On Sat, Nov 30, 2024 at 04:55:09PM +1100, Aleksa Sarai wrote:
> On 2024-11-29, Kees Cook wrote:
> > Zbigniew mentioned at Linux Plumber's that systemd is interested in
> > switching to execveat() for service execution, but can't, because the
> > contents of /proc/pid/comm are the file descriptor w
On Sun, Dec 01, 2024 at 08:54:41AM -0800, Linus Torvalds wrote:
> On Sun, 1 Dec 2024 at 06:17, Christian Brauner wrote:
> >
> > /*
> > * Hold rcu lock to keep the name from being freed behind our back.
> > * Use cquire semantics to make sure the terminating NUL from
> > * __d_alloc() is seen.
>
On Sun, 1 Dec 2024 at 06:17, Christian Brauner wrote:
>
> /*
> * Hold rcu lock to keep the name from being freed behind our back.
> * Use cquire semantics to make sure the terminating NUL from
> * __d_alloc() is seen.
> *
> * Note, we're deliberately sloppy here. We don't need to care about
>
On Sat, Nov 30, 2024 at 10:02:38AM -0800, Linus Torvalds wrote:
> On Sat, 30 Nov 2024 at 04:30, Christian Brauner wrote:
> >
> > What does the smp_load_acquire() pair with?
>
> I'm not sure we have them everywhere, but at least this one at dentry
> creation time.
>
> __d_alloc():
> /* Ma
On Sat, 30 Nov 2024 at 12:28, Mateusz Guzik wrote:
>
> > + /* The dentry name won't change while we hold the rcu read
> > lock. */
> > + __set_task_comm(me,
> > smp_load_acquire(&bprm->file->f_path.dentry->d_name.name),
> > + true);
>
> This do
On Fri, Nov 29, 2024 at 08:54:38PM -0800, Kees Cook wrote:
> Zbigniew mentioned at Linux Plumber's that systemd is interested in
> switching to execveat() for service execution, but can't, because the
> contents of /proc/pid/comm are the file descriptor which was used,
> instead of the path to the
On Sat, 30 Nov 2024 at 04:30, Christian Brauner wrote:
>
> What does the smp_load_acquire() pair with?
I'm not sure we have them everywhere, but at least this one at dentry
creation time.
__d_alloc():
/* Make sure we always see the terminating NUL character */
smp_store_release(&
On Fri, Nov 29, 2024 at 08:54:38PM -0800, Kees Cook wrote:
> Zbigniew mentioned at Linux Plumber's that systemd is interested in
> switching to execveat() for service execution, but can't, because the
> contents of /proc/pid/comm are the file descriptor which was used,
> instead of the path to the
On 2024-11-29, Kees Cook wrote:
> Zbigniew mentioned at Linux Plumber's that systemd is interested in
> switching to execveat() for service execution, but can't, because the
> contents of /proc/pid/comm are the file descriptor which was used,
> instead of the path to the binary. This makes the out
