From: Jens Axboe <[email protected]>
To: Kees Cook <[email protected]>, Eric Biederman <[email protected]>
Cc: "Linus Torvalds" <[email protected]>,
"Alexander Viro" <[email protected]>,
"Christian Brauner" <[email protected]>,
"Jan Kara" <[email protected]>,
[email protected], [email protected],
"Ingo Molnar" <[email protected]>,
"Peter Zijlstra" <[email protected]>,
"Juri Lelli" <[email protected]>,
"Vincent Guittot" <[email protected]>,
"Dietmar Eggemann" <[email protected]>,
"Steven Rostedt" <[email protected]>,
"Ben Segall" <[email protected]>, "Mel Gorman" <[email protected]>,
"Valentin Schneider" <[email protected]>,
"Pavel Begunkov" <[email protected]>,
"Andrew Morton" <[email protected]>,
"Chen Yu" <[email protected]>,
"Shuah Khan" <[email protected]>,
"Mickaël Salaün" <[email protected]>,
[email protected], [email protected],
[email protected]
Subject: Re: [PATCH] exec: Make sure task->comm is always NUL-terminated
Date: Sun, 1 Dec 2024 14:49:47 -0700 [thread overview]
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
On 11/29/24 9:49 PM, Kees Cook wrote:
> Using strscpy() meant that the final character in task->comm may be
> non-NUL for a moment before the "string too long" truncation happens.
>
> Instead of adding a new use of the ambiguous strncpy(), we'd want to
> use memtostr_pad() which enforces being able to check at compile time
> that sizes are sensible, but this requires being able to see string
> buffer lengths. Instead of trying to inline __set_task_comm() (which
> needs to call trace and perf functions), just open-code it. But to
> make sure we're always safe, add compile-time checking like we already
> do for get_task_comm().
In terms of the io_uring changes, both of those looks fine to me. Feel
free to bundle it with something else. If you're still changing things,
then I do prefer = { }; rather than no space...
--
Jens Axboe
prev parent reply other threads:[~2024-12-01 21:49 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-30 4:49 [PATCH] exec: Make sure task->comm is always NUL-terminated Kees Cook
2024-11-30 7:15 ` Linus Torvalds
2024-11-30 21:05 ` Kees Cook
2024-11-30 21:33 ` Linus Torvalds
2024-12-01 20:23 ` Linus Torvalds
2024-11-30 21:40 ` David Laight
2024-12-01 21:49 ` Jens Axboe [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox