631f 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1195,12 +1195,18 @@ static int unshare_sighand(struct task_struct *me) return 0; } +/* + * User space can randomly change their names anyway, so locking for readers + * doesn't make sense. For writers, locking is probably necessary, as a race + * condition could lead to long-term mixed results. + * The strscpy_pad() in __set_task_comm() can ensure that the task comm is + * always NUL-terminated. Therefore the race condition between reader and writer + * is not an issue. + */ char *__get_task_comm(char *buf, size_t buf_size, struct task_struct *tsk) { - task_lock(tsk); /* Always NUL terminated and zero-padded */ strscpy_pad(buf, tsk->comm, buf_size); - task_unlock(tsk); return buf; } EXPORT_SYMBOL_GPL(__get_task_comm); diff --git a/include/linux/sched.h b/include/linux/sched.h index f8d150343d42..71002f0fc085 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -1096,9 +1096,9 @@ struct task_struct { /* * executable name, excluding path. * - * - normally initialized setup_new_exec() + * - normally initialized begin_new_exec() * - access it with [gs]et_task_comm() - * - lock it with task_lock() + * - lock it with task_lock() for writing */ char comm[TASK_COMM_LEN]; From patchwork Sun Aug 4 07:56:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13752568 Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2D4FF1802E; Sun, 4 Aug 2024 07:57:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758241; cv=none; b=hJQVKp1zz0Mwnocw/YFO7zIjeC1qkGYbMtNInrF8ywsxyROdm0uwOmvTAK/PuRMBEOF80S49YtbYRmTMTHQJJ2ZrD/RLD9839kMeSe3x55KdLXSGek1nlHX57HwjRm+b4nZl3MCNBxoIYnqE7Fg7V1/zGS8/IEVfetLQTUBDS7U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758241; c=relaxed/simple; bh=KgD8kzUFQH20/ogg55cBkA7wSimlRwiEK/4c/nXr6a4=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=nu7zV1LCOzDpfw7ocfIgMfpiTTmFYAHMj9J2WzISp+Em6v3IsbdMXRx7jQYi/ETOyAfWS9CQuoQKuU2dFzp4QK1JUV/svY4vtMcJ0IdwhY3awBPiAFTVWtIa0OL0dSYU1zzuGoecWfM8+Vzz1M6jJZxJasruOHeETlrC5suuFIc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=FM4U4PXH; arc=none smtp.client-ip=209.85.214.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="FM4U4PXH" Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1fc5296e214so78016965ad.0; Sun, 04 Aug 2024 00:57:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722758239; x=1723363039; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=9th/bKhMjvRAjGGVHBeVqs/CIYRU9eynsJIFdR021yc=; b=FM4U4PXH7PL32XuRlwSun1Nv/jeGKkrflWGxCdxAYNzOHBu1B1qZ5uu3+byZWE4Ccq Nbk7xd1P/ykqK4RoLGHdeOdQzmXHvx6nE55GevMtsuj9K+ub+Y8GdQrSLReDHwWvRF4y k4XooTADn8cGOdxyNtistP9YTYG2DeHmKXwrzPHbEPZheUkxCf725yQjkl31OnpXBaHM bIP88Dkzro8tMh3eOJ5g7qbskHX0z6veLYTQ8aDHr79L8WmpvoW82o5x7yfhzv+4XntU aZh9HAEpnIYMeAHo9jRVie44ln8o3XagJ98+46jpSYeY0cUIZj3tmHkdxV+BrbGZDgaJ I7Rg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722758239; x=1723363039; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9th/bKhMjvRAjGGVHBeVqs/CIYRU9eynsJIFdR021yc=; b=tXHPTTuVQXpIdB8yMc256YMz7EoNb6oG5ViaHRNuLlON1obfwWBh95XYSCWYjAPrrG eLBMLpFIMryqr+tAXLzcccgxw5Fa+kNKaVQLn3ZNCllgF98YZ8T5LaXYZJ35qoHCumdc 7CQGmFTkeUNCPyfVkm0v+0LkccLP1Wzpv9sret8RIhdbl7ljmD7uWJ5YvV14w7PSMgM6 pEG074lbRbrTTSgZNmWWsI67f5QwgSWQbDhM3KyxtUWU/Od4E6FJLcKIcXVSbsm9NSu4 Qr2lCrNW747ytvwjQGS80a53RzQ8B/JkSMvei55bzwHVO+5ULUJ1tCSFBADxF933g4yG i5tg== X-Forwarded-Encrypted: i=1; AJvYcCU5fMf6H/YlOWL7VZK+0NzhEBiEXFB3LaTUwI++OhXD7ylv34mcWRIThPbtLFCWgNQLjBJ0ujWzDaS86ATgZi3BswSWVOpat/dFCNDOevneilkzRlwaly4BvGPM58oX4NlvnTmmcslcRrOAYos/K6bFOGCUuh6gpPA1NPc8lTQhYPm4hM+i29NMMCFBxPnSmXH8j00xTtqXLFABKmOG9PQUZIHxhTbJTNdCg0+MdeZMhx1/QcZdePMQVr+dEqJ7mdWsiSRo0U9HRhU4/q8bVW1VYGsRPNWuGxDcHdBNHGl+tkXCDlqMpGAI7t3DT+weim2TkUNY2A== X-Gm-Message-State: AOJu0Yw5eiddQmjwMUHhsUu9o7fLu09gxj9uZzh9I5mD4iSkdf1DzZET xTT4+3NbgO/Yc4eTA2VQnRborvz2+oOLoXThT+5nGXzx78nS33NM X-Google-Smtp-Source: AGHT+IFtTPhQAQmKp5sRT0b26x8NVcEvgcuc+FRvXvXgBRo6DjcIq8upCUyDVHbaNG1PlsqP6YWdLQ== X-Received: by 2002:a17:902:cecb:b0:1fc:5ed5:ff56 with SMTP id d9443c01a7336-1ff574a1977mr137301625ad.61.1722758239497; Sun, 04 Aug 2024 00:57:19 -0700 (PDT) Received: from localhost.localdomain ([39.144.105.172]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ff59178248sm46387605ad.202.2024.08.04.00.57.05 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2024 00:57:19 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , Paul Moore , Eric Paris Subject: [PATCH v5 2/9] auditsc: Replace memcpy() with __get_task_comm() Date: Sun, 4 Aug 2024 15:56:12 +0800 Message-Id: <20240804075619.20804-3-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240804075619.20804-1-laoar.shao@gmail.com> References: <20240804075619.20804-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Paul Moore Cc: Eric Paris --- kernel/auditsc.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 6f0d6fb6523f..0459a141dc86 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -2730,7 +2730,7 @@ void __audit_ptrace(struct task_struct *t) context->target_uid = task_uid(t); context->target_sessionid = audit_get_sessionid(t); security_task_getsecid_obj(t, &context->target_sid); - memcpy(context->target_comm, t->comm, TASK_COMM_LEN); + __get_task_comm(context->target_comm, TASK_COMM_LEN, t); } /** @@ -2757,7 +2757,7 @@ int audit_signal_info_syscall(struct task_struct *t) ctx->target_uid = t_uid; ctx->target_sessionid = audit_get_sessionid(t); security_task_getsecid_obj(t, &ctx->target_sid); - memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN); + __get_task_comm(ctx->target_comm, TASK_COMM_LEN, t); return 0; } @@ -2778,7 +2778,7 @@ int audit_signal_info_syscall(struct task_struct *t) axp->target_uid[axp->pid_count] = t_uid; axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t); security_task_getsecid_obj(t, &axp->target_sid[axp->pid_count]); - memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN); + __get_task_comm(axp->target_comm[axp->pid_count], TASK_COMM_LEN, t); axp->pid_count++; return 0; From patchwork Sun Aug 4 07:56:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13752569 Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C981B7494; Sun, 4 Aug 2024 07:57:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758257; cv=none; b=sm3Zj4C7usVeFcr4qSuFOpG2IArqz/oDMgZU2LU6pU6SwFozk6oLHzaIwMebrsfJ3Xxbask64KXnR3NgF1ZqdzJhwmXJbCgZrjOQTC2EBfSdBEHRbElmpo0JhfnRCYgMgoddPTtW/cQdE9oDo3C9UkBXe6E2SE1FwTVqK30mhqU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758257; c=relaxed/simple; bh=ZPrSWf5Fyf0qgLTyn3oUYou6AjnEnhTzFL6+lxfWdWA=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Frzxo1TzmZIH3/PTgb4IrByZPmfdPOx5Pu3qfCIpLbYlkvL00CNp6Lxh3Nc721wkulADrvTIPlghlx5oCzdsjzI0RJOK8Ql0G/AvskKbupgr42W/bm60udQosRmdwQjPRct4p5Xw6+Ho5F4SGza8jjugBYqsaK9Dv3wKN3SNhSQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=RV+J9X7v; arc=none smtp.client-ip=209.85.214.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="RV+J9X7v" Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1fd66cddd4dso87078435ad.2; Sun, 04 Aug 2024 00:57:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722758255; x=1723363055; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=B0KTkwxi3yTBFtdP01Ghiv9wnj3oEVaVdo6Xnw/VoxQ=; b=RV+J9X7vBPEd+fQ5Ex2nFDefUNS8iYx63VsWN3gH8Oqt6RzAGVRrlZvdt1Yw5EIakT h0lc/7/+Jp9q/3cBkzoQz5+rKX7YkAWxHKHbdkA9FLO5vkjjh/3Je4ViuOPYDZpvZLak NrywU1e+DUzYZxXJrec1oEzIKfhXGEUYjXiODGiA14A4YTnV0wwYQ6JtXTDZtf59Zdg3 jqzd/aRazC2cOsCt/xB2L10tWlB2WcATdVmGaTY07W8Hwa2+D6KUBRlV74+TIJyUqunC Pb5OZWToVWYG5VFbpI2mXrbH1u/duxwvhnWgh0MLT8164q1n3gJzDoeIBQ4KoWoXDfqr s8Lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722758255; x=1723363055; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=B0KTkwxi3yTBFtdP01Ghiv9wnj3oEVaVdo6Xnw/VoxQ=; b=fcxhwLQUDb8sX34uc8btGqFvAahGNXQouPSDuwZPL+qq5NmqyfgeMcFypfFg/woBVJ WC6Z/yOUrOaIB/aMIWpGGsXn7ubIZQqpVKs1ptwrihx61PEog7F1sbIvyjxRPvUr+GoP 0O8+lUDHiFg7rptdqO36TTWld/syc9gy2OFafyaRPMgE5YpF5/9nzhfMGt1a9+/jtyzP UMIDAyDR+ukTwgvq3lQVxog8DMm8JLP2J4eYFJvZ3vm/bXFQ3rpqAeyGUjPBdeN2ky/N j3BwqHcRQWr8Sv5iv8dS5Wd3yFDxdAJUhTWCByP1FOZKIOdG1QfwCw7gmEwLosiX45z7 LrJA== X-Forwarded-Encrypted: i=1; AJvYcCUaHd6s5TK5j98B9zicHmPyqz4sDM2onJSp0zhnPxFBl/eYY22orWJ26oYO/OCarR2SslHElRVCYVirUJK4+CmiuocmHNx2kUVJ9GQVYjQtVKMSuc4kMwJr+bX35vUFyBZm1JapkPZK2Z3DZwwBXHKeAQzByrjrZyZR212aDXyRKHR+vvTsbAYqinhfMUNqZUoTqRuUwAvgS987pzwesU1vLe/AnO1j2/y048/L5cgv/nPylgQPX01lNONRgg8cRpt6+Mq6+4kahT9ikyUdRCmQU6j8bCDJnNWtjBgT2iV4Fi5BTQuKZdnZ5yA9paZDNOYYc7XIUA== X-Gm-Message-State: AOJu0YwPTFle83T/VUaWDxXDRinwqhz4+xzeWkKplIuisUBmCvhiLdOn AtCK6u+fQx8OA/qzw83R7j+47/ntd2ehKkeLvpmj5F8MrGEmn6Ud X-Google-Smtp-Source: AGHT+IH6wosRQHFK1XrZrMQ/1/OazY5atARBRVgGVQBt8cXkjOG1KelkDNxLA3xQ6gKV/rMpiZ54sg== X-Received: by 2002:a17:902:aa42:b0:1fd:96e1:7ffe with SMTP id d9443c01a7336-1ff57456f1cmr80659485ad.55.1722758254963; Sun, 04 Aug 2024 00:57:34 -0700 (PDT) Received: from localhost.localdomain ([39.144.105.172]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ff59178248sm46387605ad.202.2024.08.04.00.57.20 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2024 00:57:34 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , Paul Moore , James Morris , "Serge E. Hallyn" , Stephen Smalley , Ondrej Mosnacek Subject: [PATCH v5 3/9] security: Replace memcpy() with __get_task_comm() Date: Sun, 4 Aug 2024 15:56:13 +0800 Message-Id: <20240804075619.20804-4-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240804075619.20804-1-laoar.shao@gmail.com> References: <20240804075619.20804-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Quoted from Linus [0]: selinux never wanted a lock, and never wanted any kind of *consistent* result, it just wanted a *stable* result. Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npJooP8chLPEfaFV0oNYTTBA@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek --- security/lsm_audit.c | 4 ++-- security/selinux/selinuxfs.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/security/lsm_audit.c b/security/lsm_audit.c index 849e832719e2..a922e4339dd5 100644 --- a/security/lsm_audit.c +++ b/security/lsm_audit.c @@ -207,7 +207,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2); audit_log_format(ab, " pid=%d comm=", task_tgid_nr(current)); - audit_log_untrustedstring(ab, memcpy(comm, current->comm, sizeof(comm))); + audit_log_untrustedstring(ab, __get_task_comm(comm, sizeof(comm), current)); switch (a->type) { case LSM_AUDIT_DATA_NONE: @@ -302,7 +302,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, char comm[sizeof(tsk->comm)]; audit_log_format(ab, " opid=%d ocomm=", pid); audit_log_untrustedstring(ab, - memcpy(comm, tsk->comm, sizeof(comm))); + __get_task_comm(comm, sizeof(comm), tsk)); } } break; diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index e172f182b65c..a8a2ec742576 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -708,7 +708,7 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, if (new_value) { char comm[sizeof(current->comm)]; - memcpy(comm, current->comm, sizeof(comm)); + __get_task_comm(comm, sizeof(comm), current); pr_err("SELinux: %s (%d) set checkreqprot to 1. This is no longer supported.\n", comm, current->pid); } From patchwork Sun Aug 4 07:56:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13752570 Received: from mail-oi1-f181.google.com (mail-oi1-f181.google.com [209.85.167.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D31747494; Sun, 4 Aug 2024 07:57:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.181 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758272; cv=none; b=oOL0DHVvcj5hvrJBjBsvZn46THOTOF60rc6A2M+agRFJCmM1lOGeZn7GcPmsciwo9jwfn9LYQhK0mSF0CB6Sx7oCV5IT1+VMTbpCgt5gvojXgQbH4+KhBbiGhja+9UC5TADLzwiFjVzg7LgOXy4QFyM21Gftaxe+PISjfMb5tMU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758272; c=relaxed/simple; bh=rlenXTcK5dY0xJX85ugd6MF85uI3ieKdNIIKjOjMRr0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=cGXSVrE9SGGgofgU9VqY2Gxctgn8h2d3sMFawgLVhU8W/XpQwzjalnaC8YN1438hDoAiFvWoD0GGULAnLS46zxUQOon6vKVZpqwHiDi5QQDNvP7de92fSPKZ3qX+mBxKrEOe5AXe69Z35ORUDqVWmslq6ed9zmfQobCbEYuelsQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=aTZUcqzh; arc=none smtp.client-ip=209.85.167.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="aTZUcqzh" Received: by mail-oi1-f181.google.com with SMTP id 5614622812f47-3d9e13ef9aaso6621079b6e.1; Sun, 04 Aug 2024 00:57:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722758270; x=1723363070; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=eQQ3mmtZRuc+UzgaTIbXRCgMjfWu2etwx8M84uu2mcE=; b=aTZUcqzhYxOY0aymK8Vbeo8iASu9ZNqWVAWXcLEz4SQ9nPBKyXegAd8iwLInxjX2ZJ W/i5tPJFS/fTZPiI10eTGpu4ZS847B1fqdZGNqgfNpw2n7oi//QghKd/NBqesmYn063K Zghf2z9WokxEnQnevhG7eqSnI342MeTk51Ui4s9ku3LvsSQQ+QjfjwL6lbkS93xkkO1X bbJSZc5VrGL99Eo/GUapyDpeDsvp+gvakbomx1XOo2tVVbVIdiUDovIbd/n6ZpE0meuO F2BNJU6C/bbJxeGURq6XW59ju39sgwIIq+bCnlev9tPQYGua0Yk3q82miuVHv+6KN4vx tf9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722758270; x=1723363070; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eQQ3mmtZRuc+UzgaTIbXRCgMjfWu2etwx8M84uu2mcE=; b=L8AOO06o63KMHjHS5jnBkx6opKBWXg13DlTAa19MnJwTuWeAU+/7Rr4LhHodc2t/88 yyk+eeW3J+yRAM7nMGdUxPZBFETls1vhM3kFWJtbL5yk5LwEtL9SEBXMFz4ZEMdogk+F jO0+mmdSnMMF/ST8j/L5zPr1IFs6Xwn5clCHZfjTPMCL+hvhSOHjMoKQSNS5xHpIigSC 919bk4XO97G9wdLflNnCbSYUXiZ7arjxnemx5xRzP0W3EcHTq3GiKDXw1ht00UdwYE1r Qift3FwDM/wn29xEGNXDyZdoO32TQKlOk4gxbVyRM0xZEua+UAyVyxYYIDKmEZyC59yT hxMQ== X-Forwarded-Encrypted: i=1; AJvYcCWnzYERYmT4gMzB1T9m2zCWCHw1SmD/0qlUB056wHFfBCCNm1ghedx747iwG++XX1qLL7cNdli9LJPN+C7t/X9IpnVuOXSajhmqi0vWRlhTEO3H2sJB0kNbIrh83K9FtVJdztcVBVR6NFU0uzhuOCG9FkcCDWqH5VZdyYHZu5jmjE75CCLv8S+EAPhm7kYWHPgBz36ycXTzSGMN+/c7tferOgcqu5V19oC3IaX3FiQ9NXSznxm+YgOZuW3llE7Mso277nlFPUxOUuNMiSj4Z9aJriDehLj6zNZqfzOwYBjOKbB6AL1cV2J3fgIedy3pppB5XbUO2w== X-Gm-Message-State: AOJu0YxFaNF3/KMpi4eJRGGJpuw+LpTvsdJJv60ApnEMF8eA+VN7uR0K v6E4ydFWubG5Yqam55vVfMBJsgziWmOUsrbgQQae9R/22CDmuQYL X-Google-Smtp-Source: AGHT+IEnK16jBONqPu6EI1AggsrrDpNbP1fkcELTlG1wIUqkHXvdRtx4NsDiXlOwAOqcDTPz63EQbg== X-Received: by 2002:a05:6808:159d:b0:3da:ac85:3bd5 with SMTP id 5614622812f47-3db557ef9bemr11482423b6e.8.1722758269943; Sun, 04 Aug 2024 00:57:49 -0700 (PDT) Received: from localhost.localdomain ([39.144.105.172]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ff59178248sm46387605ad.202.2024.08.04.00.57.36 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2024 00:57:49 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , Quentin Monnet Subject: [PATCH v5 4/9] bpftool: Ensure task comm is always NUL-terminated Date: Sun, 4 Aug 2024 15:56:14 +0800 Message-Id: <20240804075619.20804-5-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240804075619.20804-1-laoar.shao@gmail.com> References: <20240804075619.20804-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Let's explicitly ensure the destination string is NUL-terminated. This way, it won't be affected by changes to the source string. Signed-off-by: Yafang Shao Reviewed-by: Quentin Monnet --- tools/bpf/bpftool/pids.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/bpf/bpftool/pids.c b/tools/bpf/bpftool/pids.c index 9b898571b49e..23f488cf1740 100644 --- a/tools/bpf/bpftool/pids.c +++ b/tools/bpf/bpftool/pids.c @@ -54,6 +54,7 @@ static void add_ref(struct hashmap *map, struct pid_iter_entry *e) ref = &refs->refs[refs->ref_cnt]; ref->pid = e->pid; memcpy(ref->comm, e->comm, sizeof(ref->comm)); + ref->comm[sizeof(ref->comm) - 1] = '\0'; refs->ref_cnt++; return; @@ -77,6 +78,7 @@ static void add_ref(struct hashmap *map, struct pid_iter_entry *e) ref = &refs->refs[0]; ref->pid = e->pid; memcpy(ref->comm, e->comm, sizeof(ref->comm)); + ref->comm[sizeof(ref->comm) - 1] = '\0'; refs->ref_cnt = 1; refs->has_bpf_cookie = e->has_bpf_cookie; refs->bpf_cookie = e->bpf_cookie; From patchwork Sun Aug 4 07:56:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13752571 Received: from mail-oi1-f176.google.com (mail-oi1-f176.google.com [209.85.167.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A69BCEAC6; Sun, 4 Aug 2024 07:58:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758285; cv=none; b=lyL+G+xipIn5hRi+pZQkeS9U0x0JM3Ix+u7Dk0jNZwnvGOYr1DYounSp1Cl/zOx78g09cZKqha86mSIpHcgmtSpNrfUt103+fMegvHXWy+HcFU2z4Y3/2rFTUMq2GB1hl8sjt38d/2OYHsX3K2YQ1nSqjdOFhPkRNmj18FD8G80= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758285; c=relaxed/simple; bh=3Y0PjEqG6S3Uvz9FkBUvWOex8hIkmnI1AqczpSovQ98=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=GYcbtmGaLgMEfY85yuRkNFkkcWTi8YbHd2DSS1kGAGSSH7SApNZqiFOF++pPNHpm09/Alfb39XuTu/7lUKCVtQEkYpaFI84ihAKQviyhaH8QxyMcz4iDIa9xiLDzdDmUPRKusH6Kv8KxJDIMKiF3DzCx4Oeyy2poJBJWuZF3hhA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=ehA1WynY; arc=none smtp.client-ip=209.85.167.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ehA1WynY" Received: by mail-oi1-f176.google.com with SMTP id 5614622812f47-3db23a60850so5266164b6e.0; Sun, 04 Aug 2024 00:58:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722758283; x=1723363083; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FVkI7ws3sH8SytGBGHon98LlMkqoO/ooAo5HpqnjZFY=; b=ehA1WynYJNijz9rguNRGQul9+hEqRcKwGkUBi7G+SlH6Gxf1XY1ZMdc5ta0Mhe5eMo BoAFrcWqMcWJ0KxuMTP9VCeiQtgJ5SZSk219p/nVUD6ZAl5Qheud2bnNUupkFHukwmM+ tH/o6YLURm0/XJobTCp+epqf3nd/th/ExECHwsewel3Tp5Mchy14q1jaJOE57iVqJhe6 Aio7G62gdjjHRTwEsRtZg59DfC5tMQAThaiD4VbkUuAkWqr+nnw3MVMfHDFEs2mFosve mGRI1vaL31pzmZbq+s6Wevu2gWi5l4M7f1ZnCmom9UiCUP3lY67SeoOuBEd1lkoWLhaf UzPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722758283; x=1723363083; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FVkI7ws3sH8SytGBGHon98LlMkqoO/ooAo5HpqnjZFY=; b=IxNMJa5ESY0k+MNEUvOEc8pW9oakpmA5EnGCUVlIfKHSAVoza+bOS33fH3VUknALuS MwwDnL3lA2kMUNeWblAmt1XG+/IItfXxCbrMimiD+8u+YoD80hB026aG4Ll4DYvWjNQH jfg5QZHGSFj/XO5sqOSdkZDQs1mFPFJ3cM2ff70esmAqsh/5zSVYAE0byKwYHMgfoYeV 24NCY+fSHTKcH0kUlgG7ww6XxyCgfSV3BNn+BRndacfdjoun1VUaEv3yJpBK/+ejD72k lqBXz+rzoUTnIjUIzV5Rjn3ub4mq6aFslfHVr2p0gj1q++u27w5IljHwQCiYTMc5VQsC zJaQ== X-Forwarded-Encrypted: i=1; AJvYcCXc2fvKDIMR4SQoIbSPRfC4Zx7iqUxPTfnKcM/3h9yXw6/gfzBhdiKkAuoEMpvtn0cLtACSw+2ocS4ttVXgvBnlEb04UM7FVjjXLDUHQIe8WRqAmHvpUz780le4sGJFJlUQ82srwKnjJn/Zzd4wPVZRZeYKANgSJ2vzWOuLLhYp0Y783N4Uk0mX76NRp13I/iAs+6VIq5EH8l5f6+Q082w9GKBRXArRyfLAR5IZi6ZSmOf/KqYG35jwM21BmLCbdcCFxoV/+hdxC8Lq9Dzogmt3bYpAyGNtYG7sin5K2n64NANXF1m5xnjRt2PldHKnuTQn2vALOA== X-Gm-Message-State: AOJu0YxkeOkQx/IiDkOtKfu9G1Q6ljUSS1RJ08Eas/F5HCGxTA5vUSR1 EJNO2zXLVt6TfDesF3aqcvODeMSqJ8hnwRMCkwvquMlrxklf0nR0 X-Google-Smtp-Source: AGHT+IGvj96nN6G8dNTQwO1gCnAi0LCFIOOEmeeyoUDneJo+nlGiP3jzVP2As4CYicNVTrPVKHFDvw== X-Received: by 2002:a05:6808:16ac:b0:3da:e587:3e1d with SMTP id 5614622812f47-3db557fc2cfmr11867023b6e.4.1722758282670; Sun, 04 Aug 2024 00:58:02 -0700 (PDT) Received: from localhost.localdomain ([39.144.105.172]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ff59178248sm46387605ad.202.2024.08.04.00.57.50 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2024 00:58:02 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao Subject: [PATCH v5 5/9] mm/util: Fix possible race condition in kstrdup() Date: Sun, 4 Aug 2024 15:56:15 +0800 Message-Id: <20240804075619.20804-6-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240804075619.20804-1-laoar.shao@gmail.com> References: <20240804075619.20804-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In kstrdup(), it is critical to ensure that the dest string is always NUL-terminated. However, potential race condidtion can occur between a writer and a reader. Consider the following scenario involving task->comm: reader writer len = strlen(s) + 1; strlcpy(tsk->comm, buf, sizeof(tsk->comm)); memcpy(buf, s, len); In this case, there is a race condition between the reader and the writer. The reader calculate the length of the string `s` based on the old value of task->comm. However, during the memcpy(), the string `s` might be updated by the writer to a new value of task->comm. If the new task->comm is larger than the old one, the `buf` might not be NUL-terminated. This can lead to undefined behavior and potential security vulnerabilities. Let's fix it by explicitly adding a NUL-terminator. Signed-off-by: Yafang Shao Cc: Andrew Morton --- mm/util.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/mm/util.c b/mm/util.c index 678c647b778f..912d64ede234 100644 --- a/mm/util.c +++ b/mm/util.c @@ -62,8 +62,14 @@ char *kstrdup(const char *s, gfp_t gfp) len = strlen(s) + 1; buf = kmalloc_track_caller(len, gfp); - if (buf) + if (buf) { memcpy(buf, s, len); + /* During memcpy(), the string might be updated to a new value, + * which could be longer than the string when strlen() is + * called. Therefore, we need to add a null termimator. + */ + buf[len - 1] = '\0'; + } return buf; } EXPORT_SYMBOL(kstrdup); From patchwork Sun Aug 4 07:56:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13752572 Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6E0881B5A4; Sun, 4 Aug 2024 07:58:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758302; cv=none; b=C3q1sxxTtZexkbtgzUvifxt9Ux4AUGkugILQ/xmyODnRPq1U3VheQW2iiz49ckiYJ7ScGRhErfRgKdJwlMNRryibI1Kko+WBylgtuGTklnbJ7wQTSCgJq1rAeou7KRs2Fy4nFaW8N6RErmaj9xsiV6ZcRpHlfPNX7EUlNCZPFmY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758302; c=relaxed/simple; bh=ufZNTPTUnymrGi51MfWJYESJmDf38G9W+EaTMZbbTf8=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=o78+MqCI90LdjZkRJvc7Fr5uAEr+wb5kPX9du8AIcLHUMC9IxrN6UcXE5b+hhpLw6tRaUTF4xbWbpjicBrAxU24iOEgEVfCqia83dktuP+Tn2LC+xmBNxZveu44hjA4sKpB15i9YwUJW7Sz48svXn2+zkZ4mwf1X/zg01/XPPW0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=mIVl5rhX; arc=none smtp.client-ip=209.85.214.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="mIVl5rhX" Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-1fd69e44596so33007355ad.1; Sun, 04 Aug 2024 00:58:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722758301; x=1723363101; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bS0UkRamrVL5XCR4Rnj9cLPm9Cl+fEpiyHi/lwqSnvY=; b=mIVl5rhXWK5xkGkCfsPW5zU22+u+fcLHq2hrsmPjUvD4JeY9a1BLG+SwKi9Uo9rrvU ARaD1wq5tPXCTRc8+b5qx/+H2l3yVblFUkXwS1USeRkWFh9nAwZRMH6M0PPElJBpUGKk yPk70yIV4f4Rgd0Z00PZyOvrzDxwhO0uIcUQq3D5kPa5qNMTqTOfiW0XWIMRZ5FgEU3B i7TXg8hhrjVpV2I/cxpzDe86EMXXxVjfg+FvMIp/kK/AsDQ2f1EqVPw2s5drfocTDpJY JTzqS2ia/ZG66S5MJXS4WQE//j6/lm7LX0e4DiS5lGtEFXOrMNcyF5tlFwle7KvaGzd9 BplA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722758301; x=1723363101; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bS0UkRamrVL5XCR4Rnj9cLPm9Cl+fEpiyHi/lwqSnvY=; b=ZVI4cqbNg2W5vUKjfEalm/gLHl0/8M2Gq4gTbMyYxXbyz6ufysQHfyYGtEIvfcTNxM H/REhL5Dp98N64aq7jXiOh/xEhm14h3yk2MHaipu/v5mHchN6JrgPuFO33w7brsPT/Ar yXCB+OKN7ysaGmqYk6iSEzRd+jrU92qpKRq4SLF4vjQqn6uMnFqDciNC+0KoqA5DtOXw U37EIkAQplOlnagYg4meYF95lG+cDYz6UrUwTiYlCMEAd6xIZsJq064OE0ju6TiYTdNe re7EgMuWOsO0IPhix1JO8n7F3z6jFarm5LbWGp8WVCYUN5Nar042oA+uuaD2W44PJHE3 3jvw== X-Forwarded-Encrypted: i=1; AJvYcCVC0/AHYYjrW8sHZwZyzUnTbQaeTdkfV8IQTAQA8KcmNoLO7gp1vi+lyLS+BAcuQCy1sZ94rJyurP/IR6PVZv4mfKodJdxWLefn4R4azgurjdYj08nyzH+Do5wYlNLj3Ve7fYWBK2HceXT3UdXbdNYPWH6F0EliEg7SQVQrVaw/NeDYRuVpFR/5orXNaL/l5+22C6YGqIIEbV2VPkiS54LbFjwwB1UODHA6DFxHVJuhUkverQvWcWg9sje0zwG7bWfyoAbl1a6SAWbgXFosu9f+a6AcW6yij+JwpYVgjoEXypuJtuIZhjyGYF46U9M6sFqz+bMXpg== X-Gm-Message-State: AOJu0YwC7bDCNznXb6U5JHmApmbNFZUI+jtfwHBw62gL3uwK93CO+xP9 WKBbhmdhoVI4ZvwnlNcZ+85XcYq2P23be0L25aBWMM9EiefPgrIa X-Google-Smtp-Source: AGHT+IEGtCQCVMnQCKfJ0+BIkhT35+DpDH9a54ylBrsi080HAExdi6zY8c1ZJxWy2ZwMLSFkL3dmww== X-Received: by 2002:a17:903:1cb:b0:1fd:7ff5:c673 with SMTP id d9443c01a7336-1ff523ef0dfmr156564885ad.2.1722758300691; Sun, 04 Aug 2024 00:58:20 -0700 (PDT) Received: from localhost.localdomain ([39.144.105.172]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ff59178248sm46387605ad.202.2024.08.04.00.58.03 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2024 00:58:20 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , Simon Horman , Matthew Wilcox Subject: [PATCH v5 6/9] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Date: Sun, 4 Aug 2024 15:56:16 +0800 Message-Id: <20240804075619.20804-7-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240804075619.20804-1-laoar.shao@gmail.com> References: <20240804075619.20804-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 These three functions follow the same pattern. To deduplicate the code, let's introduce a common helper __kmemdup_nul(). Suggested-by: Andrew Morton Signed-off-by: Yafang Shao Cc: Simon Horman Cc: Matthew Wilcox --- mm/util.c | 67 +++++++++++++++++++++---------------------------------- 1 file changed, 26 insertions(+), 41 deletions(-) diff --git a/mm/util.c b/mm/util.c index 912d64ede234..2c5addabd6f7 100644 --- a/mm/util.c +++ b/mm/util.c @@ -45,33 +45,40 @@ void kfree_const(const void *x) EXPORT_SYMBOL(kfree_const); /** - * kstrdup - allocate space for and copy an existing string - * @s: the string to duplicate + * __kmemdup_nul - Create a NUL-terminated string from @s, which might be unterminated. + * @s: The data to copy + * @len: The size of the data, including the null terminator * @gfp: the GFP mask used in the kmalloc() call when allocating memory * - * Return: newly allocated copy of @s or %NULL in case of error + * Return: newly allocated copy of @s with NUL-termination or %NULL in + * case of error */ -noinline -char *kstrdup(const char *s, gfp_t gfp) +static __always_inline char *__kmemdup_nul(const char *s, size_t len, gfp_t gfp) { - size_t len; char *buf; - if (!s) + buf = kmalloc_track_caller(len, gfp); + if (!buf) return NULL; - len = strlen(s) + 1; - buf = kmalloc_track_caller(len, gfp); - if (buf) { - memcpy(buf, s, len); - /* During memcpy(), the string might be updated to a new value, - * which could be longer than the string when strlen() is - * called. Therefore, we need to add a null termimator. - */ - buf[len - 1] = '\0'; - } + memcpy(buf, s, len); + /* Ensure the buf is always NUL-terminated, regardless of @s. */ + buf[len - 1] = '\0'; return buf; } + +/** + * kstrdup - allocate space for and copy an existing string + * @s: the string to duplicate + * @gfp: the GFP mask used in the kmalloc() call when allocating memory + * + * Return: newly allocated copy of @s or %NULL in case of error + */ +noinline +char *kstrdup(const char *s, gfp_t gfp) +{ + return s ? __kmemdup_nul(s, strlen(s) + 1, gfp) : NULL; +} EXPORT_SYMBOL(kstrdup); /** @@ -106,19 +113,7 @@ EXPORT_SYMBOL(kstrdup_const); */ char *kstrndup(const char *s, size_t max, gfp_t gfp) { - size_t len; - char *buf; - - if (!s) - return NULL; - - len = strnlen(s, max); - buf = kmalloc_track_caller(len+1, gfp); - if (buf) { - memcpy(buf, s, len); - buf[len] = '\0'; - } - return buf; + return s ? __kmemdup_nul(s, strnlen(s, max) + 1, gfp) : NULL; } EXPORT_SYMBOL(kstrndup); @@ -192,17 +187,7 @@ EXPORT_SYMBOL(kvmemdup); */ char *kmemdup_nul(const char *s, size_t len, gfp_t gfp) { - char *buf; - - if (!s) - return NULL; - - buf = kmalloc_track_caller(len + 1, gfp); - if (buf) { - memcpy(buf, s, len); - buf[len] = '\0'; - } - return buf; + return s ? __kmemdup_nul(s, len + 1, gfp) : NULL; } EXPORT_SYMBOL(kmemdup_nul); From patchwork Sun Aug 4 07:56:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13752573 Received: from mail-oi1-f169.google.com (mail-oi1-f169.google.com [209.85.167.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 50C84FC19; Sun, 4 Aug 2024 07:58:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758318; cv=none; b=CAmJwuUByHKgReYB30Hjq3T8SMnNSDuDetmi1JJ/ZXEBLjuiGJz4mt3jkVmPE8qX+EEu30hAEAyGgp1zgBpFkZ4AFxsmQkiylBUmZ+VgPCyiRNHssZ+tXK2kqKVRAWB1XBVQZlVtsE/ED1JAMcm+tM67jz7hxz6V1FM/HeQpQEg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758318; c=relaxed/simple; bh=dlJhdNpYfBkg3mTKqD+vv3I6a5l+1nCkhKweBeFcl/U=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=aaXqIfCcz+B9UB5K9WMegxnDAr2YUZxDIDYTbQ2jIP3bHGgu41U5geppDPanK4pPBOJuZjiax53PgHPmdZQIiCIjMFK82Gkj5GZfWYG14iVdQfil8DraKPaoFRQUVa4+fY3e0z6HagQrcvFT6Dz9jlGAWpLD9luxQoPI5IdNEik= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=UdjVMHha; arc=none smtp.client-ip=209.85.167.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="UdjVMHha" Received: by mail-oi1-f169.google.com with SMTP id 5614622812f47-3db2315d7ceso5601709b6e.1; Sun, 04 Aug 2024 00:58:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722758316; x=1723363116; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hHFsexRAvS3+Twdq3ZGpnUTD4jZRkYjFMffxIhD4B7E=; b=UdjVMHhaMNtUDgj7RUhXXVf9qIqqIjyBLG87ixYesAlh6+cBfaJilnaMaUu64KW1Ow 2ncmrEHI4CDXT41HH8uObX4bXABtTl+rewcbP1WmIothRqTWXo63T4HKzPoDT5bV/Ll0 SekYLbPN8+prC/Flox3kVttr1ZIs5yhUiVzU21zr7REi7B8fzntkZfdf5URYUKYwJY/r ba+ZVWnhdjpMKDeUYJZpZB7Ju9+VlMJdAcSl0u3zgAKHfgg6o5kMbXbZOFq99cc+OifV bnTQmXty/xdnLh72+z8FDGYKtjg8ulKvo5rcXPoMpAVgRdsBCy74YNTDeITlAtMAN+fe h+jQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722758316; x=1723363116; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hHFsexRAvS3+Twdq3ZGpnUTD4jZRkYjFMffxIhD4B7E=; b=ocX+GMQvzaXh1w03l1Ed5vJCPVXIh65zSE8SNuR8BgEWLvtPAJwLnIGecHeN+dNs1D MvGemRmUrasyVmNO6YjuxcssTXVfUSY7mKhmL7wGK8mPTmuw+brYEE+ctNJEjwC81c+6 pB48ujKG7Aw/vMX7g41I8DhwIBx66kxKCsLKDGXnZL5OZkPm+7xZrBt+CmKLIA+ds1qC 5XVcQXZy/uZNfh9vieFIkokwVjY5yzKkrI5+UH1/+r3y19J2qoWOKJDzmqOJE1JNOInS t/dg3qw0qmHk52uq3icchjQy+Vkdip4T7Gv+U93Pp1iVENRoOZ4uLDZcZGozDtQAGpUI PoQA== X-Forwarded-Encrypted: i=1; AJvYcCVTIuHqsNtAePeJ32H9mVcXPwMool++4JDFyvK1AJ0O81iutNL6r/DgV7BWkSUNqfY5IyzrgyKlwsDDumiCAdf9ima5qXO7DOCsBTXqByvDBjJ3AfyKo92u/mTBHNaxXOOQa5wHSTYo5k/hoY5hRRY+QB+6dkYgdp7XKRbWNqrvsx3G5I2868hfK+v6l3K1ORCbhdRS3IMvBmkjlbyOnFoakyH8ERTo2+qlf5uWZJ9r/RWnQRYCWKSCuUd38YSW38S3ItH6GpK7EPK+5UMD5tSy22wy/l2eQihavoFYnlZIwUck0imt3ssiGvGY4Bx8PX7d7oi99A== X-Gm-Message-State: AOJu0YwXqr0G3JMpa/Hd9YaGNlDB9oUyN2+OUmoxiGXx5EQQ1k+8hqSp Ep5enr9Q500Ncl0bgBtGFohK/yA1B/E+SPsK+gdcReoMNuGjmPph X-Google-Smtp-Source: AGHT+IEQdsxKAJTw4i+uNNPkbgE3NiIW5Ir2yWohAneqMp4vDkArZBqW84U9DpBffvNg6sRs26e7Fw== X-Received: by 2002:a05:6808:212a:b0:3d9:2562:7541 with SMTP id 5614622812f47-3db5580f273mr11989986b6e.24.1722758316365; Sun, 04 Aug 2024 00:58:36 -0700 (PDT) Received: from localhost.localdomain ([39.144.105.172]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ff59178248sm46387605ad.202.2024.08.04.00.58.21 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2024 00:58:35 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , Masami Hiramatsu , Mathieu Desnoyers Subject: [PATCH v5 7/9] tracing: Replace strncpy() with __get_task_comm() Date: Sun, 4 Aug 2024 15:56:17 +0800 Message-Id: <20240804075619.20804-8-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240804075619.20804-1-laoar.shao@gmail.com> References: <20240804075619.20804-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Masami Hiramatsu (Google) Cc: Steven Rostedt Cc: Mathieu Desnoyers --- kernel/trace/trace.c | 2 +- kernel/trace/trace_events_hist.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 10cd38bce2f1..985d2bf2bbc5 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -1907,7 +1907,7 @@ __update_max_tr(struct trace_array *tr, struct task_struct *tsk, int cpu) max_data->critical_start = data->critical_start; max_data->critical_end = data->critical_end; - strncpy(max_data->comm, tsk->comm, TASK_COMM_LEN); + __get_task_comm(max_data->comm, TASK_COMM_LEN, tsk); max_data->pid = tsk->pid; /* * If tsk == current, then use current_uid(), as that does not use diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index 6ece1308d36a..721d4758a79f 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -1599,7 +1599,7 @@ static inline void save_comm(char *comm, struct task_struct *task) return; } - strncpy(comm, task->comm, TASK_COMM_LEN); + __get_task_comm(comm, TASK_COMM_LEN, task); } static void hist_elt_data_free(struct hist_elt_data *elt_data) From patchwork Sun Aug 4 07:56:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13752574 Received: from mail-oi1-f171.google.com (mail-oi1-f171.google.com [209.85.167.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6AD471BC39; Sun, 4 Aug 2024 07:58:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.171 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758334; cv=none; b=e4rMTxYfG6AWJOFQiUGL6rbBfSnHZfh4WhqXaIVeUTN4Rx1QOaob6dWcRlKV4oIvuv/r0syn6OS1noqQNAxKKfvlEit4VBmP40gnkEh+PsYSRfQBXBcqXKnnNpkZg2BdF1faKQKmQzMuL76O2yWk5fuWkNy3vI8Uq9KTw+SuFTU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758334; c=relaxed/simple; bh=36noEVLUmWO8B4cta+fdWNDgAFM5Qm1APLVzyVo0yvw=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=P9tBYPGe3x+lDhuOvMd70dn4ZLN+W6NufBswBJ+muULrLlenLKfhOs6ElC3v0ijFG9HOWBQLLrW8TbwS9aapHFpoqqhQVYoCPyphq13w9mwS8Jfv2z8Ewqp6AFaYH+GfWd7WJ10TCyGi32adqtFUXzXsU/Jo7coVUDmook6ddyE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=iI26+rA0; arc=none smtp.client-ip=209.85.167.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="iI26+rA0" Received: by mail-oi1-f171.google.com with SMTP id 5614622812f47-3db16a98d16so6095967b6e.0; Sun, 04 Aug 2024 00:58:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722758332; x=1723363132; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Iy8s8HUuCpYYzqYVYDLibKnXKIG+UtFNyRBbbBdMpkI=; b=iI26+rA0qydphvU0P9ejVFsR5kMhFcI3uOZOZvkFR4q+JJ4sPswTpclVcozMUyjX/i uD86nydoKaHZ7QR8mMlG+avhItXhV4Wg4Kqo0I3KVXU7uTCaPj9Tndj6l7SCBHoPBHe0 pU3pYO/Qmp3nV150sdQxZDLQJ5rhTCFoz5jMGy8LTM0w2wIKxjFkhZupGOj7QH03hurd h0Hp6+tMPciIGT6OtvstcVebooKkKqgCwePS1P7B0WxwwT6hGDQapKqld8bENuMzZApk HJH4e5lyLvys9E2DC/N7ufGT53MDu4ryQNHQ/0/cMQtXcNOm21nMY/qFsm0kFxX2Lk/u kIzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722758332; x=1723363132; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Iy8s8HUuCpYYzqYVYDLibKnXKIG+UtFNyRBbbBdMpkI=; b=UHwsmZLiOmXdVgx0+K8m8PFfrdfQ9Hb8I4NHMi/MzDaKuJisO2w+z79CoWdtEamZl8 NNpQg4o7z9f1d5lZOZn6Gio9BlWKgcXNhX0ubdty/HvGJ4GMjRzfSFG9IKYwlWQrAqv8 az+BEA+1UHANYbVny6Rk/f4hSVl8cgguNmZ0jl+VFnWbLWKuH4gjp9Wieem958UZl2wI IB0Qo0HRkSIlr6Mn/LJz+GlBHmFo6WnmldZVsOkp6GxF5b6VTwp5c9X1ltnwJkL8AdJQ DeYGh/1jCvoA6BXmxXF+9U1BHyebPhbNgyLQ5X4llDLHOe1AVYYGyUbOseevFqz8yQFc oEJg== X-Forwarded-Encrypted: i=1; AJvYcCXi5idbceo2lWj/Q64keBSV8nqsY7y/HFmpkY5Wie1suXqSSUpITjfFn5xN4NRwK/3OiMvkBJ78EDdMZTYGdtJHL2Gnz/C4oCI3ECNM7ehii9/RzZMGnofxjvygERFWFZGachu2RtFIFPKTF1zz3D4EHTLzTb83CsdZoDgEWQ7IoJM8+r96WEIv2O5FcOeTTl0RVJFpRG48rsS50kDJeRn7m4fzQW9LsQp1XrHntRcnbaSgz0ZlcRqxF9fDwcQtEX2p8g8gqVT8dtYcqaIvBLgPE5/QCjcNtdTHVGSYB32ANP0PehQouDBgxBVi/7dy1YRT9MUvSA== X-Gm-Message-State: AOJu0YwHxWbxQKdFpQY8hxFZkwDQ5uTUzsGsBV6nHZ17rZRqmgysEskg aVwYjzEEf5wuT/NNmECN7MLn+Ms7yTdtX5JFLPKYXl5U+V5OYTaP X-Google-Smtp-Source: AGHT+IEAdxuBVNyLOuAyS4g3ON7ORD29wxk4r6CpWYYml3q2XeTU12w4OJdy/NnFgIlYXJGGtsOOlw== X-Received: by 2002:a05:6808:1984:b0:3d9:9e78:420c with SMTP id 5614622812f47-3db5583270amr9335216b6e.38.1722758332352; Sun, 04 Aug 2024 00:58:52 -0700 (PDT) Received: from localhost.localdomain ([39.144.105.172]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ff59178248sm46387605ad.202.2024.08.04.00.58.37 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2024 00:58:51 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , "David S. Miller" , David Ahern , Eric Dumazet , Jakub Kicinski , Paolo Abeni Subject: [PATCH v5 8/9] net: Replace strcpy() with __get_task_comm() Date: Sun, 4 Aug 2024 15:56:18 +0800 Message-Id: <20240804075619.20804-9-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240804075619.20804-1-laoar.shao@gmail.com> References: <20240804075619.20804-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 To prevent errors from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: "David S. Miller" Cc: David Ahern Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni --- net/ipv6/ndisc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c index 70a0b2ad6bd7..fa3a91e36ba0 100644 --- a/net/ipv6/ndisc.c +++ b/net/ipv6/ndisc.c @@ -1942,7 +1942,7 @@ static void ndisc_warn_deprecated_sysctl(const struct ctl_table *ctl, static char warncomm[TASK_COMM_LEN]; static int warned; if (strcmp(warncomm, current->comm) && warned < 5) { - strcpy(warncomm, current->comm); + __get_task_comm(warncomm, TASK_COMM_LEN, current); pr_warn("process `%s' is using deprecated sysctl (%s) net.ipv6.neigh.%s.%s - use net.ipv6.neigh.%s.%s_ms instead\n", warncomm, func, dev_name, ctl->procname, From patchwork Sun Aug 4 07:56:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13752575 Received: from mail-oi1-f181.google.com (mail-oi1-f181.google.com [209.85.167.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE3F01802E; Sun, 4 Aug 2024 07:59:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.181 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758350; cv=none; b=Whp+8BLwB+qNn40GrPRPSxKcUJcnS46FMCTYd5e2kkhUr9E+EiEmfPv6u9FTo1q5Ap7neWnVLRRJO2QZPe8Wv/setcONOuJ/r2fuD/cELX9mTf52USxKVno8FC22DZn4ybgXZaL1VbZ6W+1ba0nStIvsIGW9WuDHgX5YQ+pYBpA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722758350; c=relaxed/simple; bh=jrG/JeyScrX8i1Juroefr8qRWmAWEGD49Vd0gv0ZMbg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=CENF3EioKgD2uvbhjqU6c4gBMypCfhYIghbPvXKszQvZnrjSMN3J0zFwsD4YxxHBBcWM65K+c0E/2kn90Jnu11NXLKgSdoPaFNxuRLpnWrEM4GymSamHc9QxQfqrTFH2bt1rRIZV2mrHz4viD5hDWKD6VWegsNAVpxQsCTvx7lI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=LYvdakcs; arc=none smtp.client-ip=209.85.167.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LYvdakcs" Received: by mail-oi1-f181.google.com with SMTP id 5614622812f47-3db130a872fso6647191b6e.2; Sun, 04 Aug 2024 00:59:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722758348; x=1723363148; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=leoSzvc1irTIRY4t+RZAVg9wXL8E4KK0Ycetp1tzeI4=; b=LYvdakcsZEIuaiD8MjbCGaB+4s11FpfIaVfqLz+mh4ElP2jUGk9zYGClOT4ZIjic/E b/DVM9BoPdJOTYFIMztRCDkl0Flx5NzoLn86EqDx6zZeoKYoE1r1990zVHyJXIKr+uld SEYiJM08BhUdo5TJNAVhZTF64AyW5Nm8jFGH59fDjFkzkyThLVNemcvPE8ykpHGOmv1U zLcrZfD5SRQVOggr3+5sn/22pRb7MI6AX+hrtsVCukoIg6DxB86VEozT8aiNZZpB8TJ6 VE+1m9Z/FSNDYbeIUGWGRM82ULedjYGzRRRaqJoVRh4G+ABP85Tj6TBOOlYVopHfxUAK 0F5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722758348; x=1723363148; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=leoSzvc1irTIRY4t+RZAVg9wXL8E4KK0Ycetp1tzeI4=; b=FjsaQtR/Dy2jl2QkVf+5q2Eghe0dW3U60RP+wXCENTkz2cCFNR43bUVLCysfOccotX c5s6NjlzzPUMf9jxDA0hLPY8P89vU8+rfUGFwpvAs8d77NgfYR1LcKy8hApVYpqGOf02 2dHybn+ECpG9ydLlWxXsrH+iQ+vuUklFHQ0LiJC3DwCmezqYsMeA1u7eX8kRidNCkOxD YvUF/155QHoB66AW7PMnTSOncgp/wOoREQ0KlLOhfwBSe0oqGZfkTBIcrtnBlpI2E/VX BK1Y1FOrNTtIJsAlESMc4m3zGGsTAqtyPu8n2IPnQYSg4d1n0sGQID0qSVgKwqy3DvUr GoKQ== X-Forwarded-Encrypted: i=1; AJvYcCXLU6xAd99k/iFZF4tl8jG3tBIeKDPzxewjqh57W5OzIIuz4MgVwrCNWDUR1VuF6nQVMpxbD6dhksnmpMo1tA1y72V7LZhmbCisTIXuESocPoqClB0TBSAgoMRWpNfgpnELolDeXjWVBpPTW9K4ZFxC+IPvj3yy1AwCJBn7MQPyIEWV3S9VdA70uSIjj+OlrpfON8bFLjKDoaywcIqGQJzJqaevhH/3SBcpCLAgSZaCUd0mi9hyJv33nQrUTrf4Hu7w1Uo6lpWis1d1hMThoR8uIY1xMMow2wzXhQKBBnjjNeDE5y5cn+2Ly8+mlv9NZUhGCmRgFw== X-Gm-Message-State: AOJu0YzaiFvTDPizdQzbSp5eC1bjPm/jdI5t22ivJ8/Dyog9PJ799pdq As4sI6u5M8hT3G5ZQViu6HIG7g3EAUsdgSmaC66jnVYK5JmANpuy X-Google-Smtp-Source: AGHT+IFvxFD9i5t49STUUYBZ5sy63mPUTCqzaYfVU1LOK5V4jv+UubPbJD8tYCgFeYVMewc026EG+Q== X-Received: by 2002:a05:6808:10d5:b0:3db:25f6:a62f with SMTP id 5614622812f47-3db5580f909mr13121118b6e.28.1722758347849; Sun, 04 Aug 2024 00:59:07 -0700 (PDT) Received: from localhost.localdomain ([39.144.105.172]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ff59178248sm46387605ad.202.2024.08.04.00.58.52 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2024 00:59:07 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , Daniel Vetter , Maarten Lankhorst , Maxime Ripard , Thomas Zimmermann , David Airlie Subject: [PATCH v5 9/9] drm: Replace strcpy() with __get_task_comm() Date: Sun, 4 Aug 2024 15:56:19 +0800 Message-Id: <20240804075619.20804-10-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240804075619.20804-1-laoar.shao@gmail.com> References: <20240804075619.20804-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 To prevent erros from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Daniel Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard Cc: Thomas Zimmermann Cc: David Airlie --- drivers/gpu/drm/drm_framebuffer.c | 2 +- drivers/gpu/drm/i915/i915_gpu_error.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/drm_framebuffer.c b/drivers/gpu/drm/drm_framebuffer.c index 888aadb6a4ac..25262b07ffaf 100644 --- a/drivers/gpu/drm/drm_framebuffer.c +++ b/drivers/gpu/drm/drm_framebuffer.c @@ -868,7 +868,7 @@ int drm_framebuffer_init(struct drm_device *dev, struct drm_framebuffer *fb, INIT_LIST_HEAD(&fb->filp_head); fb->funcs = funcs; - strcpy(fb->comm, current->comm); + __get_task_comm(fb->comm, sizeof(fb->comm), current); ret = __drm_mode_object_add(dev, &fb->base, DRM_MODE_OBJECT_FB, false, drm_framebuffer_free); diff --git a/drivers/gpu/drm/i915/i915_gpu_error.c b/drivers/gpu/drm/i915/i915_gpu_error.c index 96c6cafd5b9e..163457a6e484 100644 --- a/drivers/gpu/drm/i915/i915_gpu_error.c +++ b/drivers/gpu/drm/i915/i915_gpu_error.c @@ -1412,7 +1412,7 @@ static bool record_context(struct i915_gem_context_coredump *e, rcu_read_lock(); task = pid_task(ctx->pid, PIDTYPE_PID); if (task) { - strcpy(e->comm, task->comm); + __get_task_comm(e->comm, sizeof(e->comm), task); e->pid = task->pid; } rcu_read_unlock();