Re: [RFC][PATCH v2 2/3] Modify return value of nla_strlcpy to match that of strscpy.

[Francis Laniel <laniel_francis@privacyrequired.com>]

Le lundi 19 octobre 2020, 18:43:55 CEST Jakub Kicinski a écrit :
> On Mon, 19 Oct 2020 17:23:30 +0200 laniel_francis@privacyrequired.com
> 
> wrote:
> > diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h
> > index d4d461236351..85f4ac779399 100644
> > --- a/include/net/pkt_cls.h
> > +++ b/include/net/pkt_cls.h
> > @@ -4,6 +4,7 @@
> > 
> >  #include <linux/pkt_cls.h>
> >  #include <linux/workqueue.h>
> > 
> > +#include <linux/errno.h>
> 
> Stray include.

I removed it from my patch.
Did you use a tool to see this include is not used? If yes, which one?

> >  #include <net/sch_generic.h>
> >  #include <net/act_api.h>
> >  #include <net/net_namespace.h>
> > 
> > diff --git a/lib/nlattr.c b/lib/nlattr.c
> > index 07156e581997..d692716bda78 100644
> > --- a/lib/nlattr.c
> > +++ b/lib/nlattr.c
> > @@ -713,30 +713,39 @@ EXPORT_SYMBOL(nla_find);
> > 
> >   * @dst: where to copy the string to
> >   * @nla: attribute to copy the string from
> >   * @dstsize: size of destination buffer
> > 
> > + * @returns: -E2BIG if @dstsize is 0 or source buffer length greater than
> 
> I don't think this is correct format for kdoc.

I corrected it.
I will take the habit to run scripts/kernel-doc on my modifications.

> > + * @dstsize, otherwise it returns the number of copied characters (not
> > + * including the trailing %NUL).
> > 
> >   *
> >   * Copies at most dstsize - 1 bytes into the destination buffer.
> > 
> > - * The result is always a valid NUL-terminated string. Unlike
> > - * strlcpy the destination buffer is always padded out.
> > - *
> > - * Returns the length of the source buffer.
> > + * Unlike strlcpy the destination buffer is always padded out.
> > 
> >   */
> > 
> > -size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize)
> > +ssize_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize)
> > 
> >  {
> > 
> > +	size_t len;
> > +	ssize_t ret;
> > 
> >  	size_t srclen = nla_len(nla);
> >  	char *src = nla_data(nla);
> 
> Sort local variables long to short.
> 
> > +	if (dstsize == 0 || WARN_ON_ONCE(dstsize > INT_MAX))
> 
> You can make it > U16_MAX, attr len is 16 bit.

Done for v3!

> 
> > +		return -E2BIG;
> > +
> > 
> >  	if (srclen > 0 && src[srclen - 1] == '\0')
> >  	
> >  		srclen--;
> > 
> > -	if (dstsize > 0) {
> > -		size_t len = (srclen >= dstsize) ? dstsize - 1 : srclen;
> > -
> > -		memcpy(dst, src, len);
> > -		/* Zero pad end of dst. */
> > -		memset(dst + len, 0, dstsize - len);
> > +	if (srclen >= dstsize) {
> > +		len = dstsize - 1;
> > +		ret = -E2BIG;
> > +	} else {
> > +		len = srclen;
> > +		ret = len;
> > 
> >  	}
> > 
> > -	return srclen;
> > +	memcpy(dst, src, len);
> > +	/* Zero pad end of dst. */
> > +	memset(dst + len, 0, dstsize - len);
> > +
> > +	return ret;
> > 
> >  }
> >  EXPORT_SYMBOL(nla_strlcpy);
> > 
> > diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
> > index 41a55c6cbeb8..f0bf64393cbf 100644
> > --- a/net/sched/cls_api.c
> > +++ b/net/sched/cls_api.c
> > @@ -223,7 +223,7 @@ static inline u32 tcf_auto_prio(struct tcf_proto *tp)
> > 
> >  static bool tcf_proto_check_kind(struct nlattr *kind, char *name)
> >  {
> >  
> >  	if (kind)
> > 
> > -		return nla_strlcpy(name, kind, IFNAMSIZ) >= IFNAMSIZ;
> > +		return nla_strlcpy(name, kind, IFNAMSIZ) > 0;
> 
> Bug.
> 
> >  	memset(name, 0, IFNAMSIZ);
> >  	return false;
> >  
> >  }