Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp1218759ybi; Fri, 12 Jul 2019 11:43:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqxdcijFXS4kOoiP2DNtSCM512AKtAKR1iSHuesdmJu4+iNgvltvnS0eoCOetCW8dMBWK2vq X-Received: by 2002:a63:3112:: with SMTP id x18mr12623097pgx.385.1562957024698; Fri, 12 Jul 2019 11:43:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562957024; cv=none; d=google.com; s=arc-20160816; b=Z+oES/Nbxot2ZoyAEcNigTDmC6LZqlYUPvP+9ALRukjPtYJmB+Br/pPamPSanE8Bwh MzfvOcHA8bXDzlIEVIgJSa+qWK3EFgQLekyPGaXb/TlGjQlGM1Zoa0+y8MBuDoRsqlRm AcFgtzx3O4FYuKfEXAi6Xn5q3cNQLL4vUDb+AlGR3b1IpoWol3E91axsZQFwcK1BVUH3 dG29l+T2kGgKSsG99lOBZjS7j4RLIdIzad9UgnoE6Y2INh6B+ruFoV4kv/LdXOqDzhjf ReUSEkewGx3p108T1oXuU2Qn6FkhC+bOO9jMrW0McPIogY6JG1+o4VA1CtAK0kyGEtTM JPCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=35o6ZXdTTcOoAFKV8TWW9ksiwHbPmvtDSFUaIrWc2MM=; b=noSNfAJ/r/AFFleQMBUrbsoaB/FkaXzz0F0vFUcvuHFOuzXOfZcSb9g43kLrvHGYjW zt+BLNJxMtYr3FGtRFlYwskQwjiuBrk8ieLDs60ZaX6JGeoFqayUQz9lqc1K5uXFPq2k wjg3FvS04CeNaVjhVxJb8gp47Jjmg3Yhsbo9UYfCgfAEd+0oi4ol3nzG2a+e+5moui5Q a8HQuEaK1wEKWGfJnXvt2F9wuSec4IT92oK6rUTqVXEDjd+E3ca9lh7EtP+wcSYYXzay mWBqpVwKkl164UZQm0lz0x8iVg0uw9Ax3JlCueFsj4WsP6RZmd+NFMKtWzyx33/X+LR+ KKDA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s5si8534806plq.219.2019.07.12.11.43.25; Fri, 12 Jul 2019 11:43:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727362AbfGLSnF (ORCPT + 99 others); Fri, 12 Jul 2019 14:43:05 -0400 Received: from bran.ispras.ru ([83.149.199.196]:19157 "EHLO smtp.ispras.ru" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727053AbfGLSnF (ORCPT ); Fri, 12 Jul 2019 14:43:05 -0400 Received: from [10.10.3.112] (starling.intra.ispras.ru [10.10.3.112]) by smtp.ispras.ru (Postfix) with ESMTP id 284A8201D0; Fri, 12 Jul 2019 21:43:03 +0300 (MSK) Subject: Re: [PATCH] proc: Fix uninitialized byte read in get_mm_cmdline() To: Alexey Dobriyan , Oleg Nesterov Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, security@kernel.org References: <20190712160913.17727-1-izbyshev@ispras.ru> <20190712163625.GF21989@redhat.com> <20190712174632.GA3175@avx2> From: Alexey Izbyshev Message-ID: <3de2d71b-37be-6238-7fd8-0a40c9b94a98@ispras.ru> Date: Fri, 12 Jul 2019 21:43:03 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.1 MIME-Version: 1.0 In-Reply-To: <20190712174632.GA3175@avx2> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 7/12/19 8:46 PM, Alexey Dobriyan wrote: > On Fri, Jul 12, 2019 at 06:36:26PM +0200, Oleg Nesterov wrote: >> On 07/12, Alexey Izbyshev wrote: >>> >>> --- a/fs/proc/base.c >>> +++ b/fs/proc/base.c >>> @@ -275,6 +275,8 @@ static ssize_t get_mm_cmdline(struct mm_struct *mm, char __user *buf, >>> if (got <= offset) >>> break; >>> got -= offset; >>> + if (got < size) >>> + size = got; >> >> Acked-by: Oleg Nesterov > > The proper fix to all /proc/*/cmdline problems is to revert > > f5b65348fd77839b50e79bc0a5e536832ea52d8d > proc: fix missing final NUL in get_mm_cmdline() rewrite > > 5ab8271899658042fabc5ae7e6a99066a210bc0e > fs/proc: simplify and clarify get_mm_cmdline() function > Should this be interpreted as an actual suggestion to revert the patches, fix the conflicts, test and submit them, or is this more like thinking out loud? In the former case, will it be OK for long term branches? get_mm_cmdline() does seem easier to read for me before 5ab8271899658042. But it also has different semantics in corner cases, for example: - If there is no NUL at arg_end-1, it reads only the first string in the combined arg/env block, and doesn't terminate it with NUL. - If there is any problem with access_remote_vm() or copy_to_user(), it returns -EFAULT even if some data were copied to userspace. On the other hand, 5ab8271899658042 was merged not too long ago (about a year), so it's possible that the current semantics isn't heavily relied upon. Alexey