From: Kees Cook <kees@kernel.org>
To: Carlos Maiolino <cem@kernel.org>
Cc: Kees Cook <kees@kernel.org>,
"Darrick J. Wong" <djwong@kernel.org>,
Andrey Albershteyn <aalbersh@redhat.com>,
Steven Rostedt <rostedt@goodmis.org>,
linux-kernel@vger.kernel.org, linux-xfs@vger.kernel.org,
linux-hardening@vger.kernel.org
Subject: [PATCH] xfs: Replace strncpy() with strscpy_pad() in tracepoint error paths
Date: Mon, 23 Mar 2026 10:22:09 -0700 [thread overview]
Message-ID: <20260323172204.work.979-kees@kernel.org> (raw)
Replace the deprecated[1] strncpy() with strscpy_pad() in the
xfile_create and xmbuf_create tracepoints.
Both tracepoints use file_path() to resolve a pathname into
__entry->pathname (a char[MAXNAMELEN] trace ring buffer field). On
failure, the error path overwrites the buffer with the string literal
"(unknown)" via strncpy(). The original strncpy() zero-pads the
remaining 246 bytes (MAXNAMELEN is 256, "(unknown)" is 10 bytes
including NUL).
strscpy_pad() preserves this zero-padding, which matters because the
destination is a trace ring buffer entry: ring buffer slots are not
zeroed on allocation, and the raw buffer is readable by userspace via
tracefs. The zero-padding ensures no stale data remains in the
buffer after the error path overwrites it.
The source is a 10-byte string literal into a 256-byte destination,
so there is no behavioral change.
Link: https://github.com/KSPP/linux/issues/90 [1]
Signed-off-by: Kees Cook <kees@kernel.org>
---
fs/xfs/scrub/trace.h | 3 +--
fs/xfs/xfs_trace.h | 3 +--
2 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/fs/xfs/scrub/trace.h b/fs/xfs/scrub/trace.h
index 39ea651cbb75..46c420f51129 100644
--- a/fs/xfs/scrub/trace.h
+++ b/fs/xfs/scrub/trace.h
@@ -980,8 +980,7 @@ TRACE_EVENT(xfile_create,
__entry->ino = file_inode(xf->file)->i_ino;
path = file_path(xf->file, __entry->pathname, MAXNAMELEN);
if (IS_ERR(path))
- strncpy(__entry->pathname, "(unknown)",
- sizeof(__entry->pathname));
+ strscpy_pad(__entry->pathname, "(unknown)");
),
TP_printk("xfino 0x%lx path '%s'",
__entry->ino,
diff --git a/fs/xfs/xfs_trace.h b/fs/xfs/xfs_trace.h
index 813e5a9f57eb..9f9fb86097ed 100644
--- a/fs/xfs/xfs_trace.h
+++ b/fs/xfs/xfs_trace.h
@@ -5101,8 +5101,7 @@ TRACE_EVENT(xmbuf_create,
__entry->ino = file_inode(file)->i_ino;
path = file_path(file, __entry->pathname, MAXNAMELEN);
if (IS_ERR(path))
- strncpy(__entry->pathname, "(unknown)",
- sizeof(__entry->pathname));
+ strscpy_pad(__entry->pathname, "(unknown)");
),
TP_printk("dev %d:%d xmino 0x%lx path '%s'",
MAJOR(__entry->dev), MINOR(__entry->dev),
--
2.34.1
next reply other threads:[~2026-03-23 17:22 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-23 17:22 Kees Cook [this message]
2026-03-23 18:24 ` [PATCH] xfs: Replace strncpy() with strscpy_pad() in tracepoint error paths Darrick J. Wong
2026-03-23 19:25 ` Steven Rostedt
2026-03-23 20:56 ` Darrick J. Wong
2026-03-23 20:19 ` David Laight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260323172204.work.979-kees@kernel.org \
--to=kees@kernel.org \
--cc=aalbersh@redhat.com \
--cc=cem@kernel.org \
--cc=djwong@kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=rostedt@goodmis.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.