On Mon, Jan 31, 2022 at 02:49:36PM -0800, Kees Cook wrote:
On Mon, Jan 31, 2022 at 01:59:40PM -0800, Andrew Morton wrote:
On Mon, 31 Jan 2022 18:13:44 +0100 Christian Brauner brauner@kernel.org wrote:
in other words, the changes that you see CMD_ARGS[0] == NULL for execveat() seem higher than for path-based exec.
To counter that we should probably at least update the execveat() manpage with a recommendation what CMD_ARGS[0] should be set to if it isn't allowed to be set to NULL anymore. This is why was asking what argv[0] is supposed to be if the binary doesn't take any arguments.
Sent a fix to our fstests now replacing the argv[0] as NULL with "".
As we hit this check so quickly, I'm thinking that Ariadne's patch "fs/exec: require argv[0] presence in do_execveat_common()" (which added the check) isn't something we'll be able to merge into mainline?
I think the next best would be to mutate an NULL argv into { "", NULL }. However, I still think we should do the pr_warn().
Thoughts?
+1