From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 26395CEACF8
	for <linux-mm@archiver.kernel.org>; Tue,  1 Oct 2024 18:43:28 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id A5C3C2800D9; Tue,  1 Oct 2024 14:43:27 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id A1712280068; Tue,  1 Oct 2024 14:43:27 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 8AC2A2800D9; Tue,  1 Oct 2024 14:43:27 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16])
	by kanga.kvack.org (Postfix) with ESMTP id 6A02E280068
	for <linux-mm@kvack.org>; Tue,  1 Oct 2024 14:43:27 -0400 (EDT)
Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay08.hostedemail.com (Postfix) with ESMTP id 0C9EA140A84
	for <linux-mm@kvack.org>; Tue,  1 Oct 2024 18:43:27 +0000 (UTC)
X-FDA: 82625906454.05.D953737
Received: from mout-p-201.mailbox.org (mout-p-201.mailbox.org [80.241.56.171])
	by imf09.hostedemail.com (Postfix) with ESMTP id 1FB3014000F
	for <linux-mm@kvack.org>; Tue,  1 Oct 2024 18:43:23 +0000 (UTC)
Authentication-Results: imf09.hostedemail.com;
	dkim=pass header.d=cyphar.com header.s=MBO0001 header.b=oG5Z2ZTx;
	spf=pass (imf09.hostedemail.com: domain of cyphar@cyphar.com designates 80.241.56.171 as permitted sender) smtp.mailfrom=cyphar@cyphar.com;
	dmarc=pass (policy=reject) header.from=cyphar.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1727808139; a=rsa-sha256;
	cv=none;
	b=LUSmYjCWOzcNTu/Idin1g7WxpdSQ+mfld9wzWZERhOnNj/6nJbi0Fno/vz80eubSACh8D0
	S4+1Ea9hpTFGwm7ahfYd8HBEN0r6gjZYR3ag+uvDZhYJLsXvQU8dqsT5nIciIrdequpU3u
	WF5tqHT7bhXOa3eMp4m6YiYJm4ONKQA=
ARC-Authentication-Results: i=1;
	imf09.hostedemail.com;
	dkim=pass header.d=cyphar.com header.s=MBO0001 header.b=oG5Z2ZTx;
	spf=pass (imf09.hostedemail.com: domain of cyphar@cyphar.com designates 80.241.56.171 as permitted sender) smtp.mailfrom=cyphar@cyphar.com;
	dmarc=pass (policy=reject) header.from=cyphar.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1727808139;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=SfckWOZyeKCCTkxlw0k8OsZZpMs7CWgdY49hBe8AMoU=;
	b=2zqVJ9Rvbos91B7WdbNf2dCPJ00SuYukFMwpDkLAfQwCcFbzHu/HB9ujbeL3B1j9Ia1C7J
	t5EdyoyiqRm0a89PhbeYpG2qLhlQCXBmbCMwQJ43D7q14lyXSGARot/u85lelWw27gXx3s
	85/F7sxex1ciGFT0zq1Co0anN5vKWG8=
Received: from smtp202.mailbox.org (smtp202.mailbox.org [10.196.197.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by mout-p-201.mailbox.org (Postfix) with ESMTPS id 4XJ6Jk63MBz9stL;
	Tue,  1 Oct 2024 20:43:18 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cyphar.com; s=MBO0001;
	t=1727808198;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=SfckWOZyeKCCTkxlw0k8OsZZpMs7CWgdY49hBe8AMoU=;
	b=oG5Z2ZTxIpWVgyVsZemiSxwbZUERvfeEdxz0D41pOp46VXnRvnqIZE/8cLih9YvGZQ+/S0
	1fa0AWD0FuRL5s8FgJER8vVDtQv5tAoIxrVd9QPt3YxM2qy+nS3YMa3Ze4kM9Q5xzYuuQj
	spi0sIx0wHSbC45DLMkThHYvDnMsXZobaGs84oN6VQi9iPoxBRtLtGI+w7hVe2G6yKU8s0
	e372CE9pRP2d0pPjK3zSDEUfwZ1rbkujnrtXbZgLvPk4uxw4VAFGRTSmye33sDQPTapImS
	rJspoTiIc8bakMSuge7Uqqww72ikghA9G24jeVUu405coV488g4Tpl49FDmbDQ==
Date: Tue, 1 Oct 2024 20:42:56 +0200
From: Aleksa Sarai <cyphar@cyphar.com>
To: Tycho Andersen <tycho@tycho.pizza>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>, 
	Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>, Eric Biederman <ebiederm@xmission.com>, 
	Kees Cook <kees@kernel.org>, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, 
	linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, 
	Tycho Andersen <tandersen@netflix.com>, Zbigniew =?utf-8?Q?J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Subject: Re: [PATCH v3 1/2] exec: fix up /proc/pid/comm in the
 execveat(AT_EMPTY_PATH) case
Message-ID: <20241001.175124-western.preview.meager.saws-pzvpWxOhfokt@cyphar.com>
References: <20241001134945.798662-1-tycho@tycho.pizza>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="q3lo5xmu6ghn35bw"
Content-Disposition: inline
In-Reply-To: <20241001134945.798662-1-tycho@tycho.pizza>
X-Stat-Signature: j3knrcd7rciy7gm7yxxs4by4gmmdasme
X-Rspamd-Queue-Id: 1FB3014000F
X-Rspam-User: 
X-Rspamd-Server: rspam10
X-HE-Tag: 1727808203-992567
X-HE-Meta: U2FsdGVkX19acDygXBC4qLmJXzfpHdvMDBhQLSY7IcQsWrObwIpkvGABQjmiGMnS/9JqvIBF193ZPse69nYnfvLztB0087iZ/P2BW1Zc6cS/zDEAg9fN62J2psTP/cH4Ld7HHlpSsozZfOa8qV3EBkaOSog8yoGgGkUzTvzEBcvRTD2omog/TkjU7swYQ5iv6wKSL+o1bioYADLOxD/tYbv68lfSbybqQmCPPGvRwqeAwDvfVv3hBvGqd4T/crKF4GWIwQ9CWMlitGfSefcKY3p9tLy3VjU50mVIUV7nNm7oYmPc+oQhALWIWI6yYMCjg+DY9D0SbZ16InWCMSl38fWbbIb5ytdO3USB02ftRJWzozz+a8YlLCy40IPk7Dcse/f8q4V6WWIfIBsY6fw3Oh8ZelAUTvwTAndnYU+x/9WHfQixwLM+y+ggcfE6ZOhJeh3lS1qWDGg76dlVn9tIE2CIrDGKpUAIlndTqVY4143r65Vc0WPAr5WdQAxcOCVw0KI0SqDpUtex0ZgHNnMZEgD8xAGTvRW6jo4xIxUNhyLzivrjAon5waJiuL+aI5yjZi1SKFBeIJVDp6M8avrQyNLaxijyJdSdWz5a4v+TupGvJxA9vNInw2tw8VsWLuj3RxyBuoPiYbb18bTS4jq58cz3p9lfiIzlqNoK3Cov56370Plf+kHOXAcx68xjHYI7mCeFKqlpHokE476I5/vHCHsQ+ZPNhUS9HIRowwV7KI2Yd1xCFRb7saCy+cGcmHBZIefPOOmIK0uuU4jIOuQR2zcZGZvftzzHENpANtrH7vf9YRBxYgPkxhLuwqx/7TBf6vuJXlF8OD3jmFCY2anb4tsb4e+JKbSeRqT3UxtaBj9ZzAcpb77JcdnR/UOLlQVUhmhAVKML5UyU+cWM8/XDYVTjpYqA6fB5YSjr5NqgVt5BKH8JLd42jZbrSFfiAU8QKXuVNBU0VZ38iwcrZ/Z
 kdcMA314
 E60ngGlQNK6eSwzthjOSafONKn3o3pcggs6xvXTatnk0s7H3DMHHQmVTKUCVlKdP4VYorH9c7qVQba0+GMfR/SfAWPVzcpH2arIh210gj6PM1SCzFdWSAZ6q6mQWw25tw5OP7qBEcRRW96PzodkOol83nUMxov06+T2ieXqmY3ClmNbwFtMHnNKKDv/LNLXQrd3S7rqBUt6zJWz7Mp3/OwDc6SIFiT9nZfkdAphi83VE1+8whIVHyDcHzaa8p1J/IijUybbDWwX83eenx4W+NQYrLDxsgPrMhCnpGJybTUrwSDDmua2Y59KnerdFN50iFx/bMu8Jo0WMqfBTsT+ChCFoyz3yr2FZqb+jdcBaRU8bDslWG3FeyF+pZflIr9+XSui7XrTYhd5C4EYin4bXay/iU5FMWuQiOWtiLrIcaLd0TfErS0/tCMtTM+DPM1hEomd6gUuv/DkahWfhza6l/drvLXO0PHnyJdLwT
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>


--q3lo5xmu6ghn35bw
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2024-10-01, Tycho Andersen <tycho@tycho.pizza> wrote:
> From: Tycho Andersen <tandersen@netflix.com>
>=20
> Zbigniew mentioned at Linux Plumber's that systemd is interested in
> switching to execveat() for service execution, but can't, because the
> contents of /proc/pid/comm are the file descriptor which was used,
> instead of the path to the binary. This makes the output of tools like
> top and ps useless, especially in a world where most fds are opened
> CLOEXEC so the number is truly meaningless.
>=20
> Change exec path to fix up /proc/pid/comm in the case where we have
> allocated one of these synthetic paths in bprm_init(). This way the actual
> exec machinery is unchanged, but cosmetically the comm looks reasonable to
> admins investigating things.

While I still think the argv[0] solution was semantically nicer, it
seems this is enough to fix the systemd problem for most cases and so we
can revisit the argv[0] discussion in another 10 years. :D

Reviewed-by: Aleksa Sarai <cyphar@cyphar.com>

> Signed-off-by: Tycho Andersen <tandersen@netflix.com>
> Suggested-by: Zbigniew J=C4=99drzejewski-Szmek <zbyszek@in.waw.pl>
> CC: Aleksa Sarai <cyphar@cyphar.com>
> Link: https://github.com/uapi-group/kernel-features#set-comm-field-before=
-exec
> ---
> v2: * drop the flag, everyone :)
>     * change the rendered value to f_path.dentry->d_name.name instead of
>       argv[0], Eric
> v3: * fix up subject line, Eric
> ---
>  fs/exec.c | 13 ++++++++++++-
>  1 file changed, 12 insertions(+), 1 deletion(-)
>=20
> diff --git a/fs/exec.c b/fs/exec.c
> index dad402d55681..9520359a8dcc 100644
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -1416,7 +1416,18 @@ int begin_new_exec(struct linux_binprm * bprm)
>  		set_dumpable(current->mm, SUID_DUMP_USER);
> =20
>  	perf_event_exec();
> -	__set_task_comm(me, kbasename(bprm->filename), true);
> +
> +	/*
> +	 * If fdpath was set, execveat() made up a path that will
> +	 * probably not be useful to admins running ps or similar.
> +	 * Let's fix it up to be something reasonable.
> +	 */
> +	if (bprm->fdpath) {
> +		BUILD_BUG_ON(TASK_COMM_LEN > DNAME_INLINE_LEN);
> +		__set_task_comm(me, bprm->file->f_path.dentry->d_name.name, true);
> +	} else {
> +		__set_task_comm(me, kbasename(bprm->filename), true);
> +	}
> =20
>  	/* An exec changes our domain. We are no longer part of the thread
>  	   group */
>=20
> base-commit: baeb9a7d8b60b021d907127509c44507539c15e5
> --=20
> 2.34.1
>=20

--=20
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
<https://www.cyphar.com/>

--q3lo5xmu6ghn35bw
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEABYKAB0WIQS2TklVsp+j1GPyqQYol/rSt+lEbwUCZvxCsAAKCRAol/rSt+lE
b9a7AQCywMOUyIiShRxJolrjyHBHkJI94qweiIBj8LqxUmjrpQEAnpFpW/U64Nn6
jN42oNJkKE07fVbcd+YXiM4zAGksbgg=
=XP0W
-----END PGP SIGNATURE-----

--q3lo5xmu6ghn35bw--