On Mon, Oct 25, 2021 at 08:33:06AM +0000, Yafang Shao wrote:
> connector comm was introduced in commit
> f786ecba4158 ("connector: add comm change event report to proc connector").
> struct comm_proc_event was defined in include/linux/cn_proc.h first and
> then been moved into file include/uapi/linux/cn_proc.h in commit
> 607ca46e97a1 ("UAPI: (Scripted) Disintegrate include/linux").
>
> As this is the UAPI code, we can't change it without potentially breaking
> things (i.e. userspace binaries have this size built in, so we can't just
> change the size). To prepare for the followup change - extending task
> comm, we have to use __get_task_comm() to avoid the BUILD_BUG_ON() in
> proc_comm_connector().
I wonder, looking at this again, if it might make more sense to avoid
this cn_proc.c change, and instead, adjust get_task_comm() like so:
#define get_task_comm(buf, tsk)
__get_task_comm(buf, __must_be_array(buf) + sizeof(buf), tsk)
This would still enforce the original goal of making sure
get_task_comm() is being used on a char array, and now that
__get_task_comm() will truncate & pad, it's safe to use on both
too-small and too-big arrays.
--
Kees Cook
