From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.3 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8BBC5C432BE for ; Sun, 8 Aug 2021 17:06:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6D55D60EE7 for ; Sun, 8 Aug 2021 17:06:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232120AbhHHRHC (ORCPT ); Sun, 8 Aug 2021 13:07:02 -0400 Received: from smtp13.smtpout.orange.fr ([80.12.242.135]:53198 "EHLO smtp.smtpout.orange.fr" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232013AbhHHRHB (ORCPT ); Sun, 8 Aug 2021 13:07:01 -0400 Received: from [192.168.1.18] ([90.126.253.178]) by mwinf5d75 with ME id f56W250073riaq20356WZB; Sun, 08 Aug 2021 19:06:40 +0200 X-ME-Helo: [192.168.1.18] X-ME-Auth: Y2hyaXN0b3BoZS5qYWlsbGV0QHdhbmFkb28uZnI= X-ME-Date: Sun, 08 Aug 2021 19:06:40 +0200 X-ME-IP: 90.126.253.178 Subject: Re: [PATCH v4 2/3] drivers/soc/renesas: Prefer memcpy over strcpy To: Bernd Petrovitsch , Len Baker , Andy Gross , Bjorn Andersson , Geert Uytterhoeven , Magnus Damm , Santosh Shilimkar Cc: Kees Cook , David Laight , Robin Murphy , linux-hardening@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-renesas-soc@vger.kernel.org, linux-arm-kernel@lists.infradead.org References: <20210808125012.4715-1-len.baker@gmx.com> <20210808125012.4715-3-len.baker@gmx.com> <39485c0e-511c-50a0-83be-f9ce6fc47e67@petrovitsch.priv.at> From: Christophe JAILLET Message-ID: Date: Sun, 8 Aug 2021 19:06:30 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <39485c0e-511c-50a0-83be-f9ce6fc47e67@petrovitsch.priv.at> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-arm-msm@vger.kernel.org Hi, Le 08/08/2021 à 17:35, Bernd Petrovitsch a écrit : > Hi all! > > On 08/08/2021 14:50, Len Baker wrote: >> strcpy() performs no bounds checking on the destination buffer. This >> could result in linear overflows beyond the end of the buffer, leading >> to all kinds of misbehaviors. So, use memcpy() as a safe replacement. >> >> This is a previous step in the path to remove the strcpy() function >> entirely from the kernel. >> >> Signed-off-by: Len Baker >> --- >> drivers/soc/renesas/r8a779a0-sysc.c | 6 ++++-- >> drivers/soc/renesas/rcar-sysc.c | 6 ++++-- >> 2 files changed, 8 insertions(+), 4 deletions(-) >> >> diff --git a/drivers/soc/renesas/r8a779a0-sysc.c b/drivers/soc/renesas/r8a779a0-sysc.c >> index d464ffa1be33..7410b9fa9846 100644 >> --- a/drivers/soc/renesas/r8a779a0-sysc.c >> +++ b/drivers/soc/renesas/r8a779a0-sysc.c >> @@ -404,19 +404,21 @@ static int __init r8a779a0_sysc_pd_init(void) >> for (i = 0; i < info->num_areas; i++) { >> const struct r8a779a0_sysc_area *area = &info->areas[i]; >> struct r8a779a0_sysc_pd *pd; >> + size_t n; >> >> if (!area->name) { >> /* Skip NULLified area */ >> continue; >> } >> >> - pd = kzalloc(sizeof(*pd) + strlen(area->name) + 1, GFP_KERNEL); >> + n = strlen(area->name) + 1; >> + pd = kzalloc(sizeof(*pd) + n, GFP_KERNEL); > Zeroing the allocated bytes is not needed since it's completly > overwritten with the strcpy()/memcpy(). The strcpy()/memcpy() only overwrites the pd->name field, not the whole pd structure. I think that it is needed to keep the kzalloc. Just my 2c, CJ >> if (!pd) { >> error = -ENOMEM; >> goto out_put; >> } >> >> - strcpy(pd->name, area->name); >> + memcpy(pd->name, area->name, n); >> pd->genpd.name = pd->name; >> pd->pdr = area->pdr; >> pd->flags = area->flags; > > And similar for the second hunk. > > MfG, > Bernd > From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS, USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C4807C4338F for ; Sun, 8 Aug 2021 17:16:07 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 3F55160F02 for ; Sun, 8 Aug 2021 17:16:07 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 3F55160F02 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=wanadoo.fr Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: Content-Transfer-Encoding:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:Date:Message-ID:From: References:Cc:To:Subject:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=w6S1OxPxFyAEPR/KXyK829nNija3G+ifQ97fx+SCNdg=; b=J8cmMDm2aBfZMvIbZYJ7Keeqxy MGCP7TqSyoOEltSI35fw0PAzpCxiFEsiR7kK8rvaiTdcz4jmsgpqaUX0bdoDFlJ0k5wsznljnFjGV AxNvA+aEYhVVegY9vecekyWBWdBobJY039yLZ2trBW/9qssJSuk4Y2lxK3AG786GhKN+A9sjOXV4x 9qT5CDCYcEyfD42rDX8qM3ysSFjA2YTy70Z9IjAuqTaVBjMA8Crf7TuIXakfW3kU6Tzq/kwFc9PYB dUVE8ld7j04XrZaKPzC4VruY/jsSvj+Ol1sq98UMByi3xKk2Vfs+84IJvnK+K6EWXwX4nZHlpjjuU /zPuYrpw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mCmNQ-00G9sV-QG; Sun, 08 Aug 2021 17:14:20 +0000 Received: from smtp13.smtpout.orange.fr ([80.12.242.135] helo=smtp.smtpout.orange.fr) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mCmNN-00G9rG-9V for linux-arm-kernel@lists.infradead.org; Sun, 08 Aug 2021 17:14:19 +0000 Received: from [192.168.1.18] ([90.126.253.178]) by mwinf5d75 with ME id f56W250073riaq20356WZB; Sun, 08 Aug 2021 19:06:40 +0200 X-ME-Helo: [192.168.1.18] X-ME-Auth: Y2hyaXN0b3BoZS5qYWlsbGV0QHdhbmFkb28uZnI= X-ME-Date: Sun, 08 Aug 2021 19:06:40 +0200 X-ME-IP: 90.126.253.178 Subject: Re: [PATCH v4 2/3] drivers/soc/renesas: Prefer memcpy over strcpy To: Bernd Petrovitsch , Len Baker , Andy Gross , Bjorn Andersson , Geert Uytterhoeven , Magnus Damm , Santosh Shilimkar Cc: Kees Cook , David Laight , Robin Murphy , linux-hardening@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-renesas-soc@vger.kernel.org, linux-arm-kernel@lists.infradead.org References: <20210808125012.4715-1-len.baker@gmx.com> <20210808125012.4715-3-len.baker@gmx.com> <39485c0e-511c-50a0-83be-f9ce6fc47e67@petrovitsch.priv.at> From: Christophe JAILLET Message-ID: Date: Sun, 8 Aug 2021 19:06:30 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <39485c0e-511c-50a0-83be-f9ce6fc47e67@petrovitsch.priv.at> Content-Language: en-US X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210808_101417_650780_E0DEA131 X-CRM114-Status: GOOD ( 21.96 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org SGksCgpMZSAwOC8wOC8yMDIxIMOgIDE3OjM1LCBCZXJuZCBQZXRyb3ZpdHNjaCBhIMOpY3JpdMKg Ogo+IEhpIGFsbCEKPiAKPiBPbiAwOC8wOC8yMDIxIDE0OjUwLCBMZW4gQmFrZXIgd3JvdGU6Cj4+ IHN0cmNweSgpIHBlcmZvcm1zIG5vIGJvdW5kcyBjaGVja2luZyBvbiB0aGUgZGVzdGluYXRpb24g YnVmZmVyLiBUaGlzCj4+IGNvdWxkIHJlc3VsdCBpbiBsaW5lYXIgb3ZlcmZsb3dzIGJleW9uZCB0 aGUgZW5kIG9mIHRoZSBidWZmZXIsIGxlYWRpbmcKPj4gdG8gYWxsIGtpbmRzIG9mIG1pc2JlaGF2 aW9ycy4gU28sIHVzZSBtZW1jcHkoKSBhcyBhIHNhZmUgcmVwbGFjZW1lbnQuCj4+Cj4+IFRoaXMg aXMgYSBwcmV2aW91cyBzdGVwIGluIHRoZSBwYXRoIHRvIHJlbW92ZSB0aGUgc3RyY3B5KCkgZnVu Y3Rpb24KPj4gZW50aXJlbHkgZnJvbSB0aGUga2VybmVsLgo+Pgo+PiBTaWduZWQtb2ZmLWJ5OiBM ZW4gQmFrZXIgPGxlbi5iYWtlckBnbXguY29tPgo+PiAtLS0KPj4gICBkcml2ZXJzL3NvYy9yZW5l c2FzL3I4YTc3OWEwLXN5c2MuYyB8IDYgKysrKy0tCj4+ICAgZHJpdmVycy9zb2MvcmVuZXNhcy9y Y2FyLXN5c2MuYyAgICAgfCA2ICsrKystLQo+PiAgIDIgZmlsZXMgY2hhbmdlZCwgOCBpbnNlcnRp b25zKCspLCA0IGRlbGV0aW9ucygtKQo+Pgo+PiBkaWZmIC0tZ2l0IGEvZHJpdmVycy9zb2MvcmVu ZXNhcy9yOGE3NzlhMC1zeXNjLmMgYi9kcml2ZXJzL3NvYy9yZW5lc2FzL3I4YTc3OWEwLXN5c2Mu Ywo+PiBpbmRleCBkNDY0ZmZhMWJlMzMuLjc0MTBiOWZhOTg0NiAxMDA2NDQKPj4gLS0tIGEvZHJp dmVycy9zb2MvcmVuZXNhcy9yOGE3NzlhMC1zeXNjLmMKPj4gKysrIGIvZHJpdmVycy9zb2MvcmVu ZXNhcy9yOGE3NzlhMC1zeXNjLmMKPj4gQEAgLTQwNCwxOSArNDA0LDIxIEBAIHN0YXRpYyBpbnQg X19pbml0IHI4YTc3OWEwX3N5c2NfcGRfaW5pdCh2b2lkKQo+PiAgIAlmb3IgKGkgPSAwOyBpIDwg aW5mby0+bnVtX2FyZWFzOyBpKyspIHsKPj4gICAJCWNvbnN0IHN0cnVjdCByOGE3NzlhMF9zeXNj X2FyZWEgKmFyZWEgPSAmaW5mby0+YXJlYXNbaV07Cj4+ICAgCQlzdHJ1Y3QgcjhhNzc5YTBfc3lz Y19wZCAqcGQ7Cj4+ICsJCXNpemVfdCBuOwo+Pgo+PiAgIAkJaWYgKCFhcmVhLT5uYW1lKSB7Cj4+ ICAgCQkJLyogU2tpcCBOVUxMaWZpZWQgYXJlYSAqLwo+PiAgIAkJCWNvbnRpbnVlOwo+PiAgIAkJ fQo+Pgo+PiAtCQlwZCA9IGt6YWxsb2Moc2l6ZW9mKCpwZCkgKyBzdHJsZW4oYXJlYS0+bmFtZSkg KyAxLCBHRlBfS0VSTkVMKTsKPj4gKwkJbiA9IHN0cmxlbihhcmVhLT5uYW1lKSArIDE7Cj4+ICsJ CXBkID0ga3phbGxvYyhzaXplb2YoKnBkKSArIG4sIEdGUF9LRVJORUwpOwo+IFplcm9pbmcgdGhl IGFsbG9jYXRlZCBieXRlcyBpcyBub3QgbmVlZGVkIHNpbmNlIGl0J3MgY29tcGxldGx5Cj4gb3Zl cndyaXR0ZW4gd2l0aCB0aGUgc3RyY3B5KCkvbWVtY3B5KCkuCgpUaGUgc3RyY3B5KCkvbWVtY3B5 KCkgb25seSBvdmVyd3JpdGVzIHRoZSBwZC0+bmFtZSBmaWVsZCwgbm90IHRoZSB3aG9sZSAKcGQg c3RydWN0dXJlLgpJIHRoaW5rIHRoYXQgaXQgaXMgbmVlZGVkIHRvIGtlZXAgdGhlIGt6YWxsb2Mu CgpKdXN0IG15IDJjLApDSgoKPj4gICAJCWlmICghcGQpIHsKPj4gICAJCQllcnJvciA9IC1FTk9N RU07Cj4+ICAgCQkJZ290byBvdXRfcHV0Owo+PiAgIAkJfQo+Pgo+PiAtCQlzdHJjcHkocGQtPm5h bWUsIGFyZWEtPm5hbWUpOwo+PiArCQltZW1jcHkocGQtPm5hbWUsIGFyZWEtPm5hbWUsIG4pOwo+ PiAgIAkJcGQtPmdlbnBkLm5hbWUgPSBwZC0+bmFtZTsKPj4gICAJCXBkLT5wZHIgPSBhcmVhLT5w ZHI7Cj4+ICAgCQlwZC0+ZmxhZ3MgPSBhcmVhLT5mbGFnczsKPiAKPiBBbmQgc2ltaWxhciBmb3Ig dGhlIHNlY29uZCBodW5rLgo+IAo+IE1mRywKPiAJQmVybmQKPiAKCgpfX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwpsaW51eC1hcm0ta2VybmVsIG1haWxpbmcg bGlzdApsaW51eC1hcm0ta2VybmVsQGxpc3RzLmluZnJhZGVhZC5vcmcKaHR0cDovL2xpc3RzLmlu ZnJhZGVhZC5vcmcvbWFpbG1hbi9saXN0aW5mby9saW51eC1hcm0ta2VybmVsCg==