From: Justin Stitt <justinstitt@google.com>
To: Kees Cook <keescook@chromium.org>
Cc: Andy Shevchenko <andy@kernel.org>,
linux-hardening@vger.kernel.org,
Richard Weinberger <richard@nod.at>,
Anton Ivanov <anton.ivanov@cambridgegreys.com>,
Johannes Berg <johannes@sipsolutions.net>,
Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
Jason Wang <jasowang@redhat.com>,
kernel test robot <lkp@intel.com>,
Nathan Chancellor <nathan@kernel.org>,
Azeem Shaikh <azeemshaikh38@gmail.com>,
linux-kernel@vger.kernel.org, linux-um@lists.infradead.org
Subject: Re: [PATCH v3 3/4] string: Allow 2-argument strscpy_pad()
Date: Wed, 7 Feb 2024 00:51:51 +0000 [thread overview]
Message-ID: <20240207005151.lyrtgqd4wekolwe7@google.com> (raw)
In-Reply-To: <20240206142221.2208763-3-keescook@chromium.org>
Hi,
On Tue, Feb 06, 2024 at 06:22:18AM -0800, Kees Cook wrote:
> Similar to strscpy(), update strscpy_pad()'s 3rd argument to be
> optional when the destination is a compile-time known size array.
This patch is diff'd against Patch 1/4 in this series, right? I wonder
why you split them up. If I hadn't literally just read that patch I
would be mildly confused.
I suppose one reason may be that 1/4 is a standalone change with a high
percentage chance of landing whilst this overloading magic may not land
as easily?
At any rate,
Reviewed-by: Justin Stitt <justinstitt@google.com>
>
> Cc: Andy Shevchenko <andy@kernel.org>
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
> include/linux/string.h | 29 ++++++++++++++++++-----------
> 1 file changed, 18 insertions(+), 11 deletions(-)
>
> diff --git a/include/linux/string.h b/include/linux/string.h
> index 79b875de615e..9bd421ad92a4 100644
> --- a/include/linux/string.h
> +++ b/include/linux/string.h
> @@ -79,6 +79,10 @@ ssize_t sized_strscpy(char *, const char *, size_t);
> sized_strscpy(dst, src, sizeof(dst) + __must_be_array(dst))
> #define __strscpy1(dst, src, size) sized_strscpy(dst, src, size)
>
> +#define __strscpy_pad0(dst, src, ...) \
> + sized_strscpy_pad(dst, src, sizeof(dst) + __must_be_array(dst))
> +#define __strscpy_pad1(dst, src, size) sized_strscpy_pad(dst, src, size)
> +
> /**
> * strscpy - Copy a C-string into a sized buffer
> * @dst: Where to copy the string to
> @@ -104,6 +108,18 @@ ssize_t sized_strscpy(char *, const char *, size_t);
> #define strscpy(dst, src, ...) \
> CONCATENATE(__strscpy, COUNT_ARGS(__VA_ARGS__))(dst, src, __VA_ARGS__)
>
> +#define sized_strscpy_pad(dest, src, count) ({ \
> + char *__dst = (dest); \
> + const char *__src = (src); \
> + const size_t __count = (count); \
> + ssize_t __wrote; \
> + \
> + __wrote = sized_strscpy(__dst, __src, __count); \
> + if (__wrote >= 0 && __wrote < __count) \
> + memset(__dst + __wrote + 1, 0, __count - __wrote - 1); \
> + __wrote; \
> +})
> +
> /**
> * strscpy_pad() - Copy a C-string into a sized buffer
> * @dest: Where to copy the string to
> @@ -124,17 +140,8 @@ ssize_t sized_strscpy(char *, const char *, size_t);
> * * The number of characters copied (not including the trailing %NULs)
> * * -E2BIG if count is 0 or @src was truncated.
> */
> -#define strscpy_pad(dest, src, count) ({ \
> - char *__dst = (dest); \
> - const char *__src = (src); \
> - const size_t __count = (count); \
> - ssize_t __wrote; \
> - \
> - __wrote = strscpy(__dst, __src, __count); \
> - if (__wrote >= 0 && __wrote < __count) \
> - memset(__dst + __wrote + 1, 0, __count - __wrote - 1); \
> - __wrote; \
> -})
> +#define strscpy_pad(dst, src, ...) \
> + CONCATENATE(__strscpy_pad, COUNT_ARGS(__VA_ARGS__))(dst, src, __VA_ARGS__)
>
> #ifndef __HAVE_ARCH_STRCAT
> extern char * strcat(char *, const char *);
> --
> 2.34.1
>
Thanks
Justin
next prev parent reply other threads:[~2024-02-07 0:51 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-06 14:22 [PATCH v3 0/4] string: Allow 2-argument strscpy() Kees Cook
2024-02-06 14:22 ` [PATCH v3 1/4] string: Redefine strscpy_pad() as a macro Kees Cook
2024-02-07 0:32 ` Justin Stitt
2024-02-06 14:22 ` [PATCH v3 2/4] string: Allow 2-argument strscpy() Kees Cook
2024-02-06 14:22 ` [PATCH v3 3/4] string: Allow 2-argument strscpy_pad() Kees Cook
2024-02-07 0:51 ` Justin Stitt [this message]
2024-02-07 9:18 ` Kees Cook
2024-02-10 12:34 ` David Laight
2024-02-06 14:22 ` [PATCH v3 4/4] um: Convert strscpy() usage to 2-argument style Kees Cook
2024-02-06 15:02 ` Andy Shevchenko
2024-02-07 10:42 ` Removing more str APIs (was Re: [PATCH v3 4/4] um: Convert strscpy() usage to 2-argument style) Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240207005151.lyrtgqd4wekolwe7@google.com \
--to=justinstitt@google.com \
--cc=andy@kernel.org \
--cc=anton.ivanov@cambridgegreys.com \
--cc=azeemshaikh38@gmail.com \
--cc=jasowang@redhat.com \
--cc=johannes@sipsolutions.net \
--cc=keescook@chromium.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-um@lists.infradead.org \
--cc=lkp@intel.com \
--cc=nathan@kernel.org \
--cc=richard@nod.at \
--cc=willemdebruijn.kernel@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox