Re: [PATCH v2 1/4] cn_proc.h: use TASK_COMM_LEN instread of 16 in struct proc_event
From: Kees Cook
Date: Thu Oct 07 2021 - 10:51:40 EST
On Thu, Oct 07, 2021 at 12:07:49PM +0000, Yafang Shao wrote:
> struct comm_proc_event was introduced in commit
> f786ecba4158 ("connector: add comm change event report to proc connector").
> It seems that there is no strong reason we must define the comm as a
> hardcode 16 bytes. So we can use TASK_COMM_LEN instead.
>
> Signed-off-by: Yafang Shao <laoar.shao@xxxxxxxxx>
> Cc: Vladimir Zapolskiy <vzapolskiy@xxxxxxxxx>
> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> Cc: Petr Mladek <pmladek@xxxxxxxx>
> ---
> include/uapi/linux/cn_proc.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/uapi/linux/cn_proc.h b/include/uapi/linux/cn_proc.h
> index db210625cee8..351d02786350 100644
> --- a/include/uapi/linux/cn_proc.h
> +++ b/include/uapi/linux/cn_proc.h
> @@ -110,7 +110,7 @@ struct proc_event {
> struct comm_proc_event {
> __kernel_pid_t process_pid;
> __kernel_pid_t process_tgid;
> - char comm[16];
> + char comm[TASK_COMM_LEN];
> } comm;
Hrmm. This is UAPI -- we can't change it without potentially breaking
things (i.e. userspace binaries have this size built in, so we can't
just change the size). This will either need to stay truncated, or may
need a new interface with a variable-sized structure...
-Kees
>
> struct coredump_proc_event {
> --
> 2.18.2
>
--
Kees Cook