From patchwork Sat Aug 17 02:56:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13766925 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E34D9C3DA4A for ; Sat, 17 Aug 2024 02:57:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7B6E66B03F2; Fri, 16 Aug 2024 22:57:20 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7674F6B03F3; Fri, 16 Aug 2024 22:57:20 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6085B8D0066; Fri, 16 Aug 2024 22:57:20 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 4333F6B03F2 for ; Fri, 16 Aug 2024 22:57:20 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id BCAB9403D0 for ; Sat, 17 Aug 2024 02:57:19 +0000 (UTC) X-FDA: 82460226198.11.0450B85 Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by imf10.hostedemail.com (Postfix) with ESMTP id E8246C0006 for ; Sat, 17 Aug 2024 02:57:17 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=KOcmoXxc; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf10.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.179 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1723863354; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=mIIMsSPqVp5AusgTbRbdrgF3qEr8ccJBENe3BbQ0UBw=; b=1D6ne9VMX5cmpDH0+dydngY+W8t4VRtSXjQUrwHCKgHasvnIp5tffAx0lCU/UOD2G4gQbg 3gRgdKItg57DPVk6sHoIjISvEe3adRTw39icxmqiJbndqAN8q9ojYy1QGd2O/b6oXCUq7Q zYdsJMaH/HlVKBzrCRMaW2DTDfCzbiw= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1723863354; a=rsa-sha256; cv=none; b=a1EBnwtD65/g40Gwvd7MlWaxEK/PzUHNFc/rwf90N5X4D6qOeiQ1SqlQ3j9k5t1vftyS0o stWl/lc7GVI6ReroSZdBp0C/V3Ngdv40d9VlVb9bzMjScP4qkRuHscx/xEQ7uDl9yRSwFp ydH7L76OD7MUenklPQl5DtyWTXXIYi4= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=KOcmoXxc; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf10.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.179 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-20202df1c2fso11364495ad.1 for ; Fri, 16 Aug 2024 19:57:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723863437; x=1724468237; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mIIMsSPqVp5AusgTbRbdrgF3qEr8ccJBENe3BbQ0UBw=; b=KOcmoXxcrYYweXAgIXiI66w37lOcL57fuOpfdRP/2pxXQmRYpUS3HN9q10FgKDQKJM XhFKG+9UHM+uVZyci+VLynNDwmlQ+tbIj5DEbm2XYShYSCMfaI+h4+kn/foL+eKaL/Sk pV3c4BhQne3Vv8HX8qIe2sA8M76VT5Zh1x7/7ddw4UzWqpbwbYbYklzxE+6eC36Z/mEO i+AB8lOAcrveJWSEfgi3jfW2B1FZq8mcaoGuq5VfwYDlB8Nbhgh/eNNKOoKAIcdbyQTf v9N1hZFJmSTy5YOIYNs7aEha0+LYGc5kOvsFsiGnn8k+Vo3HccVyeeqAGu4HXm4lGBan 1Fsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723863437; x=1724468237; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mIIMsSPqVp5AusgTbRbdrgF3qEr8ccJBENe3BbQ0UBw=; b=q4vP4D6ZiNf2UR/YjZIt1lCu6ZKoRV5GwP7agZqLnXeNLzqZK7KVmF3rwe5IYrwYtC 0KcvR7XYkMnHgTo/ho1c3SOafEq64ToDhnUR4s3JkpAwsQjllYKkDw1O2BnUsKX5fLHC bUYIGAHrobShCIU0FD7UHX1X87SyJRSNOHJc+k73jrAp/GVEGH2tfGX34i2HEmNP3Wps xclcIilNP9SRM+O4CXbLCBpsRl6830LIHFMWQFQYhc2LXIz8eA3IaFNn3D7lbfIebwdo N7D2LVsMlFA+xH8BThVsZI6lwOM0LM7w2QJmxqqZk+obSX+OLfX3hJUz7ABLfCNy18p8 vk9w== X-Forwarded-Encrypted: i=1; AJvYcCWdHPE2eTMGAFcOcp9CnPeBsqjKI8o5TPr0JQlqEigM7es7fOVOdptv1JGa0kA7pkjBasOwiOUMUpbAPPeuT/ZYfkk= X-Gm-Message-State: AOJu0Yy35ZU9R2wWlee3UmC+OTsNSE8G5uuu+5SSsgXrxrK6QmdlBxzR EDb+5uGSw+70MnNPpz/Z0vz51LhH8iwvTFkwXrYQuGQr2NuKfY7i X-Google-Smtp-Source: AGHT+IEzug8bsagNMxwK7nm29ecXIwIfZ9FH+TLEi6IcVkbHtwlg4mlyU3SBLgFEVqycM3+Rn/pQ8Q== X-Received: by 2002:a17:903:2303:b0:1fb:9b91:d7d9 with SMTP id d9443c01a7336-202062963e7mr80764935ad.26.1723863436587; Fri, 16 Aug 2024 19:57:16 -0700 (PDT) Received: from localhost.localdomain ([183.193.177.10]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f031c5e1sm31801785ad.94.2024.08.16.19.57.07 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 16 Aug 2024 19:57:16 -0700 (PDT) From: Yafang Shao To: akpm@linux-foundation.org Cc: torvalds@linux-foundation.org, alx@kernel.org, justinstitt@google.com, ebiederm@xmission.com, alexei.starovoitov@gmail.com, rostedt@goodmis.org, catalin.marinas@arm.com, penguin-kernel@i-love.sakura.ne.jp, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, bpf@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, Yafang Shao , Paul Moore , James Morris , "Serge E. Hallyn" , Stephen Smalley , Ondrej Mosnacek Subject: [PATCH v7 3/8] security: Replace memcpy() with get_task_comm() Date: Sat, 17 Aug 2024 10:56:19 +0800 Message-Id: <20240817025624.13157-4-laoar.shao@gmail.com> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: <20240817025624.13157-1-laoar.shao@gmail.com> References: <20240817025624.13157-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: E8246C0006 X-Stat-Signature: 9a5gxt8df9n9bh5a6hy8zpaya1k5rnpu X-Rspam-User: X-HE-Tag: 1723863437-759515 X-HE-Meta: U2FsdGVkX19Z96Cx0UDWwQmC3DHOk/BxB1uRDYr0QOpdV53j8lgLR/W3SLtanrs1J9ISs1Q12FCJEdi16M+JmBOseqAmPeYWRfWiAwMRNzwdVnHkXxtG7q8O9nzFgepSKWrSpsQeR5HqVICl54DtC1kH6UqMZHrSPWESUBrzcqBb5tQLMwtzQwB4yzNK4V0N5ApdS+dTKUGr9/sUFn+S1ZS7V9bYW2fm2nR/oZb1b5Y+PVpMipBdotAWexs4sUtZpOnFOyXVuca6RGb7Kwe5DwqWITw3o39KEOFt/Z8yyywWc0tYdl1iZY6r+jdlS2+GU3bzHrF1Ihr22dNQfBJJMzD+Hj2n5nVgidUF5JkpMaCQ7LnltcEtU+2HnNoFesWKRJmwShrw6z44TdZSPEtfAiXqIW1m2ajpVSiwMSKMsHy2rOA2PW/n3EzVZPHF1f6PXtzEeaOMQNIW+LGAXOcGd7aZvf/5zVWrkOkZekHAnXBlUA/g1G/OoHtaBjMkr6CGL70bbXAXNg3vjmDEGTsodRcYhDRbUXU0w/m7UHaWzGYrL+ige7qqnQwIL9WQVtqQNV6DVXbZSK6PHnIk28Be6lFmcXrk0GQbCVmIcljAnXEMLQ1GMBsNGK/e8QgZV9o8od6ymVS+P4OA3KyVoMLLqyLTXZYVgcF9+/UUierMovh1rgBHYDCtKBZec4klZV0+gEfke/cfHIcjDyQmbh0+wmmn9q/ZH327Znz7xEAKSiF2oeLVy1jYADfAAOV0y1GHnk3ma5s0mx+pOcR+nAPPJH5uFE7e3RYxJ1CXuEDKJQD/3R9Sjw3efcezEMhkSs9LbAxqYngSVO0t3qTzGmfgEh40Wvadabz343BQPMXHeORXfwaSTNI2oVwObfAS4zBm9Ypz3uImr6kPgMKVHrhhTm4jGvCZ+IB/rzUlOWDEJoP7XXDy3Ab/V7x4vqR9rqzFAtbW9ND35sGAVZArr3f exMvldnH /LwFuwYY4+H2jX087zaJ+JMWto7kLhzKruqq9yfXZWm3X9CeOPhXeq5luvFmQ//f/4fsdSFrX/rQlBiOwb/658uz5ICA8gIdVZ2E3h3rvZUMkn7FwgpwjsoR9C9TknpqxZp0zZyaHoMjVp8SU5uq1IY5HmBOKSIah29PYdfaPrrQ5F1ArPlx5w8Aa53jlrq4MS9nfpicAam/7plVcSXat1rVGseBA9bdE4K2MHJTAh/mdNpKeaUE+oHmwWrGY7Tfr7jYfKAHRbvmkzkN9HnWoXV+XBT4vvA7Lh29eGRmcxAnMR7bOs3o0wh9ljSn2JAySrYb2HeYOuzt9rIcJHcpecCZu4SFOu/GH6+JI15ynIH8g7nf6AYZoMFGauj6gAx1gYDLWhMfqrlyokoaMV0cLmqW4MkHU6Wn+3FR8OGVX3iDBGTME7INpw1AgNRJTugYJBh4BC8Z/za47thlkuFCyI9cZIGovfo5bT8R3KTAUjUGcaPJheOx4xtnqaSK/2O7PNGgVZ6tOvVk8kCyNqrj533BWsqCR+eaIRTSdv82asx2DkbXDabCJl4cjBvCJ9/+ddNI7IwhKgW3LdoaKWBjTwr813yWP9O3CDMljd4aST4KvgPcAOOlUrMOIcDNGwyBxu1I6DFNGF3P4ke+ovjkJgPBTMHCIZtpNjoXedrzHhHMArlzjLXh3lPuRG0Xo2/uC8/eqF43NZnzGHGJeBgr0EX5Sfbr9EkbNoGdIMOIY6IdIyTI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Quoted from Linus [0]: selinux never wanted a lock, and never wanted any kind of *consistent* result, it just wanted a *stable* result. Using get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Signed-off-by: Yafang Shao LINK: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npJooP8chLPEfaFV0oNYTTBA@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek --- security/lsm_audit.c | 4 ++-- security/selinux/selinuxfs.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/security/lsm_audit.c b/security/lsm_audit.c index 849e832719e2..9a8352972086 100644 --- a/security/lsm_audit.c +++ b/security/lsm_audit.c @@ -207,7 +207,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2); audit_log_format(ab, " pid=%d comm=", task_tgid_nr(current)); - audit_log_untrustedstring(ab, memcpy(comm, current->comm, sizeof(comm))); + audit_log_untrustedstring(ab, get_task_comm(comm, current)); switch (a->type) { case LSM_AUDIT_DATA_NONE: @@ -302,7 +302,7 @@ static void dump_common_audit_data(struct audit_buffer *ab, char comm[sizeof(tsk->comm)]; audit_log_format(ab, " opid=%d ocomm=", pid); audit_log_untrustedstring(ab, - memcpy(comm, tsk->comm, sizeof(comm))); + get_task_comm(comm, tsk)); } } break; diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index e172f182b65c..c9b05be27ddb 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -708,7 +708,7 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, if (new_value) { char comm[sizeof(current->comm)]; - memcpy(comm, current->comm, sizeof(comm)); + strscpy(comm, current->comm); pr_err("SELinux: %s (%d) set checkreqprot to 1. This is no longer supported.\n", comm, current->pid); }