Re: [GIT PULL] execve updates for v6.13-rc1 (take 2)

From: Linus Torvalds
Date: Wed Nov 27 2024 - 21:00:21 EST

Next message: Waiman Long: "[PATCH v2] locking/lockdep: Enforce PROVE_RAW_LOCK_NESTING only if ARCH_SUPPORTS_RT"
Previous message: syzbot: "[syzbot] [udf?] WARNING in udf_rmdir (2)"
In reply to: Kees Cook: "Re: [GIT PULL] execve updates for v6.13-rc1 (take 2)"
Next in thread: Al Viro: "Re: [GIT PULL] execve updates for v6.13-rc1 (take 2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 27 Nov 2024 at 16:53, Kees Cook <kees@xxxxxxxxxx> wrote:
>
> On a related note, what do you think of using execveat's "pathname"
> argument as "comm" if AT_EMPTY_PATH is set? That'll give process
> launchers control over comm (which is what they want), and we can keep
> the dentry name fallback as proposed too?

That's not actually how AT_EMPTY_PATH works.

Yes, it's how AT_EMPTY_PATH *should* work, but despite the name,
AT_EMPTYH_PATH does not mean "path is empty".

It means "path *may* be empty - but if path isn't empty, it's a regular path".

IOW, what is going on is that POSIX required that an empty path be an
error. And AT_EMPTY_PATH is basically a "don't error out on an empty
path" flag, not a "path *is* empty" flag.

So if pathname exists and isn't empty, AT_EMPTY_PATH does nothing.

Linus

Next message: Waiman Long: "[PATCH v2] locking/lockdep: Enforce PROVE_RAW_LOCK_NESTING only if ARCH_SUPPORTS_RT"
Previous message: syzbot: "[syzbot] [udf?] WARNING in udf_rmdir (2)"
In reply to: Kees Cook: "Re: [GIT PULL] execve updates for v6.13-rc1 (take 2)"
Next in thread: Al Viro: "Re: [GIT PULL] execve updates for v6.13-rc1 (take 2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]