Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp4941945rwl; Wed, 28 Dec 2022 10:53:33 -0800 (PST) X-Google-Smtp-Source: AMrXdXvx37kEThaPoWtJWYfJoOuFCbAeSTyQiSfK3/08vMtBV6ixCABkXkazx4DqpjBeuDpWO5hy X-Received: by 2002:a05:6a00:300d:b0:577:b52:4ec3 with SMTP id ay13-20020a056a00300d00b005770b524ec3mr41009624pfb.22.1672253613508; Wed, 28 Dec 2022 10:53:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672253613; cv=none; d=google.com; s=arc-20160816; b=mCu54ciIMVAdhj4JBGUOzio2LzMsrSgomvU0VrW2z/CVJLaTUS6dCHHjCiVDSsIl/H 4mnAD5VoVPkKbREedCr2S/7PZV00UJMIQP+hcqhqp2xQc2WwOoHuUGm/YXtJIhxNrVoX KR0EamzmJojuOF/E3vReSGdGwUanAAaZIYueTMe3unDmKlhR+xkRIXFMs5+FIijMHzYs 1Cog5y2vdxOvT6bbUG2rUUDWQDrz2Gjede3Mr6jLAIuWaqMK+eQLuQ5STYHkpx/TLAlQ ls9Km2YyNaSKhduw1LWtr56/Kfto5L0uxRpBrUCUBzPH9AvZ3SOcxp7XgJ9FOIOEfm+Q 0iGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=MPY0Wv/uJctWfymZJTaF43pDjtUatb+wKKE/Ue9zYzg=; b=texbfpVezRUTJB+w9ogzZsf4LnGswZ3UfHG84FHPTFDAk8t5blroS+5WfFIomUPg6y Ij9XnnbpXrMTuikJ4IEXQc60X9Es8rwLnoDIbF3qW1zyZxT0t560gScoJyrfGvVrW7v1 d8UuEbZIhZ5yC6y5Vz0OsOAeSvWaJMJUST4TDBAXbqxiZjcdR5bXWC2rbQch3jIi26JJ tEl8r7/GYdAFVE9bOkBrazlGnasAy9JpOWL4uFFbFiU6Y/lSTennNv2e6SKyoTkDVqdK 95/cYbyhaEqiGvaZ2LLyhmADmuMMpoW/YYJN+2ezaKVPO7lr5BLPH3kfbarzyZm/1iTq DjlA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v2-20020a056a00148200b005769b34452fsi17477335pfu.203.2022.12.28.10.53.25; Wed, 28 Dec 2022 10:53:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233064AbiL1ShJ (ORCPT + 63 others); Wed, 28 Dec 2022 13:37:09 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32918 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232362AbiL1ShF (ORCPT ); Wed, 28 Dec 2022 13:37:05 -0500 Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8BBCE13F45; Wed, 28 Dec 2022 10:37:02 -0800 (PST) Date: Wed, 28 Dec 2022 12:36:24 -0600 From: John Helmert III To: oss-security@lists.openwall.com Cc: Alejandro Colomar , Michael Kerrisk , linux-kernel@vger.kernel.org, linux-man@vger.kernel.org Subject: Re: [oss-security] [patch] proc.5: tell how to parse /proc/*/stat correctly Message-ID: References: <1a1963aa1036ba07@orthanc.ca> <20221228152458.6xyksrxunukjrtzx@mutt-hbsd> <20221228172517.l7h3m7wjfpxr3dzw@mutt-hbsd> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="CoFdSg65v6lCt4eN" Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --CoFdSg65v6lCt4eN Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 28, 2022 at 01:02:35PM -0500, Demi Marie Obenour wrote: > On Wed, Dec 28, 2022 at 12:25:17PM -0500, Shawn Webb wrote: > > On Wed, Dec 28, 2022 at 11:47:25AM -0500, Demi Marie Obenour wrote: > > > On Wed, Dec 28, 2022 at 10:24:58AM -0500, Shawn Webb wrote: > > > > On Tue, Dec 27, 2022 at 04:44:49PM -0800, Lyndon Nerenberg (VE7TFX/= VE6BBM) wrote: > > > > > Dominique Martinet writes: > > > > >=20 > > > > > > But, really, I just don't see how this can practically be said = to be parsable... > > > > >=20 > > > > > In its current form it never will be. The solution is to place > > > > > this variable-length field last. Then you can "cut -d ' ' -f 51-" > > > > > to get the command+args part (assuming I counted all those fields > > > > > correctly ...) > > > > >=20 > > > > > Of course, this breaks backwards compatability. > > > >=20 > > > > It would also break forwards compatibility in the case new fields > > > > needed to be added. > > > >=20 > > > > The only solution would be a libxo-style feature wherein a > > > > machine-parseable format is exposed by virtue of a file extension. > > > >=20 > > > > Examples: > > > >=20 > > > > 1. /proc/pid/stats.json > > > > 2. /proc/pid/stats.xml > > > > 3. /proc/pid/stats.yaml_shouldnt_be_a_thing > > >=20 > > > A binary format would be even better. No risk of ambiguity. > >=20 > > I think the argument I'm trying to make is to be flexible in > > implementation, allowing for future needs and wants--that is "future > > proofing". >=20 > Linux should not have an XML, JSON, or YAML serializer. Linux already > does way too much; let=E2=80=99s not add one more thing to the list. Handling a new binary format is not 'one more thing' added? > --=20 > Sincerely, > Demi Marie Obenour (she/her/hers) > Invisible Things Lab --CoFdSg65v6lCt4eN Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQQyG9yfCrmO0LPSdG2gXq2+aa/JtQUCY6yMpgAKCRCgXq2+aa/J tWoKAQCRkJHN0sL4FpQZJY3bEVntGJDGPha+T+AREOiCTkv5zgEAiC0DnVVwRiL6 YXK06d3aRs3A6Ldg3QXXk1hNCncD7wM= =GEbr -----END PGP SIGNATURE----- --CoFdSg65v6lCt4eN--