From d4ee4ac395eec1e64f696dbea1de82e90b17127d Mon Sep 17 00:00:00 2001 From: Yafang Shao Date: Mon, 7 Oct 2024 22:49:07 +0800 Subject: security: replace memcpy() with get_task_comm() Quoted from Linus [0]: selinux never wanted a lock, and never wanted any kind of *consistent* result, it just wanted a *stable* result. Using get_task_comm() to read the task comm ensures that the name is always NUL-terminated, regardless of the source string. This approach also facilitates future extensions to the task comm. Link: https://lkml.kernel.org/r/20241007144911.27693-4-laoar.shao@gmail.com Signed-off-by: Yafang Shao Link: https://lore.kernel.org/all/CAHk-=wivfrF0_zvf+oj6==Sh=-npJooP8chLPEfaFV0oNYTTBA@mail.gmail.com/ [0] Acked-by: Paul Moore Cc: James Morris Cc: "Serge E. Hallyn" Cc: Stephen Smalley Cc: Ondrej Mosnacek Cc: Alejandro Colomar Cc: Alexander Viro Cc: Alexei Starovoitov Cc: Andy Shevchenko Cc: Catalin Marinas Cc: Christian Brauner Cc: Daniel Vetter Cc: David Airlie Cc: Eric Biederman Cc: Eric Paris Cc: Jan Kara Cc: Justin Stitt Cc: Kees Cook Cc: Linus Torvalds Cc: Maarten Lankhorst Cc: Matthew Wilcox Cc: Matus Jokay Cc: Maxime Ripard Cc: Quentin Monnet Cc: Simon Horman Cc: Steven Rostedt (Google) Cc: Tetsuo Handa Cc: Thomas Zimmermann Signed-off-by: Andrew Morton --- security/selinux/selinuxfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'security/selinux/selinuxfs.c') diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index e172f182b65c..c9b05be27ddb 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -708,7 +708,7 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, if (new_value) { char comm[sizeof(current->comm)]; - memcpy(comm, current->comm, sizeof(comm)); + strscpy(comm, current->comm); pr_err("SELinux: %s (%d) set checkreqprot to 1. This is no longer supported.\n", comm, current->pid); } -- cgit v1.2.3