linux-hardening.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Kees Cook <keescook@chromium.org>
To: Justin Stitt <justinstitt@google.com>
Cc: Sathya Prakash Veerichetty <sathya.prakash@broadcom.com>,
	Kashyap Desai <kashyap.desai@broadcom.com>,
	Sumit Saxena <sumit.saxena@broadcom.com>,
	Sreekanth Reddy <sreekanth.reddy@broadcom.com>,
	"James E.J. Bottomley" <jejb@linux.ibm.com>,
	"Martin K. Petersen" <martin.petersen@oracle.com>,
	Suganath Prabu Subramani <suganath-prabu.subramani@broadcom.com>,
	Ariel Elior <aelior@marvell.com>,
	Manish Chopra <manishc@marvell.com>,
	"David S. Miller" <davem@davemloft.net>,
	Eric Dumazet <edumazet@google.com>,
	Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
	Saurav Kashyap <skashyap@marvell.com>,
	Javed Hasan <jhasan@marvell.com>,
	GR-QLogic-Storage-Upstream@marvell.com,
	Nilesh Javali <njavali@marvell.com>,
	Manish Rangankar <mrangankar@marvell.com>,
	Don Brace <don.brace@microchip.com>,
	mpi3mr-linuxdrv.pdl@broadcom.com, linux-scsi@vger.kernel.org,
	linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org,
	MPT-FusionLinux.pdl@broadcom.com, netdev@vger.kernel.org,
	storagedev@microchip.com
Subject: Re: [PATCH v2 3/7] scsi: qedf: replace deprecated strncpy with strscpy
Date: Wed, 28 Feb 2024 16:04:08 -0800	[thread overview]
Message-ID: <202402281604.C50A4D9@keescook> (raw)
In-Reply-To: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-3-dacebd3fcfa0@google.com>

On Wed, Feb 28, 2024 at 10:59:03PM +0000, Justin Stitt wrote:
> We expect slowpath_params.name to be NUL-terminated based on its future
> usage with other string APIs:
> 
> |	static int qed_slowpath_start(struct qed_dev *cdev,
> |				      struct qed_slowpath_params *params)
> ...
> |	strscpy(drv_version.name, params->name,
> |		MCP_DRV_VER_STR_SIZE - 4);
> 
> Moreover, NUL-padding is not necessary as the only use for this slowpath
> name parameter is to copy into the drv_version.name field.
> 
> Also, let's prefer using strscpy(src, dest, sizeof(src)) in two
> instances (one of which is outside of the scsi system but it is trivial
> and related to this patch).
> 
> We can see the drv_version.name size here:
> |	struct qed_mcp_drv_version {
> |		u32	version;
> |		u8	name[MCP_DRV_VER_STR_SIZE - 4];
> |	};
> 
> Signed-off-by: Justin Stitt <justinstitt@google.com>

Reviewed-by: Kees Cook <keescook@chromium.org>

-- 
Kees Cook

  reply	other threads:[~2024-02-29  0:04 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-28 22:59 [PATCH v2 0/7] scsi: replace deprecated strncpy Justin Stitt
2024-02-28 22:59 ` [PATCH v2 1/7] scsi: mpi3mr: replace deprecated strncpy with assignments Justin Stitt
2024-02-29  0:02   ` Kees Cook
2024-02-28 22:59 ` [PATCH v2 2/7] scsi: mpt3sas: replace deprecated strncpy with strscpy Justin Stitt
2024-02-29  0:03   ` Kees Cook
2024-02-28 22:59 ` [PATCH v2 3/7] scsi: qedf: " Justin Stitt
2024-02-29  0:04   ` Kees Cook [this message]
2024-02-28 22:59 ` [PATCH v2 4/7] scsi: qla4xxx: " Justin Stitt
2024-02-29  0:15   ` Kees Cook
2024-02-28 22:59 ` [PATCH v2 5/7] scsi: devinfo: replace strncpy and manual pad Justin Stitt
2024-02-28 22:59 ` [PATCH v2 6/7] scsi: smartpqi: replace deprecated strncpy with strscpy Justin Stitt
2024-02-28 22:59 ` [PATCH v2 7/7] scsi: wd33c93: " Justin Stitt
2024-02-29  0:18 ` [PATCH v2 0/7] scsi: replace deprecated strncpy Kees Cook
2024-03-05 23:35   ` Justin Stitt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202402281604.C50A4D9@keescook \
    --to=keescook@chromium.org \
    --cc=GR-QLogic-Storage-Upstream@marvell.com \
    --cc=MPT-FusionLinux.pdl@broadcom.com \
    --cc=aelior@marvell.com \
    --cc=davem@davemloft.net \
    --cc=don.brace@microchip.com \
    --cc=edumazet@google.com \
    --cc=jejb@linux.ibm.com \
    --cc=jhasan@marvell.com \
    --cc=justinstitt@google.com \
    --cc=kashyap.desai@broadcom.com \
    --cc=kuba@kernel.org \
    --cc=linux-hardening@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-scsi@vger.kernel.org \
    --cc=manishc@marvell.com \
    --cc=martin.petersen@oracle.com \
    --cc=mpi3mr-linuxdrv.pdl@broadcom.com \
    --cc=mrangankar@marvell.com \
    --cc=netdev@vger.kernel.org \
    --cc=njavali@marvell.com \
    --cc=pabeni@redhat.com \
    --cc=sathya.prakash@broadcom.com \
    --cc=skashyap@marvell.com \
    --cc=sreekanth.reddy@broadcom.com \
    --cc=storagedev@microchip.com \
    --cc=suganath-prabu.subramani@broadcom.com \
    --cc=sumit.saxena@broadcom.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).