| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Nov 2021 09:03:40 +0800
From: Yafang Shao <laoar.shao@...il.com>
To: Petr Mladek <pmladek@...e.com>
Cc: David Hildenbrand <david@...hat.com>,
Andrew Morton <akpm@...ux-foundation.org>,
netdev <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>,
"linux-perf-use." <linux-perf-users@...r.kernel.org>,
linux-fsdevel@...r.kernel.org, Linux MM <linux-mm@...ck.org>,
LKML <linux-kernel@...r.kernel.org>,
kernel test robot <oliver.sang@...el.com>,
kbuild test robot <lkp@...el.com>,
Kees Cook <keescook@...omium.org>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Arnaldo Carvalho de Melo <arnaldo.melo@...il.com>,
Andrii Nakryiko <andrii.nakryiko@...il.com>,
Michal Miroslaw <mirq-linux@...e.qmqm.pl>,
Peter Zijlstra <peterz@...radead.org>,
Steven Rostedt <rostedt@...dmis.org>,
Matthew Wilcox <willy@...radead.org>,
Al Viro <viro@...iv.linux.org.uk>
Subject: Re: [PATCH 4/7] fs/binfmt_elf: use get_task_comm instead of
open-coded string copy
On Thu, Nov 11, 2021 at 7:35 PM Petr Mladek <pmladek@...e.com> wrote:
>
> On Thu 2021-11-11 11:06:04, David Hildenbrand wrote:
> > On 11.11.21 11:03, David Hildenbrand wrote:
> > > On 08.11.21 09:38, Yafang Shao wrote:
> > >> It is better to use get_task_comm() instead of the open coded string
> > >> copy as we do in other places.
> > >>
> > >> struct elf_prpsinfo is used to dump the task information in userspace
> > >> coredump or kernel vmcore. Below is the verfication of vmcore,
> > >>
> > >> crash> ps
> > >> PID PPID CPU TASK ST %MEM VSZ RSS COMM
> > >> 0 0 0 ffffffff9d21a940 RU 0.0 0 0 [swapper/0]
> > >>> 0 0 1 ffffa09e40f85e80 RU 0.0 0 0 [swapper/1]
> > >>> 0 0 2 ffffa09e40f81f80 RU 0.0 0 0 [swapper/2]
> > >>> 0 0 3 ffffa09e40f83f00 RU 0.0 0 0 [swapper/3]
> > >>> 0 0 4 ffffa09e40f80000 RU 0.0 0 0 [swapper/4]
> > >>> 0 0 5 ffffa09e40f89f80 RU 0.0 0 0 [swapper/5]
> > >> 0 0 6 ffffa09e40f8bf00 RU 0.0 0 0 [swapper/6]
> > >>> 0 0 7 ffffa09e40f88000 RU 0.0 0 0 [swapper/7]
> > >>> 0 0 8 ffffa09e40f8de80 RU 0.0 0 0 [swapper/8]
> > >>> 0 0 9 ffffa09e40f95e80 RU 0.0 0 0 [swapper/9]
> > >>> 0 0 10 ffffa09e40f91f80 RU 0.0 0 0 [swapper/10]
> > >>> 0 0 11 ffffa09e40f93f00 RU 0.0 0 0 [swapper/11]
> > >>> 0 0 12 ffffa09e40f90000 RU 0.0 0 0 [swapper/12]
> > >>> 0 0 13 ffffa09e40f9bf00 RU 0.0 0 0 [swapper/13]
> > >>> 0 0 14 ffffa09e40f98000 RU 0.0 0 0 [swapper/14]
> > >>> 0 0 15 ffffa09e40f9de80 RU 0.0 0 0 [swapper/15]
> > >>
> > >> It works well as expected.
> > >>
> > >> Suggested-by: Kees Cook <keescook@...omium.org>
> > >> Signed-off-by: Yafang Shao <laoar.shao@...il.com>
> > >> Cc: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
> > >> Cc: Arnaldo Carvalho de Melo <arnaldo.melo@...il.com>
> > >> Cc: Andrii Nakryiko <andrii.nakryiko@...il.com>
> > >> Cc: Michal Miroslaw <mirq-linux@...e.qmqm.pl>
> > >> Cc: Peter Zijlstra <peterz@...radead.org>
> > >> Cc: Steven Rostedt <rostedt@...dmis.org>
> > >> Cc: Matthew Wilcox <willy@...radead.org>
> > >> Cc: David Hildenbrand <david@...hat.com>
> > >> Cc: Al Viro <viro@...iv.linux.org.uk>
> > >> Cc: Kees Cook <keescook@...omium.org>
> > >> Cc: Petr Mladek <pmladek@...e.com>
> > >> ---
> > >> fs/binfmt_elf.c | 2 +-
> > >> 1 file changed, 1 insertion(+), 1 deletion(-)
> > >>
> > >> diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
> > >> index a813b70f594e..138956fd4a88 100644
> > >> --- a/fs/binfmt_elf.c
> > >> +++ b/fs/binfmt_elf.c
> > >> @@ -1572,7 +1572,7 @@ static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
> > >> SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
> > >> SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
> > >> rcu_read_unlock();
> > >> - strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
> > >> + get_task_comm(psinfo->pr_fname, p);
> > >>
> > >> return 0;
> > >> }
> > >>
> > >
> > > We have a hard-coded "pr_fname[16]" as well, not sure if we want to
> > > adjust that to use TASK_COMM_LEN?
> >
> > But if the intention is to chance TASK_COMM_LEN later, we might want to
> > keep that unchanged.
>
> It seems that len will not change in the end. Another solution is
> going to be used for the long names, see
> https://lore.kernel.org/r/20211108084142.4692-1-laoar.shao@gmail.com.
>
> > (replacing the 16 by a define might still be a good idea, similar to how
> > it's done for ELF_PRARGSZ, but just a thought)
>
> If the code would need some tweaking when the size changes, you could
> still use TASK_COMM_LEN and trigger a compilation error when the size
> gets modified. For example, static_assert(TASK_COMM_LEN == 16);
>
> It will make it clear that it needs attention if the size is ever modified.
>
I think we can just add some comments to make it grepable, for example,
+ /* TASK_COMM_LEN */
char pr_fname[16];
or a more detailed explanation:
+ /*
+ * The hard-coded 16 is derived from TASK_COMM_LEN, but it can be changed as
+ * it is exposed to userspace. We'd better make it hard-coded here.
+ */
char pr_fname[16];
--
Thanks
Yafang
Powered by blists - more mailing lists