From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CA0EFCCFA10 for ; Thu, 26 Sep 2024 02:10:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 40F406B0088; Wed, 25 Sep 2024 22:10:17 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3BF6D6B00C5; Wed, 25 Sep 2024 22:10:17 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 25F976B00C9; Wed, 25 Sep 2024 22:10:17 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 06E896B0088 for ; Wed, 25 Sep 2024 22:10:16 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 9C67116136F for ; Thu, 26 Sep 2024 02:10:16 +0000 (UTC) X-FDA: 82605259632.08.1F5BCBC Received: from out01.mta.xmission.com (out01.mta.xmission.com [166.70.13.231]) by imf10.hostedemail.com (Postfix) with ESMTP id 7DFBAC000E for ; Thu, 26 Sep 2024 02:10:13 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=xmission.com; spf=pass (imf10.hostedemail.com: domain of ebiederm@xmission.com designates 166.70.13.231 as permitted sender) smtp.mailfrom=ebiederm@xmission.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1727316597; a=rsa-sha256; cv=none; b=xL5JRFb/ZBkWMjkdfSghSCdJTdnP0NwhrODEguGfWUeWqMQJ7ka9ZGVAJxgirFSDGUnIQS Uw2icxv1/yOzQdyeSmAmq4n9z38Z7Q+W1K96ks8iNOhe+Zjv0efrnoMgL1f/AZD0vHg/cp D8sK0mvSUXSvCuGuBS5W8eC+OMqWrHI= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=xmission.com; spf=pass (imf10.hostedemail.com: domain of ebiederm@xmission.com designates 166.70.13.231 as permitted sender) smtp.mailfrom=ebiederm@xmission.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1727316597; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:references; bh=gQIXWvTDPBAlLMvgdd0GpIc2bJWCMnRi7Ps8wtpf3GY=; b=epg/4dU7pXNCTZMEVWh9PipIT5AFGZUXuSZEffbn0lm952tHHelOVJvYDGQQEOR8sUrH1G 7xvkUIF/enqmN/JzxrJCLixtI6dYOQd6UHCwcIFJ/OEqDDzoTnqDO5atyehl1G5KQ++9Hk 4noRjNRBHNRkkMZ8DwHTdIf2mZ4mZAQ= Received: from in02.mta.xmission.com ([166.70.13.52]:43028) by out01.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1stdxJ-001jjo-HT; Wed, 25 Sep 2024 20:10:09 -0600 Received: from ip68-227-165-127.om.om.cox.net ([68.227.165.127]:60542 helo=email.froward.int.ebiederm.org.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1stdxI-0092mE-JA; Wed, 25 Sep 2024 20:10:09 -0600 From: "Eric W. Biederman" To: Tycho Andersen Cc: Aleksa Sarai , Alexander Viro , Christian Brauner , Jan Kara , Kees Cook , Jeff Layton , Chuck Lever , Alexander Aring , linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Tycho Andersen , Zbigniew =?utf-8?Q?J=C4=99drzejewski-Szmek?= References: <20240924141001.116584-1-tycho@tycho.pizza> <87msjx9ciw.fsf@email.froward.int.ebiederm.org> <20240925.152228-private.conflict.frozen.trios-TdUGhuI5Sb4v@cyphar.com> Date: Wed, 25 Sep 2024 21:09:18 -0500 Message-ID: <878qvf17zl.fsf@email.froward.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1stdxI-0092mE-JA;;;mid=<878qvf17zl.fsf@email.froward.int.ebiederm.org>;;;hst=in02.mta.xmission.com;;;ip=68.227.165.127;;;frm=ebiederm@xmission.com;;;spf=pass X-XM-AID: U2FsdGVkX1/r7gePPtcWACfkta5ly/kAAypuqpcvQ0I= Subject: Re: [RFC] exec: add a flag for "reasonable" execveat() comm X-SA-Exim-Connect-IP: 166.70.13.52 X-SA-Exim-Rcpt-To: zbyszek@in.waw.pl, tandersen@netflix.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, alex.aring@gmail.com, chuck.lever@oracle.com, jlayton@kernel.org, kees@kernel.org, jack@suse.cz, brauner@kernel.org, viro@zeniv.linux.org.uk, cyphar@cyphar.com, tycho@tycho.pizza X-SA-Exim-Mail-From: ebiederm@xmission.com X-SA-Exim-Scanned: No (on out01.mta.xmission.com); SAEximRunCond expanded to false X-Rspam-User: X-Stat-Signature: ow571oaojy7griqpdqqz54syty8suubh X-Rspamd-Queue-Id: 7DFBAC000E X-Rspamd-Server: rspam02 X-HE-Tag: 1727316613-841033 X-HE-Meta: U2FsdGVkX1/mMz8cEtgXc+Sg+MQ+gwSJGcb97iZ6MjCXuBd0ZW6TfBxgEDH/93NKnSoEQ3YtvXEGeezZm3pKaBNT0SZ1obDfdP0NlS5jlodHSdNI20FG+9bZ3dPKlX4Kb1oEoT3SNT1R9bQtOsO8JRAV3HTsJt8yEN5m7WXGH83vYY+J13H3TPK0SVp7xYXEeh5lHFP1YSUD8nu7pPdt2DiOBE/QOf5DSNgqHBRAENOskRPzQcDVaQYe037XN/2LHgbDDxRowVYzfi2evgK1cjzkfzL5V6kanloOCiKsGB+yleUMaVwVuNxFv2KG1OE35iMaEejjS/4g8wTc6EZ8mwIGMgMOWcZ0mEEXHQcJu/eU1ux1nmVmtL5m+D6IducE/NV5axkxP40a3t8arTRkP8bHTDCLYLVuRtmtyLQx7KvCOey2RPV4SOOngisitUrc469/Acq0DzdhDvLI4soHxZwppOTJUlK/bOKt5dcxEFm/hHOz1q9IGtH2nl+IyKTgNERPqdeLH84cvlXrSsJ8F5k/mSgB0bMdv//KwCv+XkR7KqYKDzz3wevFXkYVFLN51dk0WZNLQArs1I1IehIVDCtSYmdiyKWGLYxPY9G6eRbu0uGk0iOgi3snJybNhdBV3CADubBunsUp1rcwvbmTCKfClfyCMEfLonMeSJo/hvJQDq5py1tRjvLaIw4/UumoMBGUlKAqAbFNe0Xg0AH5zoGsLZH2rGIgjHSkIxDxXjiBVv7fVT7zxMvjGUqqW9LbqUsbwHEWVq10OWd2hevfM0UmiQAHtn97eGVyUc3WzwFdGQlPNOseM3HL+nFGFoMCUxx+r8ZhZM/7CTf1VpoQ8jnoselNUs8beZepmLoyqtjmvDtnq7pR2AayxVs+iGDTaJMwwc1chhreFZB0fnKHpA443DMoBI6wzG88zx4UZEkY/rX1dYssuJKo/HDVwmd7yWwlocL9d6UhudjfoFn XUQxOabb 87ZwekcwlTd+KOQYhRztYJOxC6gQk10EEhYtSNFO+rok0l9QRNgXHrRVIDva4UD4OWl6sHyDyK704d6Q4Bdkh1NWcTw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Tycho Andersen writes: > Yep, I did this for the test above, and it worked fine: > > if (bprm->fdpath) { > /* > * If fdpath was set, execveat() made up a path that will > * probably not be useful to admins running ps or similar. > * Let's fix it up to be something reasonable. > */ > struct path root; > char *path, buf[1024]; > > get_fs_root(current->fs, &root); > path = __d_path(&bprm->file->f_path, &root, buf, sizeof(buf)); > > __set_task_comm(me, kbasename(path), true); > } else { > __set_task_comm(me, kbasename(bprm->filename), true); > } > > obviously we don't want a stack allocated buffer, but triggering on > ->fdpath != NULL seems like the right thing, so we won't need a flag > either. > > The question is: argv[0] or __d_path()? You know. I think we can just do: BUILD_BUG_ON(DNAME_INLINE_LEN >= TASK_COMM_LEN); __set_task_comm(me, bprm->file->f_path.dentry->d_name.name, true); Barring cache misses that should be faster and more reliable than what we currently have and produce the same output in all of the cases we like, and produce better output in all of the cases that are a problem today. Does anyone see any problem with that? Eric