Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp4298478pxb; Thu, 14 Oct 2021 02:28:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxzhgxNq4xsc5qbvBzDrMCfFnryUSWvFuwblKvYp0D68IbCfIAoTjq0mTW/I4UyHRmNk3yU X-Received: by 2002:a17:90b:1e01:: with SMTP id pg1mr4933105pjb.81.1634203689341; Thu, 14 Oct 2021 02:28:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634203689; cv=none; d=google.com; s=arc-20160816; b=eOg/FFAMNm25WNwPGFoFpsH4I/7nAexKfwAmTRkCdV/uYnJlmpMeUm2yGVTt0S6wS+ qBZs04jgVFDTh0tneyofwS5wQGbfOEsJNJVUcD9gHidFAXzIBx4AmW+mJxAQiv6qGzYE REQHMSHHJx6gsMslbm1fORrZrqisnwftVxXFpg0i1DvmxsiYrCW3vTJf4PIdxNZgbdWl cTaamKpCvdW018h4I1ZlLIm2SHxB5XLOIHM0jIOrewGGndtFIdzCpOpRCcZV6YWj155h norGEWt022IZFWq4dEwSO2bMa1nUdHIfdY7hLe9QRLp3XQtn9Z9LPzP/2mWqALtf+vKZ UDvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=hhEuFlQbGkl6PsKJjR4IdDPF64+w98wgMrFTERI0+RY=; b=I8av9BYtNfmj61ap4TdEEc5DIcPyOPVtL1Q2kel36FKsVagG38BEUwTigzKAOjf6gU MeEQOur2USbwdLgPeP2hgQqFP0/kNS+1O50O6haiGRqo0y7R+y/7DLCBGUt6pHyu+VCX cKc3OTai5a28o+Rnk2iJLiWGMzSyko011TS28SeTouVnLC7vC9SwSDjVsNSUViEv+rfZ I9yYHw+nFeDbuU16XIGUCzvITUoRu4hwWBy7sGHAaBWoGo7AmBGKfUL+eEnC99ZQra2s GWwEjDX2k/TkCatGTQoxv4Jxuxuooc6Q82K35ImJ/T1bxYSzZE0dpmq52ELD3DywxTIA Jigw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=EqjqsplV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n15si3200110plf.66.2021.10.14.02.27.56; Thu, 14 Oct 2021 02:28:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=EqjqsplV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230094AbhJNJ3A (ORCPT + 99 others); Thu, 14 Oct 2021 05:29:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55002 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230051AbhJNJ25 (ORCPT ); Thu, 14 Oct 2021 05:28:57 -0400 Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A229FC061570 for ; Thu, 14 Oct 2021 02:26:52 -0700 (PDT) Received: by mail-io1-xd2e.google.com with SMTP id y67so2894054iof.10 for ; Thu, 14 Oct 2021 02:26:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=hhEuFlQbGkl6PsKJjR4IdDPF64+w98wgMrFTERI0+RY=; b=EqjqsplVul4oMMBibDLyg+SMqluN4S3s7LRGfLSSQ9U53hwEWiKA4TIR1QgKurQZ/7 DaV3vSMiCP9lh46GxF5xjDSGXZOVFI/9tm2/5hid+Minj+HMYRb21RglweOWqc+k0w6A 6bjbTOoYZzz8VWf/wqU5PPWQ9w/3x0BtzgFIBjfEOL8GIecqTqLXN/T8z5qPidoI0gk5 oeRnbnJS0ReTpl0aOsxfvJOjc/P4uPT3GLiqPIano4MTsA1dqW5yrpNkR5lquy0AZe9f hpWJXTCNUy9yEJhIcJK6uW3Ljhu/n7eMguuXz+mplku3MaOgxTluHp5LXoJzeiLHv+Vn X5wg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hhEuFlQbGkl6PsKJjR4IdDPF64+w98wgMrFTERI0+RY=; b=AGCG+5/SjdAajN52bSNugBMorEiH/w+Ev7XucYbWN7l2rOkCbLvQ6qhk1+aSF6vKZN OT6l9ydxcPlJez4K//PWeFN1IH4TU7n+R898jsZI9MPod2/oThpSTz1qypE05PKxSHXF qgYNGGQMTgtLgVkVjODjfIRXKIzdsGmooM+7epSPM1+K0TJfmgOi4dq9TcrfXVYdze7M GMrXXIamvmoB2pkU3yR9PLZLM3ZcZy1E9eAWw7SxK7cTyjXCPPrlYUC4Hhpu49W1qyMP Bo+oJ5dH1OcmTMoFLOOqhpJM1NolsyhoejWxM0JkZM6Rrx6yntDz6OvhBrkkZL9OgVrz w4mg== X-Gm-Message-State: AOAM531QoO21QyfxK5lMknSulxCGeA1wAvLwC/5ucRgjh9JRO3v+tTHG /+n6Nw+2vBHlTMeQOtSR4mpYdJEor4X/OpiHPs4= X-Received: by 2002:a05:6602:27d4:: with SMTP id l20mr1572323ios.94.1634203612102; Thu, 14 Oct 2021 02:26:52 -0700 (PDT) MIME-Version: 1.0 References: <20211013102346.179642-1-laoar.shao@gmail.com> <20211013102346.179642-3-laoar.shao@gmail.com> <20211013101921.0843aaf0@gandalf.local.home> <20211013222418.7ea9727d@oasis.local.home> <202110132148.523C3EA@keescook> In-Reply-To: <202110132148.523C3EA@keescook> From: Yafang Shao Date: Thu, 14 Oct 2021 17:26:16 +0800 Message-ID: Subject: Re: [PATCH v4 2/5] connector: use __get_task_comm in proc_comm_connector To: Kees Cook Cc: Steven Rostedt , Peter Zijlstra , Petr Mladek , Al Viro , Andrew Morton , Valentin Schneider , Mathieu Desnoyers , qiang.zhang@windriver.com, robdclark@chromium.org, christian@brauner.io, Dietmar Eggemann , Ingo Molnar , Juri Lelli , Vincent Guittot , Benjamin Segall , Mel Gorman , Daniel Bristot de Oliveira , David Miller , kuba@kernel.org, LKML , Vladimir Zapolskiy , David Howells Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Oct 14, 2021 at 12:50 PM Kees Cook wrote: > > On Wed, Oct 13, 2021 at 10:24:18PM -0400, Steven Rostedt wrote: > > On Thu, 14 Oct 2021 09:48:09 +0800 > > Yafang Shao wrote: > > > > > > __get_task_comm() uses strncpy() which my understanding is, does not add > > > > the nul terminating byte when truncating. Which changes the functionality > > > > here. As all task comms have a terminating byte, the old method would copy > > > > that and include it. This won't add the terminating byte if the buffer is > > > > smaller than the comm, and that might cause issues. > > > > > > > > > > Right, that is a problem. > > > It seems that we should add a new helper get_task_comm_may_truncated(). > > > > Or simply change __get_task_comm() to: > > > > char *__get_task_comm(char *buf, size_t buf_size, struct task_struct *tsk) > > { > > task_lock(tsk); > > strncpy(buf, tsk->comm, buf_size); > > /* The copied value is always nul terminated */ > > buf[buf_size - 1] = '\0'; > > task_unlock(tsk); > > return buf; > > } > > > > But that should probably be a separate patch. > > strscpy_pad() is the right thing here -- it'll retain the NUL-fill > properties of strncpy and terminate correctly. > strscpy_pad() can also work, and seems more simple. > The use of non-terminating issue with strncpy() wasn't a problem here > because get_task_comm() would always make sure task->comm was > terminated. (It uses strlcpy(), which I think needs to be changed to > strscpy_pad() too...) > > -- > Kees Cook -- Thanks Yafang