| Message ID | 20230913-strncpy-drivers-firmware-ti_sci-c-v1-1-740db471110d@google.com (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | d8cce0d5ba4a3157a7a549b9623d1ffc5820ef92 |
| Headers | show |
| Series | firmware: ti_sci: refactor deprecated strncpy | expand |
On Wed, Sep 13, 2023 at 08:23:02PM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > We should prefer more robust and less ambiguous string interfaces. > > A suitable replacement is `strscpy` [2] due to the fact that it guarantees > NUL-termination on the destination buffer. > > It does not seem like `ver->firmware_description` requires NUL-padding > (which is a behavior that strncpy provides) but if it does let's opt for > `strscpy_pad()`. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> Looks right to me. Reviewed-by: Kees Cook <keescook@chromium.org>
On 21:03-20230914, Kees Cook wrote: > On Wed, Sep 13, 2023 at 08:23:02PM +0000, Justin Stitt wrote: > > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > > > We should prefer more robust and less ambiguous string interfaces. > > > > A suitable replacement is `strscpy` [2] due to the fact that it guarantees > > NUL-termination on the destination buffer. > > > > It does not seem like `ver->firmware_description` requires NUL-padding > > (which is a behavior that strncpy provides) but if it does let's opt for > > `strscpy_pad()`. > > > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > > Link: https://github.com/KSPP/linux/issues/90 > > Cc: linux-hardening@vger.kernel.org > > Signed-off-by: Justin Stitt <justinstitt@google.com> > > Looks right to me. > > Reviewed-by: Kees Cook <keescook@chromium.org> Does this belong to stable as well? If so, please add appropriate stable process.
On Fri, Sep 15, 2023 at 07:40:38AM -0500, Nishanth Menon wrote: > On 21:03-20230914, Kees Cook wrote: > > On Wed, Sep 13, 2023 at 08:23:02PM +0000, Justin Stitt wrote: > > > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > > > > > We should prefer more robust and less ambiguous string interfaces. > > > > > > A suitable replacement is `strscpy` [2] due to the fact that it guarantees > > > NUL-termination on the destination buffer. > > > > > > It does not seem like `ver->firmware_description` requires NUL-padding > > > (which is a behavior that strncpy provides) but if it does let's opt for > > > `strscpy_pad()`. > > > > > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > > > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > > > Link: https://github.com/KSPP/linux/issues/90 > > > Cc: linux-hardening@vger.kernel.org > > > Signed-off-by: Justin Stitt <justinstitt@google.com> > > > > Looks right to me. > > > > Reviewed-by: Kees Cook <keescook@chromium.org> > > Does this belong to stable as well? If so, please add appropriate stable > process. No need. This is a refactoring only. :)
Hi Justin Stitt, On Wed, 13 Sep 2023 20:23:02 +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > We should prefer more robust and less ambiguous string interfaces. > > A suitable replacement is `strscpy` [2] due to the fact that it guarantees > NUL-termination on the destination buffer. > > [...] I have applied the following to branch ti-drivers-soc-next on [1]. Thank you! [1/1] firmware: ti_sci: refactor deprecated strncpy commit: d8cce0d5ba4a3157a7a549b9623d1ffc5820ef92 All being well this means that it will be integrated into the linux-next tree (usually sometime in the next 24 hours) and sent up the chain during the next merge window (or sooner if it is a relevant bug fix), however if problems are discovered then the patch may be dropped or reverted. You may get further e-mails resulting from automated or manual testing and review of the tree, please engage with people reporting problems and send followup patches addressing any issues that are reported if needed. If any updates are required or you are submitting further changes they should be sent as incremental updates against current git, existing patches will not be replaced. Please add any relevant lists and maintainers to the CCs when replying to this mail. [1] https://git.kernel.org/pub/scm/linux/kernel/git/ti/linux.git
diff --git a/drivers/firmware/ti_sci.c b/drivers/firmware/ti_sci.c index 26a37f47f4ca..ce546f391959 100644 --- a/drivers/firmware/ti_sci.c +++ b/drivers/firmware/ti_sci.c @@ -485,7 +485,7 @@ static int ti_sci_cmd_get_revision(struct ti_sci_info *info) ver->abi_major = rev_info->abi_major; ver->abi_minor = rev_info->abi_minor; ver->firmware_revision = rev_info->firmware_revision; - strncpy(ver->firmware_description, rev_info->firmware_description, + strscpy(ver->firmware_description, rev_info->firmware_description, sizeof(ver->firmware_description)); fail:
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. We should prefer more robust and less ambiguous string interfaces. A suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer. It does not seem like `ver->firmware_description` requires NUL-padding (which is a behavior that strncpy provides) but if it does let's opt for `strscpy_pad()`. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> --- Note: build-tested only. --- drivers/firmware/ti_sci.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- base-commit: 3669558bdf354cd352be955ef2764cde6a9bf5ec change-id: 20230913-strncpy-drivers-firmware-ti_sci-c-22667413c18f Best regards, -- Justin Stitt <justinstitt@google.com>