Re: [PATCH] sanitize task->comm to avoid leaking escape codes

From: Artem Bityutskiy
Date: Tue Jun 29 2010 - 00:58:36 EST

On Wed, 2010-06-23 at 21:41 +0200, Oleg Nesterov wrote:
> On 06/23, Kees Cook wrote:
> >
> > @@ -956,7 +957,15 @@ void set_task_comm(struct task_struct *tsk, char *buf)
> > */
> > memset(tsk->comm, 0, TASK_COMM_LEN);
> > wmb();
> Off-topic. I'd wish I could understand this barrier. Since the lockless
> reader doesn't do rmb() I don't see how this can help.

This wmb() looks wrong to me as well. To achieve what the comment in
this function says, it should be smp_wmb() and we should have smp_rmb()
in the reading side, AFAIU.

> OTOH, I don't
> understand why it is needed, we never change ->comm[TASK_COMM_LEN-1] == '0'.

I think the idea was that readers can see incomplete names, but not
messed up names, consisting of old and new ones.

Best Regards,
Artem Bityutskiy (ÐÑÑÑÐ ÐÐÑÑÑÐÐÐ)

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at