[PATCH] seq_file: seq_show_option_n() is used for precise sizes

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] seq_file: seq_show_option_n() is used for precise sizes
@ 2023-07-26 21:59 Kees Cook
  2023-07-27 13:02 ` Andy Shevchenko
  2023-07-27 15:49 ` Kees Cook
  0 siblings, 2 replies; 3+ messages in thread
From: Kees Cook @ 2023-07-26 21:59 UTC (permalink / raw)
  To: Andy Shevchenko
  Cc: Kees Cook, Andrew Morton, Al Viro, Muchun Song, linux-kernel,
	linux-hardening

When seq_show_option_n() is used, it is for non-string memory that
happens to be printable bytes. As such, we must use memcpy() to copy the
bytes and then explicitly NUL-terminate the result.

Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Muchun Song <muchun.song@linux.dev>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 include/linux/seq_file.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/linux/seq_file.h b/include/linux/seq_file.h
index bd023dd38ae6..386ab580b839 100644
--- a/include/linux/seq_file.h
+++ b/include/linux/seq_file.h
@@ -249,18 +249,19 @@ static inline void seq_show_option(struct seq_file *m, const char *name,
 
 /**
  * seq_show_option_n - display mount options with appropriate escapes
- *		       where @value must be a specific length.
+ *		       where @value must be a specific length (i.e.
+ *		       not NUL-terminated).
  * @m: the seq_file handle
  * @name: the mount option name
  * @value: the mount option name's value, cannot be NULL
- * @length: the length of @value to display
+ * @length: the exact length of @value to display, must be constant expression
  *
  * This is a macro since this uses "length" to define the size of the
  * stack buffer.
  */
 #define seq_show_option_n(m, name, value, length) {	\
 	char val_buf[length + 1];			\
-	strncpy(val_buf, value, length);		\
+	memcpy(val_buf, value, length);			\
 	val_buf[length] = '\0';				\
 	seq_show_option(m, name, val_buf);		\
 }
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] seq_file: seq_show_option_n() is used for precise sizes
  2023-07-26 21:59 [PATCH] seq_file: seq_show_option_n() is used for precise sizes Kees Cook
@ 2023-07-27 13:02 ` Andy Shevchenko
  2023-07-27 15:49 ` Kees Cook
  1 sibling, 0 replies; 3+ messages in thread
From: Andy Shevchenko @ 2023-07-27 13:02 UTC (permalink / raw)
  To: Kees Cook
  Cc: Andrew Morton, Al Viro, Muchun Song, linux-kernel,
	linux-hardening

On Wed, Jul 26, 2023 at 02:59:57PM -0700, Kees Cook wrote:
> When seq_show_option_n() is used, it is for non-string memory that
> happens to be printable bytes. As such, we must use memcpy() to copy the
> bytes and then explicitly NUL-terminate the result.

FWIW,
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>

> Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
> Cc: Andrew Morton <akpm@linux-foundation.org>
> Cc: Al Viro <viro@zeniv.linux.org.uk>
> Cc: Muchun Song <muchun.song@linux.dev>
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
>  include/linux/seq_file.h | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
> 
> diff --git a/include/linux/seq_file.h b/include/linux/seq_file.h
> index bd023dd38ae6..386ab580b839 100644
> --- a/include/linux/seq_file.h
> +++ b/include/linux/seq_file.h
> @@ -249,18 +249,19 @@ static inline void seq_show_option(struct seq_file *m, const char *name,
>  
>  /**
>   * seq_show_option_n - display mount options with appropriate escapes
> - *		       where @value must be a specific length.
> + *		       where @value must be a specific length (i.e.
> + *		       not NUL-terminated).
>   * @m: the seq_file handle
>   * @name: the mount option name
>   * @value: the mount option name's value, cannot be NULL
> - * @length: the length of @value to display
> + * @length: the exact length of @value to display, must be constant expression
>   *
>   * This is a macro since this uses "length" to define the size of the
>   * stack buffer.
>   */
>  #define seq_show_option_n(m, name, value, length) {	\
>  	char val_buf[length + 1];			\
> -	strncpy(val_buf, value, length);		\
> +	memcpy(val_buf, value, length);			\
>  	val_buf[length] = '\0';				\
>  	seq_show_option(m, name, val_buf);		\
>  }
> -- 
> 2.34.1
> 

-- 
With Best Regards,
Andy Shevchenko



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] seq_file: seq_show_option_n() is used for precise sizes
  2023-07-26 21:59 [PATCH] seq_file: seq_show_option_n() is used for precise sizes Kees Cook
  2023-07-27 13:02 ` Andy Shevchenko
@ 2023-07-27 15:49 ` Kees Cook
  1 sibling, 0 replies; 3+ messages in thread
From: Kees Cook @ 2023-07-27 15:49 UTC (permalink / raw)
  To: Andy Shevchenko, Kees Cook
  Cc: Andrew Morton, Al Viro, Muchun Song, linux-kernel,
	linux-hardening


On Wed, 26 Jul 2023 14:59:57 -0700, Kees Cook wrote:
> When seq_show_option_n() is used, it is for non-string memory that
> happens to be printable bytes. As such, we must use memcpy() to copy the
> bytes and then explicitly NUL-terminate the result.
> 
> 

Applied, thanks!

[1/1] seq_file: seq_show_option_n() is used for precise sizes
      https://git.kernel.org/kees/c/630fdd592912

Best regards,
-- 
Kees Cook


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2023-07-27 15:49 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-26 21:59 [PATCH] seq_file: seq_show_option_n() is used for precise sizes Kees Cook
2023-07-27 13:02 ` Andy Shevchenko
2023-07-27 15:49 ` Kees Cook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox