On Tue, Sep 20, 2022 at 09:42:48AM -0500, Eric W. Biederman wrote:
> Ren Zhijie <renzhijie2@xxxxxxxxxx> writes:
> > From: Hui Tang <tanghui20@xxxxxxxxxx>
> >
> > First run './execv-main execv-child', there is empty in 'COMMAND' column
> > when run 'ps -u'.
> >
> > USER PID %CPU %MEM VSZ RSS TTY [...] TIME COMMAND
> > root 368 0.3 0.0 4388 764 ttyS0 0:00 ./execv-main
> > root 369 0.6 0.0 4520 812 ttyS0 0:00
> >
> > The program 'execv-main' as follows:
> >
> > int main(int argc, char **argv)
> > {
> > char *execv_argv[] = {NULL};
> > pid_t pid = fork();
> >
> > if (pid == 0) {
> > execv(argv[1], execv_argv);
> > } else if (pid > 0) {
> > wait(NULL);
> > }
> > return 0;
> > }
The correct fix is to userspace here:
int main(int argc, char **argv)
{
- char *execv_argv[] = {NULL};
+ char *execv_argv[] = { argv[1], NULL };
pid_t pid = fork();
if (pid == 0) {
> [...]
> For a rare case that should essentially never happen why make it
> friendlier to use? Why not fix userspace to add the friendly name
> instead of the kernel?
>
> Unless there is a good reason for it, it would be my hope that in
> a couple of years all of the userspace programs that trigger
> the warning when they start up could be fixed, and we could have
> execve start failing in those cases.
Agreed -- the goal is to help userspace fix how execve(2) is called.
Speaking to the proposed patch, this idea was considered during the
development of the ""-adding patch, with the basic outcome being
that creating a _new_ behavior was not a good idea, and might cause more
confusion. You can see the thread here:
https://lore.kernel.org/all/202202021229.9681AD39B0@keescook/
-Kees
--
Kees Cook
