Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp4847602rwl; Wed, 28 Dec 2022 09:34:37 -0800 (PST) X-Google-Smtp-Source: AMrXdXvMntS4guTfMqivjzPr1GGMvhVrK5+cpq2bZg8A3qmste3MEfvl6jBi6F1FULhXPgncLBb6 X-Received: by 2002:a17:902:7247:b0:192:8f2c:dd23 with SMTP id c7-20020a170902724700b001928f2cdd23mr5383502pll.13.1672248876624; Wed, 28 Dec 2022 09:34:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672248876; cv=none; d=google.com; s=arc-20160816; b=NS+ktfzN0Hdq2fFTqtjzOGxm8Bhpd6uvXqqziNTNzIogKEWFOCNPCE2h73XDVOEFYW BHUuvl3Df+Heq8Z1tmLStqjdQN4cx8BeJoTj9X8DZovv7TGS8vEYNmotP5cqSrzsmD+E PsnzSru1cYfln1P6oRB/bV7bTQJsNJaaMxvSP3jLiu0aN4Cvs2kSC64uwgTxfAzFpMH0 G0cup8zipPTFNY+sCy5oivRi30F7TiQDsJ5UAmfj13Nt34CLg20JeioTIjP/DtBWzpPr +QQmi6ginOhRZjqf09ryZn6Y50+yv/RNvwyGnZGuYJ93q7j9RrkNnqeQLHx/bAV5zonh NIlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=AEVM5AUDilZJYaQsZd9oVNR1x46s1U+Ak2sstBJ5jV8=; b=EqqbodUek8StfCnbYGuqnd6rZZrYk759wrTHl5lQdAo2oUI156n9QXJF+pu/Spi662 js/zvXU0xn25t5IHv3a9fE9Iqjb7chLtNMIoYuB/RY9bZaDOe4tZfvUnCe+j/sFu5Ind JRoMhmByPlCsEDKugTSPMdIEE5X1wtERqKDQACTiJh/VUsxJGT7v9CBygLcaaU/RujNu 8nkzHWB2Igj0OZS8/Joi4QjfsCSYWcm79bAPy12LiwQCBHHNIZfFJQyiy2reptu7y2sI K44Ki8lHVTCZbKBS/zBWH0WW3MFGXrmHh7rBKMgcQr9lG8z9uSBEPU+CpxaZWVwM4zkL m4rA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@hardenedbsd.org header.s=google header.b="j8S08/QH"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w21-20020a1709029a9500b0017ef8bf8a91si5751122plp.439.2022.12.28.09.34.27; Wed, 28 Dec 2022 09:34:36 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@hardenedbsd.org header.s=google header.b="j8S08/QH"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231908AbiL1RZ2 (ORCPT + 63 others); Wed, 28 Dec 2022 12:25:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38592 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230443AbiL1RZY (ORCPT ); Wed, 28 Dec 2022 12:25:24 -0500 Received: from mail-vs1-xe29.google.com (mail-vs1-xe29.google.com [IPv6:2607:f8b0:4864:20::e29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8042C1573F for ; Wed, 28 Dec 2022 09:25:19 -0800 (PST) Received: by mail-vs1-xe29.google.com with SMTP id 128so16059464vsz.12 for ; Wed, 28 Dec 2022 09:25:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=AEVM5AUDilZJYaQsZd9oVNR1x46s1U+Ak2sstBJ5jV8=; b=j8S08/QHYpGAcDHI/4qQdIScYpGuBRltLRMeaq4DGRSTXK38MdlCFAmttEa3pQ2AAR NtXln8auiAZjKs5RKITvwiuO1ZOSR0W++0JciEQIn8C56feM5e5AFKcDHtkheALQVVPp r7zMAp6ORF1QFUMJpVD7nasWQGh0kL0KtpkZ4C9/ZXMqHbz5BlpuW8H8UFd1MiDW8OKH kyiXRFlSRG5m8C3h/8RAgYplVIyX07AKNInN72kjvOFxhk6+rNlOtc5iUW4hXlqJbQBh JpCuRo1YLtBeJlbNRlsujRzhTF8G4fVxxPfdmWgN2GVySWxiR8no5Ah1jufjcdqUB1EA OrmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=AEVM5AUDilZJYaQsZd9oVNR1x46s1U+Ak2sstBJ5jV8=; b=zNZmXzzjq+K8/jKuG/yDpOhOK7OHO571OtJp2yfmV7A5ki0oYF+/a0gblLP9GpLc43 AirIiPGBZGGMo2DELL25gej9LsTb/qCnkXGVHnuJ8qg7KOaciuFMkbKspG8CFtliIpNz 4OFy5RPjz1qPl6eKNaaEXTlx0qFotqHLMMZ8TKhlAqFIotTp8esNNe663ayK5pOdiQxo nWnLvSCFIa4Hq2faGzIGNJJmF64XwJNtGRw0vnAVj0wm6m0BQOUO1Q2dOiuDzmj+tftF hQqVccn2xcukN4h+jhMzaBuMWqgDaCbAT3Yoc056W+nm7owLW01ogPFdccFn0MeOdT2K wwIQ== X-Gm-Message-State: AFqh2kpPkDiSPoU6KMV1z3NdnPvHx836OM4Dw+FdjF3yx0bwY38tQOkH cK+Eo7sIoXJ/LZ9Xc7nOTvkFhA== X-Received: by 2002:a05:6102:508a:b0:3b1:3a70:ae18 with SMTP id bl10-20020a056102508a00b003b13a70ae18mr13788387vsb.17.1672248318317; Wed, 28 Dec 2022 09:25:18 -0800 (PST) Received: from mutt-hbsd (pool-100-16-219-215.bltmmd.fios.verizon.net. [100.16.219.215]) by smtp.gmail.com with ESMTPSA id q12-20020a05620a2a4c00b006fef61300fesm11801298qkp.16.2022.12.28.09.25.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Dec 2022 09:25:17 -0800 (PST) Date: Wed, 28 Dec 2022 12:25:17 -0500 From: Shawn Webb To: oss-security@lists.openwall.com Cc: Alejandro Colomar , Michael Kerrisk , linux-kernel@vger.kernel.org, linux-man@vger.kernel.org Subject: Re: [oss-security] [patch] proc.5: tell how to parse /proc/*/stat correctly Message-ID: <20221228172517.l7h3m7wjfpxr3dzw@mutt-hbsd> X-Operating-System: FreeBSD mutt-hbsd 14.0-CURRENT-HBSD FreeBSD 14.0-CURRENT-HBSD X-PGP-Key: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/blob/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc References: <1a1963aa1036ba07@orthanc.ca> <20221228152458.6xyksrxunukjrtzx@mutt-hbsd> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="53fjlxfw5lfxitvk" Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --53fjlxfw5lfxitvk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 28, 2022 at 11:47:25AM -0500, Demi Marie Obenour wrote: > On Wed, Dec 28, 2022 at 10:24:58AM -0500, Shawn Webb wrote: > > On Tue, Dec 27, 2022 at 04:44:49PM -0800, Lyndon Nerenberg (VE7TFX/VE6B= BM) wrote: > > > Dominique Martinet writes: > > >=20 > > > > But, really, I just don't see how this can practically be said to b= e parsable... > > >=20 > > > In its current form it never will be. The solution is to place > > > this variable-length field last. Then you can "cut -d ' ' -f 51-" > > > to get the command+args part (assuming I counted all those fields > > > correctly ...) > > >=20 > > > Of course, this breaks backwards compatability. > >=20 > > It would also break forwards compatibility in the case new fields > > needed to be added. > >=20 > > The only solution would be a libxo-style feature wherein a > > machine-parseable format is exposed by virtue of a file extension. > >=20 > > Examples: > >=20 > > 1. /proc/pid/stats.json > > 2. /proc/pid/stats.xml > > 3. /proc/pid/stats.yaml_shouldnt_be_a_thing >=20 > A binary format would be even better. No risk of ambiguity. I think the argument I'm trying to make is to be flexible in implementation, allowing for future needs and wants--that is "future proofing". --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --53fjlxfw5lfxitvk Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmOse+YACgkQ/y5nonf4 4fqYGw//ei+Kr3PwFtaEm+2Q1h8l2hrnM14W8ORZQWkqtv75yAPUCq6mb4XmSDze 3Z9kMrY4xvdYTMUZa4S1VvXF+tDe7nIqjf4kq6qCOhfyeoozvUm13yXEARvpMsLO joSrhua4pTi8fCs3ZGebfgM8mNEMl4ZgdZIIpjcRWhVe0XAs7FvwZJyknr6joe8G HBXB6FzCzbR4AUpp8+MjpwZIoPKw5KVODDGBG2rOvDoCFZceL/d9djmBW0dsI1Y1 EM4dQkx2zUJWBF77sQni1pAK+JJ52Xlwh61PbgHJLzUpUvUl7ZWMZoVn996MEdfF tD0/V6de9kF6xkyQ+tBI+hRHuAUAAkSuYFR9/1BdLkcgVzaaXbUdTUAJQ/6sD9nt CRIIhN6sQcYUe2VZbbS+KU+DhFGl6M9P3WPfbMJeaDootxRbkshThvUiXcdlMHIg q8ce1idlwBxYonLgYdhF2FtOi3kjy0bykabUM3lzHpieadyxfSwP01x8PiOPjRs3 +M48jCecix8LaW8yIzvY42ZhawwsO/7fqr4U373hM6BhkW6HnkzTr0Glkq6pQxVR 8tBkVfaY9+JEqNOb0qU+fO3MVcpbkUnAtbnnGOfEmEaT5aWcaI7m1IvJsN6L+wWP HNBNpi9Gizl9BbzbIkFxepiN8WsxNK2aEjuSt6YfiUICuguqeeM= =ZLcQ -----END PGP SIGNATURE----- --53fjlxfw5lfxitvk--