From: Paul Moore <paul@paul-moore.com>
To: Yafang Shao <laoar.shao@gmail.com>
Cc: torvalds@linux-foundation.org, linux-mm@kvack.org,
linux-fsdevel@vger.kernel.org,
linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org,
bpf@vger.kernel.org, James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
Stephen Smalley <stephen.smalley.work@gmail.com>,
Ondrej Mosnacek <omosnace@redhat.com>
Subject: Re: [PATCH 4/6] security: Replace memcpy() with __get_task_comm()
Date: Mon, 3 Jun 2024 18:06:35 -0400 [thread overview]
Message-ID: <CAHC9VhTd+tx5vk+z_6e2hF4Ovoc76AMLchMPerpzsAiB=8E_2w@mail.gmail.com> (raw)
In-Reply-To: <20240602023754.25443-5-laoar.shao@gmail.com>
On Sat, Jun 1, 2024 at 10:38 PM Yafang Shao <laoar.shao@gmail.com> wrote:
>
> Quoted from Linus [0]:
>
> selinux never wanted a lock, and never wanted any kind of *consistent*
> result, it just wanted a *stable* result.
>
> Using __get_task_comm() to read the task comm ensures that the name is
> always NUL-terminated, regardless of the source string. This approach also
> facilitates future extensions to the task comm.
>
> Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
> LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npJooP8chLPEfaFV0oNYTTBA@mail.gmail.com/ [0]
> Cc: Paul Moore <paul@paul-moore.com>
> Cc: James Morris <jmorris@namei.org>
> Cc: "Serge E. Hallyn" <serge@hallyn.com>
> Cc: Stephen Smalley <stephen.smalley.work@gmail.com>
> Cc: Ondrej Mosnacek <omosnace@redhat.com>
> ---
> security/lsm_audit.c | 4 ++--
> security/selinux/selinuxfs.c | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
Similar to the audit change, as long as you sort out the
__get_task_comm() issues such that it can operate without task_lock()
this should be fine.
Acked-by: Paul Moore <paul@paul-moore.com>
> diff --git a/security/lsm_audit.c b/security/lsm_audit.c
> index 849e832719e2..a922e4339dd5 100644
> --- a/security/lsm_audit.c
> +++ b/security/lsm_audit.c
> @@ -207,7 +207,7 @@ static void dump_common_audit_data(struct audit_buffer *ab,
> BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2);
>
> audit_log_format(ab, " pid=%d comm=", task_tgid_nr(current));
> - audit_log_untrustedstring(ab, memcpy(comm, current->comm, sizeof(comm)));
> + audit_log_untrustedstring(ab, __get_task_comm(comm, sizeof(comm), current));
>
> switch (a->type) {
> case LSM_AUDIT_DATA_NONE:
> @@ -302,7 +302,7 @@ static void dump_common_audit_data(struct audit_buffer *ab,
> char comm[sizeof(tsk->comm)];
> audit_log_format(ab, " opid=%d ocomm=", pid);
> audit_log_untrustedstring(ab,
> - memcpy(comm, tsk->comm, sizeof(comm)));
> + __get_task_comm(comm, sizeof(comm), tsk));
> }
> }
> break;
> diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
> index e172f182b65c..a8a2ec742576 100644
> --- a/security/selinux/selinuxfs.c
> +++ b/security/selinux/selinuxfs.c
> @@ -708,7 +708,7 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf,
> if (new_value) {
> char comm[sizeof(current->comm)];
>
> - memcpy(comm, current->comm, sizeof(comm));
> + __get_task_comm(comm, sizeof(comm), current);
> pr_err("SELinux: %s (%d) set checkreqprot to 1. This is no longer supported.\n",
> comm, current->pid);
> }
> --
> 2.39.1
--
paul-moore.com
next prev parent reply other threads:[~2024-06-03 22:06 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-02 2:37 [PATCH 0/6] kernel: Avoid memcpy of task comm Yafang Shao
2024-06-02 2:37 ` [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm() Yafang Shao
2024-06-02 3:51 ` Eric W. Biederman
2024-06-02 6:56 ` Yafang Shao
2024-06-02 16:35 ` Alexei Starovoitov
2024-06-02 17:52 ` Eric W. Biederman
2024-06-02 18:23 ` Alexei Starovoitov
2024-06-03 11:35 ` Yafang Shao
2024-06-10 12:34 ` Eric W. Biederman
2024-06-10 23:01 ` Alexei Starovoitov
2024-06-02 17:56 ` Eric W. Biederman
2024-06-04 13:02 ` Matus Jokay
2024-06-04 20:01 ` Matus Jokay
2024-06-05 2:48 ` Yafang Shao
2024-06-02 2:37 ` [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm() Yafang Shao
2024-06-03 21:20 ` Steven Rostedt
2024-06-03 21:42 ` Linus Torvalds
2024-06-03 22:19 ` Steven Rostedt
2024-06-03 22:23 ` Linus Torvalds
2024-06-03 22:37 ` Steven Rostedt
2024-06-03 22:38 ` Linus Torvalds
2024-06-03 22:40 ` Steven Rostedt
2024-06-04 2:35 ` Yafang Shao
2024-06-02 2:37 ` [PATCH 3/6] auditsc: " Yafang Shao
2024-06-03 21:03 ` Paul Moore
2024-06-02 2:37 ` [PATCH 4/6] security: " Yafang Shao
2024-06-03 22:06 ` Paul Moore [this message]
2024-06-02 2:37 ` [PATCH 5/6] bpftool: Make task comm always be NUL-terminated Yafang Shao
2024-06-02 21:01 ` Quentin Monnet
2024-06-02 2:46 ` [PATCH 6/6] selftests/bpf: Replace memcpy() with __get_task_comm() Yafang Shao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHC9VhTd+tx5vk+z_6e2hF4Ovoc76AMLchMPerpzsAiB=8E_2w@mail.gmail.com' \
--to=paul@paul-moore.com \
--cc=audit@vger.kernel.org \
--cc=bpf@vger.kernel.org \
--cc=jmorris@namei.org \
--cc=laoar.shao@gmail.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=omosnace@redhat.com \
--cc=selinux@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=stephen.smalley.work@gmail.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox