* [PATCH] nios2: Replace all non-returning strlcpy with strscpy
@ 2023-05-30 16:23 Azeem Shaikh
2023-05-30 23:20 ` Kees Cook
0 siblings, 1 reply; 6+ messages in thread
From: Azeem Shaikh @ 2023-05-30 16:23 UTC (permalink / raw)
To: Dinh Nguyen; +Cc: linux-hardening, Azeem Shaikh, linux-kernel
strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().
No return values were used, so direct replacement is safe.
[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89
Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
---
arch/nios2/kernel/cpuinfo.c | 2 +-
arch/nios2/kernel/setup.c | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/arch/nios2/kernel/cpuinfo.c b/arch/nios2/kernel/cpuinfo.c
index 203870c4b86d..338849c430a5 100644
--- a/arch/nios2/kernel/cpuinfo.c
+++ b/arch/nios2/kernel/cpuinfo.c
@@ -47,7 +47,7 @@ void __init setup_cpuinfo(void)
str = of_get_property(cpu, "altr,implementation", &len);
if (str)
- strlcpy(cpuinfo.cpu_impl, str, sizeof(cpuinfo.cpu_impl));
+ strscpy(cpuinfo.cpu_impl, str, sizeof(cpuinfo.cpu_impl));
else
strcpy(cpuinfo.cpu_impl, "<unknown>");
diff --git a/arch/nios2/kernel/setup.c b/arch/nios2/kernel/setup.c
index 40bc8fb75e0b..8582ed965844 100644
--- a/arch/nios2/kernel/setup.c
+++ b/arch/nios2/kernel/setup.c
@@ -121,7 +121,7 @@ asmlinkage void __init nios2_boot_init(unsigned r4, unsigned r5, unsigned r6,
dtb_passed = r6;
if (r7)
- strlcpy(cmdline_passed, (char *)r7, COMMAND_LINE_SIZE);
+ strscpy(cmdline_passed, (char *)r7, COMMAND_LINE_SIZE);
}
#endif
@@ -129,10 +129,10 @@ asmlinkage void __init nios2_boot_init(unsigned r4, unsigned r5, unsigned r6,
#ifndef CONFIG_CMDLINE_FORCE
if (cmdline_passed[0])
- strlcpy(boot_command_line, cmdline_passed, COMMAND_LINE_SIZE);
+ strscpy(boot_command_line, cmdline_passed, COMMAND_LINE_SIZE);
#ifdef CONFIG_NIOS2_CMDLINE_IGNORE_DTB
else
- strlcpy(boot_command_line, CONFIG_CMDLINE, COMMAND_LINE_SIZE);
+ strscpy(boot_command_line, CONFIG_CMDLINE, COMMAND_LINE_SIZE);
#endif
#endif
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] nios2: Replace all non-returning strlcpy with strscpy
2023-05-30 16:23 [PATCH] nios2: Replace all non-returning strlcpy with strscpy Azeem Shaikh
@ 2023-05-30 23:20 ` Kees Cook
2023-06-13 22:15 ` Dinh Nguyen
0 siblings, 1 reply; 6+ messages in thread
From: Kees Cook @ 2023-05-30 23:20 UTC (permalink / raw)
To: Azeem Shaikh; +Cc: Dinh Nguyen, linux-hardening, linux-kernel
On Tue, May 30, 2023 at 04:23:58PM +0000, Azeem Shaikh wrote:
> strlcpy() reads the entire source buffer first.
> This read may exceed the destination size limit.
> This is both inefficient and can lead to linear read
> overflows if a source string is not NUL-terminated [1].
> In an effort to remove strlcpy() completely [2], replace
> strlcpy() here with strscpy().
> No return values were used, so direct replacement is safe.
>
> [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
> [2] https://github.com/KSPP/linux/issues/89
>
> Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
--
Kees Cook
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nios2: Replace all non-returning strlcpy with strscpy
2023-05-30 23:20 ` Kees Cook
@ 2023-06-13 22:15 ` Dinh Nguyen
2023-06-20 20:15 ` Kees Cook
0 siblings, 1 reply; 6+ messages in thread
From: Dinh Nguyen @ 2023-06-13 22:15 UTC (permalink / raw)
To: Kees Cook, Azeem Shaikh; +Cc: linux-hardening, linux-kernel
On 5/30/23 18:20, Kees Cook wrote:
> On Tue, May 30, 2023 at 04:23:58PM +0000, Azeem Shaikh wrote:
>> strlcpy() reads the entire source buffer first.
>> This read may exceed the destination size limit.
>> This is both inefficient and can lead to linear read
>> overflows if a source string is not NUL-terminated [1].
>> In an effort to remove strlcpy() completely [2], replace
>> strlcpy() here with strscpy().
>> No return values were used, so direct replacement is safe.
>>
>> [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
>> [2] https://github.com/KSPP/linux/issues/89
>>
>> Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
>
> Reviewed-by: Kees Cook <keescook@chromium.org>
>
Applied!
Thanks,
Dinh
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nios2: Replace all non-returning strlcpy with strscpy
2023-06-13 22:15 ` Dinh Nguyen
@ 2023-06-20 20:15 ` Kees Cook
2023-06-20 22:27 ` Dinh Nguyen
0 siblings, 1 reply; 6+ messages in thread
From: Kees Cook @ 2023-06-20 20:15 UTC (permalink / raw)
To: Dinh Nguyen; +Cc: Azeem Shaikh, linux-hardening, linux-kernel
On Tue, Jun 13, 2023 at 05:15:41PM -0500, Dinh Nguyen wrote:
>
>
> On 5/30/23 18:20, Kees Cook wrote:
> > On Tue, May 30, 2023 at 04:23:58PM +0000, Azeem Shaikh wrote:
> > > strlcpy() reads the entire source buffer first.
> > > This read may exceed the destination size limit.
> > > This is both inefficient and can lead to linear read
> > > overflows if a source string is not NUL-terminated [1].
> > > In an effort to remove strlcpy() completely [2], replace
> > > strlcpy() here with strscpy().
> > > No return values were used, so direct replacement is safe.
> > >
> > > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
> > > [2] https://github.com/KSPP/linux/issues/89
> > >
> > > Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
> >
> > Reviewed-by: Kees Cook <keescook@chromium.org>
> >
>
> Applied!
Thanks for taking this patch! I just wanted to double-check, though; I
haven't seen it show up in -next yet. Is this still queued?
Thanks!
-Kees
--
Kees Cook
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nios2: Replace all non-returning strlcpy with strscpy
2023-06-20 20:15 ` Kees Cook
@ 2023-06-20 22:27 ` Dinh Nguyen
2023-06-21 0:14 ` Kees Cook
0 siblings, 1 reply; 6+ messages in thread
From: Dinh Nguyen @ 2023-06-20 22:27 UTC (permalink / raw)
To: Kees Cook; +Cc: Azeem Shaikh, linux-hardening, linux-kernel
On 6/20/23 15:15, Kees Cook wrote:
> On Tue, Jun 13, 2023 at 05:15:41PM -0500, Dinh Nguyen wrote:
>>
>>
>> On 5/30/23 18:20, Kees Cook wrote:
>>> On Tue, May 30, 2023 at 04:23:58PM +0000, Azeem Shaikh wrote:
>>>> strlcpy() reads the entire source buffer first.
>>>> This read may exceed the destination size limit.
>>>> This is both inefficient and can lead to linear read
>>>> overflows if a source string is not NUL-terminated [1].
>>>> In an effort to remove strlcpy() completely [2], replace
>>>> strlcpy() here with strscpy().
>>>> No return values were used, so direct replacement is safe.
>>>>
>>>> [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
>>>> [2] https://github.com/KSPP/linux/issues/89
>>>>
>>>> Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
>>>
>>> Reviewed-by: Kees Cook <keescook@chromium.org>
>>>
>>
>> Applied!
>
> Thanks for taking this patch! I just wanted to double-check, though; I
> haven't seen it show up in -next yet. Is this still queued?
>
> Thanks!
I've queued it for v6.5. Do you need it in v6.4?
Dinh
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nios2: Replace all non-returning strlcpy with strscpy
2023-06-20 22:27 ` Dinh Nguyen
@ 2023-06-21 0:14 ` Kees Cook
0 siblings, 0 replies; 6+ messages in thread
From: Kees Cook @ 2023-06-21 0:14 UTC (permalink / raw)
To: Dinh Nguyen, Kees Cook; +Cc: Azeem Shaikh, linux-hardening, linux-kernel
On June 20, 2023 3:27:29 PM PDT, Dinh Nguyen <dinguyen@kernel.org> wrote:
>
>
>On 6/20/23 15:15, Kees Cook wrote:
>> On Tue, Jun 13, 2023 at 05:15:41PM -0500, Dinh Nguyen wrote:
>>>
>>>
>>> On 5/30/23 18:20, Kees Cook wrote:
>>>> On Tue, May 30, 2023 at 04:23:58PM +0000, Azeem Shaikh wrote:
>>>>> strlcpy() reads the entire source buffer first.
>>>>> This read may exceed the destination size limit.
>>>>> This is both inefficient and can lead to linear read
>>>>> overflows if a source string is not NUL-terminated [1].
>>>>> In an effort to remove strlcpy() completely [2], replace
>>>>> strlcpy() here with strscpy().
>>>>> No return values were used, so direct replacement is safe.
>>>>>
>>>>> [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
>>>>> [2] https://github.com/KSPP/linux/issues/89
>>>>>
>>>>> Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
>>>>
>>>> Reviewed-by: Kees Cook <keescook@chromium.org>
>>>>
>>>
>>> Applied!
>>
>> Thanks for taking this patch! I just wanted to double-check, though; I
>> haven't seen it show up in -next yet. Is this still queued?
>>
>> Thanks!
>
>I've queued it for v6.5. Do you need it in v6.4?
6.5 is fine, yeah. I just wanted to make sure it didn't get lost. :) (I didn't see it in sfr's linux-next merges tree.)
Thanks!
-Kees
--
Kees Cook
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2023-06-21 0:15 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-05-30 16:23 [PATCH] nios2: Replace all non-returning strlcpy with strscpy Azeem Shaikh
2023-05-30 23:20 ` Kees Cook
2023-06-13 22:15 ` Dinh Nguyen
2023-06-20 20:15 ` Kees Cook
2023-06-20 22:27 ` Dinh Nguyen
2023-06-21 0:14 ` Kees Cook
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).