From: Steven Rostedt <rostedt@goodmis.org>
To: linux-kernel@vger.kernel.org
Cc: Masami Hiramatsu <mhiramat@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Azeem Shaikh <azeemshaikh38@gmail.com>,
Kees Cook <keescook@chromium.org>
Subject: [for-next][PATCH 12/13] tracing/boot: Replace strlcpy with strscpy
Date: Wed, 21 Jun 2023 12:29:35 -0400 [thread overview]
Message-ID: <20230621162946.729796944@goodmis.org> (raw)
In-Reply-To: 20230621162923.953123395@goodmis.org
From: Azeem Shaikh <azeemshaikh38@gmail.com>
strlcpy() reads the entire source buffer first.
This read may exceed the destination size limit.
This is both inefficient and can lead to linear read
overflows if a source string is not NUL-terminated [1].
In an effort to remove strlcpy() completely [2], replace
strlcpy() here with strscpy().
Direct replacement is safe here since return value of -E2BIG
is used to check for truncation instead of sizeof(dest).
[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
[2] https://github.com/KSPP/linux/issues/89
Link: https://lore.kernel.org/linux-trace-kernel/20230613004125.3539934-1-azeemshaikh38@gmail.com
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
kernel/trace/trace_boot.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/kernel/trace/trace_boot.c b/kernel/trace/trace_boot.c
index 778200dd8ede..5fe525f1b8cc 100644
--- a/kernel/trace/trace_boot.c
+++ b/kernel/trace/trace_boot.c
@@ -31,7 +31,7 @@ trace_boot_set_instance_options(struct trace_array *tr, struct xbc_node *node)
/* Common ftrace options */
xbc_node_for_each_array_value(node, "options", anode, p) {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf)) {
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) == -E2BIG) {
pr_err("String is too long: %s\n", p);
continue;
}
@@ -87,7 +87,7 @@ trace_boot_enable_events(struct trace_array *tr, struct xbc_node *node)
const char *p;
xbc_node_for_each_array_value(node, "events", anode, p) {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf)) {
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) == -E2BIG) {
pr_err("String is too long: %s\n", p);
continue;
}
@@ -486,7 +486,7 @@ trace_boot_init_one_event(struct trace_array *tr, struct xbc_node *gnode,
p = xbc_node_find_value(enode, "filter", NULL);
if (p && *p != '\0') {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf))
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) == -E2BIG)
pr_err("filter string is too long: %s\n", p);
else if (apply_event_filter(file, buf) < 0)
pr_err("Failed to apply filter: %s\n", buf);
@@ -494,7 +494,7 @@ trace_boot_init_one_event(struct trace_array *tr, struct xbc_node *gnode,
if (IS_ENABLED(CONFIG_HIST_TRIGGERS)) {
xbc_node_for_each_array_value(enode, "actions", anode, p) {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf))
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) == -E2BIG)
pr_err("action string is too long: %s\n", p);
else if (trigger_process_regex(file, buf) < 0)
pr_err("Failed to apply an action: %s\n", p);
--
2.39.2
next prev parent reply other threads:[~2023-06-21 16:30 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-21 16:29 [for-next][PATCH 00/13] tracing: Updates for 6.5 Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 02/13] function_graph: Support recording and printing the return value of function Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 03/13] tracing: Add documentation for funcgraph-retval and funcgraph-retval-hex Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 04/13] arm64: ftrace: Enable HAVE_FUNCTION_GRAPH_RETVAL Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 05/13] x86/ftrace: " Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 06/13] LoongArch: ftrace: " Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 07/13] selftests/ftrace: Add funcgraph-retval test case Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 08/13] ftrace: Show all functions with addresses in available_filter_functions_addrs Steven Rostedt
2023-06-22 7:30 ` Jackie Liu
2023-06-21 16:29 ` [for-next][PATCH 09/13] tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 10/13] tracing/osnoise: Skip running osnoise if all instances are off Steven Rostedt
2023-06-21 16:29 ` [for-next][PATCH 11/13] tracing/timerlat: Add user-space interface Steven Rostedt
2023-06-21 16:29 ` Steven Rostedt [this message]
2023-06-21 16:29 ` [for-next][PATCH 13/13] riscv: ftrace: Enable HAVE_FUNCTION_GRAPH_RETVAL Steven Rostedt
[not found] ` <20230621162944.507694485@goodmis.org>
2023-06-21 16:36 ` [for-next][PATCH 01/13] fgraph: Add declaration of "struct fgraph_ret_regs" Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230621162946.729796944@goodmis.org \
--to=rostedt@goodmis.org \
--cc=akpm@linux-foundation.org \
--cc=azeemshaikh38@gmail.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=mhiramat@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox