* [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}
@ 2026-03-21 21:05 Thorsten Blum
2026-03-23 9:14 ` Jan Kara
0 siblings, 1 reply; 5+ messages in thread
From: Thorsten Blum @ 2026-03-21 21:05 UTC (permalink / raw)
To: Jan Kara, Amir Goldstein, Matthew Bobrowski
Cc: Thorsten Blum, linux-fsdevel, linux-kernel
strcpy() has been deprecated [1] because it performs no bounds checking
on the destination buffer, which can lead to buffer overflows. Replace
it with the safer strscpy().
Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1]
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
fs/notify/fanotify/fanotify.h | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/notify/fanotify/fanotify.h b/fs/notify/fanotify/fanotify.h
index 39e60218df7c..a0619e7694d5 100644
--- a/fs/notify/fanotify/fanotify.h
+++ b/fs/notify/fanotify/fanotify.h
@@ -2,6 +2,7 @@
#include <linux/fsnotify_backend.h>
#include <linux/path.h>
#include <linux/slab.h>
+#include <linux/string.h>
#include <linux/exportfs.h>
#include <linux/hashtable.h>
@@ -218,7 +219,7 @@ static inline void fanotify_info_copy_name(struct fanotify_info *info,
return;
info->name_len = name->len;
- strcpy(fanotify_info_name(info), name->name);
+ strscpy(fanotify_info_name(info), name->name, name->len + 1);
}
static inline void fanotify_info_copy_name2(struct fanotify_info *info,
@@ -228,7 +229,7 @@ static inline void fanotify_info_copy_name2(struct fanotify_info *info,
return;
info->name2_len = name->len;
- strcpy(fanotify_info_name2(info), name->name);
+ strscpy(fanotify_info_name2(info), name->name, name->len + 1);
}
/*
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}
2026-03-21 21:05 [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2} Thorsten Blum
@ 2026-03-23 9:14 ` Jan Kara
2026-03-23 10:12 ` Christian Brauner
0 siblings, 1 reply; 5+ messages in thread
From: Jan Kara @ 2026-03-23 9:14 UTC (permalink / raw)
To: Thorsten Blum
Cc: Jan Kara, Amir Goldstein, Matthew Bobrowski, linux-fsdevel,
linux-kernel
On Sat 21-03-26 22:05:47, Thorsten Blum wrote:
> strcpy() has been deprecated [1] because it performs no bounds checking
> on the destination buffer, which can lead to buffer overflows. Replace
> it with the safer strscpy().
>
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1]
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
I was a bit undecided about this one because I was wondering what
additional protection does the use of strscpy() bring here. But I guess the
protection from corrupted qstr (where the length doesn't match the real string
length) makes some sense. So I've taken the patch into my tree. Thanks!
Honza
> ---
> fs/notify/fanotify/fanotify.h | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/fs/notify/fanotify/fanotify.h b/fs/notify/fanotify/fanotify.h
> index 39e60218df7c..a0619e7694d5 100644
> --- a/fs/notify/fanotify/fanotify.h
> +++ b/fs/notify/fanotify/fanotify.h
> @@ -2,6 +2,7 @@
> #include <linux/fsnotify_backend.h>
> #include <linux/path.h>
> #include <linux/slab.h>
> +#include <linux/string.h>
> #include <linux/exportfs.h>
> #include <linux/hashtable.h>
>
> @@ -218,7 +219,7 @@ static inline void fanotify_info_copy_name(struct fanotify_info *info,
> return;
>
> info->name_len = name->len;
> - strcpy(fanotify_info_name(info), name->name);
> + strscpy(fanotify_info_name(info), name->name, name->len + 1);
> }
>
> static inline void fanotify_info_copy_name2(struct fanotify_info *info,
> @@ -228,7 +229,7 @@ static inline void fanotify_info_copy_name2(struct fanotify_info *info,
> return;
>
> info->name2_len = name->len;
> - strcpy(fanotify_info_name2(info), name->name);
> + strscpy(fanotify_info_name2(info), name->name, name->len + 1);
> }
>
> /*
--
Jan Kara <jack@suse.com>
SUSE Labs, CR
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}
2026-03-23 9:14 ` Jan Kara
@ 2026-03-23 10:12 ` Christian Brauner
2026-03-23 11:00 ` Amir Goldstein
0 siblings, 1 reply; 5+ messages in thread
From: Christian Brauner @ 2026-03-23 10:12 UTC (permalink / raw)
To: Jan Kara
Cc: Thorsten Blum, Amir Goldstein, Matthew Bobrowski, linux-fsdevel,
linux-kernel
On Mon, Mar 23, 2026 at 10:14:24AM +0100, Jan Kara wrote:
> On Sat 21-03-26 22:05:47, Thorsten Blum wrote:
> > strcpy() has been deprecated [1] because it performs no bounds checking
> > on the destination buffer, which can lead to buffer overflows. Replace
> > it with the safer strscpy().
> >
> > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1]
> > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
>
> I was a bit undecided about this one because I was wondering what
> additional protection does the use of strscpy() bring here. But I guess the
> protection from corrupted qstr (where the length doesn't match the real string
> length) makes some sense. So I've taken the patch into my tree. Thanks!
Fwiw, patches are now auto-tested on vfs-ci:
https://github.com/linux-fsdevel/vfs/pull/860
Just for some testing data. We should probably hook up the relevant LTP
tests for fanotify there as well.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}
2026-03-23 10:12 ` Christian Brauner
@ 2026-03-23 11:00 ` Amir Goldstein
2026-03-23 11:26 ` Jan Kara
0 siblings, 1 reply; 5+ messages in thread
From: Amir Goldstein @ 2026-03-23 11:00 UTC (permalink / raw)
To: Christian Brauner
Cc: Jan Kara, Thorsten Blum, Matthew Bobrowski, linux-fsdevel,
linux-kernel
On Mon, Mar 23, 2026 at 11:12 AM Christian Brauner <brauner@kernel.org> wrote:
>
> On Mon, Mar 23, 2026 at 10:14:24AM +0100, Jan Kara wrote:
> > On Sat 21-03-26 22:05:47, Thorsten Blum wrote:
> > > strcpy() has been deprecated [1] because it performs no bounds checking
> > > on the destination buffer, which can lead to buffer overflows. Replace
> > > it with the safer strscpy().
> > >
> > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1]
> > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> >
> > I was a bit undecided about this one because I was wondering what
> > additional protection does the use of strscpy() bring here. But I guess the
> > protection from corrupted qstr (where the length doesn't match the real string
> > length) makes some sense. So I've taken the patch into my tree. Thanks!
>
> Fwiw, patches are now auto-tested on vfs-ci:
> https://github.com/linux-fsdevel/vfs/pull/860
> Just for some testing data. We should probably hook up the relevant LTP
> tests for fanotify there as well.
That would be cool :)
I guess for vfs you would would to run these LTP test groups
$ ls runtest/fs*
runtest/fs runtest/fs_bind runtest/fs_perms_simple runtest/fs_readonly
fanotify tests are currently only in the syscalls group.
I could create an fsnotify test group or
we could try to create a vfs focused group such as fs_syscalls,
but actually, at a quick glance, it looks like ~75% are fs related syscalls.
Thanks,
Amir.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}
2026-03-23 11:00 ` Amir Goldstein
@ 2026-03-23 11:26 ` Jan Kara
0 siblings, 0 replies; 5+ messages in thread
From: Jan Kara @ 2026-03-23 11:26 UTC (permalink / raw)
To: Amir Goldstein
Cc: Christian Brauner, Jan Kara, Thorsten Blum, Matthew Bobrowski,
linux-fsdevel, linux-kernel
On Mon 23-03-26 12:00:27, Amir Goldstein wrote:
> On Mon, Mar 23, 2026 at 11:12 AM Christian Brauner <brauner@kernel.org> wrote:
> >
> > On Mon, Mar 23, 2026 at 10:14:24AM +0100, Jan Kara wrote:
> > > On Sat 21-03-26 22:05:47, Thorsten Blum wrote:
> > > > strcpy() has been deprecated [1] because it performs no bounds checking
> > > > on the destination buffer, which can lead to buffer overflows. Replace
> > > > it with the safer strscpy().
> > > >
> > > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1]
> > > > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> > >
> > > I was a bit undecided about this one because I was wondering what
> > > additional protection does the use of strscpy() bring here. But I guess the
> > > protection from corrupted qstr (where the length doesn't match the real string
> > > length) makes some sense. So I've taken the patch into my tree. Thanks!
> >
> > Fwiw, patches are now auto-tested on vfs-ci:
> > https://github.com/linux-fsdevel/vfs/pull/860
> > Just for some testing data. We should probably hook up the relevant LTP
> > tests for fanotify there as well.
>
> That would be cool :)
>
> I guess for vfs you would would to run these LTP test groups
> $ ls runtest/fs*
> runtest/fs runtest/fs_bind runtest/fs_perms_simple runtest/fs_readonly
>
> fanotify tests are currently only in the syscalls group.
>
> I could create an fsnotify test group or
> we could try to create a vfs focused group such as fs_syscalls,
> but actually, at a quick glance, it looks like ~75% are fs related syscalls.
Some of the LTP tests do take noticeable amount of time so I'm not sure if
we want to run all of them for each commit. Ideally tests would be selected
based on modified code but maybe that's a bit of overengineering (but it
might be an interesting project for AI to write a script that based on gcov
data outputs a set of tests to run for given patch :)).
Honza
--
Jan Kara <jack@suse.com>
SUSE Labs, CR
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2026-03-23 11:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-21 21:05 [PATCH] fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2} Thorsten Blum
2026-03-23 9:14 ` Jan Kara
2026-03-23 10:12 ` Christian Brauner
2026-03-23 11:00 ` Amir Goldstein
2026-03-23 11:26 ` Jan Kara
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox