From patchwork Wed Feb 28 22:59:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13576112 Received: from mail-io1-f73.google.com (mail-io1-f73.google.com [209.85.166.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2E09F72910 for ; Wed, 28 Feb 2024 22:59:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161154; cv=none; b=h6pqb4E5illOiqKDF79aEELf6GCp3BZKQazYFhFIbP5qI7nzjYCSf8DwX2SQxFvJTdVjCWBY7njMgCgnpltMohUV8KW/AZjFd+0tVtLk9fpEUmp/r+66HtZ6VQeCxGn52x65jGV+9v51SoxV4vYcyZ8M1YzHe6tRWfh4IjNbS1k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161154; c=relaxed/simple; bh=I3y6bw2LAb0IlKx+FDxow7f/ZEvtwZiT0GhDzrTym60=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=GX8k8zcV6V0WS8r9n13Fm38exb5OwR9tTTfbwT9kd2+0pf9e4OhdybSNmWLxkIQkswyrljlhC16YftokwUjyrqTNZB/lKnzXW7sdT2ds+jw3BGekqYIKCuXA8w9ElLv7VqBGIkPZtewnn6abT8BZy1DNpU74uXUFWMP55c+L7YQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=vO1G+fJu; arc=none smtp.client-ip=209.85.166.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="vO1G+fJu" Received: by mail-io1-f73.google.com with SMTP id ca18e2360f4ac-7c7e21711d0so22729939f.3 for ; Wed, 28 Feb 2024 14:59:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709161151; x=1709765951; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Hl1dW8L3lDgmIQi+kWjnhkJ8hefGR0IxDu/wpRy1BWA=; b=vO1G+fJunlB1pJUEXlyCq74XoSc6qo+nBRTftSTMDmMp0yW+zdzufD+DsTNesl1yfK uwUpw7Hs5ybfmDHMJ/CRvOUyvpLgH6zhCwL6PLOC5HAwM6EdbsR2zxEl+TYu9G94bu4x EIG8kfDyuCR156K/of/wUGm7e58Pzc2YMU7cli6mYga6BbFJRfOzx9gUKcJOj6QyWZ+u h/is7CYlIs74LZbJOReS8BJxvBrWzyXZ+Pb8DlxCPjpRKWecF3H3Km94ZR/ZuQeTwhH9 /dvqSxBh0r/HUUNrV7jRlmONxlivviYltDsFuHxkd9fsw8y7fsHGtLGOpWz8JsNsbiCV kgwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709161151; x=1709765951; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Hl1dW8L3lDgmIQi+kWjnhkJ8hefGR0IxDu/wpRy1BWA=; b=rIU/VYnbekCdX0RYso7KKy1dKSbd28iLDXeqz4Jm5mUxjRuvRBL9RKGk5e/DyXqkcL 81VoQ35MjTCqEJKJlIZcafbdR1muTFIrtwjdn3U7vSojS20Lp6v7DfM+v2wOno6VcYer gFGacfbuGjbE7OpmXY662/qaQitkkvJjzV/TzDN2cnzvCrkOP0+CyvuhwmAzKv99vhwc 4vGRBRLXFIJ0MTqguRCgGUfXqlld7BdXCxoP6vZ6w8geTX7tvlDo5hHOzFiCDt8ZX8uo AjmsJO2eXMstLtgSZDFXf4Uu8gWk786qQe06LOO46sbTpkzFg+hRD6FvbqsoNuPEqx63 ClwQ== X-Forwarded-Encrypted: i=1; AJvYcCW4aLpNloC+GVDnRDxg3//EZFI8G13fbJcbCZFLYvRSIH5K47Y02CiBz6wBmfyth1v7uT2h9iabDkRvbGNXM3S8wB+GVi4iGRWOjNLm2KR8 X-Gm-Message-State: AOJu0YwJL/p+0rrvA4vcHL9gtGuMI0GmI4s6sls0k6yIzT1YRMRzwfPi ACIE6rDszVJhCJ3yxnGFl6obQIecmtVyd0O3exbnR1DXvEDN2/3rVgqe4TqZF0BpXp18YPTi56/ fCS716zzzjNz6Bui5dsT7Pw== X-Google-Smtp-Source: AGHT+IEd5TqDpcDL/CecVQtIlol9AO/hwvYDfTD681/QxVlgloUGwWLrfutSShIUODQETh6ot+b26gv93gIpFIIyfQ== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:6638:62a1:b0:474:b6fa:7034 with SMTP id fh33-20020a05663862a100b00474b6fa7034mr15140jab.1.1709161151340; Wed, 28 Feb 2024 14:59:11 -0800 (PST) Date: Wed, 28 Feb 2024 22:59:01 +0000 In-Reply-To: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1709161149; l=2010; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=I3y6bw2LAb0IlKx+FDxow7f/ZEvtwZiT0GhDzrTym60=; b=0jfUcUruXPoEyglUKRSGG/j22pheWkJ/kShfxgCMAIYM00AkKvlXO/rOjvoieojTIF0janahM HdEeoTo59P7B86/+IKwv9cfg8SERVoihoa3caIiuFnNFgz59Q5zU78t X-Mailer: b4 0.12.3 Message-ID: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-1-dacebd3fcfa0@google.com> Subject: [PATCH v2 1/7] scsi: mpi3mr: replace deprecated strncpy with assignments From: Justin Stitt To: Sathya Prakash Veerichetty , Kashyap Desai , Sumit Saxena , Sreekanth Reddy , "James E.J. Bottomley" , "Martin K. Petersen" , Suganath Prabu Subramani , Ariel Elior , Manish Chopra , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Saurav Kashyap , Javed Hasan , GR-QLogic-Storage-Upstream@marvell.com, Nilesh Javali , Manish Rangankar , Don Brace Cc: mpi3mr-linuxdrv.pdl@broadcom.com, linux-scsi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, Kees Cook , MPT-FusionLinux.pdl@broadcom.com, netdev@vger.kernel.org, storagedev@microchip.com, Justin Stitt Really, there's no bug with the current code. Let's just ditch strncpy() all together. We can just copy the const strings instead of reserving room on the stack. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Reviewed-by: Kees Cook --- changes from v1->v2: * use const char* assignments rather than strscpy (thanks Finn+Kees) --- drivers/scsi/mpi3mr/mpi3mr_fw.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/scsi/mpi3mr/mpi3mr_fw.c b/drivers/scsi/mpi3mr/mpi3mr_fw.c index 528f19f782f2..da0710cdac1d 100644 --- a/drivers/scsi/mpi3mr/mpi3mr_fw.c +++ b/drivers/scsi/mpi3mr/mpi3mr_fw.c @@ -3676,7 +3676,7 @@ static const struct { * mpi3mr_print_ioc_info - Display controller information * @mrioc: Adapter instance reference * - * Display controller personalit, capability, supported + * Display controller personality, capability, supported * protocols etc. * * Return: Nothing @@ -3685,20 +3685,20 @@ static void mpi3mr_print_ioc_info(struct mpi3mr_ioc *mrioc) { int i = 0, bytes_written = 0; - char personality[16]; + const char *personality; char protocol[50] = {0}; char capabilities[100] = {0}; struct mpi3mr_compimg_ver *fwver = &mrioc->facts.fw_ver; switch (mrioc->facts.personality) { case MPI3_IOCFACTS_FLAGS_PERSONALITY_EHBA: - strncpy(personality, "Enhanced HBA", sizeof(personality)); + personality = "Enhanced HBA"; break; case MPI3_IOCFACTS_FLAGS_PERSONALITY_RAID_DDR: - strncpy(personality, "RAID", sizeof(personality)); + personality = "RAID"; break; default: - strncpy(personality, "Unknown", sizeof(personality)); + personality = "Unknown"; break; } From patchwork Wed Feb 28 22:59:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13576113 Received: from mail-io1-f74.google.com (mail-io1-f74.google.com [209.85.166.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EEDFB76EF7 for ; Wed, 28 Feb 2024 22:59:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161154; cv=none; b=LSt1yD/3bo7rdUvwQE4ylk5E6nz5VOz+BQRYJvdh1uvF1L0n4+6sL+RyJXYXU/b9otqIYskqwby8tmWFqO84c51LaGy8XU6tcdfsJWjMyDFzHyogANktUJBTwuSNsRQJrREIQ37LW1rBLe4lkvOdmSAjsVuigAzwTubqS+gk19Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161154; c=relaxed/simple; bh=Z4BBGV1hOFa3fzm1HmN99JMRiPAbNeMi55KlfreDQa8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=AQG4ew1PtDjZ5b9bkkreijW9PjdOQJsgGuZyiHZoNISZhEg6zXhe9CGMh+tmfTEqSUPMQTdzXNfOcz9uoFd/TSuhAe/y2PvhKnGQvAqEUQxe7DlnnCyvLsmcfa91IZXQEYmra3yENJcIgCZaTGWsnJQgOyQ6UccXp6/pTPswCDo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Lfdc8E+d; arc=none smtp.client-ip=209.85.166.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Lfdc8E+d" Received: by mail-io1-f74.google.com with SMTP id ca18e2360f4ac-7bc32b2226aso25363739f.2 for ; Wed, 28 Feb 2024 14:59:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709161152; x=1709765952; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=bLU58cNsxIxmo5SOnpWD9TRuTE/p29tGp2T+p0X/qao=; b=Lfdc8E+dQoKRZ7UHjmCxuuOCumZf+bKJYPFI7mWFMp8y5FPX5nCz/UWCRuj8Gsy7Gr BNA1IvYFd3bY77T0Z3nEf46fSrjzrlVajbo23836z4u9v5kCNMImaCvBcrlrqU6QM887 NX8ESr1CljoU4xv200pQ8AjyDHloSLdlOysohwNX20ovzauRXq/BeqOm1eurEgaGSaj2 Ot48kC+Qi9E8Ii8hQs4fdy8THRHkO3IgO4rKaRm7g+T/ClmKkCcHtRTw1QNAxV4xAolE v8CJrzUo2gJoehB+gRq9bCeuUW2NtaA/JrgCrbSfNuOcPU96a5llrYIcBl5nwqWj/UYx KvNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709161152; x=1709765952; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=bLU58cNsxIxmo5SOnpWD9TRuTE/p29tGp2T+p0X/qao=; b=rO/pQzhvDs7jL8DzizQYkqE7rE0Qi94phpR4CRgYzFg3gzpxcQyzFeDMLwkG3mGxUj uTulJyfOVdqnXuQlzr3yHjs2IFJAbHIiFCrnF7TVq+M1nHQlQ8zLyPi4LL/e8718Zjny cFxVYG7pY7WuDmvTktyDjkEbKnVKpLV6m/n9k+ccXSKG4sPELNuQsvYdyjOFw/zYwNUg S9Bb7UWBjEsFxwNQG+XoiTMwxmCLYtAVm++am8JWWqeL3B9eKbYADR0O2BQHNzBd/pyK PHoMRKhwMKzjBVaZomKWkj4xQa7E0MZ9Ml/pX9KEpIk9E50ymzQhJuGS5MpMobRiPuXc 7PjA== X-Forwarded-Encrypted: i=1; AJvYcCVVL8ErVIvxqOFzQYwMoG/GicBEdwY/hwC8bUx4HuT3rPcbpXWNlIv38VoPy2b4Ns+oxOhAaf7WCgTwlSXVaKmNOa/0a7ETLjP1UnHZmno4 X-Gm-Message-State: AOJu0YzXvKMMJk1RwSubX3a+RqcnJ9r4pPtAWxVT5DQzts1qZ7CVuyzk nOYfX+M20O8796SA8VWc0V7bxdfvmvDbVb/mgQI/IJgc7QQFjiWCjfH/2vCFWfJVxCW2myhKE2c 5AGkuAQZTiKJFaPoK/jTfTw== X-Google-Smtp-Source: AGHT+IHTJ2N2HYiEZpScC7YV/vYj8U8pCK1Y7mZmAc8fgA3K6ISVopKJKW42yQLgS0wMzPSfp0V4NfKW8t2emz9eHw== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a5e:8c15:0:b0:7c7:edf3:3c74 with SMTP id n21-20020a5e8c15000000b007c7edf33c74mr2714ioj.1.1709161152300; Wed, 28 Feb 2024 14:59:12 -0800 (PST) Date: Wed, 28 Feb 2024 22:59:02 +0000 In-Reply-To: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1709161149; l=2731; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=Z4BBGV1hOFa3fzm1HmN99JMRiPAbNeMi55KlfreDQa8=; b=BOIy+NBZ13y8jyxOGBEgcwe8EF98T+FHbRweiZOnkmVQdW7WTrX+fu+j+rrLs66UCEio/Mkue H7xxvi3ZGOJBzQK3h6BnUCO4CthpnvTF1Ubw473+zhoe1wq7ZYz2lx/ X-Mailer: b4 0.12.3 Message-ID: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-2-dacebd3fcfa0@google.com> Subject: [PATCH v2 2/7] scsi: mpt3sas: replace deprecated strncpy with strscpy From: Justin Stitt To: Sathya Prakash Veerichetty , Kashyap Desai , Sumit Saxena , Sreekanth Reddy , "James E.J. Bottomley" , "Martin K. Petersen" , Suganath Prabu Subramani , Ariel Elior , Manish Chopra , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Saurav Kashyap , Javed Hasan , GR-QLogic-Storage-Upstream@marvell.com, Nilesh Javali , Manish Rangankar , Don Brace Cc: mpi3mr-linuxdrv.pdl@broadcom.com, linux-scsi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, Kees Cook , MPT-FusionLinux.pdl@broadcom.com, netdev@vger.kernel.org, storagedev@microchip.com, Justin Stitt The replacement in mpt3sas_base.c is a trivial one because desc is already zero-initialized meaning there is no functional change here. For mpt3sas_transport.c, we know edev is zero-initialized as well while manufacture_reply comes from dma_alloc_coherent(). No functional change here either. For all cases, use the more idiomatic strscpy() usage of: strscpy(dest, src, sizeof(dest)) Signed-off-by: Justin Stitt Reviewed-by: Kees Cook --- drivers/scsi/mpt3sas/mpt3sas_base.c | 2 +- drivers/scsi/mpt3sas/mpt3sas_transport.c | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/drivers/scsi/mpt3sas/mpt3sas_base.c b/drivers/scsi/mpt3sas/mpt3sas_base.c index 8761bc58d965..c1e421cb8533 100644 --- a/drivers/scsi/mpt3sas/mpt3sas_base.c +++ b/drivers/scsi/mpt3sas/mpt3sas_base.c @@ -4774,7 +4774,7 @@ _base_display_ioc_capabilities(struct MPT3SAS_ADAPTER *ioc) char desc[17] = {0}; u32 iounit_pg1_flags; - strncpy(desc, ioc->manu_pg0.ChipName, 16); + strscpy(desc, ioc->manu_pg0.ChipName, sizeof(desc)); ioc_info(ioc, "%s: FWVersion(%02d.%02d.%02d.%02d), ChipRevision(0x%02x)\n", desc, (ioc->facts.FWVersion.Word & 0xFF000000) >> 24, diff --git a/drivers/scsi/mpt3sas/mpt3sas_transport.c b/drivers/scsi/mpt3sas/mpt3sas_transport.c index 421ea511b664..76f9a9177198 100644 --- a/drivers/scsi/mpt3sas/mpt3sas_transport.c +++ b/drivers/scsi/mpt3sas/mpt3sas_transport.c @@ -458,17 +458,17 @@ _transport_expander_report_manufacture(struct MPT3SAS_ADAPTER *ioc, goto out; manufacture_reply = data_out + sizeof(struct rep_manu_request); - strncpy(edev->vendor_id, manufacture_reply->vendor_id, - SAS_EXPANDER_VENDOR_ID_LEN); - strncpy(edev->product_id, manufacture_reply->product_id, - SAS_EXPANDER_PRODUCT_ID_LEN); - strncpy(edev->product_rev, manufacture_reply->product_rev, - SAS_EXPANDER_PRODUCT_REV_LEN); + strscpy(edev->vendor_id, manufacture_reply->vendor_id, + sizeof(edev->vendor_id)); + strscpy(edev->product_id, manufacture_reply->product_id, + sizeof(edev->product_id)); + strscpy(edev->product_rev, manufacture_reply->product_rev, + sizeof(edev->product_rev)); edev->level = manufacture_reply->sas_format & 1; if (edev->level) { - strncpy(edev->component_vendor_id, - manufacture_reply->component_vendor_id, - SAS_EXPANDER_COMPONENT_VENDOR_ID_LEN); + strscpy(edev->component_vendor_id, + manufacture_reply->component_vendor_id, + sizeof(edev->component_vendor_id)); tmp = (u8 *)&manufacture_reply->component_id; edev->component_id = tmp[0] << 8 | tmp[1]; edev->component_revision_id = From patchwork Wed Feb 28 22:59:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13576114 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9024779B7D for ; Wed, 28 Feb 2024 22:59:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161156; cv=none; b=LuIjiRcXijs9M7Q8ATNUxsvcuLMYlPmstXXgAGEdFGM1FP65h8go6Wt+mt1M2QmzPuRM+uI3JghjIN+aQTPvjHgPTpu3b9KBnG+Nmcnuee5B3eVyq/+AQz2X72FDmpG3Iu6tWlyUJ33OTrLTPnEVo8TvmqUwJTdFeXnLC0iu6d8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161156; c=relaxed/simple; bh=To7ZU6TEXywiRaHnSamsifvUq4hwPP/ysQChSO0JU2Y=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=S+V0C68jv95aXeZQ4oT3gq4zuSbyAa94dGF/9wipznDPHI3bplEPJdAdBELA7JklnoTeo6HMyXsqlLqJ9ap7MhHbl5+37s4gjbOi9vrCWrfvWlcR+z9zE0GZ4tMTtFChFcAjZIOr4h80s6q/7sF73w4n/8Uo8bum9L1/AVyke3Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=F3m5PPEl; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="F3m5PPEl" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-608d6ffc64eso4450127b3.0 for ; Wed, 28 Feb 2024 14:59:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709161153; x=1709765953; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=pViMbQwWguNjxrb+PJNzy6YtvcZcNKawzSxX92KuoQU=; b=F3m5PPElmJQy88IGssNVfgwgucR/V7hNzMexXe8JTjGUGvlnt+rnAygG6mDTr37kuQ P30aQZdJj91+KYq4iWg3uWwxxQuGq63BN57oi3EVXh5qtwuY3SH2gfLiG2YigfyMREzG 94Q8JxuSe35kPbhokdlXdgVHN9/zF54i1wM+3KAyDWiYkFxkkXxEW0y1roiNlzrh0TvS xrLX/C1wY6xr6Ha5P8vyKeuEOTgI5j0iKAShlydNABZNMAA0i8xAFGzrLA8UHbwz26ZS NZSiRduBm14MerhPiZNhyj+oQins+VbAhYcURg1CZw7dObgqEV/TXD6nHRR2SZ1I9QFf e6Jg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709161153; x=1709765953; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=pViMbQwWguNjxrb+PJNzy6YtvcZcNKawzSxX92KuoQU=; b=Nd1CQNT75bcfbKaYO//GLfjocEsaesjnOCy3LK3Gv7dHNbk3tv9XTBMAxGt6tuSMfq oyx75kJ00TOYO+FjLpQRHyeM/0UfKrM8kzjFIyjfRwZ+kQhHh5xSQQD5h07DKpo1JChJ mcoLbM2P9NxKjcdyojpE66zcmkirNacqVZVPmbU727gdU9201u9tAE9g536WOfdVCFMC WruzFzQTw2kd3pyfXpVNOiNJsNuff9/lWgf+tWgGDSzHfkA8TvgfwQI7Y+w8T7SyiW4v k/GOssRThYz5VNO+uq83qYk01ww3gDMr7Cr4lJMnyILcxyTAE2pQwaLHgLkEATF65qDq eGcQ== X-Forwarded-Encrypted: i=1; AJvYcCW4aDsxJv65QKnCPe69RoItejfMTdJpYg+4l/lRQPLbTxPRrh8ediC8rKhrEf1ZJ3SUiqbYkqtoQYbsiAcAvXRBcLhL504+/3DTLCcES291 X-Gm-Message-State: AOJu0Yzechp+YkMPJCWSlpgoCHPuXubJrMDLbU9vEwh2aGpjnRGpTHFm mV6BTyYs/2hw/9rvY2mSP3iMEXJYznlP9JXxGMcj4CSFYzLzL/tIsRAGA102JxjvtkwjFYkVFYR OZG27KVne0I4h6sD7w2Lcog== X-Google-Smtp-Source: AGHT+IG+CrcPSeuQjCNv+LYZnr9O0qgAPGjwTPP2EKsKr3ZNTjlJRHQOZWnRtpsIS3mScTSFziEoCrfsuBT7tEgW3g== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:690c:905:b0:608:aaf0:d8b4 with SMTP id cb5-20020a05690c090500b00608aaf0d8b4mr28847ywb.3.1709161153510; Wed, 28 Feb 2024 14:59:13 -0800 (PST) Date: Wed, 28 Feb 2024 22:59:03 +0000 In-Reply-To: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1709161149; l=2289; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=To7ZU6TEXywiRaHnSamsifvUq4hwPP/ysQChSO0JU2Y=; b=UNWBEUmFmReM+6jy6/lpJEccGagN1o5lmsEyKnmxCayFBEyaeJUaFqVrDM0O1UvqfN/bbiNa0 H08DaS5FaNNCmjru8vc0r39+MwfbEMICtUbqZnovavG8cU3+DmJYO4N X-Mailer: b4 0.12.3 Message-ID: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-3-dacebd3fcfa0@google.com> Subject: [PATCH v2 3/7] scsi: qedf: replace deprecated strncpy with strscpy From: Justin Stitt To: Sathya Prakash Veerichetty , Kashyap Desai , Sumit Saxena , Sreekanth Reddy , "James E.J. Bottomley" , "Martin K. Petersen" , Suganath Prabu Subramani , Ariel Elior , Manish Chopra , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Saurav Kashyap , Javed Hasan , GR-QLogic-Storage-Upstream@marvell.com, Nilesh Javali , Manish Rangankar , Don Brace Cc: mpi3mr-linuxdrv.pdl@broadcom.com, linux-scsi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, Kees Cook , MPT-FusionLinux.pdl@broadcom.com, netdev@vger.kernel.org, storagedev@microchip.com, Justin Stitt We expect slowpath_params.name to be NUL-terminated based on its future usage with other string APIs: | static int qed_slowpath_start(struct qed_dev *cdev, | struct qed_slowpath_params *params) ... | strscpy(drv_version.name, params->name, | MCP_DRV_VER_STR_SIZE - 4); Moreover, NUL-padding is not necessary as the only use for this slowpath name parameter is to copy into the drv_version.name field. Also, let's prefer using strscpy(src, dest, sizeof(src)) in two instances (one of which is outside of the scsi system but it is trivial and related to this patch). We can see the drv_version.name size here: | struct qed_mcp_drv_version { | u32 version; | u8 name[MCP_DRV_VER_STR_SIZE - 4]; | }; Signed-off-by: Justin Stitt Reviewed-by: Kees Cook --- drivers/net/ethernet/qlogic/qed/qed_main.c | 2 +- drivers/scsi/qedf/qedf_main.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/qlogic/qed/qed_main.c b/drivers/net/ethernet/qlogic/qed/qed_main.c index c278f8893042..d39e198fe8db 100644 --- a/drivers/net/ethernet/qlogic/qed/qed_main.c +++ b/drivers/net/ethernet/qlogic/qed/qed_main.c @@ -1351,7 +1351,7 @@ static int qed_slowpath_start(struct qed_dev *cdev, (params->drv_rev << 8) | (params->drv_eng); strscpy(drv_version.name, params->name, - MCP_DRV_VER_STR_SIZE - 4); + sizeof(drv_version.name)); rc = qed_mcp_send_drv_version(hwfn, hwfn->p_main_ptt, &drv_version); if (rc) { diff --git a/drivers/scsi/qedf/qedf_main.c b/drivers/scsi/qedf/qedf_main.c index a58353b7b4e8..fd12439cbaab 100644 --- a/drivers/scsi/qedf/qedf_main.c +++ b/drivers/scsi/qedf/qedf_main.c @@ -3468,7 +3468,7 @@ static int __qedf_probe(struct pci_dev *pdev, int mode) slowpath_params.drv_minor = QEDF_DRIVER_MINOR_VER; slowpath_params.drv_rev = QEDF_DRIVER_REV_VER; slowpath_params.drv_eng = QEDF_DRIVER_ENG_VER; - strncpy(slowpath_params.name, "qedf", QED_DRV_VER_STR_SIZE); + strscpy(slowpath_params.name, "qedf", sizeof(slowpath_params.name)); rc = qed_ops->common->slowpath_start(qedf->cdev, &slowpath_params); if (rc) { QEDF_ERR(&(qedf->dbg_ctx), "Cannot start slowpath.\n"); From patchwork Wed Feb 28 22:59:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13576115 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6F1987D083 for ; Wed, 28 Feb 2024 22:59:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161157; cv=none; b=fKsiI/RnCW4+L4nH1T+kLIqABc/GLsy2GeUN7EbxU2lAmcrtN1u1Yxi4tns5yrOzaq2kHqomvYK4CwdMOYHURwQcS9fKSI7XfLXC4rP6XVHXOJXhYF1AmZv1R34t0DCvhh6eADFj76QvE7zG8Wz6Xwmu0+iCqX9nFPsq9hta/Zg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161157; c=relaxed/simple; bh=Io+nFxT4E7uq3oa+gTgQDLCH4N9Pav1QHW8TI2laaBw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=FDWgRbaThMvUS5oKtxW63KCVAfuarjlimeBdkQNkDKhuWgZ62Hy/KpGAIjh0+FNcCqibJ4yGVaDmzIzvZFZJ+SMdTqY/SH2Jnq4obpkVjGHo5fnRa4H7Bb1ee+aKNjxZ4Kji+FPCWk+3na3O6xops3iCnx3CGv4YwmocYi5lr0w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=nLUK2SDY; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="nLUK2SDY" Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-dcbee93a3e1so510211276.3 for ; Wed, 28 Feb 2024 14:59:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709161154; x=1709765954; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=029VgwupM9kp4/rJ4YhPt46NqdIF7dbcYt6+f6FCaeA=; b=nLUK2SDYR9f4wM3Ilp7pFo9FXe8/1mlW6Y9JWTtS2vnb8UyFJ4F6ENmtu6kwNlo+tv xLgQtJXUYuyVUlulP8gGRxkDuTWDpBKw4rxVA+upqsvqJvDMc4YmopoBbWkM7Xbb0chc xsfxeyRIleFACkEIWJKDovNYyKYlWwiLhLXO8X0psdT10HAKkMGNuZB91U3AOtBhsBMh ZyzW2XLm3dUq1NzGsPW6DSMzNcw1fBT1BsesthEc3Wz3RlkQogDV4fdgs2wJ0klk8AVo KIQhrZX4j4YOTi6gBHhSFldbkVdlu0IMTIxM1xGuivTnWG0cEgXhud5xbN6lTNCwvGhR 0h5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709161154; x=1709765954; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=029VgwupM9kp4/rJ4YhPt46NqdIF7dbcYt6+f6FCaeA=; b=aaNk7o+tVrgV8VMRMvZsquH3aAbp2zzIuVngvKGeJKFhS4QjlY1G0Rq1Hwp/UOtzgM H2md881xPcSjjYLT2HKpPbig0mDUKj/sWsGeExwCuxckHgjmgEMUPd0tLPBIaZRdV5gK c76OAT7Ekm6A28/FY6f7lEicjme12FmwbCDFPM9TUbuva5xN7SN54KoRzEDsyfnQ8Iu0 +dg7zI418ZUvHLDPyqER2NCfGAqE7fPeEdPf5Ue0Szve7Wp23+tui5BuQ6VVOsfOeAZn Gdtiq/VFqkUfNZGlB1PSS9I2hmwfoO25Px5Y3KbI5C1NxvTpgt8ddgJYs4u+pZpgwuEO MaGA== X-Forwarded-Encrypted: i=1; AJvYcCVoZCCC0GDqiqRktRWoSH1iYdAv+8KZC6L1fkRiqLM8utdRIr4jVLm/rjZsePO6ZiXJ67kV1XH9pNIFRJ0J4qWovF8N6iMMckMznFsWvkpS X-Gm-Message-State: AOJu0YwWhcLVla/b1XmijO0I5RhyvLhR7xH/9kC1EFsy5bJD0W3XEKig Wo+LcLkB9nSnmh0SsGgEX9o0CIkVOzWGnd4Z9pAyREjQ6HttR5qgtWnT/XLPUV+nxbiNM1co5bA AtXgfin4vi3RoUZ9Zi5tWOw== X-Google-Smtp-Source: AGHT+IE8CHH2ZbFt2Nyjerb9VaztYwBqnbx4azSDUzSp4wm8toq0f/VGly5E8xju5L+9FltTO2cUqMOgfh06WJY45Q== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:6902:72c:b0:dbe:a0c2:df25 with SMTP id l12-20020a056902072c00b00dbea0c2df25mr37594ybt.8.1709161154561; Wed, 28 Feb 2024 14:59:14 -0800 (PST) Date: Wed, 28 Feb 2024 22:59:04 +0000 In-Reply-To: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1709161149; l=6776; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=Io+nFxT4E7uq3oa+gTgQDLCH4N9Pav1QHW8TI2laaBw=; b=RavFq/Ac1ON00tNzK0x+UUTHt7q8DWcWRD3Amt47SxWlWTgw/9YR+KHa+z1aXddNPXcl9IOzo mupkntUL54IARZhWMJwKGdYMpLxQj6/tzar8Q3IcXDy3c5ThGNjHavE X-Mailer: b4 0.12.3 Message-ID: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-4-dacebd3fcfa0@google.com> Subject: [PATCH v2 4/7] scsi: qla4xxx: replace deprecated strncpy with strscpy From: Justin Stitt To: Sathya Prakash Veerichetty , Kashyap Desai , Sumit Saxena , Sreekanth Reddy , "James E.J. Bottomley" , "Martin K. Petersen" , Suganath Prabu Subramani , Ariel Elior , Manish Chopra , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Saurav Kashyap , Javed Hasan , GR-QLogic-Storage-Upstream@marvell.com, Nilesh Javali , Manish Rangankar , Don Brace Cc: mpi3mr-linuxdrv.pdl@broadcom.com, linux-scsi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, Kees Cook , MPT-FusionLinux.pdl@broadcom.com, netdev@vger.kernel.org, storagedev@microchip.com, Justin Stitt Replace 3 instances of strncpy in ql4_mbx.c No bugs exist in the current implementation as some care was taken to ensure the write length was decreased by one to leave some space for a NUL-byte. However, instead of using strncpy(dest, src, LEN-1) we can opt for strscpy(dest, src, sizeof(dest)) which will result in NUL-termination as well. It should be noted that the entire chap_table is zero-allocated so the NUL-padding provided by strncpy is not needed. While here, I noticed that MIN_CHAP_SECRET_LEN was not used anywhere. Since strscpy gives us the number of bytes copied into the destination buffer (or an -E2BIG) we can check both for an error during copying and also for a non-length compliant secret. Add a new jump label so we can properly clean up our chap_table should we have to abort due to bad secret. The third instance in this file involves some more peculiar handling of strings: | uint32_t mbox_cmd[MBOX_REG_COUNT]; | ... | memset(&mbox_cmd, 0, sizeof(mbox_cmd)); | ... | mbox_cmd[0] = MBOX_CMD_SET_PARAM; | if (param == SET_DRVR_VERSION) { | mbox_cmd[1] = SET_DRVR_VERSION; | strncpy((char *)&mbox_cmd[2], QLA4XXX_DRIVER_VERSION, | MAX_DRVR_VER_LEN - 1); mbox_cmd has a size of 8: | #define MBOX_REG_COUNT 8 ... and its type width is 4 bytes. Hence, we have 32 bytes to work with here. The first 4 bytes are used as a flag for the MBOX_CMD_SET_PARAM. The next 4 bytes are used for SET_DRVR_VERSION. We now have 32-8=24 bytes remaining -- which thankfully is what MAX_DRVR_VER_LEN is equal to | #define MAX_DRVR_VER_LEN 24 ... and the thing we're copying into this pseudo-string buffer is | #define QLA4XXX_DRIVER_VERSION "5.04.00-k6" ... which is great because its less than 24 bytes (therefore we aren't truncating the source). All to say, there's no bug in the existing implementation (yay!) but we can clean the code up a bit by using strscpy(). In ql4_os.c, there aren't any strncpy() uses to replace but there are some existing strscpy() calls that could be made more idiomatic. Where possible, use strscpy(dest, src, sizeof(dest)). Note that chap_rec->password has a size of ISCSI_CHAP_AUTH_SECRET_MAX_LEN | #define ISCSI_CHAP_AUTH_SECRET_MAX_LEN 256 ... while the current strscpy usage uses QL4_CHAP_MAX_SECRET_LEN | #define QL4_CHAP_MAX_SECRET_LEN 100 ... however since chap_table->secret was set and bounded properly in its string assignment its probably safe here to switch over to sizeof(). | struct iscsi_chap_rec { ... | char username[ISCSI_CHAP_AUTH_NAME_MAX_LEN]; | uint8_t password[ISCSI_CHAP_AUTH_SECRET_MAX_LEN]; ... | }; | strscpy(chap_rec->password, chap_table->secret, | QL4_CHAP_MAX_SECRET_LEN); Signed-off-by: Justin Stitt Reviewed-by: Kees Cook --- drivers/scsi/qla4xxx/ql4_mbx.c | 17 ++++++++++++----- drivers/scsi/qla4xxx/ql4_os.c | 14 +++++++------- 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/drivers/scsi/qla4xxx/ql4_mbx.c b/drivers/scsi/qla4xxx/ql4_mbx.c index 249f1d7021d4..75125d2021f5 100644 --- a/drivers/scsi/qla4xxx/ql4_mbx.c +++ b/drivers/scsi/qla4xxx/ql4_mbx.c @@ -1641,6 +1641,7 @@ int qla4xxx_set_chap(struct scsi_qla_host *ha, char *username, char *password, struct ql4_chap_table *chap_table; uint32_t chap_size = 0; dma_addr_t chap_dma; + ssize_t secret_len; chap_table = dma_pool_zalloc(ha->chap_dma_pool, GFP_KERNEL, &chap_dma); if (chap_table == NULL) { @@ -1652,9 +1653,13 @@ int qla4xxx_set_chap(struct scsi_qla_host *ha, char *username, char *password, chap_table->flags |= BIT_6; /* peer */ else chap_table->flags |= BIT_7; /* local */ - chap_table->secret_len = strlen(password); - strncpy(chap_table->secret, password, MAX_CHAP_SECRET_LEN - 1); - strncpy(chap_table->name, username, MAX_CHAP_NAME_LEN - 1); + + secret_len = strscpy(chap_table->secret, password, + sizeof(chap_table->secret)); + if (secret_len < MIN_CHAP_SECRET_LEN) + goto cleanup_chap_table; + chap_table->secret_len = (uint8_t)secret_len; + strscpy(chap_table->name, username, sizeof(chap_table->name)); chap_table->cookie = cpu_to_le16(CHAP_VALID_COOKIE); if (is_qla40XX(ha)) { @@ -1679,6 +1684,8 @@ int qla4xxx_set_chap(struct scsi_qla_host *ha, char *username, char *password, memcpy((struct ql4_chap_table *)ha->chap_list + idx, chap_table, sizeof(struct ql4_chap_table)); } + +cleanup_chap_table: dma_pool_free(ha->chap_dma_pool, chap_table, chap_dma); if (rval != QLA_SUCCESS) ret = -EINVAL; @@ -2281,8 +2288,8 @@ int qla4_8xxx_set_param(struct scsi_qla_host *ha, int param) mbox_cmd[0] = MBOX_CMD_SET_PARAM; if (param == SET_DRVR_VERSION) { mbox_cmd[1] = SET_DRVR_VERSION; - strncpy((char *)&mbox_cmd[2], QLA4XXX_DRIVER_VERSION, - MAX_DRVR_VER_LEN - 1); + strscpy((char *)&mbox_cmd[2], QLA4XXX_DRIVER_VERSION, + MAX_DRVR_VER_LEN); } else { ql4_printk(KERN_ERR, ha, "%s: invalid parameter 0x%x\n", __func__, param); diff --git a/drivers/scsi/qla4xxx/ql4_os.c b/drivers/scsi/qla4xxx/ql4_os.c index 675332e49a7b..17cccd14765f 100644 --- a/drivers/scsi/qla4xxx/ql4_os.c +++ b/drivers/scsi/qla4xxx/ql4_os.c @@ -799,10 +799,10 @@ static int qla4xxx_get_chap_list(struct Scsi_Host *shost, uint16_t chap_tbl_idx, chap_rec->chap_tbl_idx = i; strscpy(chap_rec->username, chap_table->name, - ISCSI_CHAP_AUTH_NAME_MAX_LEN); - strscpy(chap_rec->password, chap_table->secret, - QL4_CHAP_MAX_SECRET_LEN); - chap_rec->password_length = chap_table->secret_len; + sizeof(chap_rec->username)); + chap_rec->password_length = strscpy(chap_rec->password, + chap_table->secret, + sizeof(chap_rec->password)); if (chap_table->flags & BIT_7) /* local */ chap_rec->chap_type = CHAP_TYPE_OUT; @@ -6291,8 +6291,8 @@ static void qla4xxx_get_param_ddb(struct ddb_entry *ddb_entry, tddb->tpgt = sess->tpgt; tddb->port = conn->persistent_port; - strscpy(tddb->iscsi_name, sess->targetname, ISCSI_NAME_SIZE); - strscpy(tddb->ip_addr, conn->persistent_address, DDB_IPADDR_LEN); + strscpy(tddb->iscsi_name, sess->targetname, sizeof(tddb->iscsi_name)); + strscpy(tddb->ip_addr, conn->persistent_address, sizeof(tddb->ip_addr)); } static void qla4xxx_convert_param_ddb(struct dev_db_entry *fw_ddb_entry, @@ -7792,7 +7792,7 @@ static int qla4xxx_sysfs_ddb_logout(struct iscsi_bus_flash_session *fnode_sess, } strscpy(flash_tddb->iscsi_name, fnode_sess->targetname, - ISCSI_NAME_SIZE); + sizeof(flash_tddb->iscsi_name)); if (!strncmp(fnode_sess->portal_type, PORTAL_TYPE_IPV6, 4)) sprintf(flash_tddb->ip_addr, "%pI6", fnode_conn->ipaddress); From patchwork Wed Feb 28 22:59:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13576116 Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE3E714AD07 for ; Wed, 28 Feb 2024 22:59:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161159; cv=none; b=WUbHdptM1PVwrlKq8UN05aHyPcn4jBdL2Xaw3RhDBmZp5ChYychSvZTIwDj/WOPNkLmgrKxG5QuYqzasT3LREj0ZBYJapNTfv+RnqwnRl2itfexXwnlTdxmDIYQPipjBnUeNCIbtE2OC7MOnBSS8vzTY2TbXfjKMbnmTojrWYKo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161159; c=relaxed/simple; bh=Lddxx/7+zTRDdPfPCQR3m48LNdlBsdHAfzX1ldXLmxg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=OTls7dd2bI9zNCyMCH/+UPU/YeJlDpkOgXi1gAyX/H4bnLUxddEbfivnyjtLooi+b4Y+xZhGpTLLF0G+cN0lN86c3X7MXiqeQfzN1Gk8SI0Ikjb06DQAUaH7vOyiQ32M00P86B7HbFZ2FIpPOFj3kpll2/6YYWOht72C3pXHqWM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Yy3oKL8p; arc=none smtp.client-ip=209.85.128.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Yy3oKL8p" Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-608ac8c5781so5097947b3.3 for ; Wed, 28 Feb 2024 14:59:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709161156; x=1709765956; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=AEPqDrb3kuqBi4wlFiHmXpXFNsJMzopZPuYDXQBwtp8=; b=Yy3oKL8piYhFHPFq+2GugB5MRoqsGwybvABd8XdoQflltcrnx26GGxSAUj8Izbt1pJ bbClVAZJ8jx5fUkby51sufkjIlDVXNokgCtAtH6EaNNAd4KntkDzQLUTLDppCJA8piQB 8PmnG6+CVD6TqR5p5NEoCTPs6YoMQKILiqg9LOY89cUjEe/glER1WydyBwpA8TK+nBlp RfASxJRdiEHq6Ja5r+PpKfQ/Rkua1zPAAvCZV1ir9Q08MSTCcDbwP5JRFnyPBRZqxaEt xWPLjP/ShFGvNwCOgRwkeVlZ0OxfIx5boFRHSQyNlBAVDb3gdxa6FPojbO1gAuRBfNPd q12w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709161156; x=1709765956; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=AEPqDrb3kuqBi4wlFiHmXpXFNsJMzopZPuYDXQBwtp8=; b=MpAqTIAqt8TbNftMlTc3WI0ir5W9A7sA1SupXs5Iq2q+tuiaJYWrmc0SirNTpqJwmP z3c4TtPzxq8YumXrFJRChH2SZpQeKzMDWq/gha8lOgTe978n7m5268Rf9wIkaMfu2Tad 9L+VjyastlS8cZpKihn0I0H+hcXYazJMqaE+kGtwKLS6ZeazfoiQpZv/tgFrA6F+qCDI 5tcLFizfNQmcnWhSmGwhRtnzHOJCepJeUCldi+eQ+v//GVCUfNGFnXgh2VUkkZlKh+bp D5WWtXv/rot1jLmbOq7tgySkpk8x176C/mM9Bcvw2KMtYMw0afImbg5Oirwg2qqGtt1R MZ9g== X-Forwarded-Encrypted: i=1; AJvYcCXYis0hJcmlARz9p6Iz4hvhRBLdLE+alfpUK81sC3fTwvKIrtJqrB0v8m5+GUzC1rIC2MkbmOtB+Vq/p30dbB4Omh8yKRgbD7w1v2PbX+GY X-Gm-Message-State: AOJu0YzMcD+OZuvlJz+V02FfHQwviELpd6BIANx/NklKnYN8x5VdgWmP Np/Q4Hj9kzQcXep8auClYmWQIrD1kLoS06ib115QAmNBsbmdUIPzAu5p595S8jIt6lhdonc1K+T o4nWwrJ3HRPvAd7o/lfU/9A== X-Google-Smtp-Source: AGHT+IH+AYAEjmtd2HEeqQ8tauvpcfTSBaCfiTSyn0oA8Q1wOY4uNUBXxv4dwpdfs73rhiHAaOwNYfrscLpmjQUwhA== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a81:7947:0:b0:609:3c14:b700 with SMTP id u68-20020a817947000000b006093c14b700mr99395ywc.5.1709161155734; Wed, 28 Feb 2024 14:59:15 -0800 (PST) Date: Wed, 28 Feb 2024 22:59:05 +0000 In-Reply-To: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1709161149; l=1839; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=Lddxx/7+zTRDdPfPCQR3m48LNdlBsdHAfzX1ldXLmxg=; b=4RsSr+qnPfhdDTcGycu17RdkJmrh4DmmUkOdoQw9koC5UujHTwsgQh/Uhx6IjYaCNsiCcGPX6 S20zo9iGEmOC/bLHTndhTRmKqABL888rxYhO1DTZe+hS+pjh43d3Vza X-Mailer: b4 0.12.3 Message-ID: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-5-dacebd3fcfa0@google.com> Subject: [PATCH v2 5/7] scsi: devinfo: replace strncpy and manual pad From: Justin Stitt To: Sathya Prakash Veerichetty , Kashyap Desai , Sumit Saxena , Sreekanth Reddy , "James E.J. Bottomley" , "Martin K. Petersen" , Suganath Prabu Subramani , Ariel Elior , Manish Chopra , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Saurav Kashyap , Javed Hasan , GR-QLogic-Storage-Upstream@marvell.com, Nilesh Javali , Manish Rangankar , Don Brace Cc: mpi3mr-linuxdrv.pdl@broadcom.com, linux-scsi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, Kees Cook , MPT-FusionLinux.pdl@broadcom.com, netdev@vger.kernel.org, storagedev@microchip.com, Justin Stitt Depending on the state of @compatible, we are going to do different things with our @to buffer. When @compatible is true we want a NUL-term'd and NUL-padded destination buffer. Conversely, if @compatible is false we just want a space-padded destination buffer (no NUL-term required). As per: /** * scsi_dev_info_list_add_keyed - add one dev_info list entry. * @compatible: if true, null terminate short strings. Otherwise space pad. ... Note that we can't easily use `strtomem_pad` here as the size of the @to buffer is unknown to the compiler due to indirection layers. Now, the intent of the code is more clear (I probably didn't even need to add a comment -- that's how clear it is). Signed-off-by: Justin Stitt --- drivers/scsi/scsi_devinfo.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/drivers/scsi/scsi_devinfo.c b/drivers/scsi/scsi_devinfo.c index 3fcaf10a9dfe..2d3dbce25629 100644 --- a/drivers/scsi/scsi_devinfo.c +++ b/drivers/scsi/scsi_devinfo.c @@ -293,14 +293,16 @@ static void scsi_strcpy_devinfo(char *name, char *to, size_t to_length, size_t from_length; from_length = strlen(from); - /* This zero-pads the destination */ - strncpy(to, from, to_length); - if (from_length < to_length && !compatible) { - /* - * space pad the string if it is short. - */ - memset(&to[from_length], ' ', to_length - from_length); - } + + /* + * null pad and null terminate if compatible + * otherwise space pad + */ + if (compatible) + strscpy_pad(to, from, to_length); + else + memcpy_and_pad(to, to_length, from, from_length, ' '); + if (from_length > to_length) printk(KERN_WARNING "%s: %s string '%s' is too long\n", __func__, name, from); From patchwork Wed Feb 28 22:59:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13576118 Received: from mail-il1-f201.google.com (mail-il1-f201.google.com [209.85.166.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A2B5415DBC7 for ; Wed, 28 Feb 2024 22:59:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161160; cv=none; b=PWoE+DKeF2gi7XDw/D6fJ0k4uIgQhRg7ZmZ1sMU+n66kX9xESiiOMbmKmba1QMAnSyCPYwDvVP02O7Z6wTRBgBqDl6aI9hXsDQ8IxM8a9C6/udYwm8iyCrlE9yg/NDldypu3foAjoOFAlbYECUvaZYMu1QEJYDDQxm2bRF4Qz4A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161160; c=relaxed/simple; bh=sByDsDMKp44vyq2pot5Hhxm/eaP0ttE9ltVB3LqVHFs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=QjOSvXrQMQL1cxe3LA3eDBwTC2q5fgjTUpEh3uYn+fSXv2t4Tqw2X1jPan+1lZfg5OpidmguLLERyeXKwnk97ZD557xUvGeEtiO4oUL9azTcWsJsh4qx/TF3IjwbYSmHE+1y4tUaO0X1Y9rKItlMgJapAO/pdFZ20jU2T2mqfDM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=x7FQIIbi; arc=none smtp.client-ip=209.85.166.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="x7FQIIbi" Received: by mail-il1-f201.google.com with SMTP id e9e14a558f8ab-36516d55c5fso3751465ab.2 for ; Wed, 28 Feb 2024 14:59:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709161157; x=1709765957; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=YAj5OZXxeaW4sKlBVmOyaWiE/dDaeK+k40BuTuu533I=; b=x7FQIIbiUTu8GEWN+AawAD1f6igoVfjJyAGlagzRpY4ZMwmrpQBQ370WbKMVvyJnip p9gK4lILU51xV0OTG+Lvb10hA1fIzcOUKq6L+GZjHVlVKNTQsu+e2WUhw/Ioadiuu7Eh cHiitHCRQ3PL8HP8gWrcViZIT8MUn13REIhbsGbC0ZKIVEOnTZD2pcORiLGTrWEo/GkD eGT9EFaOpFMEehUh+fi65Sz02YD6f7lSAsS3ZZsVDFLO/d6TOLGpPI3Q5VMoDPM1GlVX +5iksbasBiZp4rwR9GfEaYQc80Ika3S3bxBwFkR6QVLuuj66jo8A86wHRBNVFtgLPVVh XMig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709161157; x=1709765957; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=YAj5OZXxeaW4sKlBVmOyaWiE/dDaeK+k40BuTuu533I=; b=eMzQLlUUo8uot2ThDTsk4NuimATnOATesrM/KT7wFh3mii/3G0fw+foo5g2NEzjaR2 YwtR80R06ofwRbe1BATo9qX0nKGCIMf3f7Xfi4LtC4YclTiiIJ3DN5UKf29GQrEd0sDu z6H1HPbrWhFNNML6Ec4PnhVXlv1aHS5YxThSlArFKXuQoCfYyRTl60O1DLRj4a/NJUy8 Vf5UH9QaHpnYlFfs7TyNEu5mV1V6b5/PTT1YsVvvXM3Xs1oc9+7T2CNDgZrI2dnGYhLG OfSW9RdRrnFXFidO4JmKqF63t4wNj9KZVXtkZnDFG41Jq9ceCEnwn5kczONsU2izpJTt 1cTg== X-Forwarded-Encrypted: i=1; AJvYcCWVnLb3bvM8761G0G6pFJeSpQgGMsFhNIp1b0r/7DGtLIw1u7fvTfOY9Ity66ziHMsVdBZy/x3rc7p8EcUBkIiOisAJMLg6DLfZLrt0oVm3 X-Gm-Message-State: AOJu0YwRM9SBipKTynlfK0UNZv2VZ5SVFJ+mViQfL1c0OSy9mbewbr1V kCnpfkOkEqZp3iQOiI3cgd3IgUCvjdBu1g/fOCceztNwZp/NGlJIBhuaLHh4043tYRJWWWYX/Ev Lx05p5p5eUACWrGUVGZltcA== X-Google-Smtp-Source: AGHT+IHoQVSAKtTKWMR9HqVfcdvMQJ5TQ9kT4Qfz/mA8h9PaGzJ6iHCM0QJAjUXmqcpaYEmHg0FOvRz7HtCHG9nbhg== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a92:c563:0:b0:365:21f4:700d with SMTP id b3-20020a92c563000000b0036521f4700dmr34184ilj.2.1709161156751; Wed, 28 Feb 2024 14:59:16 -0800 (PST) Date: Wed, 28 Feb 2024 22:59:06 +0000 In-Reply-To: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1709161149; l=1441; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=sByDsDMKp44vyq2pot5Hhxm/eaP0ttE9ltVB3LqVHFs=; b=MQmDO4s1joPg8qz5k1DfkUDPX+8AhggVdiQ9eJscb4HSloFwaCNCdz/nFzT/ALueyz6YmZ8NY 6fbXI+QlUapD1QbsdKWY+t/Yuw1thXdsz72jHdrFaniAPlmI60I+0Zw X-Mailer: b4 0.12.3 Message-ID: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-6-dacebd3fcfa0@google.com> Subject: [PATCH v2 6/7] scsi: smartpqi: replace deprecated strncpy with strscpy From: Justin Stitt To: Sathya Prakash Veerichetty , Kashyap Desai , Sumit Saxena , Sreekanth Reddy , "James E.J. Bottomley" , "Martin K. Petersen" , Suganath Prabu Subramani , Ariel Elior , Manish Chopra , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Saurav Kashyap , Javed Hasan , GR-QLogic-Storage-Upstream@marvell.com, Nilesh Javali , Manish Rangankar , Don Brace Cc: mpi3mr-linuxdrv.pdl@broadcom.com, linux-scsi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, Kees Cook , MPT-FusionLinux.pdl@broadcom.com, netdev@vger.kernel.org, storagedev@microchip.com, Justin Stitt buffer->driver_version is sized 32: | struct bmic_host_wellness_driver_version { | ... | char driver_version[32]; ... the source string "Linux " + DRIVER_VERISON is sized at 16. There's really no bug in the existing code since the buffers are sized appropriately with great care taken to manually NUL-terminate the destination buffer. Nonetheless, let's make the swap over to strscpy() for robustness' (and readability's) sake. Signed-off-by: Justin Stitt --- drivers/scsi/smartpqi/smartpqi_init.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/drivers/scsi/smartpqi/smartpqi_init.c b/drivers/scsi/smartpqi/smartpqi_init.c index ceff1ec13f9e..bfe6f42e8e96 100644 --- a/drivers/scsi/smartpqi/smartpqi_init.c +++ b/drivers/scsi/smartpqi/smartpqi_init.c @@ -1041,9 +1041,8 @@ static int pqi_write_driver_version_to_host_wellness( buffer->driver_version_tag[1] = 'V'; put_unaligned_le16(sizeof(buffer->driver_version), &buffer->driver_version_length); - strncpy(buffer->driver_version, "Linux " DRIVER_VERSION, - sizeof(buffer->driver_version) - 1); - buffer->driver_version[sizeof(buffer->driver_version) - 1] = '\0'; + strscpy(buffer->driver_version, "Linux " DRIVER_VERSION, + sizeof(buffer->driver_version)); buffer->dont_write_tag[0] = 'D'; buffer->dont_write_tag[1] = 'W'; buffer->end_tag[0] = 'Z'; From patchwork Wed Feb 28 22:59:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Justin Stitt X-Patchwork-Id: 13576117 Received: from mail-il1-f202.google.com (mail-il1-f202.google.com [209.85.166.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A36F57D083 for ; Wed, 28 Feb 2024 22:59:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161160; cv=none; b=fX1cxrVY9F/g95GP7Q9Ljb4aSSMgki7hi5ucqABCaZ0d8eiskKpBI2AvDN+ZGiKGAVHXC8OPGhGaHCo1exwboWTwIaEc4IdypuUIgdyU8sqv32dX977jecoL3/PpXtdxSrR4QHAvZrNUOGwqYFEqAtc3edR0EGkpGqLBUup7f6g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709161160; c=relaxed/simple; bh=lLsSWUlgp7HueQKOzwtJI79py/7OoTHxtK4sEEcMNNg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=CrTPPePpQnYZxd3eZfL9sc20gCB39iI6oA9ogVR+KUgX9q2ivbmuXTEhqdAMFneR+BbrRL0ibF/R+PJqpI2fwHSJ0Ja1DJSjTmfqMZ9nZWLS98J4MKZWD8Y3kvorUfRtsWS+dug0vcJ+5zTN8jAqQENoK8R3CVXuQVbNecUXNqo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Do6crlRz; arc=none smtp.client-ip=209.85.166.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--justinstitt.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Do6crlRz" Received: by mail-il1-f202.google.com with SMTP id e9e14a558f8ab-3657bb7b9d2so4966675ab.2 for ; Wed, 28 Feb 2024 14:59:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709161158; x=1709765958; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=HhfHnaxbWsSYThMRH7N1siBwLrWUAgtSctM6HfRV2Ag=; b=Do6crlRzhDsizeNjHwbDPNw+B4lVIEE0TsBpogvqy/DEpNJkzRPpOnRxXtLHYjgsV1 zn1egIRppZAfZpOMPonIF1AwJWsckjNngRcegPehVpjM6A5OVSYE15UNuOTDIDuGDt9m 3I5KeQ5cYvz3KNMGfvfcUxnpymB1B7RRpc6sLB5ypFWONCH/nh5ig9p2c6oXmdk0ksJq sXMaQH3c1vAfCJdlA/+LAJJC/Tc49nv+920AU8TmSHEdY9/GUbrEzK7OHr3SYLvu37fK ws0QMRN0iO8dZRoQ23zjteUqdaIHS6l/I8OXAi+qA50MU413sXJj9I8v5zP/VQWM5H/V eFVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709161158; x=1709765958; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=HhfHnaxbWsSYThMRH7N1siBwLrWUAgtSctM6HfRV2Ag=; b=bezkbIz8q695WQBxQF4dIlbmlIS36rPJOaHGbUoHofjzvxdwJrb9wOfdeL/MUzoxui c+uYEsPFXnhRzKiv3cFCxngKMNm59gydjqmm9n7x0GzDujo8FdD830Fmho5mVMTy9CGv Tp0KV/Ir2Q+/nl4ABtWm9OXhjDsrv1Gmsd07Fr6TtZXBtEu5J2lVz81IpANb/2vtvFXN mouYKtiOMxc2VmtBAMKBQrK+VivorK7RLGLhytNoUUma1A0D5V5AXN9scyMIfrkA6pGj PorpMP7NCthY3k5q3M4SB9Cadcpm7B9FCFachBY/l7kRFTzTQXXnHy1Bz71yQ2k3Z0ib OJkw== X-Forwarded-Encrypted: i=1; AJvYcCVur9Lyzxm7IZart/8AyHZclpAU4IV6hNrcPNxiqw82UvZ8F4ak0njcASAMMYZPe5cyDYhBKmK8gZSW7WKMaop/6qx5pok6qHY9ID9msaaW X-Gm-Message-State: AOJu0Yyr3BqzoOCVMvtm3ecQpHXNtVtL9g+4Y+t75iJVdULZuU9fl01E fzmvilS3bgsPls04aD5LBPfQfXBtPPUdTghAuxuWJbhzbc/m0BQfVYT5ZR4U8CjdeVqlvaQj/pl b4Ogyfxj64OodJrajwbTflg== X-Google-Smtp-Source: AGHT+IEIrIDo5sTt6gMSCiyyslq0yK1A1xLzdyJOiaImV0GkhHuEn6/P8wZRb8UKtb0X7RlT7oI9X/gwcnVP4zsqSQ== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a05:6e02:1c42:b0:365:1f2b:7be8 with SMTP id d2-20020a056e021c4200b003651f2b7be8mr40548ilg.5.1709161157889; Wed, 28 Feb 2024 14:59:17 -0800 (PST) Date: Wed, 28 Feb 2024 22:59:07 +0000 In-Reply-To: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-0-dacebd3fcfa0@google.com> X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1709161149; l=1256; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=lLsSWUlgp7HueQKOzwtJI79py/7OoTHxtK4sEEcMNNg=; b=O/Y8/j91ffHOW/H1lkp7P7xEh0IoohQDvBGDW0wX5DBkBQO3wENCK+STBh6SvA2jO4s+2rUiC /3kFM5uAc+ABhNpGPSm9eO2vRTlpeqKmRKJ1d1onyaPQI7F48pNtHxB X-Mailer: b4 0.12.3 Message-ID: <20240228-strncpy-drivers-scsi-mpi3mr-mpi3mr_fw-c-v2-7-dacebd3fcfa0@google.com> Subject: [PATCH v2 7/7] scsi: wd33c93: replace deprecated strncpy with strscpy From: Justin Stitt To: Sathya Prakash Veerichetty , Kashyap Desai , Sumit Saxena , Sreekanth Reddy , "James E.J. Bottomley" , "Martin K. Petersen" , Suganath Prabu Subramani , Ariel Elior , Manish Chopra , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Saurav Kashyap , Javed Hasan , GR-QLogic-Storage-Upstream@marvell.com, Nilesh Javali , Manish Rangankar , Don Brace Cc: mpi3mr-linuxdrv.pdl@broadcom.com, linux-scsi@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, Kees Cook , MPT-FusionLinux.pdl@broadcom.com, netdev@vger.kernel.org, storagedev@microchip.com, Justin Stitt @p1 is assigned to @setup_buffer and then we manually assign a NUL-byte at the first index. This renders the following strlen() call useless. Moreover, we don't need to reassign p1 to setup_buffer for any reason -- neither do we need to manually set a NUL-byte at the end. strscpy() resolves all this code making it easier to read. Even considering the path where @str is falsey, the manual NUL-byte assignment is useless as setup_buffer is declared with static storage duration in the top-level scope which should NUL-initialize the whole buffer. Signed-off-by: Justin Stitt --- drivers/scsi/wd33c93.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/scsi/wd33c93.c b/drivers/scsi/wd33c93.c index e4fafc77bd20..a44b60c9004a 100644 --- a/drivers/scsi/wd33c93.c +++ b/drivers/scsi/wd33c93.c @@ -1721,9 +1721,7 @@ wd33c93_setup(char *str) p1 = setup_buffer; *p1 = '\0'; if (str) - strncpy(p1, str, SETUP_BUFFER_SIZE - strlen(setup_buffer)); - setup_buffer[SETUP_BUFFER_SIZE - 1] = '\0'; - p1 = setup_buffer; + strscpy(p1, str, SETUP_BUFFER_SIZE); i = 0; while (*p1 && (i < MAX_SETUP_ARGS)) { p2 = strchr(p1, ',');