diff mbox series

[bpf-next] libbpf: poison strlcpy()

Message ID	tencent_5695A257C4D16B4413036BA1DAACDECB0B07@qq.com
State	New
Headers	Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Message-ID: <tencent_5695A257C4D16B4413036BA1DAACDECB0B07@qq.com> From: Rong Tao <rtoax@foxmail.com> To: andrii@kernel.org Cc: rongtao@cestc.cn, Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Martin KaFai Lau <martin.lau@linux.dev>, Song Liu <song@kernel.org>, Yonghong Song <yhs@fb.com>, John Fastabend <john.fastabend@gmail.com>, KP Singh <kpsingh@kernel.org>, Stanislav Fomichev <sdf@google.com>, Hao Luo <haoluo@google.com>, Jiri Olsa <jolsa@kernel.org>, bpf@vger.kernel.org (open list:BPF [LIBRARY] (libbpf)), linux-kernel@vger.kernel.org (open list) Subject: [PATCH bpf-next] libbpf: poison strlcpy() Date: Thu, 5 Jan 2023 22:36:33 +0800 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	[bpf-next] libbpf: poison strlcpy() \| [bpf-next] libbpf: poison strlcpy()

Commit Message

Rong Tao Jan. 5, 2023, 2:36 p.m. UTC

  From: Rong Tao <rongtao@cestc.cn>

Since commit 9fc205b413b3("libbpf: Add sane strncpy alternative and use
it internally") introduce libbpf_strlcpy(), thus add strlcpy() to a poison
list to prevent accidental use of it.

Signed-off-by: Rong Tao <rongtao@cestc.cn>
---
 tools/lib/bpf/libbpf_internal.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Stanislav Fomichev Jan. 5, 2023, 6:47 p.m. UTC | #1

On 01/05, Rong Tao wrote:
> From: Rong Tao <rongtao@cestc.cn>

> Since commit 9fc205b413b3("libbpf: Add sane strncpy alternative and use
> it internally") introduce libbpf_strlcpy(), thus add strlcpy() to a poison
> list to prevent accidental use of it.

> Signed-off-by: Rong Tao <rongtao@cestc.cn>

Acked-by: Stanislav Fomichev <sdf@google.com>

> ---
>   tools/lib/bpf/libbpf_internal.h | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)

> diff --git a/tools/lib/bpf/libbpf_internal.h  
> b/tools/lib/bpf/libbpf_internal.h
> index 377642ff51fc..2d26ded383ca 100644
> --- a/tools/lib/bpf/libbpf_internal.h
> +++ b/tools/lib/bpf/libbpf_internal.h
> @@ -20,8 +20,8 @@
>   /* make sure libbpf doesn't use kernel-only integer typedefs */
>   #pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64

> -/* prevent accidental re-addition of reallocarray() */
> -#pragma GCC poison reallocarray
> +/* prevent accidental re-addition of reallocarray()/strlcpy() */
> +#pragma GCC poison reallocarray strlcpy

>   #include "libbpf.h"
>   #include "btf.h"
> --
> 2.39.0

patchwork-bot+netdevbpf@kernel.org Jan. 6, 2023, 4:10 p.m. UTC | #2

Hello:

This patch was applied to bpf/bpf-next.git (master)
by Daniel Borkmann <daniel@iogearbox.net>:

On Thu,  5 Jan 2023 22:36:33 +0800 you wrote:
> From: Rong Tao <rongtao@cestc.cn>
> 
> Since commit 9fc205b413b3("libbpf: Add sane strncpy alternative and use
> it internally") introduce libbpf_strlcpy(), thus add strlcpy() to a poison
> list to prevent accidental use of it.
> 
> Signed-off-by: Rong Tao <rongtao@cestc.cn>
> 
> [...]

Here is the summary with links:
  - [bpf-next] libbpf: poison strlcpy()
    https://git.kernel.org/bpf/bpf-next/c/6d0c4b11e743

You are awesome, thank you!

Boris Burkov March 9, 2023, 12:30 a.m. UTC | #3

On Thu, Jan 05, 2023 at 10:47:15AM -0800, sdf@google.com wrote:
> On 01/05, Rong Tao wrote:
> > From: Rong Tao <rongtao@cestc.cn>
> 
> > Since commit 9fc205b413b3("libbpf: Add sane strncpy alternative and use
> > it internally") introduce libbpf_strlcpy(), thus add strlcpy() to a poison
> > list to prevent accidental use of it.
> 
> > Signed-off-by: Rong Tao <rongtao@cestc.cn>
> 
> Acked-by: Stanislav Fomichev <sdf@google.com>
> 
> > ---
> >   tools/lib/bpf/libbpf_internal.h | 4 ++--
> >   1 file changed, 2 insertions(+), 2 deletions(-)
> 
> > diff --git a/tools/lib/bpf/libbpf_internal.h
> > b/tools/lib/bpf/libbpf_internal.h
> > index 377642ff51fc..2d26ded383ca 100644
> > --- a/tools/lib/bpf/libbpf_internal.h
> > +++ b/tools/lib/bpf/libbpf_internal.h
> > @@ -20,8 +20,8 @@
> >   /* make sure libbpf doesn't use kernel-only integer typedefs */
> >   #pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64
> 
> > -/* prevent accidental re-addition of reallocarray() */
> > -#pragma GCC poison reallocarray
> > +/* prevent accidental re-addition of reallocarray()/strlcpy() */
> > +#pragma GCC poison reallocarray strlcpy

On my musl system, I believe this broke compilation, as string.h defines
strlcpy, and is included after this poisoning when compiling strset.c

FWIW, I could work around it by adding
#include <string.h>
above
#include <libbpf_internal.h>
in strset.c, since the poison doesn't apply to symbols that existed
before it ran, but this feels like a kludge, and not in the spirit of
the original poisoning patch..

I'm curious what the proper workaround should be for a libc that defines
strlcpy.

Thanks,
Boris

> 
> >   #include "libbpf.h"
> >   #include "btf.h"
> > --
> > 2.39.0
>

Stanislav Fomichev March 9, 2023, 12:32 a.m. UTC | #4

On Wed, Mar 8, 2023 at 4:30 PM Boris Burkov <boris@bur.io> wrote:
>
> On Thu, Jan 05, 2023 at 10:47:15AM -0800, sdf@google.com wrote:
> > On 01/05, Rong Tao wrote:
> > > From: Rong Tao <rongtao@cestc.cn>
> >
> > > Since commit 9fc205b413b3("libbpf: Add sane strncpy alternative and use
> > > it internally") introduce libbpf_strlcpy(), thus add strlcpy() to a poison
> > > list to prevent accidental use of it.
> >
> > > Signed-off-by: Rong Tao <rongtao@cestc.cn>
> >
> > Acked-by: Stanislav Fomichev <sdf@google.com>
> >
> > > ---
> > >   tools/lib/bpf/libbpf_internal.h | 4 ++--
> > >   1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > > diff --git a/tools/lib/bpf/libbpf_internal.h
> > > b/tools/lib/bpf/libbpf_internal.h
> > > index 377642ff51fc..2d26ded383ca 100644
> > > --- a/tools/lib/bpf/libbpf_internal.h
> > > +++ b/tools/lib/bpf/libbpf_internal.h
> > > @@ -20,8 +20,8 @@
> > >   /* make sure libbpf doesn't use kernel-only integer typedefs */
> > >   #pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64
> >
> > > -/* prevent accidental re-addition of reallocarray() */
> > > -#pragma GCC poison reallocarray
> > > +/* prevent accidental re-addition of reallocarray()/strlcpy() */
> > > +#pragma GCC poison reallocarray strlcpy
>
> On my musl system, I believe this broke compilation, as string.h defines
> strlcpy, and is included after this poisoning when compiling strset.c
>
> FWIW, I could work around it by adding
> #include <string.h>
> above
> #include <libbpf_internal.h>
> in strset.c, since the poison doesn't apply to symbols that existed
> before it ran, but this feels like a kludge, and not in the spirit of
> the original poisoning patch..
>
> I'm curious what the proper workaround should be for a libc that defines
> strlcpy.

Let's move this discussion into [0]? There is a similar issue for
uclibc it seems.

0: https://lore.kernel.org/bpf/CAKH8qBshq-J2H+Bo1xA=FzAJ6x_mo5yfW6oYjQ_u1QwLJ5CDog@mail.gmail.com/T/#t

> Thanks,
> Boris
>
> >
> > >   #include "libbpf.h"
> > >   #include "btf.h"
> > > --
> > > 2.39.0
> >

diff mbox series

Patch

diff --git a/tools/lib/bpf/libbpf_internal.h b/tools/lib/bpf/libbpf_internal.h
index 377642ff51fc..2d26ded383ca 100644
--- a/tools/lib/bpf/libbpf_internal.h
+++ b/tools/lib/bpf/libbpf_internal.h
@@ -20,8 +20,8 @@ 
 /* make sure libbpf doesn't use kernel-only integer typedefs */
 #pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64
 
-/* prevent accidental re-addition of reallocarray() */
-#pragma GCC poison reallocarray
+/* prevent accidental re-addition of reallocarray()/strlcpy() */
+#pragma GCC poison reallocarray strlcpy
 
 #include "libbpf.h"
 #include "btf.h"