On Tue, Aug 6, 2024 at 5:28 AM Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > > On Sun, 4 Aug 2024 at 00:56, Yafang Shao <laoar.shao@xxxxxxxxx> wrote: > > > > There is a BUILD_BUG_ON() inside get_task_comm(), so when you use > > get_task_comm(), it implies that the BUILD_BUG_ON() is necessary. > > Let's just remove that silly BUILD_BUG_ON(). I don't think it adds any > value, and honestly, it really only makes this patch-series uglier > when reasonable uses suddenly pointlessly need that double-underscore > version.. > > So let's aim at > > (a) documenting that the last byte in 'tsk->comm{}' is always > guaranteed to be NUL, so that the thing can always just be treated as > a string. Yes, it may change under us, but as long as we know there is > always a stable NUL there *somewhere*, we really really don't care. > > (b) removing __get_task_comm() entirely, and replacing it with a > plain 'str*cpy*()' functions > > The whole (a) thing is a requirement anyway, since the *bulk* of > tsk->comm really just seems to be various '%s' things in printk > strings etc. > > And once we just admit that we can use the string functions, all the > get_task_comm() stuff is just unnecessary. > > And yes, some people may want to use the strscpy_pad() function > because they want to fill the whole destination buffer. But that's > entirely about the *destination* use, not the tsk->comm[] source, so > it has nothing to do with any kind of "get_task_comm()" logic, and it > was always wrong to care about the buffer sizes magically matching. > > Hmm? One concern about removing the BUILD_BUG_ON() is that if we extend TASK_COMM_LEN to a larger size, such as 24, the caller with a hardcoded 16-byte buffer may overflow. This could be an issue with code in include/linux/elfcore.h and include/linux/elfcore-compat.h, posing a risk. However, I believe it is the caller's responsibility to explicitly add a null terminator if it uses a fixed buffer that cannot be changed. Therefore, the following code change is necessary: diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index 5ae8045f4df4..e4b0b7cf0c1f 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -1579,6 +1579,7 @@ static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p, SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid)); rcu_read_unlock(); get_task_comm(psinfo->pr_fname, p); + psinfo->pr_fname[15] = '\0'; return 0; } However, it is currently safe to remove the BUILD_BUG_ON() since TASK_COMM_LEN is still 16. -- Regards Yafang