Message ID | 20231012-strncpy-drivers-net-phy-mdio_bus-c-v1-1-15242e6f9ec4@google.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2908:b0:403:3b70:6f57 with SMTP id ib8csp1517448vqb; Thu, 12 Oct 2023 14:53:21 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEUaRNMCL5mD9RgN28NwU148wzCntMtbDg6bptgu82SPvpoRQVVQXr02n/D5v3WnaQrOYti X-Received: by 2002:a17:902:e885:b0:1c0:bf60:ba82 with SMTP id w5-20020a170902e88500b001c0bf60ba82mr28534063plg.5.1697147601097; Thu, 12 Oct 2023 14:53:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697147601; cv=none; d=google.com; s=arc-20160816; b=TZFihIH5MO6t7Zd4/dPkRYXYoIiXME/W0iG3y6p3IrEKRWSClrK8ksVnhRFL8cUlwT WDeJB55LvOaXdjLI7VDGc/pKxhK3Cr2J46DwtmbCjCLjNbINZIm7NSLZTxZDrUsiZHur EZSiA3At7X48epH924VqiOceYlMWGhexARTg30JA980UU7wvtgTB8yXqCWrJplQ+kdxI obnjtChQEyBsZjX8bwqnWn6usDOWqBUrWJIfxBII18O4/LDEg6La/j+3aVbbc+3NbiKO C0vajanH86eKn6hJ//ikzdeWaJ/DQTIcmtHfn8f/l6N30A59btIAK6ax4WQois+Q3M/b ifUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:mime-version:date :dkim-signature; bh=YTkEOzvlwSRqd6Swcq6Hh8KnurUwVBxQe6czHRUN7YA=; fh=jNFzfs0LVcNPJYpz3MO9rP5uq1TU3TrcBg7mkF9EWrg=; b=QnrpUDzXI9rVQBA9FCvMFCXMaH8ecO5Dg2Yh/SvFdwLzr7CaJanND84vBF8+VDKXyS 7FWX3MOfgnu4URrSdPiGgs52o3k3FeZVN+ZofMQ4oDY1pcZPWlqf+FxN3boscovjZSq+ KTZ7EzQJiAKNFyZlsOoweWfmE7/Oh7ixECP4eP5a90IRkY5w44868d/QYWoNySyJSWu1 JsMguI/3xuvWjcszukiapNeC51WveaL4peEd16eDwMvmcfcXpd/0GbZmcuwshMtmyCXI V7ZebNT1SkI4JhKcvo8KCR1bjGs54/YofYiIMewM83H3sgEOI8n3gZ9vyhH57RlJUXYk YWWg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=FtNoL2no; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id d17-20020a170902c19100b001bdcd2e1706si1163553pld.196.2023.10.12.14.53.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 14:53:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=FtNoL2no; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 6A85882DD099; Thu, 12 Oct 2023 14:53:20 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1442949AbjJLVxH (ORCPT <rfc822;rua109.linux@gmail.com> + 19 others); Thu, 12 Oct 2023 17:53:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36350 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1442911AbjJLVxG (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Thu, 12 Oct 2023 17:53:06 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3044DC0 for <linux-kernel@vger.kernel.org>; Thu, 12 Oct 2023 14:53:05 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-5a7bcbb95b2so22320307b3.3 for <linux-kernel@vger.kernel.org>; Thu, 12 Oct 2023 14:53:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1697147584; x=1697752384; darn=vger.kernel.org; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=YTkEOzvlwSRqd6Swcq6Hh8KnurUwVBxQe6czHRUN7YA=; b=FtNoL2noI3RqR2YnxNeaa8qvVLPTp1yVrdLnAP7wKepMJr2uoStoUFLVA/Ej1FRCx9 JBPTaJAo/FOU/AmLAsazfYh/exqjHQbu3ZHsg1hklq3LtQ7pnUePUXNjcaPrsr32CjI8 jfyGQCelOcGO6v0BYZTTm4nphF5qvkweVX7zuDuspmyOIgJDPKb/2YDqIFTrn2yxipVi U7mSTxQ1WxBTsusu8sCsKloCD2mIawIxKIVPL0S40zPeD1MC7EbArJfuMlVZ8/MOvV/4 rD5YAEfckx+VELw0saMifUBbrxLcQW0kk+y67uF7MTH3chKdcxngREoQKi1elLzfUEX6 qdxg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697147584; x=1697752384; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=YTkEOzvlwSRqd6Swcq6Hh8KnurUwVBxQe6czHRUN7YA=; b=kKgGUBjGtYxSaLv3sp5JLpE2UVZSjz827+01A2MTB4BNlC0XEuA0nsRX3zFwEcO732 eoB4iGibBuSKxINZXNHdT55h2w+hNXPi3dlKe/UKbkoriYVIWDakQtkkEqnqMivkSYVa b8f8+MBaZxDgS/9Q88Z2HVTBfaPHRHXWaG2Zob/bkCC9Oxj8qkMpWNTnQUdMqWpYmoD/ Camv9Bz5ZG5nFMOh6K7JhT3fjCDFLLmErkeGxjclsBe2uI7JJcnrd6oK1BAAgeFlVtfw jDhfX1IymIP3Rl87H66zXg2ZtX5VW6ezIxMCrD3QFojMi/Tz5425PeUi2f7mrY0/0tHC rjqA== X-Gm-Message-State: AOJu0Yxs/MCTPGEp6uHPoiH8FPh0uOrid5+sg4OJ0K7enHiXaWh4r0nP HYCyg9n7Izj8GBfadd5oD5s4FttfWGCmF0xJnA== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:7e4c:0:b0:584:41a6:6cd8 with SMTP id p12-20020a817e4c000000b0058441a66cd8mr501646ywn.8.1697147584487; Thu, 12 Oct 2023 14:53:04 -0700 (PDT) Date: Thu, 12 Oct 2023 21:53:03 +0000 Mime-Version: 1.0 X-B4-Tracking: v=1; b=H4sIAL5qKGUC/x3NQQqDMBBA0avIrDuQREJKryJSbDLWWTSGGZWKe HeDy7f5/wAlYVJ4NQcIbaw85wr7aCBOQ/4ScqoGZ1xrjXWoi+RYdkzCG4lipgXLtOMv8fz+rIo RzWCSp2fwwTqooSI08v+edP15Xjy38kl0AAAA X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1697147583; l=1868; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=vdQUeoyWeauGUEEyEYmjpmzS6T1B4Kyza0zZ2VuUMVU=; b=08rcTE44cKhSckEbxhG3eLzKqTkBARP9qjlbUWs+AlqMspRHIZZZigeo48P5fBG2TNtbAKjvp D8L72jxZBnvDlw5D8Lnl4a3l+c5sqVGWu3+A9JBjMYWws5qQcY0Htn6 X-Mailer: b4 0.12.3 Message-ID: <20231012-strncpy-drivers-net-phy-mdio_bus-c-v1-1-15242e6f9ec4@google.com> Subject: [PATCH] net: mdio: replace deprecated strncpy with strscpy From: Justin Stitt <justinstitt@google.com> To: Andrew Lunn <andrew@lunn.ch>, Heiner Kallweit <hkallweit1@gmail.com>, Russell King <linux@armlinux.org.uk>, "David S. Miller" <davem@davemloft.net>, Eric Dumazet <edumazet@google.com>, Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com> Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, Justin Stitt <justinstitt@google.com> Content-Type: text/plain; charset="utf-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Thu, 12 Oct 2023 14:53:20 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1779587628418813373 X-GMAIL-MSGID: 1779588243151961641 |
Series |
net: mdio: replace deprecated strncpy with strscpy
|
|
Commit Message
Justin Stitt
Oct. 12, 2023, 9:53 p.m. UTC
strncpy() is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces.
We expect mdiodev->modalias to be NUL-terminated based on its usage with
strcmp():
| return strcmp(mdiodev->modalias, drv->name) == 0;
Moreover, mdiodev->modalias is already zero-allocated:
| mdiodev = kzalloc(sizeof(*mdiodev), GFP_KERNEL);
... which means the NUL-padding strncpy provides is not necessary.
Considering the above, a suitable replacement is `strscpy` [2] due to
the fact that it guarantees NUL-termination on the destination buffer
without unnecessarily NUL-padding.
Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt <justinstitt@google.com>
---
Note: build-tested only.
Found with: $ rg "strncpy\("
---
drivers/net/phy/mdio_bus.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
---
base-commit: cbf3a2cb156a2c911d8f38d8247814b4c07f49a2
change-id: 20231012-strncpy-drivers-net-phy-mdio_bus-c-0a0d5e875712
Best regards,
--
Justin Stitt <justinstitt@google.com>
Comments
On Thu, Oct 12, 2023 at 09:53:03PM +0000, Justin Stitt wrote: > strncpy() is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. Hi Justin You just sent two patches with the same Subject. That got me confused for a while, is it a resend? A new version? > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Andrew Lunn <andrew@lunn.ch> Andrew
On Thu, Oct 12, 2023 at 2:59 PM Andrew Lunn <andrew@lunn.ch> wrote: > > On Thu, Oct 12, 2023 at 09:53:03PM +0000, Justin Stitt wrote: > > strncpy() is deprecated for use on NUL-terminated destination strings > > [1] and as such we should prefer more robust and less ambiguous string > > interfaces. > > Hi Justin > > You just sent two patches with the same Subject. That got me confused > for a while, is it a resend? A new version? Yep, just saw this. I'm working (top to bottom) on a list of strncpy hits. I have an automated tool fetch the prefix and update the subject line accordingly. They are two separate patches but ended up with the same exact subject line due to oversight and over-automation. Looking for guidance: Should I combine them into one patch? > > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > > Link: https://github.com/KSPP/linux/issues/90 > > Cc: linux-hardening@vger.kernel.org > > Signed-off-by: Justin Stitt <justinstitt@google.com> > > Reviewed-by: Andrew Lunn <andrew@lunn.ch> > > Andrew > Thanks Justin
On Thu, Oct 12, 2023 at 03:01:06PM -0700, Justin Stitt wrote: > On Thu, Oct 12, 2023 at 2:59 PM Andrew Lunn <andrew@lunn.ch> wrote: > > > > On Thu, Oct 12, 2023 at 09:53:03PM +0000, Justin Stitt wrote: > > > strncpy() is deprecated for use on NUL-terminated destination strings > > > [1] and as such we should prefer more robust and less ambiguous string > > > interfaces. > > > > Hi Justin > > > > You just sent two patches with the same Subject. That got me confused > > for a while, is it a resend? A new version? > > Yep, just saw this. > > I'm working (top to bottom) on a list of strncpy hits. I have an automated tool > fetch the prefix and update the subject line accordingly. They are two separate > patches but ended up with the same exact subject line due to oversight and > over-automation. > > Looking for guidance: > Should I combine them into one patch? No, it is fine. Just try to avoid it in the future. Andrew
On Thu, Oct 12, 2023 at 09:53:03PM +0000, Justin Stitt wrote: > strncpy() is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > We expect mdiodev->modalias to be NUL-terminated based on its usage with > strcmp(): > | return strcmp(mdiodev->modalias, drv->name) == 0; > > Moreover, mdiodev->modalias is already zero-allocated: > | mdiodev = kzalloc(sizeof(*mdiodev), GFP_KERNEL); > ... which means the NUL-padding strncpy provides is not necessary. > > Considering the above, a suitable replacement is `strscpy` [2] due to > the fact that it guarantees NUL-termination on the destination buffer > without unnecessarily NUL-padding. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> Looks good! Reviewed-by: Kees Cook <keescook@chromium.org>
diff --git a/drivers/net/phy/mdio_bus.c b/drivers/net/phy/mdio_bus.c index 25dcaa49ab8b..6cf73c15635b 100644 --- a/drivers/net/phy/mdio_bus.c +++ b/drivers/net/phy/mdio_bus.c @@ -506,7 +506,7 @@ static int mdiobus_create_device(struct mii_bus *bus, if (IS_ERR(mdiodev)) return -ENODEV; - strncpy(mdiodev->modalias, bi->modalias, + strscpy(mdiodev->modalias, bi->modalias, sizeof(mdiodev->modalias)); mdiodev->bus_match = mdio_device_bus_match; mdiodev->dev.platform_data = (void *)bi->platform_data;