From patchwork Tue Oct 1 13:49:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 832587 Received: from fhigh-a2-smtp.messagingengine.com (fhigh-a2-smtp.messagingengine.com [103.168.172.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EC50C1C68A1; Tue, 1 Oct 2024 13:59:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=103.168.172.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727791171; cv=none; b=JlN5CKNdHn6Xg3PFpl763z3ZEFa+IbpX/8QbYwaKlWCT1yb5KiCQird/Yu3mgJ9ApaBb2bzbaFsD6k/jUi3l7iIY9Im8mEtxDXtasP9XCypdQnH697+KqlQGLwH42sq4ALdfwFREdAthYuulIak2BVCXcSJU2zlKv8J1wTrgBTA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727791171; c=relaxed/simple; bh=0UEGwQrnuwdQ+67p8ySa8SKC+0rmZBGpAGQroLblmg0=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Content-Type; b=NMqmsgxaQNt+6IslGgjuMRFiut0URfim0TH3D1Sk76RjerGxxzPdGrW8DqcrqhTGpO+AHH5+3t8JhodmVywdUpj5U87/3WH+1kGwsUm9MWe2LIAeacd5DHA21lN1s1ET/7JpvNhfI6bJNn+VzuoRzfFagEUcRYjAeixNYXC9gRU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=tycho.pizza; spf=pass smtp.mailfrom=tycho.pizza; dkim=pass (2048-bit key) header.d=tycho.pizza header.i=@tycho.pizza header.b=pssqwj07; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b=QjjWVV9R; arc=none smtp.client-ip=103.168.172.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=tycho.pizza Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=tycho.pizza Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=tycho.pizza header.i=@tycho.pizza header.b="pssqwj07"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="QjjWVV9R" Received: from phl-compute-02.internal (phl-compute-02.phl.internal [10.202.2.42]) by mailfhigh.phl.internal (Postfix) with ESMTP id DFD5C11413D4; Tue, 1 Oct 2024 09:59:28 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-02.internal (MEProxy); Tue, 01 Oct 2024 09:59:28 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho.pizza; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :subject:subject:to:to; s=fm1; t=1727791168; x=1727877568; bh=un WHvxzfAjnkbvBw6nviBvkFZdeAWYaudeSrxpKDykw=; b=pssqwj0736RHy3+h8m 0rW29eeT5N3DbwuJBw1egM7Jjjc8JjdGG8vx1Ms7Xx5MkG1syA6O9bdMbu/Qy0jX YoXPpYjN+3JYkz8KMeorIj7ZoWYCzowGHmHbSPvqjQzUGlzFg6ZFfc08BALSydfd mUrDSvLBkxlMhz3JfZPGnsDAgWjIEFag5S3c4XRoCuY0W8V8T8uywY1ULsUf+enq kjUDG8D62/rDZCa4+RCTfGB19a0RoW457RICZH5hXv5vpbihyFiv5p4kwYWGULFv aSEtHAX6VFjv64CpnrSVnM/Im5rL+Fa50fRFZYn8ejVNPZK7zjnSUa2pef7tFDS2 OXrA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:message-id:mime-version:reply-to:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1727791168; x=1727877568; bh=unWHvxzfAjnkb vBw6nviBvkFZdeAWYaudeSrxpKDykw=; b=QjjWVV9RrX987qwDX3uubrLJfXsqg DP4OQoVXPMPQzhVneNE0+/RCGI4dXokMK9466jOOOn7cIT9rm0te+0pFqHQJ1fkF WJQsqt18bSPcVRtTmJ3vWLet3AOXl1uTfvNxi4800LKxThOasWAWqZgMSe42GMt3 LOeJ+8aTU1G5uZxc5ExrkcClBoSTMsaFUVSyO/K5mnkZR6MQybrtdsTwrp6qe1Kg XveebKSycxyaOwqFUoKd+aKvemAZnzWIUoSj3eggaOb2vEF/UX0n9aiTCYJDTsdI 17+41DpSmVpt8nGn0JeNzilo4B50h/gmHPpUxFmKwOTzZI39WERZTe2Lw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvddujedgieelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnh htshculddquddttddmnecujfgurhephffvvefufffkofggtgfgsehtkeertdertdejnecu hfhrohhmpefvhigthhhoucetnhguvghrshgvnhcuoehthigthhhosehthigthhhordhpih iiiigrqeenucggtffrrghtthgvrhhnpeeuueeujeffffekheevvdeiudffgfdtteevuddv tefhgeduffehuddvjeffhffgueenucffohhmrghinhepghhithhhuhgsrdgtohhmnecuve hluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepthihtghhohes thihtghhohdrphhiiiiirgdpnhgspghrtghpthhtohepudefpdhmohguvgepshhmthhpoh huthdprhgtphhtthhopehvihhrohesiigvnhhivhdrlhhinhhugidrohhrghdruhhkpdhr tghpthhtohepsghrrghunhgvrheskhgvrhhnvghlrdhorhhgpdhrtghpthhtohepjhgrtg hksehsuhhsvgdrtgiipdhrtghpthhtohepvggsihgvuggvrhhmseigmhhishhsihhonhdr tghomhdprhgtphhtthhopehkvggvsheskhgvrhhnvghlrdhorhhgpdhrtghpthhtoheplh hinhhugidqfhhsuggvvhgvlhesvhhgvghrrdhkvghrnhgvlhdrohhrghdprhgtphhtthho pehlihhnuhigqdhmmheskhhvrggtkhdrohhrghdprhgtphhtthhopehlihhnuhigqdhkvg hrnhgvlhesvhhgvghrrdhkvghrnhgvlhdrohhrghdprhgtphhtthhopehlihhnuhigqdhk shgvlhhfthgvshhtsehvghgvrhdrkhgvrhhnvghlrdhorhhg X-ME-Proxy: Feedback-ID: i21f147d5:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 1 Oct 2024 09:59:27 -0400 (EDT) From: Tycho Andersen To: Alexander Viro , Christian Brauner , Jan Kara , Eric Biederman , Kees Cook Cc: linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Tycho Andersen , Tycho Andersen , =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= , Aleksa Sarai Subject: [PATCH v3 1/2] exec: fix up /proc/pid/comm in the execveat(AT_EMPTY_PATH) case Date: Tue, 1 Oct 2024 07:49:44 -0600 Message-Id: <20241001134945.798662-1-tycho@tycho.pizza> X-Mailer: git-send-email 2.34.1 Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Tycho Andersen Zbigniew mentioned at Linux Plumber's that systemd is interested in switching to execveat() for service execution, but can't, because the contents of /proc/pid/comm are the file descriptor which was used, instead of the path to the binary. This makes the output of tools like top and ps useless, especially in a world where most fds are opened CLOEXEC so the number is truly meaningless. Change exec path to fix up /proc/pid/comm in the case where we have allocated one of these synthetic paths in bprm_init(). This way the actual exec machinery is unchanged, but cosmetically the comm looks reasonable to admins investigating things. Signed-off-by: Tycho Andersen Suggested-by: Zbigniew Jędrzejewski-Szmek CC: Aleksa Sarai Link: https://github.com/uapi-group/kernel-features#set-comm-field-before-exec --- v2: * drop the flag, everyone :) * change the rendered value to f_path.dentry->d_name.name instead of argv[0], Eric v3: * fix up subject line, Eric --- fs/exec.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) base-commit: baeb9a7d8b60b021d907127509c44507539c15e5 diff --git a/fs/exec.c b/fs/exec.c index dad402d55681..9520359a8dcc 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1416,7 +1416,18 @@ int begin_new_exec(struct linux_binprm * bprm) set_dumpable(current->mm, SUID_DUMP_USER); perf_event_exec(); - __set_task_comm(me, kbasename(bprm->filename), true); + + /* + * If fdpath was set, execveat() made up a path that will + * probably not be useful to admins running ps or similar. + * Let's fix it up to be something reasonable. + */ + if (bprm->fdpath) { + BUILD_BUG_ON(TASK_COMM_LEN > DNAME_INLINE_LEN); + __set_task_comm(me, bprm->file->f_path.dentry->d_name.name, true); + } else { + __set_task_comm(me, kbasename(bprm->filename), true); + } /* An exec changes our domain. We are no longer part of the thread group */ From patchwork Tue Oct 1 13:49:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 832139 Received: from fhigh-a2-smtp.messagingengine.com (fhigh-a2-smtp.messagingengine.com [103.168.172.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 447951C6F70; Tue, 1 Oct 2024 13:59:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=103.168.172.153 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727791173; cv=none; b=QWgrExISf8FTtu8DdQ4HLMGQITUCR+UBB27RMti2054kbbfxShYeoE5JY3OxpWeMaWXGFpa/RCMseKTzFdnN66XqLN7ZLC39amMxVNU2rf+yCk8wOhCausBSusmrx40dTHRObOf4g4QCIHMY9MwdgXuwCNe+K7uhkaJUK3lRT7w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1727791173; c=relaxed/simple; bh=Au412/fFbpquOp/lmA/1fVR4HYznA9tZpqoVa2f6kL0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ZpfHx4Q2Yis2TvNrwZE0J0MzjOBOgkIzNVJ2rSRu76/xOXforipdJn3CSgefQ1DgL0by6q2YeDgL61/pasMwLD3ha8FM+7w3JTb7F1PRgyiICMwh+IqvbpXBWYPkfTbt4htd4byxnijd60IL97Y+7JzM3iFYG5OzoawLBCjG5P8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=tycho.pizza; spf=pass smtp.mailfrom=tycho.pizza; dkim=pass (2048-bit key) header.d=tycho.pizza header.i=@tycho.pizza header.b=gN5z/a/i; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b=AHVl+I89; arc=none smtp.client-ip=103.168.172.153 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=tycho.pizza Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=tycho.pizza Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=tycho.pizza header.i=@tycho.pizza header.b="gN5z/a/i"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="AHVl+I89" Received: from phl-compute-11.internal (phl-compute-11.phl.internal [10.202.2.51]) by mailfhigh.phl.internal (Postfix) with ESMTP id 60FD011413C3; Tue, 1 Oct 2024 09:59:30 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-11.internal (MEProxy); Tue, 01 Oct 2024 09:59:30 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho.pizza; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1727791170; x= 1727877570; bh=jcSby7W+5uYeteUvGb/mYaE5eneel7efJMsI4xZNg/Q=; b=g N5z/a/iyRdao1WtZNXNECk6YIAmT7yLSEGJP3YhwYvDJKvJYZ0XhzasPsCbSVXPk 0dD7JBoaOs980RnGLrtTZ/18RTNe29uptwG35eF6lHIrr/EAB09lv9Ydlxr4srNH XSFIusvwFwD6oIPJmniPtL4vY2VRDDGDipfJYyOAKHZcK/aKWg8pQ5GMMB7VuVKx xGzEBetglynBN3Hcppu0M6gzFIv/NXqHQLu3WsWT5VdZRtJkkTpGHMfyw6l8uY0O NV3IohKYhg0U5I0dMfOss7TFczldK/NN5i+UUzzh8jQjt7VfyUVs4m+FPs0oHe1U 7ms9+TEa5R0jRbUyqAOGw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1727791170; x= 1727877570; bh=jcSby7W+5uYeteUvGb/mYaE5eneel7efJMsI4xZNg/Q=; b=A HVl+I89YBj4SHx7zwYhyOy7tAg9w5f5A9DTKUEqiD5WauZOKPX9tMPT9bZ7xx6Zu Aw80Iy3SKIDkaall/OlIQr4ViRM7376x1B0LVXr5DX9BMSMbSsbm2fj6/QbsuV8s LWMIbwc4BF5TGu0ajlUO8CFMw90PWNb8mNQH6wzw5j6moVjf6+kB5qQkHu3g3cus EImZvX4QIZgA/ezV1zhd0LXuxPxvqrtga+WAwLqpYTBM3/h5RQafN5otyLm7N2oQ yrHOoNBRO3OF3pk6tOEM9UXox1hFrahkb16Ll3bW8cbKOCaUB0frDkoz0+Nv2Zgc lKpr/aDbdrOr7/vKTi2Ag== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvddujedgieelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnh htshculddquddttddmnecujfgurhephffvvefufffkofgjfhgggfestdekredtredttden ucfhrhhomhepvfihtghhohcutehnuggvrhhsvghnuceothihtghhohesthihtghhohdrph hiiiiirgeqnecuggftrfgrthhtvghrnhepvdegffehledvleejvdethffgieefveevhfei gefffffgheeguedtieektdeigeeunecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrg hmpehmrghilhhfrhhomhepthihtghhohesthihtghhohdrphhiiiiirgdpnhgspghrtghp thhtohepuddupdhmohguvgepshhmthhpohhuthdprhgtphhtthhopehvihhrohesiigvnh hivhdrlhhinhhugidrohhrghdruhhkpdhrtghpthhtohepsghrrghunhgvrheskhgvrhhn vghlrdhorhhgpdhrtghpthhtohepjhgrtghksehsuhhsvgdrtgiipdhrtghpthhtohepvg gsihgvuggvrhhmseigmhhishhsihhonhdrtghomhdprhgtphhtthhopehkvggvsheskhgv rhhnvghlrdhorhhgpdhrtghpthhtoheplhhinhhugidqfhhsuggvvhgvlhesvhhgvghrrd hkvghrnhgvlhdrohhrghdprhgtphhtthhopehlihhnuhigqdhmmheskhhvrggtkhdrohhr ghdprhgtphhtthhopehlihhnuhigqdhkvghrnhgvlhesvhhgvghrrdhkvghrnhgvlhdroh hrghdprhgtphhtthhopehlihhnuhigqdhkshgvlhhfthgvshhtsehvghgvrhdrkhgvrhhn vghlrdhorhhg X-ME-Proxy: Feedback-ID: i21f147d5:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 1 Oct 2024 09:59:28 -0400 (EDT) From: Tycho Andersen To: Alexander Viro , Christian Brauner , Jan Kara , Eric Biederman , Kees Cook Cc: linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Tycho Andersen , Tycho Andersen Subject: [PATCH v3 2/2] selftests/exec: add a test to enforce execveat()'s comm Date: Tue, 1 Oct 2024 07:49:45 -0600 Message-Id: <20241001134945.798662-2-tycho@tycho.pizza> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241001134945.798662-1-tycho@tycho.pizza> References: <20241001134945.798662-1-tycho@tycho.pizza> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Tycho Andersen We want to ensure that /proc/self/comm stays useful for execveat() callers. Signed-off-by: Tycho Andersen --- tools/testing/selftests/exec/execveat.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/tools/testing/selftests/exec/execveat.c b/tools/testing/selftests/exec/execveat.c index 071e03532cba..091029f4ca9b 100644 --- a/tools/testing/selftests/exec/execveat.c +++ b/tools/testing/selftests/exec/execveat.c @@ -419,6 +419,9 @@ int main(int argc, char **argv) if (argc >= 2) { /* If we are invoked with an argument, don't run tests. */ const char *in_test = getenv("IN_TEST"); + /* TASK_COMM_LEN == 16 */ + char buf[32]; + int fd; if (verbose) { ksft_print_msg("invoked with:\n"); @@ -432,6 +435,28 @@ int main(int argc, char **argv) return 1; } + fd = open("/proc/self/comm", O_RDONLY); + if (fd < 0) { + perror("open comm"); + return 1; + } + + if (read(fd, buf, sizeof(buf)) < 0) { + close(fd); + perror("read comm"); + return 1; + } + close(fd); + + /* + * /proc/self/comm should fail to convert to an integer, i.e. + * atoi() should return 0. + */ + if (atoi(buf) != 0) { + ksft_print_msg("bad /proc/self/comm: %s", buf); + return 1; + } + /* Use the final argument as an exit code. */ rc = atoi(argv[argc - 1]); exit(rc);