From: Yafang Shao <laoar.shao@gmail.com>
To: torvalds@linux-foundation.org
Cc: ebiederm@xmission.com, alexei.starovoitov@gmail.com,
rostedt@goodmis.org, catalin.marinas@arm.com,
akpm@linux-foundation.org, penguin-kernel@i-love.sakura.ne.jp,
linux-mm@kvack.org, linux-fsdevel@vger.kernel.org,
linux-trace-kernel@vger.kernel.org, audit@vger.kernel.org,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org,
bpf@vger.kernel.org, netdev@vger.kernel.org,
dri-devel@lists.freedesktop.org,
Yafang Shao <laoar.shao@gmail.com>,
Alexander Viro <viro@zeniv.linux.org.uk>,
Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
Kees Cook <keescook@chromium.org>,
Matus Jokay <matus.jokay@stuba.sk>
Subject: [PATCH v3 01/11] fs/exec: Drop task_lock() inside __get_task_comm()
Date: Fri, 21 Jun 2024 10:29:49 +0800 [thread overview]
Message-ID: <20240621022959.9124-2-laoar.shao@gmail.com> (raw)
In-Reply-To: <20240621022959.9124-1-laoar.shao@gmail.com>
Quoted from Linus [0]:
Since user space can randomly change their names anyway, using locking
was always wrong for readers (for writers it probably does make sense
to have some lock - although practically speaking nobody cares there
either, but at least for a writer some kind of race could have
long-term mixed results
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Link: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npJooP8chLPEfaFV0oNYTTBA@mail.gmail.com [0]
Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Christian Brauner <brauner@kernel.org>
Cc: Jan Kara <jack@suse.cz>
Cc: Eric Biederman <ebiederm@xmission.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Cc: Matus Jokay <matus.jokay@stuba.sk>
---
fs/exec.c | 10 ++++++++--
include/linux/sched.h | 4 ++--
2 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/fs/exec.c b/fs/exec.c
index 40073142288f..fa6b61c79df8 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1238,12 +1238,18 @@ static int unshare_sighand(struct task_struct *me)
return 0;
}
+/*
+ * User space can randomly change their names anyway, so locking for readers
+ * doesn't make sense. For writers, locking is probably necessary, as a race
+ * condition could lead to long-term mixed results.
+ * The strscpy_pad() in __set_task_comm() can ensure that the task comm is
+ * always NUL-terminated. Therefore the race condition between reader and writer
+ * is not an issue.
+ */
char *__get_task_comm(char *buf, size_t buf_size, struct task_struct *tsk)
{
- task_lock(tsk);
/* Always NUL terminated and zero-padded */
strscpy_pad(buf, tsk->comm, buf_size);
- task_unlock(tsk);
return buf;
}
EXPORT_SYMBOL_GPL(__get_task_comm);
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 61591ac6eab6..95888d1da49e 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1086,9 +1086,9 @@ struct task_struct {
/*
* executable name, excluding path.
*
- * - normally initialized setup_new_exec()
+ * - normally initialized begin_new_exec()
* - access it with [gs]et_task_comm()
- * - lock it with task_lock()
+ * - lock it with task_lock() for writing
*/
char comm[TASK_COMM_LEN];
--
2.39.1
next prev parent reply other threads:[~2024-06-21 2:30 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-21 2:29 [PATCH v3 00/11] Improve the copy of task comm Yafang Shao
2024-06-21 2:29 ` Yafang Shao [this message]
2024-06-21 2:29 ` [PATCH v3 02/11] auditsc: Replace memcpy() with __get_task_comm() Yafang Shao
2024-06-21 2:29 ` [PATCH v3 03/11] security: " Yafang Shao
2024-06-21 2:29 ` [PATCH v3 04/11] bpftool: Ensure task comm is always NUL-terminated Yafang Shao
2024-06-21 2:29 ` [PATCH v3 05/11] mm/util: Fix possible race condition in kstrdup() Yafang Shao
2024-06-21 2:29 ` [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Yafang Shao
2024-06-21 13:51 ` Simon Horman
2024-06-23 2:26 ` Yafang Shao
2024-06-21 13:57 ` Matthew Wilcox
2024-06-23 2:29 ` Yafang Shao
2024-06-23 3:11 ` Matthew Wilcox
2024-06-23 6:00 ` Yafang Shao
2024-06-21 2:29 ` [PATCH v3 07/11] mm/kmemleak: Replace strncpy() with __get_task_comm() Yafang Shao
2024-06-21 2:29 ` [PATCH v3 08/11] tsacct: " Yafang Shao
2024-06-21 2:29 ` [PATCH v3 09/11] tracing: " Yafang Shao
2024-06-21 4:37 ` Masami Hiramatsu
2024-06-21 2:29 ` [PATCH v3 10/11] net: Replace strcpy() " Yafang Shao
2024-06-21 2:29 ` [PATCH v3 11/11] drm: " Yafang Shao
2024-06-21 16:39 ` Daniel Vetter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240621022959.9124-2-laoar.shao@gmail.com \
--to=laoar.shao@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=alexei.starovoitov@gmail.com \
--cc=audit@vger.kernel.org \
--cc=bpf@vger.kernel.org \
--cc=brauner@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=ebiederm@xmission.com \
--cc=jack@suse.cz \
--cc=keescook@chromium.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=matus.jokay@stuba.sk \
--cc=netdev@vger.kernel.org \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=rostedt@goodmis.org \
--cc=selinux@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).