From patchwork Thu Aug 31 22:55:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13371904 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3124DCA0FE1 for ; Thu, 31 Aug 2023 22:56:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID: Mime-Version:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=N/+8MieHioRsCF1jw2h7eBZLtFBBhlHqiAkTT6l/LFk=; b=lto cF2Iru/BPc017hn9QP7b/6Yo34imhn83jhsFhnUagA4SIQyms9BFIJti4l+Gry2znHy1xwg+LllsS 7G7rOawJp5cEQxU1ZYmfRTFo/sFUfNyH7kGFq0RuwnXpxFcFpKHI25bVkEvnMnA8x/pKLG/PqS7jQ HdekgGg66Eff0glD6kTYBVS8UZbX4aBS0WT61kDrxHv1w1zd1OPRcNdwxFmamsPdBrEYjE3/aJRUN OJv9O08XqFMmeSaDz9zkeqQ2fuTVKOtqvFIhHQRNFvvtRsDqrh9dI7/rAlKHaWe8w+uFNIaZtTgz+ U9BgN8RJNUzbjdk/6v9N5B9VpmbExbg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1qbqa8-00FwC7-0w; Thu, 31 Aug 2023 22:56:08 +0000 Received: from mail-yw1-x1149.google.com ([2607:f8b0:4864:20::1149]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1qbqa4-00FwAs-0p for linux-arm-kernel@lists.infradead.org; Thu, 31 Aug 2023 22:56:05 +0000 Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-59204757627so16391387b3.1 for ; Thu, 31 Aug 2023 15:56:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1693522561; x=1694127361; darn=lists.infradead.org; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=H79tqtkFxOTIaPm0anlf53bqJoiLdlNKrFELszTm5Gw=; b=bjPmbuqm37EGoQuwV5K05c3P7ENQLqdzV5nmppMQzOP+e3OxG0hD0EdXGRzuf7Iwxn VyyWvJsfJrjTBNHON1IzWoSzTLnXc5OIdHIwaADh3KR6lOXsWKfa9IpUBGC/wmk0gDQy YkVei8DlD3ySJ9Wpe3FDhPSrhHKh+vLKnHggx3W0i64I2EXA/Mng8eMy8xSU4NP3XTBF yDRbcOyfgcmc5Kk834SaZ+NWxY79WLcxOodeTzJM1y4w74kvzGClqGY1He3Ywj6Yz7cw nlrQS2gHWvtNXHB3R3DQkRkcjEHsTvYzf5uqVpI5BnAGhyQQAALudzfGzuSjUSi53ra5 wVCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1693522561; x=1694127361; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=H79tqtkFxOTIaPm0anlf53bqJoiLdlNKrFELszTm5Gw=; b=ZNCdphhwizgRjPT+II6xhisUwK2kOaaENZevNiHUi3W4mAvWui0dWdNjM2dF3CkGpC L655sNRvnY2p9rPdu/PrzRXUj5DWLhJPUdWmGOpgMBHvSP7gWfxJGsWTTpgz0yGl6a2+ rhPbVsLq2TT6hrqVDZcTsjxbE93p9j2Gt2UZE+oUFS5O5KgAK6bU78qVTJFPGVgOZZZt /UVsDOh/yTotrucjwxMbkYQgETTgKR+8+DUelywsK5P9eusSv1qZ/PeUExW9iSILlDuq SIbTs5HGfc2wB0b4kSGkI/+Q0EIolZ7QpkYnFO5klIYE6wKgudw6xMAoh4XeBxDBzrY3 Wysw== X-Gm-Message-State: AOJu0YzwR2V8kLzLXbaGZEz/ZPw+JPy5DW8yzike6Nxkpws8FrT9s7Fh VyNlfsB+qQjUziXl4VrHuhJgnv633b/55nfnbA== X-Google-Smtp-Source: AGHT+IGj8I2gApCT6f0stLt5hwiS0cmyXd8XpszKLFXEY1w1ikE4ddIOWtE3uTUZFkU94/ZHLrW2jX+3UtI6UXsEqA== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a0d:ec51:0:b0:58c:74ec:3397 with SMTP id r17-20020a0dec51000000b0058c74ec3397mr21288ywn.1.1693522561645; Thu, 31 Aug 2023 15:56:01 -0700 (PDT) Date: Thu, 31 Aug 2023 22:55:59 +0000 Mime-Version: 1.0 X-B4-Tracking: v=1; b=H4sIAH4a8WQC/33NSwrCMBCA4auUWRtpkhqjK+8hLvKYtAHblKQES +ndTbtSEDcD/8B8s0DC6DHBtVogYvbJh6EEP1RgOjW0SLwtDaxmvJa0JmmKgxlnoqLpyuhFQ6j jljOp7UVLKIdjROdfO3p/lO58mkKc9x+Zbtu/XKaEEifOjgt5MlY0tzaE9olHE3rYvMw+DfrTY MXQSjaotHPK6i9jXdc3c5yyZPkAAAA= X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1693522560; l=2344; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=jcftR3X/PMbZ42L+D1HsjAvA7HB7jpnc40CSZbF0QLc=; b=h9yAgZACyhn/QolvVgpLQwN1MmOek1G4ASoDPs3JEfR47C1tq6QP596bWShg4JXHPFCRpg4CC hnGxOeJBfv5D1KAxBM75rhrATRH/Xeau4sTmix922O0vfSx3uBSnS4i X-Mailer: b4 0.12.3 Message-ID: <20230831-strncpy-arch-arm64-v3-1-cdbb1e7ea5e1@google.com> Subject: [PATCH v3] arm64/sysreg: refactor deprecated strncpy From: Justin Stitt To: Catalin Marinas , Will Deacon , Mostafa Saleh Cc: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Kees Cook , linux-hardening@vger.kernel.org, Justin Stitt X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230831_155604_295701_049A93FD X-CRM114-Status: GOOD ( 15.18 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org strncpy is deprecated [1] and should not be used if the src string is not NUL-terminated. When dealing with `cmdline` we are counting the number of characters until a space then copying these over into `buf`. Let's not use any of the str*() functions since the src string is not necessarily NUL-terminated. Prefer `memcpy()` alongside a forced NUL-termination as it more accurately describes what is going on within this function, i.e: copying from non NUL-terminated buffer into a NUL-terminated buffer. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Suggested-by: Kees Cook Signed-off-by: Justin Stitt Tested-by: Mostafa Saleh --- Here's a quick rundown on the history of this patch: 1) v1 (changes requested) 2) v2 (applied to arm64 (for-next/misc)) 3) v2 reverted (https://lore.kernel.org/all/20230831162227.2307863-1-smostafa@google.com/) 4) v3 (fixes problems with both v1 and v2) Changes in v3: - Fix faulty logic and use memcpy over strscpy (thanks Mostafa and Kees) - Use '\0' instead of 0 to make it abundantly clear that `buf` is a NUL-terminated string - Link to v2: https://lore.kernel.org/r/20230811-strncpy-arch-arm64-v2-1-ba84eabffadb@google.com Changes in v2: - Utilize return value from strscpy and check for truncation (thanks Kees) - Link to v1: https://lore.kernel.org/r/20230810-strncpy-arch-arm64-v1-1-f67f3685cd64@google.com --- arch/arm64/kernel/idreg-override.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- base-commit: 706a741595047797872e669b3101429ab8d378ef change-id: 20230810-strncpy-arch-arm64-1f3d328bd9b8 Best regards, -- Justin Stitt diff --git a/arch/arm64/kernel/idreg-override.c b/arch/arm64/kernel/idreg-override.c index 2fe2491b692c..3addc09f8746 100644 --- a/arch/arm64/kernel/idreg-override.c +++ b/arch/arm64/kernel/idreg-override.c @@ -263,8 +263,8 @@ static __init void __parse_cmdline(const char *cmdline, bool parse_aliases) return; len = min(len, ARRAY_SIZE(buf) - 1); - strncpy(buf, cmdline, len); - buf[len] = 0; + memcpy(buf, cmdline, len); + buf[len] = '\0'; if (strcmp(buf, "--") == 0) return;