From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6B866D49779 for ; Sun, 1 Dec 2024 16:55:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 38AF86B0088; Sun, 1 Dec 2024 11:55:04 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 33A456B0089; Sun, 1 Dec 2024 11:55:04 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 202626B008A; Sun, 1 Dec 2024 11:55:04 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 027256B0088 for ; Sun, 1 Dec 2024 11:55:03 -0500 (EST) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 84B031A0B43 for ; Sun, 1 Dec 2024 16:55:03 +0000 (UTC) X-FDA: 82846989750.24.FB5F288 Received: from mail-ej1-f48.google.com (mail-ej1-f48.google.com [209.85.218.48]) by imf05.hostedemail.com (Postfix) with ESMTP id 83BAB100E0E for ; Sun, 1 Dec 2024 16:54:40 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b=TP1q7rEa; spf=pass (imf05.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.218.48 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1733072096; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=q5z2s0WfIwLJLVHUR6snQ9W2d5ktmXbetex9wVs407g=; b=0XhKsvuHm6QoKPqbIV1rAgGyxKLURq9but5g5B7od7GlHlcmrb2MGCbpAVkblGlIBeucnm OUwiUAGbDdwrVBo0KLhhp7fOg8TFw8jfIdboa9Gc8lrpTSwx/35JnC3ljsYDspWn9eMKPZ ZeF2qkVNU0RfaPrOlPSHxel+1UF4bTg= ARC-Authentication-Results: i=1; imf05.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b=TP1q7rEa; spf=pass (imf05.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.218.48 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org; dmarc=none ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1733072096; a=rsa-sha256; cv=none; b=sSHuDLwA/loj07NFXbW08jwNM2q75tcu58wUlHZt0yOxNnwI9e3RHcYWfnt1iYfGBi9xuA Pyc++bG6tMpZkShKXyAZWudiVZZu3C57P9qMXrZHzbCjG3iwVsO4gx0CDm+FcCe10JQ7So nWFG5p/GEYRmzf7BtyRaotsK7rxvu08= Received: by mail-ej1-f48.google.com with SMTP id a640c23a62f3a-aa5b0d8bd41so367965566b.2 for ; Sun, 01 Dec 2024 08:55:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; t=1733072099; x=1733676899; darn=kvack.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=q5z2s0WfIwLJLVHUR6snQ9W2d5ktmXbetex9wVs407g=; b=TP1q7rEaKP3pbTqHUuK2CmJ8x7+Ll4wryxicj7OwU3J1N2wnZGhkVGZOUporJgB1Fq yKtwZLgeSNWJGiUfhcM3kPuaiywUt2jTKkXK41N/IyOJuJ7h6Po/eR7Rcz06xCjOC2t0 CKGlhTI4k7fII1C7Sn2NoR/be7lS8HwidBOzY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733072099; x=1733676899; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=q5z2s0WfIwLJLVHUR6snQ9W2d5ktmXbetex9wVs407g=; b=PV5kHJrB9jBrPcM/AocBP1wpHMybaQaszjg9tXcg69s5nyVJBjUHB+gHqaLLhXEg54 OPbcnnqu/i2EmlJgqMljTW8CniGriKaVSqQVUlnO/aHy688oDcayapaj4fcbbZwccJRJ qX1Dc1L5W67UxeJ9nKoTBpC4cBUpwjeLLNVge424E2phnokxX2xbvAgVCkC9wUHZeMAQ +JtjB4iWeFw855I/Wf7xkc8wJbQjoHigqGJvYka8kQPEzLZWMHde/VqToygsg8q2UWEf rslYy+/ezJMH4h9h5ETA+nAg7T3M6sQoesnCzgM4n5YwHQT7MVMI4FC3WpYx1+T2mXx6 2/9w== X-Forwarded-Encrypted: i=1; AJvYcCXoIpN6bQAeLNQfFsQ0e9axqPJF0fJWYPht3tFlLFshH7l7CjF88HtkSWtGQuW//wIqNwhJwP9Z9Q==@kvack.org X-Gm-Message-State: AOJu0YyCli96DmWcIpOcsPMc4ZTXgQnRy51Z66kNMt7Rpbg0YkDrwv4R Er43+WOnGZgHqxyqu7aFxarWl4nqH6tbhYHCksrQ0bZhwJPYqJC5emr+w/6GSOFs3g99ZF87fUR zHfI= X-Gm-Gg: ASbGncsX08ORkbcKDvysltjujJQmgq2knzk2r9ZvB+c4n6S/A8yE1+UXfvWFyaSjWm8 Z41QPxr9KNEY+m+t7oyoIEHTEGUN4Kg2Pwa1086sQtxquudyLJ3Y42I9mkx6oeaOXUPjZn7neNY 4aTTzkEpR1Ivtllpa46EEd1v1ON2fNXStTfi7azK+WTO04MVahJus0vplS59HaOV8N4J+P+5VLC LHY+zcBdat3PxppB8fIG3SWnsjS5eDx6Dt8oyB857AMhKAYrelJUQEewawHGVNiLaWe+cJ1UFuV xJmix9KXGv/x/JsOiSbZKhUw X-Google-Smtp-Source: AGHT+IE5xdu/0OE22T5BQPkCrdzsZtyhCWmxndEievSITI6qdlHhu37pVNCFKekMeQX4Kmo3lY+asw== X-Received: by 2002:a17:906:9c1:b0:aa5:3b94:78e9 with SMTP id a640c23a62f3a-aa580f57517mr1540771566b.33.1733072099206; Sun, 01 Dec 2024 08:54:59 -0800 (PST) Received: from mail-ej1-f46.google.com (mail-ej1-f46.google.com. [209.85.218.46]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa5996c1383sm409959066b.40.2024.12.01.08.54.58 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 01 Dec 2024 08:54:58 -0800 (PST) Received: by mail-ej1-f46.google.com with SMTP id a640c23a62f3a-a9a0ec0a94fso459719666b.1 for ; Sun, 01 Dec 2024 08:54:58 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCX1Z57DyBnFNjAPbZ4V7M8FjGsdpWxX41dODRYLxy3oMNzcvQAVonkyVsEJgXwindayclOORb/+uw==@kvack.org X-Received: by 2002:a17:906:3d29:b0:aa5:1699:e25a with SMTP id a640c23a62f3a-aa580ee98eamr1451183366b.10.1733072098046; Sun, 01 Dec 2024 08:54:58 -0800 (PST) MIME-Version: 1.0 References: <20241130045437.work.390-kees@kernel.org> <20241130-ohnegleichen-unweigerlich-ce3b8af0fa45@brauner> <20241201-konglomerat-genial-c1344842c88b@brauner> In-Reply-To: <20241201-konglomerat-genial-c1344842c88b@brauner> From: Linus Torvalds Date: Sun, 1 Dec 2024 08:54:41 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] exec: fix up /proc/pid/comm in the execveat(AT_EMPTY_PATH) case To: Christian Brauner Cc: Kees Cook , Al Viro , =?UTF-8?Q?Zbigniew_J=C4=99drzejewski=2DSzmek?= , Tycho Andersen , Aleksa Sarai , Eric Biederman , Jan Kara , linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 83BAB100E0E X-Stat-Signature: zse16kaoanpdrj6gji5yoo6euzd187md X-Rspam-User: X-Rspamd-Server: rspam11 X-HE-Tag: 1733072080-937693 X-HE-Meta: U2FsdGVkX182WJjoML0/JOPJp7o0ZiIxinR+/MY2kt1sVXYZLirjSkVo7YdTG2BEk/5vB3llw+rrEcPWxdgftGTPdeiGzwWe2OV+CoMfBNojXvRM/y5wgxzOim1KdmOgKcVq1ivaYnZo39hjlDtHvdTg6Bmzd0/Mhf/bFpPwwubgyh2wbztnVuT4p7yMtpDy8BvusRnmqZmYGos7fJEdssi1ZBy27umHUVFe9wiPo4oddHXHHzLv2Dvo+BhO6pKxAAYbcLw8ts/1naSzuZYbIJz0BCD1BhPkOFZ2QLPv3YQ6C7uLhBdtZJF/z7MUIAzZwk/nteTXo8B1dKthsB/DaLHbWyms+O4zN8LqByQVrANKZnzPx98eeuuQAudcvIZi87THfK2TxCVsivwH0sDBO8Lm4Lpm+3e9tHdFsDdHNP1CY+YRJV+AV9e0cjvGj6/iZ8Yd8k+FHlVS1PMbDr+CKSTCTFDAWeJPouQmuBDfbNHxOrjDoVX1h3tNwnN4FQyDGmvUYdYbEP3EBQI3pFzu7IERXBAM4+gJYPdLeS8OjIKwne8CglkAM2+SHdc2vSPfpns7ALbUimWm1XNZQXYHplo2IXmYZMb1IqRKzvutj5eXiOdbUQ1xWHFY1UiRf3qMQ0w98lubqxP5CWDEdRySjfoYRexyFXJNejIAWuYb6wf4As4BqwJNA72u1a72cOkin+z2Sttuaz1iKnue1DLiGD+qW1mT3j7t7wiBasFkjoWRhOo25m4sr98q8ES+hEUkoCM5EkPf6ytfSqjbNQv48dYwDpAZXh8EcoCFPt1pvWgVUHPw0wfOD8hTTJzX8/YP13Rl/B1nYmC/7hG8fBwsQhFfpCHJCL1nxGitNKzs9nu8KHWfoDruecRqpm9Amc5KpHLYuEIVrxpA30pC6tyCOV0OEcfZuAw+pJ5gc8QSCQ29tgPqNKAJ0uM6J75Ozj5QUAyrdHVGmeVq9GFGq6I oupJKeRr BJwqq3XuiRkFby3fnP+x2STBVpd+l8Aca8ZDtT43gZw6aTlTz/dlYJI0TLtFnbqwGkZoTFYb5cBjb6zneUBLNCr98/vmEDn38nDVgSmtiY/YThmE8PkeiajI47hsc+a9Fm0HuX7VGZqkTA1AZ/PNMGg7ihEMpBEDvxfxfAtYDMyiDLHqeOjvrlU6BRdgCXvWZOLFKeurQ7zOs5yz1FxLoNKrrI6XgOTRolejvvplVTjslyM2+lbfgrDm2Nh69clDkxlMdFvD8PcEZ90399BIsvpm0r6SnwWNlxIvH/336lDOzqoEba0YZtygEhaGjql0tETr8eZrgY5EVZyuYa5iTkgqNHV4j2pBDon2TdaVUnR7cqQeUNfLqB9wiyeQcrzAc8O3iHsXE4G2MWYeZhgDS/goLtfTFsFZzh1EQEcJTmJZs1McSjwPcYUA4Z4R5DI9mzH8Ey8RtSJT42TJeDorMseMRFct492uoD/wclM54PJs1Ss6vdtqc9M7ovttKXhnr+Bf198k3DXuPPWr0Mi8K/Ee91cpwM+VNygfOi6cjMKNdLF7hFZKmIclUHIvnDyVz2CsRTzwXFjbefTE= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000058, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Sun, 1 Dec 2024 at 06:17, Christian Brauner wrote: > > /* > * Hold rcu lock to keep the name from being freed behind our back. > * Use cquire semantics to make sure the terminating NUL from > * __d_alloc() is seen. > * > * Note, we're deliberately sloppy here. We don't need to care about > * detecting a concurrent rename and just want a sensible name. > */ Sure. Note that even "sensible" isn't truly guaranteed in theory, since a concurrent rename could be doing a "memcpy()" into the dentry->d_name.name area at the same time on another CPU. But "theoretically hard guarantees" isn't what this code cares about. The only really hard rule is that the end result in comm[] needs to be NUL-terminated at all times (and hey, even *that* is arguably a "don't print garbage" rule rather than something truly fatal), and everything else is "do the best you can". Could we take the dentry lock to be really careful? Sure. We simply don't care enough, and while other parts of execve() are much more expensive, let's not. Linus