Re: [PATCH] exec: Make sure task->comm is always NUL-terminated

From: Jens Axboe
Date: Sun Dec 01 2024 - 16:50:04 EST

Next message: David Laight: "RE: [PATCH next] x86: mask_user_address() return base of guard page for kernel addresses"
Previous message: pr-tracker-bot: "Re: [PULL REQUEST] i2c-for-6.13-rc1-part3"
In reply to: Linus Torvalds: "Re: [PATCH] exec: Make sure task->comm is always NUL-terminated"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/29/24 9:49 PM, Kees Cook wrote:
> Using strscpy() meant that the final character in task->comm may be
> non-NUL for a moment before the "string too long" truncation happens.
>
> Instead of adding a new use of the ambiguous strncpy(), we'd want to
> use memtostr_pad() which enforces being able to check at compile time
> that sizes are sensible, but this requires being able to see string
> buffer lengths. Instead of trying to inline __set_task_comm() (which
> needs to call trace and perf functions), just open-code it. But to
> make sure we're always safe, add compile-time checking like we already
> do for get_task_comm().

In terms of the io_uring changes, both of those looks fine to me. Feel
free to bundle it with something else. If you're still changing things,
then I do prefer = { }; rather than no space...

--
Jens Axboe

Next message: David Laight: "RE: [PATCH next] x86: mask_user_address() return base of guard page for kernel addresses"
Previous message: pr-tracker-bot: "Re: [PULL REQUEST] i2c-for-6.13-rc1-part3"
In reply to: Linus Torvalds: "Re: [PATCH] exec: Make sure task->comm is always NUL-terminated"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]