From patchwork Sun Jun 2 02:37:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13682617 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7F4EC25B76 for ; Sun, 2 Jun 2024 02:38:49 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 597E56B00A4; Sat, 1 Jun 2024 22:38:49 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 5469B6B00A5; Sat, 1 Jun 2024 22:38:49 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3E7346B00A6; Sat, 1 Jun 2024 22:38:49 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 201306B00A4 for ; Sat, 1 Jun 2024 22:38:49 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id C7C68C012E for ; Sun, 2 Jun 2024 02:38:48 +0000 (UTC) X-FDA: 82184390736.12.65D4ED7 Received: from mail-pg1-f170.google.com (mail-pg1-f170.google.com [209.85.215.170]) by imf21.hostedemail.com (Postfix) with ESMTP id 106441C0005 for ; Sun, 2 Jun 2024 02:38:45 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=BibTK9He; spf=pass (imf21.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.170 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1717295926; a=rsa-sha256; cv=none; b=Iv1ljKd40kfOZTYF3zapfXF6Eh8yZfV9hLDjtq6jlr3Z5dsdMbYoR7u2MYo/iwrpvZZ8h1 hHXNg/LYuTNdp1cjV1eBiBoVf783z6NG3CaLLHROW+oTldVgO6cSze3Z4Lqjwol+/R/1M5 G0DuTmEnOKEFPX9oVHCl8kqiduF8JqA= ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=BibTK9He; spf=pass (imf21.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.170 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1717295926; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ZwXgac49vNiqQKiAaPBrbZsSURsGJANu7JDjc/AUCv8=; b=DrdI8kLWcMZwXnHIci+r6MYKG35gfoAyRs+aAEGNvufyBX0cWc902wa16ldECemoArC1Pb o7VZpI+7qb9cWxYIX0hiVnKuI30jHw+mxtKgOvjDCPozz0pUQqChcJXwRTSSs7nWY4l1n5 WGbv9MONaZ0FkmZvDwWHp9x1Wb7AnEM= Received: by mail-pg1-f170.google.com with SMTP id 41be03b00d2f7-6cb6b9ada16so133133a12.0 for ; Sat, 01 Jun 2024 19:38:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1717295925; x=1717900725; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ZwXgac49vNiqQKiAaPBrbZsSURsGJANu7JDjc/AUCv8=; b=BibTK9HenXwCbgoCm/9wea3Gv0uQapbgZLxRliE0KHgb5R5kltuE0d27CkINKqs5fR 4DvMILu1lxYqZqINaqnJ5FhWEKazAsm9rlgrpIr+GIBNeIzWO+VXm6Ek/8PasuNGuT2F zRCnGnaBzfG17htbUGrkT3ZxsvxoS8ZWq4oaB+X2NrDIGLD5XH4Pc2Ev1aut88wxeUVe GbcdODe7KHQ/1udgJP85R7Ndnt7P7+wUAe65O9dNN2gafTh5NgbVrEHZhYu/tRx1HRd4 DKN3MyBDT0bYmQcjrnHE5DOkg4E8DWQP0ePoPoxZVE3d8+mAHrgPsnSc3Yxpqt4HvrUI lA7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717295925; x=1717900725; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZwXgac49vNiqQKiAaPBrbZsSURsGJANu7JDjc/AUCv8=; b=u5Hr6GAWISz1R9c9Tv994tjVg7L9R3ltm/wlZzcbxEUqkbfe0vU3gUbBNgqHAA2bQc cbQuos2M6MhwFrqsOvbSbfmxJM4QPr2JLxi/oe5usvHWMX+4j50EuD97X0mtUIenqC2o 0tTAHrKgYG37jyfC80Ewre1Bc3eQa6sSIRf/XOQKAkuW5hnYogOpx7pRlMMA4LBrpmt8 LoDbGyOdU3L1ympEzHxE68Xz+K5co9+pBv08bvd+LnDCIIgIntunYHNedbJd++EkbMV0 WDymNZbxxsqIBkA4autzjPXsiqDTwXkEGhyElaB8AHxxa0uofhrqRJrqTyE9dEnOUIE7 qssA== X-Gm-Message-State: AOJu0Yz1FrTpyBFoJ0OMdMMQ3kq3Pmmz59lWJatBEhJYrNCmjmJ9GlJs J+3wKfpI5Bk6r8rtt9Mv6bqZYcfwVwiusmfC8WkSJ+7zih16rN9Q X-Google-Smtp-Source: AGHT+IGxdz166Qj5hr7gPenbJxzI2r9mPKQqOG9IRmdP4Ad2EqUcAIvbF35C52RxuyHIZjzO8B2P0g== X-Received: by 2002:a17:902:7842:b0:1e6:7700:1698 with SMTP id d9443c01a7336-1f63706bba8mr56224725ad.35.1717295924813; Sat, 01 Jun 2024 19:38:44 -0700 (PDT) Received: from localhost.localdomain ([39.144.45.187]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1f6323ea21csm39379575ad.202.2024.06.01.19.38.35 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 01 Jun 2024 19:38:44 -0700 (PDT) From: Yafang Shao To: torvalds@linux-foundation.org Cc: linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, Yafang Shao , Paul Moore , James Morris , "Serge E. Hallyn" , Stephen Smalley , Ondrej Mosnacek Subject: [PATCH 4/6] security: Replace memcpy() with __get_task_comm() Date: Sun, 2 Jun 2024 10:37:52 +0800 Message-Id: <20240602023754.25443-5-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240602023754.25443-1-laoar.shao@gmail.com> References: <20240602023754.25443-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 106441C0005 X-Rspam-User: X-Rspamd-Server: rspam12 X-Stat-Signature: gci4e65h67yiqe9i6cpm81upnfx5rjbb X-HE-Tag: 1717295925-860462 X-HE-Meta: U2FsdGVkX1+pHkHLQWMnPMAL8gWK+wqeGVZSFN171Y9XveqlctlJI4ILOR1URCPZAneAIYxMZH2Sd7fZhj1ZwvkilM/NzdzlsZW0knpA3DhNxaCy2NsLNnV7ovFQORl7VUuKte87VMd+N/yQc9ToWBiCCQUSlCpruU8LWCt5iZwnjRi2Jbw0NrbYD+B/yJt4iR7vky9OxYEwDQ4AbzzV6+Da4zO9BNjkpTzXA8yUCVAWi5XPiz7AZFDuKl5XV78tT6cuI0bTJfirAETLbGVsE0+sFeVOAhk8BSSWb1/fFo8XL8sFnranP7Ib+HJ9RAoytwdrZ/nCp/Z5QczyzgtEhpB7YXQcbfH/L99d/4ai0gMbEVrQp0hNsnFr3dkCHiP+PNdFkWz1H/WVG4SIu4xP3xtFZ7zTLgjY3zHhwy5qrWjvjHhuA9rZAXAcewUgN4Xbbvsm+p2riUv143udAK1uwKEyYBY8Cz93vPGjhsz3B7R+0beO64/Oxw3TsUVeDCWZyIV+FajOXkn3McWr9kLx7e5qtjwD5xE9MC9kbL63aZWOdy5TRfiYrILDJybY/o5PjFzZpZCdsPxFonlN0t/g1n+B4ht3FwoYP8WE6T7MzI/NGLqIHfUrK26LATA46ePGBw/Vy5L5mad57s8I0YvB9Rd0aIc5cavCQqsdbsBN6QQO/9hG/r3utmfyIhH0WjEDh8qADA8U63Oo1fao1f8L1l5VycPDna8k0xdKKvP3r428gjS+lG2rshAPmU9hUcds9XjQQK6sliRjul5qZhz00NtdtoreZxMWG4+PlM6s5nfd4XaYG7RliCSC8Yoxef6cl1dVFL+q72Rgn0O6cjrlo7Ni8cR3E++wTl+i6x5UtHjMSBXKg8BBpV5X4AUWL+ZDWOh0KUQftRavlLbyEVe5dCPD8HEWRRJEoNvRoDOdSOCwTEXR2YEVsXy/UeO8zPdQsZaQQiBzlGGBeniXxJr WeIwaQ4r Hi6SB8XeYqm24MungtMRJftgVzPRsdvKnqDOtM+Q1FA41qL3AoEAalERt4d5Ax2QSNP0/YxLHsKo7X8F/aXMG7PPS6DZLmC1pLZ2rjFbcKOStbzIhAsryTphWR5SaaFJKhGSgSBtwl6vS/Eeh6y0GLbqOARzw3My4v3GHXncX7QW5egQkq52iQsR8XrMcxKbeXr40LK9Wzl7LEaonTUvoufS1fhCDoVtvi9bJ8YGyZCSP+odrJYCaF/7rGZpqFp1f/K6OQXwaZnHL9m1bxhugt7BEAplPxqcGqgIVGDHthY57dNV2LR6uGF/EmCOjt7cEkqJwxR0Priuyttl7MRrGTTXXg+bsgr/8Z1fgw/BsUHaBBtH2HAGMyrwipaOys+1Jls+eGa/v5oaPbqhNlC7iNRFoZCuJ73HTC2UClUh/AviH7KuD8x1UTM7/8N9THs5T10xOZlDDZE00Xamvf4IZPjw+ZaGlF19W25wjA3XZL3PqqN8e2daMdcm2yUMdJxtvocvs/26ukWRbfzyNWme6HySDolFztB7dALKhkfoDcLnFvbAKTB+uf4Tv/EVJlqHDrbMCCNasspL2lMvSG+PNLZoPrHb/O1oLIE5lem/1uha+G4vYN41wU2s6W54QzKQsSf3+S2NBFm4wTKOyZkK2SyIaB3YT8etOmeRycCr96UgYEE7XgI6vP4nTbRNItsOHqko6KelNTsimFT0JRuFZrZD4XTB7l9EO6cxuMQRi4mIGoYJLFKz4jKD+AXONx2xan9j/6aBvarMLUYgqPM3pyJ+Za7aqb0Dr9zsJ7tSPIX197lXPzvEcoNIvT6YfDOHJgAzUursMbTUkSaZ7tUM0qxZSzv+lpja9Ql5E X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Quoted from Linus [0]: selinux never wanted a lock, and never wanted any kind of *consistent* result, it just wanted a *stable* result. Using __get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npJooP8chLPEfaFV0oNYTTBA@mail.gmail.com/ [0] Cc: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek Acked-by: Paul Moore --- security/lsm_audit.c | 4 ++-- security/selinux/selinuxfs.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/security/lsm_audit.c b/security/lsm_audit.c index 849e832719e2..a922e4339dd5 100644 --- a/security/lsm_audit.c +++ b/security/lsm_audit.c @@ -207,7 +207,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2); audit_log_format(ab, " pid=%d comm=", task_tgid_nr(current)); - audit_log_untrustedstring(ab, memcpy(comm, current->comm, sizeof(comm))); + audit_log_untrustedstring(ab, __get_task_comm(comm, sizeof(comm), current)); switch (a->type) { case LSM_AUDIT_DATA_NONE: @@ -302,7 +302,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, char comm[sizeof(tsk->comm)]; audit_log_format(ab, " opid=%d ocomm=", pid); audit_log_untrustedstring(ab, - memcpy(comm, tsk->comm, sizeof(comm))); + __get_task_comm(comm, sizeof(comm), tsk)); } } break; diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index e172f182b65c..a8a2ec742576 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -708,7 +708,7 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, if (new_value) { char comm[sizeof(current->comm)]; - memcpy(comm, current->comm, sizeof(comm)); + __get_task_comm(comm, sizeof(comm), current); pr_err("SELinux: %s (%d) set checkreqprot to 1. This is no longer supported.\n", comm, current->pid); }