Edited down to just the end result:
On Fri, 29 Nov 2024 at 20:49, Kees Cook wrote:
>
> void __set_task_comm(struct task_struct *tsk, const char *buf, bool exec)
> {
> size_t len = min(strlen(buf), sizeof(tsk->comm) - 1);
>
> trace_task_rename(tsk, buf);
> memcpy(tsk->com
On 2024-11-29, Kees Cook wrote:
> Zbigniew mentioned at Linux Plumber's that systemd is interested in
> switching to execveat() for service execution, but can't, because the
> contents of /proc/pid/comm are the file descriptor which was used,
> instead of the path to the binary. This makes the out
Zbigniew mentioned at Linux Plumber's that systemd is interested in
switching to execveat() for service execution, but can't, because the
contents of /proc/pid/comm are the file descriptor which was used,
instead of the path to the binary. This makes the output of tools like
top and ps useless, esp
Using strscpy() meant that the final character in task->comm may be
non-NUL for a moment before the "string too long" truncation happens.
Instead of adding a new use of the ambiguous strncpy(), we'd want to
use memtostr_pad() which enforces being able to check at compile time
that sizes are sensib
The change to restrict access to TIOCLINUX that was added in Linux 6.7
breaks Emacs rendering of the mouse pointer. This change was previous
discussed in
https://lwn.net/ml/kernel-hardening/20230402160815.74760f87.ha...@hboeck.de/.
An associated Emacs bug report, bug #74220, is discussed at
ht
