| Message ID | 20230925-strncpy-drivers-md-dm-crypt-c-v1-1-eef875e4f9b2@google.com (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | e9d7bd2c8664aa43866c7985d9050a052516c07d |
| Headers | show |
| Series | dm crypt: replace open-coded kmemdup_nul | expand |
On Mon, Sep 25, 2023 at 06:35:54AM +0000, Justin Stitt wrote: > kzalloc() followed by strncpy() on an expected NUL-terminated string is > just kmemdup_nul(). Let's simplify this code (while also dropping a > deprecated strncpy() call [1]). > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Cc: Kees Cook <keescook@chromium.org> > Signed-off-by: Justin Stitt <justinstitt@google.com> This looks correct to me. Thanks! Reviewed-by: Kees Cook <keescook@chromium.org>
On Mon, 25 Sep 2023 06:35:54 +0000, Justin Stitt wrote: > kzalloc() followed by strncpy() on an expected NUL-terminated string is > just kmemdup_nul(). Let's simplify this code (while also dropping a > deprecated strncpy() call [1]). > > Applied to for-next/hardening, thanks! [1/1] dm crypt: replace open-coded kmemdup_nul https://git.kernel.org/kees/c/17348b0a6a6d Take care,
On Tue, Oct 24 2023 at 5:18P -0400, Kees Cook <keescook@chromium.org> wrote: > On Mon, 25 Sep 2023 06:35:54 +0000, Justin Stitt wrote: > > kzalloc() followed by strncpy() on an expected NUL-terminated string is > > just kmemdup_nul(). Let's simplify this code (while also dropping a > > deprecated strncpy() call [1]). > > > > > > Applied to for-next/hardening, thanks! > > [1/1] dm crypt: replace open-coded kmemdup_nul > https://git.kernel.org/kees/c/17348b0a6a6d > > Take care, > > -- > Kees Cook > Hey, I had picked up this patch and the 3 others in my local tree yesterday, was going to push shortly... do you still want them to go through your hardening tree? Mike
On Tue, Oct 24, 2023 at 05:33:12PM -0400, Mike Snitzer wrote: > On Tue, Oct 24 2023 at 5:18P -0400, > Kees Cook <keescook@chromium.org> wrote: > > > On Mon, 25 Sep 2023 06:35:54 +0000, Justin Stitt wrote: > > > kzalloc() followed by strncpy() on an expected NUL-terminated string is > > > just kmemdup_nul(). Let's simplify this code (while also dropping a > > > deprecated strncpy() call [1]). > > > > > > > > > > Applied to for-next/hardening, thanks! > > > > [1/1] dm crypt: replace open-coded kmemdup_nul > > https://git.kernel.org/kees/c/17348b0a6a6d > > > > Take care, > > > > -- > > Kees Cook > > > > I had picked up this patch and the 3 others in my local tree > yesterday, was going to push shortly... do you still want them to go > through your hardening tree? Oh! Great; thank you! I'll drop them from my tree. :) -Kees
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index f2662c21a6df..8a03b3590733 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -2858,10 +2858,9 @@ static int crypt_ctr_auth_cipher(struct crypt_config *cc, char *cipher_api) if (!start || !end || ++start > end) return -EINVAL; - mac_alg = kzalloc(end - start + 1, GFP_KERNEL); + mac_alg = kmemdup_nul(start, end - start, GFP_KERNEL); if (!mac_alg) return -ENOMEM; - strncpy(mac_alg, start, end - start); mac = crypto_alloc_ahash(mac_alg, 0, CRYPTO_ALG_ALLOCATES_MEMORY); kfree(mac_alg);
kzalloc() followed by strncpy() on an expected NUL-terminated string is just kmemdup_nul(). Let's simplify this code (while also dropping a deprecated strncpy() call [1]). Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Justin Stitt <justinstitt@google.com> --- Note: build-tested only. Similar-to: https://lore.kernel.org/all/20230925-strncpy-drivers-hwmon-acpi_power_meter-c-v4-1-3bac7534f10f@google.com/ --- drivers/md/dm-crypt.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) --- base-commit: 6465e260f48790807eef06b583b38ca9789b6072 change-id: 20230925-strncpy-drivers-md-dm-crypt-c-da71d87b8cdc Best regards, -- Justin Stitt <justinstitt@google.com>