| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202507241640.572BF86C70@keescook> Date: Thu, 24 Jul 2025 16:49:43 -0700 From: Kees Cook <kees@...nel.org> To: Bhupesh <bhupesh@...lia.com> Cc: akpm@...ux-foundation.org, kernel-dev@...lia.com, linux-kernel@...r.kernel.org, bpf@...r.kernel.org, linux-perf-users@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-mm@...ck.org, oliver.sang@...el.com, lkp@...el.com, laoar.shao@...il.com, pmladek@...e.com, rostedt@...dmis.org, mathieu.desnoyers@...icios.com, arnaldo.melo@...il.com, alexei.starovoitov@...il.com, andrii.nakryiko@...il.com, mirq-linux@...e.qmqm.pl, peterz@...radead.org, willy@...radead.org, david@...hat.com, viro@...iv.linux.org.uk, ebiederm@...ssion.com, brauner@...nel.org, jack@...e.cz, mingo@...hat.com, juri.lelli@...hat.com, bsegall@...gle.com, mgorman@...e.de, vschneid@...hat.com, linux-trace-kernel@...r.kernel.org, torvalds@...ux-foundation.org Subject: Re: [PATCH v6 2/3] treewide: Switch memcpy() users of 'task->comm' to a more safer implementation On Thu, Jul 24, 2025 at 06:06:11PM +0530, Bhupesh wrote: > As Linus mentioned in [1], currently we have several memcpy() use-cases > which use 'current->comm' to copy the task name over to local copies. > For an example: > > ... > char comm[TASK_COMM_LEN]; > memcpy(comm, current->comm, TASK_COMM_LEN); > ... > > These should be modified so that we can later implement approaches > to handle the task->comm's 16-byte length limitation (TASK_COMM_LEN) > in a more modular way (follow-up patch does the same): > > ... > char comm[TASK_COMM_LEN]; > memcpy(comm, current->comm, TASK_COMM_LEN); > comm[TASK_COMM_LEN - 1] = '\0'; > ... Why not switch all of these to get_task_comm()? It will correctly handle the size check and NUL termination. In an earlier thread[1], I pointed out that since __set_task_comm() always keeps a final NUL byte, we're always safe to use strscpy(). (We want to block over-reads and over-writes but don't care about garbled reads.) In the new case of copying into a smaller buffer, strscpy() will always handle writing the final NUL byte. The only special cases I can think of would be non-fixed-sized destination buffers, which get_task_comm() doesn't like since it can't validate how to safely terminate the buffer. The example you give above isn't that, though. -Kees [1] https://lore.kernel.org/all/202411301244.381F2B8D17@keescook/ -- Kees Cook
Powered by blists - more mailing lists