lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250507110444.963779-4-bhupesh@igalia.com>
Date: Wed,  7 May 2025 16:34:44 +0530
From: Bhupesh <bhupesh@...lia.com>
To: akpm@...ux-foundation.org
Cc: bhupesh@...lia.com,
	kernel-dev@...lia.com,
	linux-kernel@...r.kernel.org,
	bpf@...r.kernel.org,
	linux-perf-users@...r.kernel.org,
	linux-fsdevel@...r.kernel.org,
	linux-mm@...ck.org,
	oliver.sang@...el.com,
	lkp@...el.com,
	laoar.shao@...il.com,
	pmladek@...e.com,
	rostedt@...dmis.org,
	mathieu.desnoyers@...icios.com,
	arnaldo.melo@...il.com,
	alexei.starovoitov@...il.com,
	andrii.nakryiko@...il.com,
	mirq-linux@...e.qmqm.pl,
	peterz@...radead.org,
	willy@...radead.org,
	david@...hat.com,
	viro@...iv.linux.org.uk,
	keescook@...omium.org,
	ebiederm@...ssion.com,
	brauner@...nel.org,
	jack@...e.cz,
	mingo@...hat.com,
	juri.lelli@...hat.com,
	bsegall@...gle.com,
	mgorman@...e.de,
	vschneid@...hat.com
Subject: [PATCH v3 3/3] exec: Add support for 64 byte 'tsk->real_comm'

Historically due to the 16-byte length of TASK_COMM_LEN, the
users of 'tsk->comm' are restricted to use a fixed-size target
buffer also of TASK_COMM_LEN for 'memcpy()' like use-cases.

To fix the same, Linus suggested in [1] that we can add the
following union inside 'task_struct':
       union {
               char    comm[TASK_COMM_LEN];
               char    real_comm[REAL_TASK_COMM_LEN];
       };

and then modify '__set_task_comm()' to pass 'tsk->real_comm'
to the existing users.

This would mean that:
(1) The old common pattern of just printing with '%s' and tsk->comm
    would just continue to work (as it is):

        pr_alert("BUG: Bad page state in process %s  pfn:%05lx\n",
                current->comm, page_to_pfn(page));

(2) And, the memcpy() users of 'tsk->comm' would need to be made more
    stable by ensuring that the destination buffer always has a closing
    NUL character (done already in the preceding patch in this series).

So, eventually:
- users who want the existing 'TASK_COMM_LEN' behavior will get it
  (existing ABIs would continue to work),
- users who just print out 'tsk->comm' as a string will get the longer
  new "real comm",
- users who do 'sizeof(->comm)' will continue to get the old value
  because of the union.

[1]. https://lore.kernel.org/all/CAHk-=wjAmmHUg6vho1KjzQi2=psR30+CogFd4aXrThr2gsiS4g@mail.gmail.com

Signed-off-by: Bhupesh <bhupesh@...lia.com>
---
 fs/exec.c             | 6 +++---
 include/linux/sched.h | 8 ++++++--
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/fs/exec.c b/fs/exec.c
index 8e4ea5f1e64c..2b2f2dacc013 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1190,11 +1190,11 @@ static int unshare_sighand(struct task_struct *me)
  */
 void __set_task_comm(struct task_struct *tsk, const char *buf, bool exec)
 {
-	size_t len = min(strlen(buf), sizeof(tsk->comm) - 1);
+	size_t len = min(strlen(buf), sizeof(tsk->real_comm) - 1);
 
 	trace_task_rename(tsk, buf);
-	memcpy(tsk->comm, buf, len);
-	memset(&tsk->comm[len], 0, sizeof(tsk->comm) - len);
+	memcpy(tsk->real_comm, buf, len);
+	memset(&tsk->real_comm[len], 0, sizeof(tsk->real_comm) - len);
 	perf_event_comm(tsk, exec);
 }
 
diff --git a/include/linux/sched.h b/include/linux/sched.h
index cb219c6db179..2744d90badf1 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -317,6 +317,7 @@ struct user_event_mm;
  */
 enum {
 	TASK_COMM_LEN = 16,
+	REAL_TASK_COMM_LEN = 64,
 };
 
 extern void sched_tick(void);
@@ -1162,7 +1163,10 @@ struct task_struct {
 	 *   - logic inside set_task_comm() will ensure it is always NUL-terminated and
 	 *     zero-padded
 	 */
-	char				comm[TASK_COMM_LEN];
+	union {
+		char			comm[TASK_COMM_LEN];
+		char			real_comm[REAL_TASK_COMM_LEN];
+	};
 
 	struct nameidata		*nameidata;
 
@@ -2005,7 +2009,7 @@ extern void __set_task_comm(struct task_struct *tsk, const char *from, bool exec
  */
 #define get_task_comm(buf, tsk) ({			\
 	BUILD_BUG_ON(sizeof(buf) < TASK_COMM_LEN);	\
-	strscpy_pad(buf, (tsk)->comm);			\
+	strscpy_pad(buf, (tsk)->real_comm);		\
 	buf;						\
 })
 
-- 
2.38.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ