From patchwork Mon Aug 12 02:29:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13760007 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6069BC52D7C for ; Mon, 12 Aug 2024 02:30:56 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EB8CE6B009F; Sun, 11 Aug 2024 22:30:55 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E41C76B00A0; Sun, 11 Aug 2024 22:30:55 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CE2D16B00A1; Sun, 11 Aug 2024 22:30:55 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id AED0A6B009F for ; Sun, 11 Aug 2024 22:30:55 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 6C4C44071F for ; Mon, 12 Aug 2024 02:30:55 +0000 (UTC) X-FDA: 82442015670.10.F26D4C5 Received: from mail-pg1-f172.google.com (mail-pg1-f172.google.com [209.85.215.172]) by imf09.hostedemail.com (Postfix) with ESMTP id 8A8E6140029 for ; Mon, 12 Aug 2024 02:30:53 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=cXJSeflR; spf=pass (imf09.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.172 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1723429818; a=rsa-sha256; cv=none; b=jap9Z/C7n0jRCU8mATF4no6aqP/wBubke1guFbkNWg0HhUTO7EBhkyDyYscEwkUjypcg3X KzLi3BS1aY7ZUBK5yCaHpXcb8d7T/6DJ+qPEec7Tr9qtLBDKBtFTSIzQY67BPXrjVjcFFI 8vKqPM3MuDlYJC/OfwpqI2xJo/qJKCU= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=cXJSeflR; spf=pass (imf09.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.172 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1723429818; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=9Po06JAJWHpcwq2qZykUbq7VkC01v3704cEIBIqD0N8=; b=X3hklOmnuYNhb3CRpbUKNwlVAgkCxgIlwS3g7ZOU0OJN/1UKwB2Kyl9jm1TPbbwQMJI70B S0x+Xv1Pxi05gKuSEWifjsllEa+xO5Zl86UF5iGrt5b4vjfaH1TV7B0kPB9SoZq9nAlOIm SRQo4V2fuZpMu/Y5C1ib8txpJZY5APo= Received: by mail-pg1-f172.google.com with SMTP id 41be03b00d2f7-7a1843b4cdbso2697125a12.2 for ; Sun, 11 Aug 2024 19:30:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723429852; x=1724034652; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=9Po06JAJWHpcwq2qZykUbq7VkC01v3704cEIBIqD0N8=; b=cXJSeflRRaA3NS8mwyTxRre8au3rea8Co2cAxUzPQchuoTvc7tD1O7ghP7Y8408aPI iphdO2HzDwb/7RCqDP7f50Tj4wVtV4FlDkSIiJlpn5PQsZAABKyw79ohJGzJJ3D4kDsH 7SGJgulaHJ3p0RMmzfKcaSOyCvE9U0Z+OjgvUaDp8Skv+VBdncrLA+NVogAsp7d2bRNm kDfS79eYO2s3oTcYJowdPNOL26BUsAh1RplMHC0JRIAMVRnNv4lfsvAMpcxlZ1mmnuDt gN11p8bGrrq5awCJze/piO4xHdIC7jhHBTst9QbF8cy/t2VAV53jlgjAC8RrP87IrcbP sNsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723429852; x=1724034652; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9Po06JAJWHpcwq2qZykUbq7VkC01v3704cEIBIqD0N8=; b=XSgKmD70pu4K2QPbrZDALC2lnMrmh++KMVXBTImrHQW6qNIo/c6LQ+DGcT2CX5qbjC HE272bYqLg+NmemarBuxSrImXsGh3wU1Z6H4a7salClJzwWFNyqQnwwv5ZzM/EiyF2Vi 6w8PDmanv/Ug1d+VdeVVXuHXTyG9R6HlhAVXPNI5Z3GvKT+przo/baOmeQ/VwI5WRc1x 2DO2pd25KzMBWXMbEipLIx+IKCrUmOU5E4o2jTP6wJmPYJ0EjiaVa63YiGJ+yb02H9tT vvNqMnHQiKDjZTqCOqkrRd8Yglxl5pYl8IWNn4PqlmPjcsu7e5w7O0cLYCQwHFp9UkcV 1hVQ== X-Forwarded-Encrypted: i=1; AJvYcCVXrV6ANbsCDBw0DWneosdz6LQjqF6Ik6ObyXWIV03tgREpGfs2XhfxnYpEqpw8xHIoSEl8iFqtujIa80BO364OgEc= X-Gm-Message-State: AOJu0YzsSeW2gRMMjInGOADZIDgjiU7uNA0FrqqnwfUFTtN7aD4e1ktt 6eho12q98kIRGI4NerZmYrzBJ7P3ZvQ5pOv9Rn+HHeXj4zIuoUsR X-Google-Smtp-Source: AGHT+IE1xZMlHs3Cuw2myWpVVx1UE/beU7sYLAE8S60uxm8E0L6tTVwuNzgTetxBMMEWFVehNVy1XQ== X-Received: by 2002:a17:902:d2c8:b0:1fd:8eaf:eaa0 with SMTP id d9443c01a7336-200ae550a83mr99817585ad.38.1723429852169; Sun, 11 Aug 2024 19:30:52 -0700 (PDT) Received: from localhost.localdomain ([39.144.39.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-200bb9fed69sm27884765ad.188.2024.08.11.19.30.45 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 11 Aug 2024 19:30:51 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , Paul Moore , James Morris , "Serge E. Hallyn" , Stephen Smalley , Ondrej Mosnacek Subject: [PATCH v6 3/9] security: Replace memcpy() with get_task_comm() Date: Mon, 12 Aug 2024 10:29:27 +0800 Message-Id: <20240812022933.69850-4-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240812022933.69850-1-laoar.shao@gmail.com> References: <20240812022933.69850-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Stat-Signature: zt9zzodqbx1ewjjcyofd8yg6iuws83xd X-Rspamd-Queue-Id: 8A8E6140029 X-Rspam-User: X-Rspamd-Server: rspam10 X-HE-Tag: 1723429853-627405 X-HE-Meta: U2FsdGVkX19J9k1+dsPOkj+eUykHnC8G8N0QyGRIH7J5mwLXQb1+sqpnwv9A12Oww/MWIB+r9KPtLaVuK2PJzBsxpAD4ODn+HfNNYJdK7pIM/5RGlAT9MPAsRRy+AuGOrlFxiA/F8ujBBsz3xg6UAefB/kwFEmaiuTn5LdBt1u7JtGHP5vt5noLlB2fz/Arz4DGk39rDhqsnsm4+Y0Zbn5slqEcSqV4lKLvKqvB3KW0SqW2htMSzKbe8hDf8awXg9uJFSoMkHQ9eUqrRExD+sy7Q4xSToda8RS/TLqa2gljF/r/Be7iQPvhc2BUODW43EBhz5cRHmUahNr0QU5gMsKiZE//u9+5oSBtCnuHwIkAYlLbBdCb+IuaFmvSCp/TpdASHRcS0J9/989TU0TegrOISTF0hyDEFp6WoItHVkJNbFqKjK0Ri7+n0uUxHUl8Q3/CIObpcsn13uhjP5QuVCZW3uyveCk2uNPfk1lXuvhnvMmDHu+mTGSUkaw83ao8vgSR+fCSwyaq7jm350Uk2mxOsGYQiLw1MIGpPzq2QLVnEJ24l4HLP0hPsCjmv0X1kCWTq7Io19dlMFY/H3DNx05pbDmvOUF3mdF2ebicvHZyDptowH5/tG2eoYv76IEMeSZ01EcwOe6Ij1iOyemC+c58PZIoOHUFRHFBRy0n09zoDHj4vxZEjALLkDypO/+reAJEFDfXuboJNDlTa+bgyWIIshSR5SOKHYrbSvl4FlUWPQKteT/+pZ8FD6hnp4qgRoigGQDjtDgxF/X7DS+8aFVupcXnAZ0dl/DDL+KcYnDNvqJnjek4kxSJHAaW/4sDpaINiUg4+5t3SiIChsg+is8MI5dcMqYZh7uVCM1yuqslq6grlm7iZOrqjY97p2JYQUL/ydmv/ajEUHJW/8569q32yVkw09hCxZPdkA0XKp37XcAsauhNzaSS/fvHvYQhPQNOOkU7Bx1zlehYgIVa fG7V9ocZ QffdapLq1e5/P3jHBT5zHiTpOTDuZVUH+QFE9dc4lB5sO8dH21gwD+PBckE6b/nkxoeTNnc5O7iJX2j48lMRr/Uh7BSIoMCcncrDui0oUr5aZGucB6S6XJ2/0IpcyfHcfk379Kv0WcukRuiwIT0JH+UHCHnS+nJHbdX5kpqhyVHUuRkxIObfUUv7dJT8Lzj6rZ9lQ+KZomnwWqpJzWXn26+KtDgdzD6Ayf6m2SBneOAWLPrN7cSLQpW5AMsPu3MrChukgYGfoZkUU1eLZH/wgReEz5BpHsWUw8SPSqjEXxBsgluaKRUn3iRmGLeqHo+oCOqoOCpJthTbH7eRXDXd1fkhK3Gh4DuRmgq9qN8HwgMezyqqgknH187/RUnbCgSilV/iZlIJlnrbmCrvJHKH2FCtLiTiNJ5cp7qL6D3jxRebar47qHebtINzzkl8jwWMjyd5syi56IEJh6n2U8vIboETYGTMY7SHn57kBJkgG38o075J9aF53T6pGDfwtFXkpsYz+hU4Af39AgunW7MUi9uwC79TuVW6McEONPf2M8+ME/0sCsfcR9x54N9p7uiPSXnXC7IUw3MBjpIvJW4MVDJk/zkeKw6IIBPDla3Hd09g3+d36KB64+8c3YGtGdbI6VgVIuzGoDjo4JbkBToIJ5VLz9KpVpev1e2IFasNpINkqgxEYoKzrukIFY3QWEjHWNQaOGkaK2L2zk/PW2RSUhkkySfPXNSlO2yRL/5MyxzsrL0ztfWm7mUX8ohwD3HWm6osp X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Quoted from Linus [0]: selinux never wanted a lock, and never wanted any kind of *consistent* result, it just wanted a *stable* result. Using get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npJooP8chLPEfaFV0oNYTTBA@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek --- security/lsm_audit.c | 4 ++-- security/selinux/selinuxfs.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/security/lsm_audit.c b/security/lsm_audit.c index 849e832719e2..9a8352972086 100644 --- a/security/lsm_audit.c +++ b/security/lsm_audit.c @@ -207,7 +207,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2); audit_log_format(ab, " pid=%d comm=", task_tgid_nr(current)); - audit_log_untrustedstring(ab, memcpy(comm, current->comm, sizeof(comm))); + audit_log_untrustedstring(ab, get_task_comm(comm, current)); switch (a->type) { case LSM_AUDIT_DATA_NONE: @@ -302,7 +302,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, char comm[sizeof(tsk->comm)]; audit_log_format(ab, " opid=%d ocomm=", pid); audit_log_untrustedstring(ab, - memcpy(comm, tsk->comm, sizeof(comm))); + get_task_comm(comm, tsk)); } } break; diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index e172f182b65c..57e014ff3076 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -708,7 +708,7 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, if (new_value) { char comm[sizeof(current->comm)]; - memcpy(comm, current->comm, sizeof(comm)); + strscpy(comm, current->comm, sizeof(comm)); pr_err("SELinux: %s (%d) set checkreqprot to 1. This is no longer supported.\n", comm, current->pid); }