Patch 3a3f61ce5e0b ("exec: Make sure task->comm is always NUL-terminated"), replaced 'strscpy_pad()' with 'memcpy()' implementations inside '__set_task_comm()'. However a few left-over comments are still there, which mention the usage of 'strscpy_pad()' inside '__set_task_comm()'. Remove those obsolete comments. While at it, also remove an obsolete comment regarding 'task_lock()' usage while handing 'task->comm'. Signed-off-by: Bhupesh --- include/linux/sched.h | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/include/linux/sched.h b/include/linux/sched.h index 84449f847256..8bbd03f1b978 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -1156,10 +1156,8 @@ struct task_struct { * * - normally initialized begin_new_exec() * - set it with set_task_comm() - * - strscpy_pad() to ensure it is always NUL-terminated and + * - logic inside set_task_comm() will ensure it is always NUL-terminated and * zero-padded - * - task_lock() to ensure the operation is atomic and the name is - * fully updated. */ char comm[TASK_COMM_LEN]; @@ -1965,7 +1963,7 @@ extern void __set_task_comm(struct task_struct *tsk, const char *from, bool exec * User space can randomly change their names anyway, so locking for readers * doesn't make sense. For writers, locking is probably necessary, as a race * condition could lead to long-term mixed results. - * The strscpy_pad() in __set_task_comm() can ensure that the task comm is + * The logic inside __set_task_comm() should ensure that the task comm is * always NUL-terminated and zero-padded. Therefore the race condition between * reader and writer is not an issue. * -- 2.38.1 As Linus mentioned in [1], currently we have several memcpy() use-cases which use 'current->comm' to copy the task name over to local copies. For an example: ... char comm[TASK_COMM_LEN]; memcpy(comm, current->comm, TASK_COMM_LEN); ... These should be modified so that we can later implement approaches to handle the task->comm's 16-byte length limitation (TASK_COMM_LEN) in a more modular way (follow-up patch does the same): ... char comm[TASK_COMM_LEN]; memcpy(comm, current->comm, TASK_COMM_LEN); comm[TASK_COMM_LEN - 1] = '\0'; ... The relevant 'memcpy()' users were identified using the following search pattern: $ git grep 'memcpy.*->comm\>' [1]. https://lore.kernel.org/all/CAHk-=wjAmmHUg6vho1KjzQi2=psR30+CogFd4aXrThr2gsiS4g@mail.gmail.com/ Signed-off-by: Bhupesh --- include/linux/coredump.h | 3 ++- include/trace/events/block.h | 5 +++++ include/trace/events/oom.h | 1 + include/trace/events/osnoise.h | 1 + include/trace/events/signal.h | 1 + include/trace/events/task.h | 2 ++ 6 files changed, 12 insertions(+), 1 deletion(-) diff --git a/include/linux/coredump.h b/include/linux/coredump.h index 68861da4cf7c..988b233dcc09 100644 --- a/include/linux/coredump.h +++ b/include/linux/coredump.h @@ -54,7 +54,8 @@ extern void vfs_coredump(const kernel_siginfo_t *siginfo); do { \ char comm[TASK_COMM_LEN]; \ /* This will always be NUL terminated. */ \ - memcpy(comm, current->comm, sizeof(comm)); \ + memcpy(comm, current->comm, TASK_COMM_LEN); \ + comm[TASK_COMM_LEN - 1] = '\0'; \ printk_ratelimited(Level "coredump: %d(%*pE): " Format "\n", \ task_tgid_vnr(current), (int)strlen(comm), comm, ##__VA_ARGS__); \ } while (0) \ diff --git a/include/trace/events/block.h b/include/trace/events/block.h index 6aa79e2d799c..dfc20fbe389c 100644 --- a/include/trace/events/block.h +++ b/include/trace/events/block.h @@ -214,6 +214,7 @@ DECLARE_EVENT_CLASS(block_rq, blk_fill_rwbs(__entry->rwbs, rq->cmd_flags); __get_str(cmd)[0] = '\0'; memcpy(__entry->comm, current->comm, TASK_COMM_LEN); + __entry->comm[TASK_COMM_LEN - 1] = '\0'; ), TP_printk("%d,%d %s %u (%s) %llu + %u %s,%u,%u [%s]", @@ -352,6 +353,7 @@ DECLARE_EVENT_CLASS(block_bio, __entry->nr_sector = bio_sectors(bio); blk_fill_rwbs(__entry->rwbs, bio->bi_opf); memcpy(__entry->comm, current->comm, TASK_COMM_LEN); + __entry->comm[TASK_COMM_LEN - 1] = '\0'; ), TP_printk("%d,%d %s %llu + %u [%s]", @@ -435,6 +437,7 @@ TRACE_EVENT(block_plug, TP_fast_assign( memcpy(__entry->comm, current->comm, TASK_COMM_LEN); + __entry->comm[TASK_COMM_LEN - 1] = '\0'; ), TP_printk("[%s]", __entry->comm) @@ -454,6 +457,7 @@ DECLARE_EVENT_CLASS(block_unplug, TP_fast_assign( __entry->nr_rq = depth; memcpy(__entry->comm, current->comm, TASK_COMM_LEN); + __entry->comm[TASK_COMM_LEN - 1] = '\0'; ), TP_printk("[%s] %d", __entry->comm, __entry->nr_rq) @@ -505,6 +509,7 @@ TRACE_EVENT(block_split, __entry->new_sector = new_sector; blk_fill_rwbs(__entry->rwbs, bio->bi_opf); memcpy(__entry->comm, current->comm, TASK_COMM_LEN); + __entry->comm[TASK_COMM_LEN - 1] = '\0'; ), TP_printk("%d,%d %s %llu / %llu [%s]", diff --git a/include/trace/events/oom.h b/include/trace/events/oom.h index 9f0a5d1482c4..a5641ed4285f 100644 --- a/include/trace/events/oom.h +++ b/include/trace/events/oom.h @@ -24,6 +24,7 @@ TRACE_EVENT(oom_score_adj_update, TP_fast_assign( __entry->pid = task->pid; memcpy(__entry->comm, task->comm, TASK_COMM_LEN); + __entry->comm[TASK_COMM_LEN - 1] = '\0'; __entry->oom_score_adj = task->signal->oom_score_adj; ), diff --git a/include/trace/events/osnoise.h b/include/trace/events/osnoise.h index 3f4273623801..0321b3f8d532 100644 --- a/include/trace/events/osnoise.h +++ b/include/trace/events/osnoise.h @@ -117,6 +117,7 @@ TRACE_EVENT(thread_noise, TP_fast_assign( memcpy(__entry->comm, t->comm, TASK_COMM_LEN); + __entry->comm[TASK_COMM_LEN - 1] = '\0'; __entry->pid = t->pid; __entry->start = start; __entry->duration = duration; diff --git a/include/trace/events/signal.h b/include/trace/events/signal.h index 1db7e4b07c01..7f490e553db5 100644 --- a/include/trace/events/signal.h +++ b/include/trace/events/signal.h @@ -68,6 +68,7 @@ TRACE_EVENT(signal_generate, __entry->sig = sig; TP_STORE_SIGINFO(__entry, info); memcpy(__entry->comm, task->comm, TASK_COMM_LEN); + __entry->comm[TASK_COMM_LEN - 1] = '\0'; __entry->pid = task->pid; __entry->group = group; __entry->result = result; diff --git a/include/trace/events/task.h b/include/trace/events/task.h index af535b053033..4ddf21b69372 100644 --- a/include/trace/events/task.h +++ b/include/trace/events/task.h @@ -22,6 +22,7 @@ TRACE_EVENT(task_newtask, TP_fast_assign( __entry->pid = task->pid; memcpy(__entry->comm, task->comm, TASK_COMM_LEN); + __entry->comm[TASK_COMM_LEN - 1] = '\0'; __entry->clone_flags = clone_flags; __entry->oom_score_adj = task->signal->oom_score_adj; ), @@ -45,6 +46,7 @@ TRACE_EVENT(task_rename, TP_fast_assign( memcpy(entry->oldcomm, task->comm, TASK_COMM_LEN); + entry->oldcomm[TASK_COMM_LEN - 1] = '\0'; strscpy(entry->newcomm, comm, TASK_COMM_LEN); __entry->oom_score_adj = task->signal->oom_score_adj; ), -- 2.38.1 Historically due to the 16-byte length of TASK_COMM_LEN, the users of 'tsk->comm' are restricted to use a fixed-size target buffer also of TASK_COMM_LEN for 'memcpy()' like use-cases. To fix the same, we now use a 64-byte TASK_COMM_EXT_LEN and set the comm element inside 'task_struct' to the same length: struct task_struct { ..... char comm[TASK_COMM_EXT_LEN]; ..... }; where TASK_COMM_EXT_LEN is 64-bytes. Now, in order to maintain existing ABI, we ensure that: - Existing users of 'get_task_comm'/ 'set_task_comm' will get 'tsk->comm' truncated to a maximum of 'TASK_COMM_LEN' (16-bytes) to maintain ABI, - New / Modified users of 'get_task_comm'/ 'set_task_comm' will get 'tsk->comm' supported up to the maximum of 'TASK_COMM_EXT_LEN' (64-bytes). Note, that the existing users have not been modified to migrate to 'TASK_COMM_EXT_LEN', in case they have hard-coded expectations of dealing with only a 'TASK_COMM_LEN' long 'tsk->comm'. Signed-off-by: Bhupesh --- include/linux/sched.h | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/include/linux/sched.h b/include/linux/sched.h index 8bbd03f1b978..b6abb759292c 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -317,6 +317,7 @@ struct user_event_mm; */ enum { TASK_COMM_LEN = 16, + TASK_COMM_EXT_LEN = 64, }; extern void sched_tick(void); @@ -1159,7 +1160,7 @@ struct task_struct { * - logic inside set_task_comm() will ensure it is always NUL-terminated and * zero-padded */ - char comm[TASK_COMM_LEN]; + char comm[TASK_COMM_EXT_LEN]; struct nameidata *nameidata; @@ -1954,7 +1955,7 @@ extern void kick_process(struct task_struct *tsk); extern void __set_task_comm(struct task_struct *tsk, const char *from, bool exec); #define set_task_comm(tsk, from) ({ \ - BUILD_BUG_ON(sizeof(from) != TASK_COMM_LEN); \ + BUILD_BUG_ON(sizeof(from) < TASK_COMM_LEN); \ __set_task_comm(tsk, from, false); \ }) @@ -1974,6 +1975,10 @@ extern void __set_task_comm(struct task_struct *tsk, const char *from, bool exec #define get_task_comm(buf, tsk) ({ \ BUILD_BUG_ON(sizeof(buf) < TASK_COMM_LEN); \ strscpy_pad(buf, (tsk)->comm); \ + if ((sizeof(buf)) == TASK_COMM_LEN) \ + buf[TASK_COMM_LEN - 1] = '\0'; \ + else \ + buf[TASK_COMM_EXT_LEN - 1] = '\0'; \ buf; \ }) -- 2.38.1