From patchwork Tue Oct 17 19:04:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jacob Keller X-Patchwork-Id: 13425780 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 959DF2DF67; Tue, 17 Oct 2023 19:04:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="WgCip0l0" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 85EA0F1; Tue, 17 Oct 2023 12:04:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697569469; x=1729105469; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=gob/uynTCd8CZardWQ2JwqOzNIZTjqHSGCOo7hkS5nA=; b=WgCip0l0R0iF6tRZDFxni5bHZk/zD1+bhFa/S/54LRR9qSleUdQ87TFD vGPsJWSkA6uKkgLYRSlGke0Xm7JDPAUj4nM8IE2gluB68cH/fa/5ZuWrP JdScacqCE83ElEz0elxu/hN8h3nSieDH0MjL+VrLpSlYJ4MBcVL/n+K9P SX7taax+IQdww9szwY4Mf1gUQrw99Z9flRKM90iyEh1eqG0JFHQBaFRfW p9Fr+SX6NkHPr7xXSwliQrEzqwL//wTZqGpXSm1gPvdp93Owp9cKiT1x1 8pkvYy2y41yvKDKeiWQRREH4/ozK+exwOAVQ7GFxW0jO9byeIekbTYzDE Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="384739719" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="384739719" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:19 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="822108716" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="822108716" Received: from jekeller-desk.amr.corp.intel.com (HELO jekeller-desk.jekeller.internal) ([10.166.241.1]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:18 -0700 From: Jacob Keller To: netdev@vger.kernel.org, David Miller , Jakub Kicinski Cc: Justin Stitt , linux-hardening@vger.kernel.org, Jacob Keller Subject: [PATCH net-next 3/9] e100: replace deprecated strncpy with strscpy Date: Tue, 17 Oct 2023 12:04:05 -0700 Message-ID: <20231017190411.2199743-4-jacob.e.keller@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231017190411.2199743-1-jacob.e.keller@intel.com> References: <20231017190411.2199743-1-jacob.e.keller@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net From: Justin Stitt `strncpy` is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. The "...-1" pattern makes it evident that netdev->name is expected to be NUL-terminated. Meanwhile, it seems NUL-padding is not required due to alloc_etherdev zero-allocating the buffer. Considering the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. This is in line with other uses of strscpy on netdev->name: $ rg "strscpy\(netdev\->name.*pci.*" drivers/net/ethernet/intel/e1000e/netdev.c 7455: strscpy(netdev->name, pci_name(pdev), sizeof(netdev->name)); drivers/net/ethernet/intel/ixgbe/ixgbe_main.c 10839: strscpy(netdev->name, pci_name(pdev), sizeof(netdev->name)); Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Signed-off-by: Jacob Keller --- drivers/net/ethernet/intel/e100.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ethernet/intel/e100.c b/drivers/net/ethernet/intel/e100.c index d3fdc290937f..01f0f12035ca 100644 --- a/drivers/net/ethernet/intel/e100.c +++ b/drivers/net/ethernet/intel/e100.c @@ -2841,7 +2841,7 @@ static int e100_probe(struct pci_dev *pdev, const struct pci_device_id *ent) netdev->netdev_ops = &e100_netdev_ops; netdev->ethtool_ops = &e100_ethtool_ops; netdev->watchdog_timeo = E100_WATCHDOG_PERIOD; - strncpy(netdev->name, pci_name(pdev), sizeof(netdev->name) - 1); + strscpy(netdev->name, pci_name(pdev), sizeof(netdev->name)); nic = netdev_priv(netdev); netif_napi_add_weight(netdev, &nic->napi, e100_poll, E100_NAPI_WEIGHT); From patchwork Tue Oct 17 19:04:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jacob Keller X-Patchwork-Id: 13425779 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3C6912DF69; Tue, 17 Oct 2023 19:04:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="d4ChJT1q" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 32B67E8; Tue, 17 Oct 2023 12:04:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697569470; x=1729105470; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=dVehR1VFnDGkb1Ww/v3YUCqWzGMLrLskQ6bmezqJlB0=; b=d4ChJT1qEycyILT3AIgYzTuJPN7QCAznxapveYXVjxcg+BuYWftbgOJz sb61HctmhfePWf0qVy4hBvNdDpxW7hDBwKzL4Tf7tCFsU0A3l65bIqxng yA+OiL9xfUwjiPuxzs0Nv9AdMMsbAHPAXtvC7Yd+cVEf3JnzAiTQZ09Q3 QNY9DslG4NItZoEkl17BUzMuPJmhuxYKBWrOI6oQ0LrwpWil+GuUBp9hN 10bpUGTvcdQrZiH2k+d0WiUNdtj5C1bzxmZ6zRYIFCKt9ESn5zOma/3CH eMar63uC5Sx5yC5t+ARgop7Q9fwD4rbiYNZzL77abvWIDUEnQGLipsahU g==; X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="384739734" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="384739734" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:19 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="822108729" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="822108729" Received: from jekeller-desk.amr.corp.intel.com (HELO jekeller-desk.jekeller.internal) ([10.166.241.1]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:18 -0700 From: Jacob Keller To: netdev@vger.kernel.org, David Miller , Jakub Kicinski Cc: Justin Stitt , linux-hardening@vger.kernel.org, Jacob Keller Subject: [PATCH net-next 4/9] e1000: replace deprecated strncpy with strscpy Date: Tue, 17 Oct 2023 12:04:06 -0700 Message-ID: <20231017190411.2199743-5-jacob.e.keller@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231017190411.2199743-1-jacob.e.keller@intel.com> References: <20231017190411.2199743-1-jacob.e.keller@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net From: Justin Stitt `strncpy` is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. We can see that netdev->name is expected to be NUL-terminated based on it's usage with format strings: | pr_info("%s NIC Link is Down\n", | netdev->name); A suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. This is in line with other uses of strscpy on netdev->name: $ rg "strscpy\(netdev\->name.*pci.*" drivers/net/ethernet/intel/e1000e/netdev.c 7455: strscpy(netdev->name, pci_name(pdev), sizeof(netdev->name)); drivers/net/ethernet/intel/ixgbe/ixgbe_main.c 10839: strscpy(netdev->name, pci_name(pdev), sizeof(netdev->name)); Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Signed-off-by: Jacob Keller --- drivers/net/ethernet/intel/e1000/e1000_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ethernet/intel/e1000/e1000_main.c b/drivers/net/ethernet/intel/e1000/e1000_main.c index da6e303ad99b..1d1e93686af2 100644 --- a/drivers/net/ethernet/intel/e1000/e1000_main.c +++ b/drivers/net/ethernet/intel/e1000/e1000_main.c @@ -1014,7 +1014,7 @@ static int e1000_probe(struct pci_dev *pdev, const struct pci_device_id *ent) netdev->watchdog_timeo = 5 * HZ; netif_napi_add(netdev, &adapter->napi, e1000_clean); - strncpy(netdev->name, pci_name(pdev), sizeof(netdev->name) - 1); + strscpy(netdev->name, pci_name(pdev), sizeof(netdev->name)); adapter->bd_number = cards_found; From patchwork Tue Oct 17 19:04:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jacob Keller X-Patchwork-Id: 13425781 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A09BD2DF6D; Tue, 17 Oct 2023 19:04:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="jevqTcWU" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 52837FA; Tue, 17 Oct 2023 12:04:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697569470; x=1729105470; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ELpo/pn2Y/msqeFAzn0NofDSrgYC1mIGiwhvBAxCdt8=; b=jevqTcWU17YIADx4leA7uziFuUEnLhq4tLXIkul4eNskKdnKuDuCf6eu NRYig4mV++PDrSkJSI1E03UmdUf7mcHtI95/NQjRrswml5Ew4Xi6hxwuj M3bkQlWTggkXUO4Meb50gtwZjTMmZocNKSJez0SrhP36Uvpc4elGgVKaO 0llbWvuaHwYx4EX13Yv0YgGCPtedSCWz8GQ19W+Oc3pn63Q03E7If4A46 PENwj9s4DEo4KvmVObG9CntSV/okHs9Lag4J0TIaYEf59e6KYUpnahlQJ UqoU5BgpA30jA1izKS+8Mn3Q80bmkpG2cl9zUp0DjBh4Wg6r5n0+t2Pbd A==; X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="384739749" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="384739749" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:19 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="822108740" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="822108740" Received: from jekeller-desk.amr.corp.intel.com (HELO jekeller-desk.jekeller.internal) ([10.166.241.1]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:19 -0700 From: Jacob Keller To: netdev@vger.kernel.org, David Miller , Jakub Kicinski Cc: Justin Stitt , linux-hardening@vger.kernel.org, Jacob Keller Subject: [PATCH net-next 5/9] fm10k: replace deprecated strncpy with strscpy Date: Tue, 17 Oct 2023 12:04:07 -0700 Message-ID: <20231017190411.2199743-6-jacob.e.keller@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231017190411.2199743-1-jacob.e.keller@intel.com> References: <20231017190411.2199743-1-jacob.e.keller@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net From: Justin Stitt `strncpy` is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. A suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Other implementations of .*get_drvinfo also use strscpy so this patch brings fm10k_get_drvinfo in line as well: igb/igb_ethtool.c +851 static void igb_get_drvinfo(struct net_device *netdev, igbvf/ethtool.c 167:static void igbvf_get_drvinfo(struct net_device *netdev, i40e/i40e_ethtool.c 1999:static void i40e_get_drvinfo(struct net_device *netdev, e1000/e1000_ethtool.c 529:static void e1000_get_drvinfo(struct net_device *netdev, ixgbevf/ethtool.c 211:static void ixgbevf_get_drvinfo(struct net_device *netdev, Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Signed-off-by: Jacob Keller --- drivers/net/ethernet/intel/fm10k/fm10k_ethtool.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/net/ethernet/intel/fm10k/fm10k_ethtool.c b/drivers/net/ethernet/intel/fm10k/fm10k_ethtool.c index d53369e30040..13a05604dcc0 100644 --- a/drivers/net/ethernet/intel/fm10k/fm10k_ethtool.c +++ b/drivers/net/ethernet/intel/fm10k/fm10k_ethtool.c @@ -448,10 +448,10 @@ static void fm10k_get_drvinfo(struct net_device *dev, { struct fm10k_intfc *interface = netdev_priv(dev); - strncpy(info->driver, fm10k_driver_name, - sizeof(info->driver) - 1); - strncpy(info->bus_info, pci_name(interface->pdev), - sizeof(info->bus_info) - 1); + strscpy(info->driver, fm10k_driver_name, + sizeof(info->driver)); + strscpy(info->bus_info, pci_name(interface->pdev), + sizeof(info->bus_info)); } static void fm10k_get_pauseparam(struct net_device *dev, From patchwork Tue Oct 17 19:04:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jacob Keller X-Patchwork-Id: 13425782 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BB5752DF6F; Tue, 17 Oct 2023 19:04:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="MsAhjMoi" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 54661FC; Tue, 17 Oct 2023 12:04:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697569470; x=1729105470; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5nN1JzZo3THylg3A7E1nTQIboa4XH08Qebb+ohZVNpE=; b=MsAhjMoiIBhn8bY5sbLSzpawQ0jK/6TKIsm1l1quBb8M5k2IjIUq+Xnq TsFSEwGRu3So+8ZmnOhtRg1fyA8Fhf6IAu8W2YO2hfkx8wH4AAQPX5gtu b8XHCJ5mbHPDjeYswEnotapl1Eo/e0GQmNtmnFHDs818RcA4xJPF3npyu FDkgDq0hXxV9CR73Y78J+m/6J4Gh9gLwy2PerOxbhoJdmd6WTkh8oFkyb dkh43eKbiz6kveLS9NeAHklQ/g4NTgSli8xfJe4tP/4fq5foPBa+4PKwH 30aJWASKOu8boR2C+Uz3XHgSEDYc0mhSwVnLZb4g5dgZrUAXkSdpwlOW0 g==; X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="384739765" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="384739765" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:19 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="822108754" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="822108754" Received: from jekeller-desk.amr.corp.intel.com (HELO jekeller-desk.jekeller.internal) ([10.166.241.1]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:19 -0700 From: Jacob Keller To: netdev@vger.kernel.org, David Miller , Jakub Kicinski Cc: Justin Stitt , linux-hardening@vger.kernel.org, Pucha Himasekhar Reddy , Jacob Keller Subject: [PATCH net-next 6/9] i40e: use scnprintf over strncpy+strncat Date: Tue, 17 Oct 2023 12:04:08 -0700 Message-ID: <20231017190411.2199743-7-jacob.e.keller@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231017190411.2199743-1-jacob.e.keller@intel.com> References: <20231017190411.2199743-1-jacob.e.keller@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net From: Justin Stitt `strncpy` is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. Moreover, `strncat` shouldn't really be used either as per fortify-string.h: * Do not use this function. While FORTIFY_SOURCE tries to avoid * read and write overflows, this is only possible when the sizes * of @p and @q are known to the compiler. Prefer building the * string with formatting, via scnprintf() or similar. Instead, use `scnprintf` with "%s%s" format string. This code is now more readable and robust. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Jacob Keller --- drivers/net/ethernet/intel/i40e/i40e_ddp.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/drivers/net/ethernet/intel/i40e/i40e_ddp.c b/drivers/net/ethernet/intel/i40e/i40e_ddp.c index 6b68b6575a1d..cf25bfc5dc3f 100644 --- a/drivers/net/ethernet/intel/i40e/i40e_ddp.c +++ b/drivers/net/ethernet/intel/i40e/i40e_ddp.c @@ -456,10 +456,9 @@ int i40e_ddp_flash(struct net_device *netdev, struct ethtool_flash *flash) char profile_name[sizeof(I40E_DDP_PROFILE_PATH) + I40E_DDP_PROFILE_NAME_MAX]; - profile_name[sizeof(profile_name) - 1] = 0; - strncpy(profile_name, I40E_DDP_PROFILE_PATH, - sizeof(profile_name) - 1); - strncat(profile_name, flash->data, I40E_DDP_PROFILE_NAME_MAX); + scnprintf(profile_name, sizeof(profile_name), "%s%s", + I40E_DDP_PROFILE_PATH, flash->data); + /* Load DDP recipe. */ status = request_firmware(&ddp_config, profile_name, &netdev->dev); From patchwork Tue Oct 17 19:04:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jacob Keller X-Patchwork-Id: 13425783 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 596CC2DF78; Tue, 17 Oct 2023 19:04:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="PRzDb62r" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F19C7FF; Tue, 17 Oct 2023 12:04:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697569471; x=1729105471; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=0uvkn8d+tZ9D+o5gz3EzUens/grIvdbagcO3bHmKFL0=; b=PRzDb62r4my42kozX/8PbpV6N6+C5W5d/naQLyJBnFkrPaYQT1O6INZP 74jrlfvM8dwjkiuCFKhPt/MEy1UJruRbkOmPZEYk6VbilhEknwpTGRxyk 7PwZYzpNeUWiVdO4MqstkWx5qX449zJ1N2Gte+mt0N+0j80XrD4X6EPvA chquar8E6s5GVBcdqqnsS4hZjtonvvbpfKqb5SFp1+PsVFmkNgSXPSzSu 5P1SYjN9O9Kxl+88mXKwKK9YJ5ojeC6HXMlm7Gcnyzac0/CDMBLQCaRzD yGZYNg78zAVl/jlGgE6M4K67jpw6HlDBkYi2EOnw1LLGoSEynrKYTsqXf A==; X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="384739778" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="384739778" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:19 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="822108764" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="822108764" Received: from jekeller-desk.amr.corp.intel.com (HELO jekeller-desk.jekeller.internal) ([10.166.241.1]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:19 -0700 From: Jacob Keller To: netdev@vger.kernel.org, David Miller , Jakub Kicinski Cc: Justin Stitt , linux-hardening@vger.kernel.org, Pucha Himasekhar Reddy , Jacob Keller Subject: [PATCH net-next 7/9] igb: replace deprecated strncpy with strscpy Date: Tue, 17 Oct 2023 12:04:09 -0700 Message-ID: <20231017190411.2199743-8-jacob.e.keller@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231017190411.2199743-1-jacob.e.keller@intel.com> References: <20231017190411.2199743-1-jacob.e.keller@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net From: Justin Stitt `strncpy` is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. We see that netdev->name is expected to be NUL-terminated based on its usage with format strings: | sprintf(q_vector->name, "%s-TxRx-%u", netdev->name, | q_vector->rx.ring->queue_index); Furthermore, NUL-padding is not required as netdev is already zero-allocated: | netdev = alloc_etherdev_mq(sizeof(struct igb_adapter), | IGB_MAX_TX_QUEUES); ... alloc_etherdev_mq() -> alloc_etherdev_mqs() -> alloc_netdev_mqs() ... | p = kvzalloc(alloc_size, GFP_KERNEL_ACCOUNT | __GFP_RETRY_MAYFAIL); Considering the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Jacob Keller --- drivers/net/ethernet/intel/igb/igb_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c index fdadf3e84f59..db54453e1946 100644 --- a/drivers/net/ethernet/intel/igb/igb_main.c +++ b/drivers/net/ethernet/intel/igb/igb_main.c @@ -3263,7 +3263,7 @@ static int igb_probe(struct pci_dev *pdev, const struct pci_device_id *ent) igb_set_ethtool_ops(netdev); netdev->watchdog_timeo = 5 * HZ; - strncpy(netdev->name, pci_name(pdev), sizeof(netdev->name) - 1); + strscpy(netdev->name, pci_name(pdev), sizeof(netdev->name)); netdev->mem_start = pci_resource_start(pdev, 0); netdev->mem_end = pci_resource_end(pdev, 0); From patchwork Tue Oct 17 19:04:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jacob Keller X-Patchwork-Id: 13425784 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F158A2DF81; Tue, 17 Oct 2023 19:04:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="XdytsJxX" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4546B101; Tue, 17 Oct 2023 12:04:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697569471; x=1729105471; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=XguKtIBserl17W+WRMzz/O63GGcr7IikbYIoEcZNqIA=; b=XdytsJxX/a76rfl7sMKvXWUySaPbN08OURGmQgMNfKxkwnFZDvvmOhkb GSL8FOPtcPUz/XBkXdVKA/HdZEU32LbtVWG6LnunUL453nKYD0+W+SmTR 0xkezZ/+BvXVms7qkBhueg1TvIshJY2AfsXdcsXt5FLuEsGHBpKu28H1n zHERbEnSlpEnAM1IMbZTNPGnzn+kCyDqLUwEqMhUkDVuHDrN0FwAKUbA7 mwuio8LMdQLKXAJgfaFhjLLbpHG5QJ4FIjnWKslDTl7DiKfTDsAR+h5a5 ww1VlOvnNo1ABovvkean6J54JffBxljZPh5megxyyn892MKvMuKYF615t w==; X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="384739804" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="384739804" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="822108780" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="822108780" Received: from jekeller-desk.amr.corp.intel.com (HELO jekeller-desk.jekeller.internal) ([10.166.241.1]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:19 -0700 From: Jacob Keller To: netdev@vger.kernel.org, David Miller , Jakub Kicinski Cc: Justin Stitt , linux-hardening@vger.kernel.org, Pucha Himasekhar Reddy , Jacob Keller Subject: [PATCH net-next 8/9] igbvf: replace deprecated strncpy with strscpy Date: Tue, 17 Oct 2023 12:04:10 -0700 Message-ID: <20231017190411.2199743-9-jacob.e.keller@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231017190411.2199743-1-jacob.e.keller@intel.com> References: <20231017190411.2199743-1-jacob.e.keller@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net From: Justin Stitt `strncpy` is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. We expect netdev->name to be NUL-terminated based on its usage with `strlen` and format strings: | if (strlen(netdev->name) < (IFNAMSIZ - 5)) { | sprintf(adapter->tx_ring->name, "%s-tx-0", netdev->name); Moreover, we do not need NUL-padding as netdev is already zero-allocated: | netdev = alloc_etherdev(sizeof(struct igbvf_adapter)); ... alloc_etherdev() -> alloc_etherdev_mq() -> alloc_etherdev_mqs() -> alloc_netdev_mqs() ... | p = kvzalloc(alloc_size, GFP_KERNEL_ACCOUNT | __GFP_RETRY_MAYFAIL); Considering the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Jacob Keller --- drivers/net/ethernet/intel/igbvf/netdev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ethernet/intel/igbvf/netdev.c b/drivers/net/ethernet/intel/igbvf/netdev.c index 7ff2752dd763..fd712585af27 100644 --- a/drivers/net/ethernet/intel/igbvf/netdev.c +++ b/drivers/net/ethernet/intel/igbvf/netdev.c @@ -2785,7 +2785,7 @@ static int igbvf_probe(struct pci_dev *pdev, const struct pci_device_id *ent) igbvf_set_ethtool_ops(netdev); netdev->watchdog_timeo = 5 * HZ; - strncpy(netdev->name, pci_name(pdev), sizeof(netdev->name) - 1); + strscpy(netdev->name, pci_name(pdev), sizeof(netdev->name)); adapter->bd_number = cards_found++; From patchwork Tue Oct 17 19:04:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jacob Keller X-Patchwork-Id: 13425785 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B7D862DF92; Tue, 17 Oct 2023 19:04:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="D4gzw87x" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 62943F5; Tue, 17 Oct 2023 12:04:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697569471; x=1729105471; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=d7FDOP7CsaCZrBn6l9ubPcTsZCF3dmd9cR8EUzjjCc8=; b=D4gzw87xx0TqhsitHjxYs9UbvM0cYfhbd/6fsgyqNzXILBmc7kEFvPMX LcwyM8/3RfE8/BTh1Xx4LptrIvApa6XuM72OMkXRY6rc9XbcmzrdLK2sr yFyfaI478jHhTFAwWXjF2gkyyUvu46OMHm1sHgwknH5Nv0K0NU1qM4hO4 AGlZXMmzgYxZxyKItjRJwKxOFQD1QY819hV+5GeWWRKLTTNzlxI/332cf /hry4qjSXKV42P/aee9x5KJr7ENF3Yt4K470/QAB/XamSZ/aNTUi/2ATU MBMmG5alqIre4zApuc25F8hzHUGd+AiCRPOHiT5MU0ApQ6Xo5l9UeW+5u g==; X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="384739821" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="384739821" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="822108794" X-IronPort-AV: E=Sophos;i="6.03,233,1694761200"; d="scan'208";a="822108794" Received: from jekeller-desk.amr.corp.intel.com (HELO jekeller-desk.jekeller.internal) ([10.166.241.1]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 12:04:20 -0700 From: Jacob Keller To: netdev@vger.kernel.org, David Miller , Jakub Kicinski Cc: Justin Stitt , linux-hardening@vger.kernel.org, Pucha Himasekhar Reddy , Jacob Keller Subject: [PATCH net-next 9/9] igc: replace deprecated strncpy with strscpy Date: Tue, 17 Oct 2023 12:04:11 -0700 Message-ID: <20231017190411.2199743-10-jacob.e.keller@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231017190411.2199743-1-jacob.e.keller@intel.com> References: <20231017190411.2199743-1-jacob.e.keller@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net From: Justin Stitt `strncpy` is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. We expect netdev->name to be NUL-terminated based on its use with format strings: | if (q_vector->rx.ring && q_vector->tx.ring) | sprintf(q_vector->name, "%s-TxRx-%u", netdev->name, Furthermore, we do not need NUL-padding as netdev is already zero-allocated: | netdev = alloc_etherdev_mq(sizeof(struct igc_adapter), | IGC_MAX_TX_QUEUES); ... alloc_etherdev() -> alloc_etherdev_mq() -> alloc_etherdev_mqs() -> alloc_netdev_mqs() ... | p = kvzalloc(alloc_size, GFP_KERNEL_ACCOUNT | __GFP_RETRY_MAYFAIL); Considering the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Jacob Keller --- drivers/net/ethernet/intel/igc/igc_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ethernet/intel/igc/igc_main.c b/drivers/net/ethernet/intel/igc/igc_main.c index 98de34d0ce07..e9bb403bbacf 100644 --- a/drivers/net/ethernet/intel/igc/igc_main.c +++ b/drivers/net/ethernet/intel/igc/igc_main.c @@ -6935,7 +6935,7 @@ static int igc_probe(struct pci_dev *pdev, */ igc_get_hw_control(adapter); - strncpy(netdev->name, "eth%d", IFNAMSIZ); + strscpy(netdev->name, "eth%d", sizeof(netdev->name)); err = register_netdev(netdev); if (err) goto err_register;