Re: [GIT PULL] execve updates for v6.13-rc1

[Linus Torvalds]

On Wed, 20 Nov 2024 at 14:33, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> On Wed, 20 Nov 2024 at 14:32, Linus Torvalds
> <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> >
> > People: we *have* a filename. It's right there in the dentry. Which is
> > right there as bprm->file->f_dentry.dentry.
>
> ... that should obviously be '...->f_path.dentry'.

One thing to look out for is that dentry->name can be switched around
by renames etc

So you probably want to do something like

        const char *name = smp_load_acquire(&dentry->d_name.name);

under the RCU read lock before then copying it with strscpy(). It
should always be NULL-terminated.

If you want to be extra careful, you might surround it with a

        read_seqbegin_or_lock(&rename_lock, &seq);

        ..

        if (need_seqretry(&rename_lock, seq)) {
                seq = 1;
                goto restart;
        }
        done_seqretry(&rename_lock, seq);

but I seriously doubt we even care that much. If people want to mess
with the executable filename, they can just use links or whatever, so
this is a "politeness" thing rather than anything else.

(And yes, our d_path() code tries to be extra smart and also uses
'name->len' to avoid having to search for the end of the string etc,
but that then causes huge complexities with ->len and ->name not
matching, so it has to compensate for that with being extra careful.
So don't do that)

                     Linus