On Mon, Jun 10, 2024 at 5:34 AM Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote: > > Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> writes: > > > On Sun, Jun 2, 2024 at 10:53 AM Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote: > >> > >> If you are performing lockless reads and depending upon a '\0' > >> terminator without limiting yourself to the size of the buffer > >> there needs to be a big fat comment as to how in the world > >> you are guaranteed that a '\0' inside the buffer will always > >> be found. > > > > I think Yafang can certainly add such a comment next to > > __[gs]et_task_comm. > > > > I prefer to avoid open coding memcpy + mmemset when strscpy_pad works. > > Looking through the code in set_task_comm > strscpy_pad only works when both the source and designation are aligned. > Otherwise it performs a byte a time copy, and is most definitely > susceptible to the race I observed. Byte copy doesn't have an issue either. Due to padding there is always a zero there. Worst case in the last byte. So dst buffer will be zero terminated.
