Re: [PATCH v7 0/8] Improve the copy of task comm

On Sat, Aug 17, 2024 at 10:56 AM Yafang Shao wrote: > > Using {memcpy,strncpy,strcpy,kstrdup} to copy the task comm relies on the > length of task comm. Changes in the task comm could result in a destination > string that is overflow. Therefore, we should explicitly ensure the &

Re: [PATCH v7 6/8] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

On Mon, Aug 26, 2024 at 5:25 PM Alejandro Colomar wrote: > > Hi Yafang, > > On Sat, Aug 17, 2024 at 10:58:02AM GMT, Alejandro Colomar wrote: > > Hi Yafang, > > > > On Sat, Aug 17, 2024 at 10:56:22AM GMT, Yafang Shao wrote: > > > These three functions foll

[PATCH v8 0/8] Improve the copy of task comm

@gmail.com/ - Add comment for dropping task_lock() in __get_task_comm() (Alexei) - Drop changes in trace event (Steven) - Fix comment on task comm (Matus) v1: https://lore.kernel.org/all/20240602023754.25443-1-laoar.s...@gmail.com/ Yafang Shao (8): Get rid of __get_task_comm() auditsc: Replace m

[PATCH v8 1/8] Get rid of __get_task_comm()

g/all/2jxak5v6dfxlpbxhpm3ey7oup4g2lnr3ueurfbosf5wdo65dk4@srb3hsk72zwq Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc: Alexei Starovoitov Cc: Matus Jokay Cc: Alejandro Colomar Cc: "Serge E. Hallyn" --- fs/exec.c | 10 -- fs/proc/arr

[PATCH v8 2/8] auditsc: Replace memcpy() with strscpy()

Using strscpy() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Paul Moore Cc: Eric Paris --- kernel/auditsc.c | 6 +++--- 1 file

[PATCH v8 3/8] security: Replace memcpy() with get_task_comm()

future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek ---

[PATCH v8 4/8] bpftool: Ensure task comm is always NUL-terminated

Let's explicitly ensure the destination string is NUL-terminated. This way, it won't be affected by changes to the source string. Signed-off-by: Yafang Shao Reviewed-by: Quentin Monnet --- tools/bpf/bpftool/pids.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/bpf/bpftoo

[PATCH v8 5/8] mm/util: Fix possible race condition in kstrdup()

`s` might be updated by the writer to a new value of task->comm. If the new task->comm is larger than the old one, the `buf` might not be NUL-terminated. This can lead to undefined behavior and potential security vulnerabilities. Let's fix it by explicitly adding a NUL terminator. Signed-

[PATCH v8 6/8] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

These three functions follow the same pattern. To deduplicate the code, let's introduce a common helper __kmemdup_nul(). Suggested-by: Andrew Morton Signed-off-by: Yafang Shao Cc: Simon Horman Cc: Matthew Wilcox Cc: Alejandro Colomar --- mm/util.c

[PATCH v8 7/8] net: Replace strcpy() with strscpy()

To prevent errors from occurring when the src string is longer than the dst string in strcpy(), we should use strscpy() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: "David S. Miller" Cc: David Ahern Cc: Eric Dumazet

[PATCH v8 8/8] drm: Replace strcpy() with strscpy()

To prevent erros from occurring when the src string is longer than the dst string in strcpy(), we should use strscpy() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Daniel Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard Cc

Re: [PATCH v8 1/8] Get rid of __get_task_comm()

On Wed, Aug 28, 2024 at 6:15 PM Alejandro Colomar wrote: > > Hi Yafang, > > On Wed, Aug 28, 2024 at 11:03:14AM GMT, Yafang Shao wrote: > > We want to eliminate the use of __get_task_comm() for the following > > reasons: > > > > - The task_lock() is un

Re: [PATCH v8 6/8] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

On Wed, Aug 28, 2024 at 6:33 PM Alejandro Colomar wrote: > > On Wed, Aug 28, 2024 at 12:32:53PM GMT, Alejandro Colomar wrote: > > On Wed, Aug 28, 2024 at 11:03:19AM GMT, Yafang Shao wrote: > > > These three functions follow the same pattern. To deduplicate the code, > >

Re: [PATCH v8 1/8] Get rid of __get_task_comm()

On Wed, Aug 28, 2024 at 8:58 PM Alejandro Colomar wrote: > > On Wed, Aug 28, 2024 at 12:15:40PM GMT, Alejandro Colomar wrote: > > Hi Yafang, > > > > On Wed, Aug 28, 2024 at 11:03:14AM GMT, Yafang Shao wrote: > > > We want to eliminate the use of __get_task_comm(

Re: [PATCH v8 1/8] Get rid of __get_task_comm()

On Wed, Aug 28, 2024 at 10:04 PM Kees Cook wrote: > > > > On August 27, 2024 8:03:14 PM PDT, Yafang Shao wrote: > >We want to eliminate the use of __get_task_comm() for the following > >reasons: > > > >- The task_lock() is unnecessary > > Quoted f

[PATCH resend v4 00/11] Improve the copy of task comm

: https://lore.kernel.org/all/20240602023754.25443-1-laoar.s...@gmail.com/ Yafang Shao (11): fs/exec: Drop task_lock() inside __get_task_comm() auditsc: Replace memcpy() with __get_task_comm() security: Replace memcpy() with __get_task_comm() bpftool: Ensure task comm is always NUL

[PATCH v4 01/11] fs/exec: Drop task_lock() inside __get_task_comm()

could have long-term mixed results Suggested-by: Linus Torvalds Link: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com [0] Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc

[PATCH v4 02/11] auditsc: Replace memcpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Paul Moore Cc: Eric Paris --- kernel/auditsc.c | 6 +++--- 1

[PATCH v4 03/11] security: Replace memcpy() with __get_task_comm()

facilitates future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek ---

[PATCH v4 04/11] bpftool: Ensure task comm is always NUL-terminated

Let's explicitly ensure the destination string is NUL-terminated. This way, it won't be affected by changes to the source string. Signed-off-by: Yafang Shao Reviewed-by: Quentin Monnet --- tools/bpf/bpftool/pids.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/bpf/bpftoo

[PATCH v4 05/11] mm/util: Fix possible race condition in kstrdup()

`s` might be updated by the writer to a new value of task->comm. If the new task->comm is larger than the old one, the `buf` might not be NUL-terminated. This can lead to undefined behavior and potential security vulnerabilities. Let's fix it by explicitly adding a NUL-terminator. Signed-

[PATCH v4 06/11] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

These three functions follow the same pattern. To deduplicate the code, let's introduce a common helper __kmemdup_nul(). Suggested-by: Andrew Morton Signed-off-by: Yafang Shao Cc: Simon Horman Cc: Matthew Wilcox --- mm/util.c | 67 +

[PATCH v4 07/11] mm/kmemleak: Replace strncpy() with __get_task_comm()

ff-by: Yafang Shao Acked-by: Catalin Marinas Cc: Andrew Morton --- mm/kmemleak.c | 8 +--- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/mm/kmemleak.c b/mm/kmemleak.c index d5b6fba44fc9..ef29aaab88a0 100644 --- a/mm/kmemleak.c +++ b/mm/kmemleak.c @@ -663,13 +663,7 @@ static s

[PATCH v4 08/11] tsacct: Replace strncpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao --- kernel/tsacct.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion

[PATCH v4 09/11] tracing: Replace strncpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Masami Hiramatsu (Google) Cc: Steven Rostedt Cc: Mathieu

[PATCH v4 10/11] net: Replace strcpy() with __get_task_comm()

To prevent errors from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: "David S. Miller" Cc: David Ahern Cc: Eric D

[PATCH v4 11/11] drm: Replace strcpy() with __get_task_comm()

To prevent erros from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Daniel Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard

Re: [PATCH resend v4 00/11] Improve the copy of task comm

On Mon, Jul 29, 2024 at 5:29 PM Jani Nikula wrote: > > On Mon, 29 Jul 2024, Yafang Shao wrote: > > Hello Andrew, > > > > Is it appropriate for you to apply this to the mm tree? > > > > Using {memcpy,strncpy,strcpy,kstrdup} to copy the task comm relies on the

Re: [PATCH resend v4 00/11] Improve the copy of task comm

On Wed, Jul 31, 2024 at 8:59 AM Andrew Morton wrote: > > On Mon, 29 Jul 2024 10:37:08 +0800 Yafang Shao wrote: > > > Is it appropriate for you to apply this to the mm tree? > > There are a couple of minor conflicts against current 6.11-rc1 which > you'd best check.

[PATCH v5 0/9] Improve the copy of task comm

ound kstrdup (Andrew) - Add commit log for dropping task_lock (Catalin) v1->v2: https://lore.kernel.org/bpf/20240613023044.45873-1-laoar.s...@gmail.com/ - Add comment for dropping task_lock() in __get_task_comm() (Alexei) - Drop changes in trace event (Steven) - Fix comment on task comm (Matus) v1: https

[PATCH v5 1/9] fs/exec: Drop task_lock() inside __get_task_comm()

could have long-term mixed results Suggested-by: Linus Torvalds Link: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com [0] Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc

[PATCH v5 2/9] auditsc: Replace memcpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Paul Moore Cc: Eric Paris --- kernel/auditsc.c | 6 +++--- 1

[PATCH v5 3/9] security: Replace memcpy() with __get_task_comm()

facilitates future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek ---

[PATCH v5 4/9] bpftool: Ensure task comm is always NUL-terminated

Let's explicitly ensure the destination string is NUL-terminated. This way, it won't be affected by changes to the source string. Signed-off-by: Yafang Shao Reviewed-by: Quentin Monnet --- tools/bpf/bpftool/pids.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/bpf/bpftoo

[PATCH v5 5/9] mm/util: Fix possible race condition in kstrdup()

`s` might be updated by the writer to a new value of task->comm. If the new task->comm is larger than the old one, the `buf` might not be NUL-terminated. This can lead to undefined behavior and potential security vulnerabilities. Let's fix it by explicitly adding a NUL-terminator. Signed-

[PATCH v5 6/9] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

These three functions follow the same pattern. To deduplicate the code, let's introduce a common helper __kmemdup_nul(). Suggested-by: Andrew Morton Signed-off-by: Yafang Shao Cc: Simon Horman Cc: Matthew Wilcox --- mm/util.c | 67 +

[PATCH v5 7/9] tracing: Replace strncpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Masami Hiramatsu (Google) Cc: Steven Rostedt Cc: Mathieu

[PATCH v5 8/9] net: Replace strcpy() with __get_task_comm()

To prevent errors from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: "David S. Miller" Cc: David Ahern Cc: Eric D

[PATCH v5 9/9] drm: Replace strcpy() with __get_task_comm()

To prevent erros from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Daniel Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard

Re: [PATCH v5 0/9] Improve the copy of task comm

On Tue, Aug 6, 2024 at 5:28 AM Linus Torvalds wrote: > > On Sun, 4 Aug 2024 at 00:56, Yafang Shao wrote: > > > > There is a BUILD_BUG_ON() inside get_task_comm(), so when you use > > get_task_comm(), it implies that the BUILD_BUG_ON() is necessary. > > Let's

Re: [PATCH v5 0/9] Improve the copy of task comm

On Tue, Aug 6, 2024 at 11:10 AM Linus Torvalds wrote: > > On Mon, 5 Aug 2024 at 20:01, Yafang Shao wrote: > > > > One concern about removing the BUILD_BUG_ON() is that if we extend > > TASK_COMM_LEN to a larger size, such as 24, the caller with a > > hardcoded 16-by

Re: [PATCH v5 0/9] Improve the copy of task comm

On Wed, Aug 7, 2024 at 1:28 AM Alejandro Colomar wrote: > > Hi Linus, > > Serge let me know about this thread earlier today. > > On 2024-08-05, Linus Torvalds wrote: > > On Mon, 5 Aug 2024 at 20:01, Yafang Shao wrote: > > > > > > One concern about

[PATCH v6 0/9] Improve the copy of task comm

(Andrew) - Add commit log for dropping task_lock (Catalin) v1->v2: https://lore.kernel.org/bpf/20240613023044.45873-1-laoar.s...@gmail.com/ - Add comment for dropping task_lock() in __get_task_comm() (Alexei) - Drop changes in trace event (Steven) - Fix comment on task comm (Matus) Yafang Shao (9):

[PATCH v6 1/9] Get rid of __get_task_comm()

g/all/2jxak5v6dfxlpbxhpm3ey7oup4g2lnr3ueurfbosf5wdo65dk4@srb3hsk72zwq Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc: Alexei Starovoitov Cc: Matus Jokay Cc: Alejandro Colomar Cc: "Serge E. Hallyn" --- fs/exec.c | 10 -- fs/proc/arr

[PATCH v6 2/9] auditsc: Replace memcpy() with strscpy()

Using strscpy() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Paul Moore Cc: Eric Paris --- kernel/auditsc.c | 6 +++--- 1 file

[PATCH v6 3/9] security: Replace memcpy() with get_task_comm()

future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek ---

[PATCH v6 4/9] bpftool: Ensure task comm is always NUL-terminated

Let's explicitly ensure the destination string is NUL-terminated. This way, it won't be affected by changes to the source string. Signed-off-by: Yafang Shao Reviewed-by: Quentin Monnet --- tools/bpf/bpftool/pids.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/bpf/bpftoo

[PATCH v6 5/9] mm/util: Fix possible race condition in kstrdup()

`s` might be updated by the writer to a new value of task->comm. If the new task->comm is larger than the old one, the `buf` might not be NUL-terminated. This can lead to undefined behavior and potential security vulnerabilities. Let's fix it by explicitly adding a NUL-terminator. Signed-

[PATCH v6 6/9] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

These three functions follow the same pattern. To deduplicate the code, let's introduce a common helper __kmemdup_nul(). Suggested-by: Andrew Morton Signed-off-by: Yafang Shao Cc: Simon Horman Cc: Matthew Wilcox --- mm/util.c | 67 +

[PATCH v6 7/9] tracing: Replace strncpy() with strscpy()

Using strscpy() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Masami Hiramatsu (Google) Cc: Steven Rostedt Cc: Mathieu Desnoyers

[PATCH v6 8/9] net: Replace strcpy() with strscpy()

To prevent errors from occurring when the src string is longer than the dst string in strcpy(), we should use strscpy() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: "David S. Miller" Cc: David Ahern Cc: Eric Dumazet

[PATCH v6 9/9] drm: Replace strcpy() with strscpy()

To prevent erros from occurring when the src string is longer than the dst string in strcpy(), we should use strscpy() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Daniel Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard Cc

Re: [PATCH v6 1/9] Get rid of __get_task_comm()

On Mon, Aug 12, 2024 at 4:05 PM Alejandro Colomar wrote: > > Hi Yafang, > > On Mon, Aug 12, 2024 at 10:29:25AM GMT, Yafang Shao wrote: > > We want to eliminate the use of __get_task_comm() for the following > > reasons: > > > > - The task_lock() is un

Re: [PATCH v6 7/9] tracing: Replace strncpy() with strscpy()

On Wed, Aug 14, 2024 at 6:31 AM Justin Stitt wrote: > > On Tue, Aug 13, 2024 at 3:19 PM Justin Stitt wrote: > > > > Hi, > > > > On Mon, Aug 12, 2024 at 10:29:31AM GMT, Yafang Shao wrote: > > > Using strscpy() to read the task comm ensures that the name is

[PATCH v7 0/8] Improve the copy of task comm

kstrdup (Andrew) - Add commit log for dropping task_lock (Catalin) v1->v2: https://lore.kernel.org/bpf/20240613023044.45873-1-laoar.s...@gmail.com/ - Add comment for dropping task_lock() in __get_task_comm() (Alexei) - Drop changes in trace event (Steven) - Fix comment on task comm (Matus) v1

[PATCH v7 1/8] Get rid of __get_task_comm()

g/all/2jxak5v6dfxlpbxhpm3ey7oup4g2lnr3ueurfbosf5wdo65dk4@srb3hsk72zwq Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc: Alexei Starovoitov Cc: Matus Jokay Cc: Alejandro Colomar Cc: "Serge E. Hallyn" --- fs/exec.c | 10 -- fs/proc/arr

[PATCH v7 2/8] auditsc: Replace memcpy() with strscpy()

Using strscpy() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Paul Moore Cc: Eric Paris --- kernel/auditsc.c | 6 +++--- 1 file

[PATCH v7 3/8] security: Replace memcpy() with get_task_comm()

future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek ---

[PATCH v7 4/8] bpftool: Ensure task comm is always NUL-terminated

Let's explicitly ensure the destination string is NUL-terminated. This way, it won't be affected by changes to the source string. Signed-off-by: Yafang Shao Reviewed-by: Quentin Monnet --- tools/bpf/bpftool/pids.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/bpf/bpftoo

[PATCH v7 5/8] mm/util: Fix possible race condition in kstrdup()

`s` might be updated by the writer to a new value of task->comm. If the new task->comm is larger than the old one, the `buf` might not be NUL-terminated. This can lead to undefined behavior and potential security vulnerabilities. Let's fix it by explicitly adding a NUL-terminator. Signed-

[PATCH v7 6/8] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

These three functions follow the same pattern. To deduplicate the code, let's introduce a common helper __kmemdup_nul(). Suggested-by: Andrew Morton Signed-off-by: Yafang Shao Cc: Simon Horman Cc: Matthew Wilcox --- mm/util.c | 67 +

[PATCH v7 7/8] net: Replace strcpy() with strscpy()

To prevent errors from occurring when the src string is longer than the dst string in strcpy(), we should use strscpy() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: "David S. Miller" Cc: David Ahern Cc: Eric Dumazet

[PATCH v7 8/8] drm: Replace strcpy() with strscpy()

To prevent erros from occurring when the src string is longer than the dst string in strcpy(), we should use strscpy() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Daniel Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard Cc

Re: [PATCH v7 4/8] bpftool: Ensure task comm is always NUL-terminated

On Sat, Aug 17, 2024 at 4:39 PM Alejandro Colomar wrote: > > Hi Yafang, > > On Sat, Aug 17, 2024 at 10:56:20AM GMT, Yafang Shao wrote: > > Let's explicitly ensure the destination string is NUL-terminated. This way, > > it won't be affected by changes to the so

Re: [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm()

On Fri, Jun 14, 2024 at 6:57 PM Catalin Marinas wrote: > > On Thu, Jun 13, 2024 at 08:10:17PM +0800, Yafang Shao wrote: > > On Thu, Jun 13, 2024 at 4:37 PM Catalin Marinas > > wrote: > > > On Thu, Jun 13, 2024 at 10:30:40AM +0800, Yafang Shao wrote: > > > &

[PATCH v3 00/11] Improve the copy of task comm

- Fix comment on task comm (Matus) v1: https://lore.kernel.org/all/20240602023754.25443-1-laoar.s...@gmail.com/ Yafang Shao (11): fs/exec: Drop task_lock() inside __get_task_comm() auditsc: Replace memcpy() with __get_task_comm() security: Replace memcpy() with __get_task_comm() bpftool: Ensure task c

[PATCH v3 01/11] fs/exec: Drop task_lock() inside __get_task_comm()

could have long-term mixed results Suggested-by: Linus Torvalds Link: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com [0] Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc

[PATCH v3 02/11] auditsc: Replace memcpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Paul Moore Cc: Eric Paris --- kernel/auditsc.c | 6 +++--- 1

[PATCH v3 03/11] security: Replace memcpy() with __get_task_comm()

facilitates future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek ---

[PATCH v3 04/11] bpftool: Ensure task comm is always NUL-terminated

Let's explicitly ensure the destination string is NUL-terminated. This way, it won't be affected by changes to the source string. Signed-off-by: Yafang Shao Reviewed-by: Quentin Monnet --- tools/bpf/bpftool/pids.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/bpf/bpftoo

[PATCH v3 05/11] mm/util: Fix possible race condition in kstrdup()

`s` might be updated by the writer to a new value of task->comm. If the new task->comm is larger than the old one, the `buf` might not be NUL-terminated. This can lead to undefined behavior and potential security vulnerabilities. Let's fix it by explicitly adding a NUL-terminator. Signed-

[PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

These three functions follow the same pattern. To deduplicate the code, let's introduce a common help __kstrndup(). Suggested-by: Andrew Morton Signed-off-by: Yafang Shao --- mm/internal.h | 24 mm/util.c | 27 --- 2 files change

[PATCH v3 07/11] mm/kmemleak: Replace strncpy() with __get_task_comm()

ff-by: Yafang Shao Acked-by: Catalin Marinas Cc: Andrew Morton --- mm/kmemleak.c | 8 +--- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/mm/kmemleak.c b/mm/kmemleak.c index d5b6fba44fc9..ef29aaab88a0 100644 --- a/mm/kmemleak.c +++ b/mm/kmemleak.c @@ -663,13 +663,7 @@ static s

[PATCH v3 08/11] tsacct: Replace strncpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao --- kernel/tsacct.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion

[PATCH v3 09/11] tracing: Replace strncpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: Steven Rostedt Cc: Masami Hiramatsu Cc: Mathieu Desnoyers

[PATCH v3 10/11] net: Replace strcpy() with __get_task_comm()

To prevent errors from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: "David S. Miller" Cc: David Ahern Cc: Eric D

[PATCH v3 11/11] drm: Replace strcpy() with __get_task_comm()

To prevent erros from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: Maarten Lankhorst Cc: Maxime Ripard Cc: Thomas Zimmermann

Re: [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

On Fri, Jun 21, 2024 at 9:51 PM Simon Horman wrote: > > On Fri, Jun 21, 2024 at 10:29:54AM +0800, Yafang Shao wrote: > > These three functions follow the same pattern. To deduplicate the code, > > let's introduce a common help __kstrndup(). > > > > Suggested-b

Re: [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

On Fri, Jun 21, 2024 at 9:57 PM Matthew Wilcox wrote: > > On Fri, Jun 21, 2024 at 10:29:54AM +0800, Yafang Shao wrote: > > +++ b/mm/internal.h > > Why are you putting __kstrndup in a header file when it's only used > in util.c? I want to make it always inlined. However

Re: [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

On Sun, Jun 23, 2024 at 11:11 AM Matthew Wilcox wrote: > > On Sun, Jun 23, 2024 at 10:29:30AM +0800, Yafang Shao wrote: > > On Fri, Jun 21, 2024 at 9:57 PM Matthew Wilcox wrote: > > > > > > On Fri, Jun 21, 2024 at 10:29:54AM +0800, Yafang Shao wrote: > > >

[PATCH v4 00/11] Improve the copy of task comm

n) v1->v2: https://lore.kernel.org/bpf/20240613023044.45873-1-laoar.s...@gmail.com/ - Add comment for dropping task_lock() in __get_task_comm() (Alexei) - Drop changes in trace event (Steven) - Fix comment on task comm (Matus) v1: https://lore.kernel.org/all/20240602023754.25443-1-laoar.s...@gmail.c

[PATCH v4 01/11] fs/exec: Drop task_lock() inside __get_task_comm()

could have long-term mixed results Suggested-by: Linus Torvalds Link: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com [0] Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc

[PATCH v4 02/11] auditsc: Replace memcpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Paul Moore Cc: Eric Paris --- kernel/auditsc.c | 6 +++--- 1

[PATCH v4 03/11] security: Replace memcpy() with __get_task_comm()

facilitates future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek ---

[PATCH v4 04/11] bpftool: Ensure task comm is always NUL-terminated

Let's explicitly ensure the destination string is NUL-terminated. This way, it won't be affected by changes to the source string. Signed-off-by: Yafang Shao Reviewed-by: Quentin Monnet --- tools/bpf/bpftool/pids.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/bpf/bpftoo

[PATCH v4 05/11] mm/util: Fix possible race condition in kstrdup()

`s` might be updated by the writer to a new value of task->comm. If the new task->comm is larger than the old one, the `buf` might not be NUL-terminated. This can lead to undefined behavior and potential security vulnerabilities. Let's fix it by explicitly adding a NUL-terminator. Signed-

[PATCH v4 06/11] mm/util: Deduplicate code in {kstrdup, kstrndup, kmemdup_nul}

These three functions follow the same pattern. To deduplicate the code, let's introduce a common helper __kmemdup_nul(). Suggested-by: Andrew Morton Signed-off-by: Yafang Shao Cc: Simon Horman Cc: Matthew Wilcox --- mm/util.c | 67 +

[PATCH v4 07/11] mm/kmemleak: Replace strncpy() with __get_task_comm()

ff-by: Yafang Shao Acked-by: Catalin Marinas Cc: Andrew Morton --- mm/kmemleak.c | 8 +--- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/mm/kmemleak.c b/mm/kmemleak.c index d5b6fba44fc9..ef29aaab88a0 100644 --- a/mm/kmemleak.c +++ b/mm/kmemleak.c @@ -663,13 +663,7 @@ static s

[PATCH v4 08/11] tsacct: Replace strncpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao --- kernel/tsacct.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion

[PATCH v4 09/11] tracing: Replace strncpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Masami Hiramatsu (Google) Cc: Steven Rostedt Cc: Mathieu

[PATCH v4 10/11] net: Replace strcpy() with __get_task_comm()

To prevent errors from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: "David S. Miller" Cc: David Ahern Cc: Eric D

[PATCH v4 11/11] drm: Replace strcpy() with __get_task_comm()

To prevent erros from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Acked-by: Daniel Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard

Re: [PATCH v8 4/8] bpftool: Ensure task comm is always NUL-terminated

On Fri, Sep 13, 2024 at 5:14 AM Justin Stitt wrote: > > Hi, > > On Wed, Aug 28, 2024 at 11:03:17AM GMT, Yafang Shao wrote: > > Let's explicitly ensure the destination string is NUL-terminated. This way, > > it won't be affected by changes to the source string.

Re: [PATCH v8 8/8] drm: Replace strcpy() with strscpy()

On Fri, Sep 13, 2024 at 5:28 AM Justin Stitt wrote: > > Hi, > > On Wed, Aug 28, 2024 at 11:03:21AM GMT, Yafang Shao wrote: > > To prevent erros from occurring when the src string is longer than the > > dst string in strcpy(), we should use strscpy() instead. This >

[PATCH v2 10/10] drm: Replace strcpy() with __get_task_comm()

To prevent erros from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: Maarten Lankhorst Cc: Maxime Ripard Cc: Thomas Zimmermann

[PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: Catalin Marinas Cc: Andrew Morton --- mm/kmemleak.c | 8 +--- 1

[PATCH v2 00/10] Improve the copy of task comm

- Add comment for dropping task_lock() in __get_task_comm() (Alexei) - Drop changes in trace event (Steven) - Fix comment on task comm (Matus) v1: https://lore.kernel.org/all/20240602023754.25443-1-laoar.s...@gmail.com/ Yafang Shao (10): fs/exec: Drop task_lock() inside __get_task_comm() auditsc:

[PATCH v2 07/10] tsacct: Replace strncpy() with __get_task_comm()

Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao --- kernel/tsacct.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion

[PATCH v2 01/10] fs/exec: Drop task_lock() inside __get_task_comm()

could have long-term mixed results Suggested-by: Linus Torvalds Link: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npjoop8chlpefafv0onyt...@mail.gmail.com [0] Signed-off-by: Yafang Shao Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Eric Biederman Cc: Kees Cook Cc

[PATCH v2 09/10] net: Replace strcpy() with __get_task_comm()

To prevent errors from occurring when the src string is longer than the dst string in strcpy(), we should use __get_task_comm() instead. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao Cc: "David S. Miller" Cc: David Ahern Cc: Eric D

  1   2   >