| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 May 2018 11:23:37 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Tejun Heo <tj@...nel.org>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux API <linux-api@...r.kernel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
kernel-team <kernel-team@...com>,
Lennart Poettering <lennart@...ttering.net>
Subject: Re: [PATCH] proc: Don't allow empty /proc/PID/cmdline for user tasks
On Wed, May 16, 2018 at 6:21 PM Tejun Heo <tj@...nel.org> wrote:
> This patch fixes the issue by making proc_pid_cmdline_read() never
> return empty string for user tasks.
Ugh.
That function really is too damn ugly, and this just makes it worse.
Can we please split things up a bit before uglifying the code further?
IOW, the first step should be something like the attached patch, which
splits up all the tsk/mm error cases.
Then your patch could just be a trivial
if (!*pos && !ret)
ret = get_comm_cmdline(tsk, buf, count, pos);
in that new (and much simpler) proc_pid_cmdline_read() just before the
put_task_struct.
Hmm?
NOTE! This patch is *entirely* untested, but it builds and the conversion
was pretty much entirely mechanical.
And yes, the "get_mm_cmdline()" function is still too damn ugly, and should
still be cleaned up more, but it's at least _slightly_ simpler than it used
to be, and the new logic wouldn't go into that horrible thing.
Linus
View attachment "patch.diff" of type "text/x-patch" (2382 bytes)
Powered by blists - more mailing lists