| Message ID | 20230802-arch-riscv-kernel-v2-1-24266e85bc96@google.com (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 12d61a1bc28eef8d799ba00f370f421f7e942629 |
| Headers | show |
| Series | [v2] RISC-V: cpu: refactor deprecated strncpy | expand |
On Wed, Aug 02, 2023 at 12:21:58AM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > Favor not copying strings onto stack and instead use strings directly. > This avoids hard-coding sizes and buffer lengths all together. > > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Suggested-by: Kees Cook <keescook@chromium.org> > Signed-off-by: Justin Stitt <justinstitt@google.com> > --- > Changes in v2: > - Use strings directly instead of copying onto stack with `strscpy` (thanks Kees) Yeah, that is what I was thinking of when I decried it as being horrid. Reviewed-by: Conor Dooley <conor.dooley@microchip.com> Thanks, Conor.
On Wed, Aug 02, 2023 at 12:21:58AM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > Favor not copying strings onto stack and instead use strings directly. > This avoids hard-coding sizes and buffer lengths all together. > > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Suggested-by: Kees Cook <keescook@chromium.org> > Signed-off-by: Justin Stitt <justinstitt@google.com> I like it! ;) Reviewed-by: Kees Cook <keescook@chromium.org>
On Wed, 02 Aug 2023 13:36:03 PDT (-0700), keescook@chromium.org wrote: > On Wed, Aug 02, 2023 at 12:21:58AM +0000, Justin Stitt wrote: >> `strncpy` is deprecated for use on NUL-terminated destination strings [1]. >> >> Favor not copying strings onto stack and instead use strings directly. >> This avoids hard-coding sizes and buffer lengths all together. >> >> Link: https://github.com/KSPP/linux/issues/90 >> Cc: linux-hardening@vger.kernel.org >> Suggested-by: Kees Cook <keescook@chromium.org> >> Signed-off-by: Justin Stitt <justinstitt@google.com> > > I like it! ;) > > Reviewed-by: Kees Cook <keescook@chromium.org> Thanks, I just queue it up for fixes (might take a bit to build test, I'm a bit backed up). Reviewed-by: Palmer Dabbelt <palmer@rivosinc.com> Acked-by: Palmer Dabbelt <palmer@rivosinc.com> If you wanted to take it for some hardening thing, though -- otherwise it'll likely end up on my fixes later today.
On Wed, 02 Aug 2023 13:41:52 PDT (-0700), Palmer Dabbelt wrote: > On Wed, 02 Aug 2023 13:36:03 PDT (-0700), keescook@chromium.org wrote: >> On Wed, Aug 02, 2023 at 12:21:58AM +0000, Justin Stitt wrote: >>> `strncpy` is deprecated for use on NUL-terminated destination strings [1]. >>> >>> Favor not copying strings onto stack and instead use strings directly. >>> This avoids hard-coding sizes and buffer lengths all together. >>> >>> Link: https://github.com/KSPP/linux/issues/90 >>> Cc: linux-hardening@vger.kernel.org >>> Suggested-by: Kees Cook <keescook@chromium.org> >>> Signed-off-by: Justin Stitt <justinstitt@google.com> >> >> I like it! ;) >> >> Reviewed-by: Kees Cook <keescook@chromium.org> > > Thanks, I just queue it up for fixes (might take a bit to build test, > I'm a bit backed up). > > Reviewed-by: Palmer Dabbelt <palmer@rivosinc.com> > Acked-by: Palmer Dabbelt <palmer@rivosinc.com> > > If you wanted to take it for some hardening thing, though -- otherwise > it'll likely end up on my fixes later today. Sorry this is for-next as it's not a fix, I was just looking at other fixes. It's queued up aimed at for-next.
On August 2, 2023 1:47:14 PM PDT, Palmer Dabbelt <palmer@dabbelt.com> wrote: >On Wed, 02 Aug 2023 13:41:52 PDT (-0700), Palmer Dabbelt wrote: >> On Wed, 02 Aug 2023 13:36:03 PDT (-0700), keescook@chromium.org wrote: >>> On Wed, Aug 02, 2023 at 12:21:58AM +0000, Justin Stitt wrote: >>>> `strncpy` is deprecated for use on NUL-terminated destination strings [1]. >>>> >>>> Favor not copying strings onto stack and instead use strings directly. >>>> This avoids hard-coding sizes and buffer lengths all together. >>>> >>>> Link: https://github.com/KSPP/linux/issues/90 >>>> Cc: linux-hardening@vger.kernel.org >>>> Suggested-by: Kees Cook <keescook@chromium.org> >>>> Signed-off-by: Justin Stitt <justinstitt@google.com> >>> >>> I like it! ;) >>> >>> Reviewed-by: Kees Cook <keescook@chromium.org> >> >> Thanks, I just queue it up for fixes (might take a bit to build test, >> I'm a bit backed up). >> >> Reviewed-by: Palmer Dabbelt <palmer@rivosinc.com> >> Acked-by: Palmer Dabbelt <palmer@rivosinc.com> >> >> If you wanted to take it for some hardening thing, though -- otherwise >> it'll likely end up on my fixes later today. > >Sorry this is for-next as it's not a fix, I was just looking at other >fixes. It's queued up aimed at for-next. Awesome; thank you! :)
On Wed, 02 Aug 2023 00:21:58 +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > Favor not copying strings onto stack and instead use strings directly. > This avoids hard-coding sizes and buffer lengths all together. > > Applied, thanks! [1/1] RISC-V: cpu: refactor deprecated strncpy https://git.kernel.org/palmer/c/12d61a1bc28e Best regards,
Hello: This patch was applied to riscv/linux.git (for-next) by Palmer Dabbelt <palmer@rivosinc.com>: On Wed, 02 Aug 2023 00:21:58 +0000 you wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > Favor not copying strings onto stack and instead use strings directly. > This avoids hard-coding sizes and buffer lengths all together. > > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Suggested-by: Kees Cook <keescook@chromium.org> > Signed-off-by: Justin Stitt <justinstitt@google.com> > > [...] Here is the summary with links: - [v2] RISC-V: cpu: refactor deprecated strncpy https://git.kernel.org/riscv/c/12d61a1bc28e You are awesome, thank you!
diff --git a/arch/riscv/kernel/cpu.c b/arch/riscv/kernel/cpu.c index a2fc952318e9..872fa7a47d68 100644 --- a/arch/riscv/kernel/cpu.c +++ b/arch/riscv/kernel/cpu.c @@ -271,21 +271,21 @@ static void print_isa(struct seq_file *f, const char *isa) static void print_mmu(struct seq_file *f) { - char sv_type[16]; + const char *sv_type; #ifdef CONFIG_MMU #if defined(CONFIG_32BIT) - strncpy(sv_type, "sv32", 5); + sv_type = "sv32"; #elif defined(CONFIG_64BIT) if (pgtable_l5_enabled) - strncpy(sv_type, "sv57", 5); + sv_type = "sv57"; else if (pgtable_l4_enabled) - strncpy(sv_type, "sv48", 5); + sv_type = "sv48"; else - strncpy(sv_type, "sv39", 5); + sv_type = "sv39"; #endif #else - strncpy(sv_type, "none", 5); + sv_type = "none"; #endif /* CONFIG_MMU */ seq_printf(f, "mmu\t\t: %s\n", sv_type); }
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. Favor not copying strings onto stack and instead use strings directly. This avoids hard-coding sizes and buffer lengths all together. Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Suggested-by: Kees Cook <keescook@chromium.org> Signed-off-by: Justin Stitt <justinstitt@google.com> --- Changes in v2: - Use strings directly instead of copying onto stack with `strscpy` (thanks Kees) - Link to v1: https://lore.kernel.org/r/20230801-arch-riscv-kernel-v1-1-2b3f2dc0bc61@google.com --- arch/riscv/kernel/cpu.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) --- base-commit: 5d0c230f1de8c7515b6567d9afba1f196fb4e2f4 change-id: 20230801-arch-riscv-kernel-14a048cc6467 Best regards, -- Justin Stitt <justinstitt@google.com>