android_kernel_xiaomi_sm8350/kernel
Vegard Nossum 8798881507 utsname: completely overwrite prior information
On sethostname() and setdomainname(), previous information may be retained
if it was longer than than the new hostname/domainname.

This can be demonstrated trivially by calling sethostname() first with a
long name, then with a short name, and then calling uname() to retrieve
the full buffer that contains the hostname (and possibly parts of the old
hostname), one just has to look past the terminating zero.

I don't know if we should really care that much (hence the RFC); the only
scenarios I can possibly think of is administrator putting something
sensitive in the hostname (or domain name) by accident, and changing it
back will not undo the mistake entirely, though it's not like we can
recover gracefully from "rm -rf /" either...  The other scenario is
namespaces (CLONE_NEWUTS) where some information may be unintentionally
"inherited" from the previous namespace (a program wants to hide the
original name and does clone + sethostname, but some information is still
left).

I think the patch may be defended on grounds of the principle of least
surprise.  But I am not adamant :-)

(I guess the question now is whether userspace should be able to
write embedded NULs into the buffer or not...)

At least the observation has been made and the patch has been presented.

Signed-off-by: Vegard Nossum <vegard.nossum@gmail.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: "Serge E. Hallyn" <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-10-16 11:21:31 -07:00
..
irq Merge branch 'linus' into x86/core 2008-08-14 14:58:01 +02:00
power pm: rework disabling of user mode helpers during suspend/hibernation 2008-10-16 11:21:29 -07:00
time Kconfig: eliminate "def_bool n" constructs 2008-10-16 11:21:31 -07:00
trace hrtimer: prevent migration of per CPU hrtimers 2008-09-29 17:09:14 +02:00
.gitignore
acct.c tty: Fix abusers of current->sighand->tty 2008-10-13 09:51:42 -07:00
audit_tree.c
audit.c [PATCH] Fix the bug of using AUDIT_STATUS_RATE_LIMIT when set fail, no error output. 2008-08-01 12:15:16 -04:00
audit.h
auditfilter.c Re: [PATCH] the loginuid field should be output in all AUDIT_CONFIG_CHANGE audit messages 2008-08-01 12:15:03 -04:00
auditsc.c tty: Fix abusers of current->sighand->tty 2008-10-13 09:51:42 -07:00
backtracetest.c
bounds.c
capability.c security: Fix setting of PF_SUPERPRIV by __capable() 2008-08-14 22:59:43 +10:00
cgroup_debug.c
cgroup.c memrlimit: cgroup mm owner callback changes to add task info 2008-10-16 11:21:28 -07:00
compat.c
configs.c
cpu.c Merge branches 'sched/devel', 'sched/cpu-hotplug', 'sched/cpusets' and 'sched/urgent' into sched/core 2008-10-08 11:31:02 +02:00
cpuset.c cpusets: scan_for_empty_cpusets(), cpuset doesn't seem to be so const 2008-10-03 13:39:50 +02:00
delayacct.c per-task-delay-accounting: update taskstats for memory reclaim delay 2008-07-25 10:53:47 -07:00
dma-coherent.c dma-coherent: export dma_[alloc|release]_from_coherent methods 2008-08-22 08:34:53 +02:00
dma.c kernel/dma.c: remove a CVS keyword 2008-10-16 11:21:30 -07:00
exec_domain.c [PATCH] kill altroot 2008-07-26 20:53:20 -04:00
exit.c memrlimit: cgroup mm owner callback changes to add task info 2008-10-16 11:21:28 -07:00
extable.c
fork.c tty: Add a kref count 2008-10-13 09:51:40 -07:00
futex_compat.c
futex.c
hrtimer.c hrtimer: prevent migration of per CPU hrtimers 2008-09-29 17:09:14 +02:00
itimer.c
kallsyms.c kallsyms: fix potential overflow in binary search 2008-07-25 10:53:27 -07:00
Kconfig.hz sched: fix SCHED_HRTICK dependency 2008-07-28 14:37:38 +02:00
Kconfig.preempt
kexec.c kexec: fix segmentation fault in kimage_add_entry 2008-09-23 08:09:14 -07:00
kfifo.c
kgdb.c kgdb: call touch_softlockup_watchdog on resume 2008-10-06 13:50:59 -05:00
kmod.c pm: rework disabling of user mode helpers during suspend/hibernation 2008-10-16 11:21:29 -07:00
kprobes.c kprobes: remove redundant config check 2008-07-25 10:53:30 -07:00
ksysfs.c profiling: dynamically enable readprofile at runtime 2008-10-16 11:21:31 -07:00
kthread.c tracehook: wait_task_inactive 2008-07-26 12:00:09 -07:00
latencytop.c
lockdep_internals.h lockdep: build fix 2008-08-13 12:55:10 +02:00
lockdep_proc.c lockstat: fix numerical output rounding error 2008-08-26 10:37:46 +02:00
lockdep.c lockdep: fix invalid list_del_rcu in zap_class 2008-08-27 08:40:36 +02:00
Makefile Merge branch 'linus' into core/generic-dma-coherent 2008-07-29 00:07:55 +02:00
marker.c markers: fix markers read barrier for multiple probes 2008-07-30 09:41:45 -07:00
module.c Make the taint flags reliable 2008-10-16 11:21:31 -07:00
mutex-debug.c
mutex-debug.h
mutex.c locking: fix mutex @key parameter kernel-doc notation 2008-07-28 18:12:36 +02:00
mutex.h
notifier.c
ns_cgroup.c cgroup_clone: use pid of newly created task for new cgroup 2008-07-25 10:53:37 -07:00
nsproxy.c removed unused #include <linux/version.h>'s 2008-08-23 12:14:12 -07:00
panic.c Make the taint flags reliable 2008-10-16 11:21:31 -07:00
params.c
pid_namespace.c pid_ns: (BUG 11391) change ->child_reaper when init->group_leader exits 2008-09-02 19:21:38 -07:00
pid.c pidns: remove now unused find_pid function. 2008-07-25 10:53:45 -07:00
pm_qos_params.c pm_qos_requirement might sleep 2008-09-02 19:21:40 -07:00
posix-cpu-timers.c
posix-timers.c fix error-path NULL deref in alloc_posix_timer() 2008-10-02 15:53:13 -07:00
printk.c tty: Move tty_write_message out of kernel/printk 2008-10-13 09:51:41 -07:00
profile.c profiling: dynamically enable readprofile at runtime 2008-10-16 11:21:31 -07:00
ptrace.c security: Fix setting of PF_SUPERPRIV by __capable() 2008-08-14 22:59:43 +10:00
rcuclassic.c rcu: RCU-based detection of stalled CPUs for Classic RCU, fix 2008-10-03 10:41:00 +02:00
rcupdate.c rcu: fix synchronize_rcu() so that kernel-doc works 2008-08-21 09:31:44 +02:00
rcupreempt_trace.c rcu: trace fix possible mem-leak 2008-08-15 17:54:40 +02:00
rcupreempt.c rcu: remove redundant ACCESS_ONCE definition from rcupreempt.c 2008-08-18 09:45:22 +02:00
rcutorture.c
relay.c relay: fix "full buffer with exactly full last subbuffer" accounting problem 2008-08-05 14:33:46 -07:00
res_counter.c cgroup files: convert res_counter_write() to be a cgroups write_string() handler 2008-07-25 10:53:36 -07:00
resource.c IO resources: add reserve_region_with_split() 2008-09-04 21:02:44 +02:00
rtmutex_common.h
rtmutex-debug.c
rtmutex-debug.h
rtmutex-tester.c sysdev: Pass the attribute to the low level sysdev show/store function 2008-07-21 21:55:02 -07:00
rtmutex.c
rtmutex.h
rwsem.c
sched_clock.c sched_clock: fix cpu_clock() 2008-08-25 17:39:57 +02:00
sched_cpupri.c
sched_cpupri.h
sched_debug.c [PATCH] signal, procfs: some lock_task_sighand() users do not need rcu_read_lock() 2008-10-10 04:18:57 +04:00
sched_fair.c sched: sync wakeups vs avg_overlap 2008-10-08 12:20:26 +02:00
sched_features.h sched: turn off WAKEUP_OVERLAP 2008-09-22 16:29:00 +02:00
sched_idletask.c sched: wakeup preempt when small overlap 2008-09-22 16:28:32 +02:00
sched_rt.c sched_rt.c: resch needed in rt_rq_enqueue() for the root rt_rq 2008-10-04 14:31:54 +02:00
sched_stats.h sched: fix accounting in task delay accounting & migration 2008-07-04 12:50:23 +02:00
sched.c sched debug: add name to sched_domain sysctl entries 2008-10-09 17:13:06 +02:00
seccomp.c
semaphore.c semaphore: __down_common: use signal_pending_state() 2008-08-05 14:33:47 -07:00
signal.c tracehook: fix SA_NOCLDWAIT 2008-08-19 20:37:07 -07:00
smp.c smp: have smp_call_function_single() detect invalid CPUs 2008-08-25 17:45:48 -07:00
softirq.c Full conversion to early_initcall() interface, remove old interface 2008-07-26 12:00:04 -07:00
softlockup.c Make the taint flags reliable 2008-10-16 11:21:31 -07:00
spinlock.c lockdep: spin_lock_nest_lock(), checkpatch fixes 2008-08-13 13:56:51 +02:00
srcu.c
stacktrace.c stacktrace: fix modular build, export print_stack_trace and save_stack_trace 2008-06-30 09:20:55 +02:00
stop_machine.c stop_machine: remove unused variable 2008-08-12 17:52:55 +10:00
sys_ni.c Configure out file locking features 2008-09-29 17:56:57 -04:00
sys.c utsname: completely overwrite prior information 2008-10-16 11:21:31 -07:00
sysctl_check.c sysctl: check for bogus modes 2008-07-25 10:53:45 -07:00
sysctl.c Make the taint flags reliable 2008-10-16 11:21:31 -07:00
taskstats.c taskstats: remove initialization of static per-cpu variable 2008-07-25 10:53:47 -07:00
test_kprobes.c
time.c
timeconst.pl
timer.c Merge branch 'for-linus' of master.kernel.org:/home/rmk/linux-2.6-arm 2008-07-14 16:06:58 -07:00
tsacct.c task IO accounting: move all IO statistics in struct task_io_accounting 2008-07-27 16:12:28 -07:00
uid16.c
user_namespace.c removed unused #include <linux/version.h>'s 2008-08-23 12:14:12 -07:00
user.c sched: rt-bandwidth for user grouping interface 2008-08-19 13:10:09 +02:00
utsname_sysctl.c removed unused #include <linux/version.h>'s 2008-08-23 12:14:12 -07:00
utsname.c removed unused #include <linux/version.h>'s 2008-08-23 12:14:12 -07:00
wait.c wait: kill is_sync_wait() 2008-10-16 11:21:31 -07:00
workqueue.c Merge branch 'core/locking' into core/urgent 2008-08-12 00:11:49 +02:00