* [PATCH] mfd: db8500-prcmu: replace deprecated strncpy with strscpy
@ 2023-09-27 5:10 Justin Stitt
2023-09-28 21:44 ` Linus Walleij
2023-10-05 11:09 ` (subset) " Lee Jones
0 siblings, 2 replies; 3+ messages in thread
From: Justin Stitt @ 2023-09-27 5:10 UTC (permalink / raw)
To: Linus Walleij, Lee Jones
Cc: linux-arm-kernel, linux-kernel, linux-hardening, Justin Stitt
`strncpy` is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces.
We expect project_name to be NUL-terminated based on its use with
pr_info:
| pr_info("PRCMU firmware: %s(%d), version %d.%d.%d\n",
| fw_info.version.project_name,
| fw_info.version.project,
| fw_info.version.api_version,
| fw_info.version.func_version,
| fw_info.version.errata);
Moreover, NUL-padding does not seem to be needed.
Considering the above, a suitable replacement is `strscpy` [2] due to
the fact that it guarantees NUL-termination on the destination buffer
without unnecessarily NUL-padding.
Let's also change `PRCMU_FW_PROJECT_NAME_LEN` to just
sizeof(fw_info.version.project_name) as this is more idiomatic strscpy
usage.
Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt <justinstitt@google.com>
---
drivers/mfd/db8500-prcmu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/mfd/db8500-prcmu.c b/drivers/mfd/db8500-prcmu.c
index 27a881da4d6e..5b3e355e78f6 100644
--- a/drivers/mfd/db8500-prcmu.c
+++ b/drivers/mfd/db8500-prcmu.c
@@ -2639,9 +2639,9 @@ static void dbx500_fw_version_init(struct device_node *np)
fw_info.version.api_version = (version >> 8) & 0xFF;
fw_info.version.func_version = (version >> 16) & 0xFF;
fw_info.version.errata = (version >> 24) & 0xFF;
- strncpy(fw_info.version.project_name,
+ strscpy(fw_info.version.project_name,
fw_project_name(fw_info.version.project),
- PRCMU_FW_PROJECT_NAME_LEN);
+ sizeof(fw_info.version.project_name));
fw_info.valid = true;
pr_info("PRCMU firmware: %s(%d), version %d.%d.%d\n",
fw_info.version.project_name,
---
base-commit: 6465e260f48790807eef06b583b38ca9789b6072
change-id: 20230927-strncpy-drivers-mfd-db8500-prcmu-c-aeeff615bc80
Best regards,
--
Justin Stitt <justinstitt@google.com>
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] mfd: db8500-prcmu: replace deprecated strncpy with strscpy
2023-09-27 5:10 [PATCH] mfd: db8500-prcmu: replace deprecated strncpy with strscpy Justin Stitt
@ 2023-09-28 21:44 ` Linus Walleij
2023-10-05 11:09 ` (subset) " Lee Jones
1 sibling, 0 replies; 3+ messages in thread
From: Linus Walleij @ 2023-09-28 21:44 UTC (permalink / raw)
To: Justin Stitt; +Cc: Lee Jones, linux-arm-kernel, linux-kernel, linux-hardening
Hi Justin,
thanks for your patch!
On Wed, Sep 27, 2023 at 7:10 AM Justin Stitt <justinstitt@google.com> wrote:
> `strncpy` is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect project_name to be NUL-terminated based on its use with
> pr_info:
> | pr_info("PRCMU firmware: %s(%d), version %d.%d.%d\n",
> | fw_info.version.project_name,
> | fw_info.version.project,
> | fw_info.version.api_version,
> | fw_info.version.func_version,
> | fw_info.version.errata);
>
> Moreover, NUL-padding does not seem to be needed.
>
> Considering the above, a suitable replacement is `strscpy` [2] due to
> the fact that it guarantees NUL-termination on the destination buffer
> without unnecessarily NUL-padding.
>
> Let's also change `PRCMU_FW_PROJECT_NAME_LEN` to just
> sizeof(fw_info.version.project_name) as this is more idiomatic strscpy
> usage.
>
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
> Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Justin Stitt <justinstitt@google.com>
Well analyzed, well patched, what can I say! Hats off.
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Yours,
Linus Walleij
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: (subset) [PATCH] mfd: db8500-prcmu: replace deprecated strncpy with strscpy
2023-09-27 5:10 [PATCH] mfd: db8500-prcmu: replace deprecated strncpy with strscpy Justin Stitt
2023-09-28 21:44 ` Linus Walleij
@ 2023-10-05 11:09 ` Lee Jones
1 sibling, 0 replies; 3+ messages in thread
From: Lee Jones @ 2023-10-05 11:09 UTC (permalink / raw)
To: Linus Walleij, Lee Jones, Justin Stitt
Cc: linux-arm-kernel, linux-kernel, linux-hardening
On Wed, 27 Sep 2023 05:10:54 +0000, Justin Stitt wrote:
> `strncpy` is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect project_name to be NUL-terminated based on its use with
> pr_info:
> | pr_info("PRCMU firmware: %s(%d), version %d.%d.%d\n",
> | fw_info.version.project_name,
> | fw_info.version.project,
> | fw_info.version.api_version,
> | fw_info.version.func_version,
> | fw_info.version.errata);
>
> [...]
Applied, thanks!
[1/1] mfd: db8500-prcmu: replace deprecated strncpy with strscpy
commit: 5f0c4e32e8da434a83dd74a08e477c11e7efc6f7
--
Lee Jones [李琼斯]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-10-05 11:09 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-27 5:10 [PATCH] mfd: db8500-prcmu: replace deprecated strncpy with strscpy Justin Stitt
2023-09-28 21:44 ` Linus Walleij
2023-10-05 11:09 ` (subset) " Lee Jones
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).