From patchwork Thu Feb  6 21:40:06 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kees Cook <kees@kernel.org>
X-Patchwork-Id: 13963802
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
 [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id F1BDA22258C;
	Thu,  6 Feb 2025 21:40:15 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=10.30.226.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1738878016; cv=none;
 b=mOSqvj1UmGSFaemYbLZr9nDUmHV4Jqf4tF6JDayx3D8z6Kltw4vdRutc1Bv7naHcqCCfwxm18D/gkQNFy0b6J6HHjaqOZtk0fVxSz0NIEQiycOkQ4fyBf++bQPTEz/C+D0ruUYCet7HaDWUe22zdKJM8MKqmAPGyZiBAO1rVhe4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1738878016; c=relaxed/simple;
	bh=P1UAjQd1l2dAgqnIpG6GPaB80SIlk338qZkETPRnzWI=;
	h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:
	 MIME-Version;
 b=hvxOI6k/FLK7UqO5BDCW3HBSoQZzg3y9rZhgnWglkAkCd6sDErVSABPrURNEQNyKoESCvpNl7n3FTEfTvgPBKmLmWkiRe43TPc9jHdLGG/AU5SfERl7jHNmJlcz3vw2mnIa6u4OE2ci6Fl5mtxbHG3hilZhwxQK5R7ZE9QJ3qMs=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b=hN85njkj; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b="hN85njkj"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 70F09C4CEE0;
	Thu,  6 Feb 2025 21:40:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1738878015;
	bh=P1UAjQd1l2dAgqnIpG6GPaB80SIlk338qZkETPRnzWI=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=hN85njkjddnNpm2GyrEYgAXAA3SqwB9ZUnRKswL0q8gNvzB24+sOAFpMdqTgm+XYe
	 ie2pC7yGbevoQC7t5hCf13UGJ5y7jeVNYrYEhSj/md5rqlmS1tABm148rHuGG+spIe
	 13c0oaQVFZsRUq0S5GQk0klJEhn56RIaj2vI8JRr3v3JTb1SOq2aYJhczs3hpyPVRv
	 WbZzZb8xqAbiUoAy9fByGJNf1EO+RLl+PofYG+dT2M6eMyVYy7s22svwseVKjtvVFS
	 y/OWzbm3AaxRUrNXCJe+MuJB3teNW/IKtvkV3KVJ4C4QL4Hv6nEOujuKpvwcYcMKbl
	 tUoLRj6Hi4tqg==
From: Kees Cook <kees@kernel.org>
To: Suren Baghdasaryan <surenb@google.com>
Cc: Kees Cook <kees@kernel.org>,
	Miguel Ojeda <ojeda@kernel.org>,
	Kent Overstreet <kent.overstreet@linux.dev>,
	kernel test robot <lkp@intel.com>,
	Andy Shevchenko <andy@kernel.org>,
	Luc Van Oostenryck <luc.vanoostenryck@gmail.com>,
	Nathan Chancellor <nathan@kernel.org>,
	Nick Desaulniers <ndesaulniers@google.com>,
	Bill Wendling <morbo@google.com>,
	Justin Stitt <justinstitt@google.com>,
	Philipp Reisner <philipp.reisner@linbit.com>,
	linux-kernel@vger.kernel.org,
	linux-hardening@vger.kernel.org,
	llvm@lists.linux.dev
Subject: [PATCH v2 1/3] compiler.h: Move C string helpers into C-only kernel
 section
Date: Thu,  6 Feb 2025 13:40:06 -0800
Message-Id: <20250206214014.3567372-1-kees@kernel.org>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250206213532.it.087-kees@kernel.org>
References: <20250206213532.it.087-kees@kernel.org>
Precedence: bulk
X-Mailing-List: linux-hardening@vger.kernel.org
List-Id: <linux-hardening.vger.kernel.org>
List-Subscribe: <mailto:linux-hardening+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-hardening+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Developer-Signature: v=1; a=openpgp-sha256; l=2418; i=kees@kernel.org;
 h=from:subject; bh=P1UAjQd1l2dAgqnIpG6GPaB80SIlk338qZkETPRnzWI=;
 b=owGbwMvMwCVmps19z/KJym7G02pJDOlLdcyM51m7PQth3C61trxw1tyCsLU5QuHi/QdFPh6as
 21GyOE9HaUsDGJcDLJiiixBdu5xLh5v28Pd5yrCzGFlAhnCwMUpABMRW83wP4010WhSEJ+A1xb9
 tVwftW+1sW/deaS+g4FJhzvx2h3ZQEaGv696LL2/P6tPvB3+eNKOR0qh810rp4ryi0+4ySYaez6
 fHwA=
X-Developer-Key: i=kees@kernel.org; a=openpgp;
 fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026

The C kernel helpers for evaluating C Strings were positioned where they
were visible to assembly inclusion, which was not intended. Move them
into the kernel and C-only area of the header so future changes won't
confuse the assembler.

Fixes: d7a516c6eeae ("compiler.h: Fix undefined BUILD_BUG_ON_ZERO()")
Fixes: 559048d156ff ("string: Check for "nonstring" attribute on strscpy() arguments")
Reviewed-by: Miguel Ojeda <ojeda@kernel.org>
Signed-off-by: Kees Cook <kees@kernel.org>
---
 include/linux/compiler.h | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/include/linux/compiler.h b/include/linux/compiler.h
index 240c632c5b95..7af999a131cb 100644
--- a/include/linux/compiler.h
+++ b/include/linux/compiler.h
@@ -214,6 +214,19 @@ void ftrace_likely_update(struct ftrace_likely_data *f, int val,
 	__v;								\
 })
 
+#ifdef __CHECKER__
+#define __BUILD_BUG_ON_ZERO_MSG(e, msg) (0)
+#else /* __CHECKER__ */
+#define __BUILD_BUG_ON_ZERO_MSG(e, msg) ((int)sizeof(struct {_Static_assert(!(e), msg);}))
+#endif /* __CHECKER__ */
+
+/* &a[0] degrades to a pointer: a different type from an array */
+#define __must_be_array(a)	__BUILD_BUG_ON_ZERO_MSG(__same_type((a), &(a)[0]), "must be array")
+
+/* Require C Strings (i.e. NUL-terminated) lack the "nonstring" attribute. */
+#define __must_be_cstr(p) \
+	__BUILD_BUG_ON_ZERO_MSG(__annotated(p, nonstring), "must be cstr (NUL-terminated)")
+
 #endif /* __KERNEL__ */
 
 /**
@@ -254,19 +267,6 @@ static inline void *offset_to_ptr(const int *off)
 
 #define __ADDRESSABLE_ASM_STR(sym) __stringify(__ADDRESSABLE_ASM(sym))
 
-#ifdef __CHECKER__
-#define __BUILD_BUG_ON_ZERO_MSG(e, msg) (0)
-#else /* __CHECKER__ */
-#define __BUILD_BUG_ON_ZERO_MSG(e, msg) ((int)sizeof(struct {_Static_assert(!(e), msg);}))
-#endif /* __CHECKER__ */
-
-/* &a[0] degrades to a pointer: a different type from an array */
-#define __must_be_array(a)	__BUILD_BUG_ON_ZERO_MSG(__same_type((a), &(a)[0]), "must be array")
-
-/* Require C Strings (i.e. NUL-terminated) lack the "nonstring" attribute. */
-#define __must_be_cstr(p) \
-	__BUILD_BUG_ON_ZERO_MSG(__annotated(p, nonstring), "must be cstr (NUL-terminated)")
-
 /*
  * This returns a constant expression while determining if an argument is
  * a constant expression, most importantly without evaluating the argument.

From patchwork Thu Feb  6 21:40:07 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kees Cook <kees@kernel.org>
X-Patchwork-Id: 13963801
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
 [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id F1B6722257E;
	Thu,  6 Feb 2025 21:40:15 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=10.30.226.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1738878016; cv=none;
 b=uX76Wc9sFy91OyZM80moMdq/sjx+JPcMea6aX1ibNAdK/GDRkIz50bBtah8vV98hgB7993qTXdNWAT2daqYGcOAgPOv55VMkgYL41JE28JalV38kHe/PFh3EP8m66bxafNPtYnedi8Km3a1TquU9mDHvRaCQrxpqgM4Upb2bkVQ=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1738878016; c=relaxed/simple;
	bh=wTdFK+jD3ufoM9me7Aq67Q7K2Pigcx8UjpsokDHiCaY=;
	h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:
	 MIME-Version;
 b=N+mChNBYGwRFCVLvzxF8kTmpJK6FjQI74u1RuUh9OPkTkUWsjttoCa4L2h1EOr0dI5PUQ5LNVQ5Lgns8f29J5J3GdXP8OHqq5avTyMfC64uqkLNvU0sFSBt2kXz+9mWzwKOVnlowdSv39RGYbaxz8dpXHiqV6/AchgQtt4y1Sxc=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b=hbXKBghm; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b="hbXKBghm"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7DAADC4CEE2;
	Thu,  6 Feb 2025 21:40:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1738878015;
	bh=wTdFK+jD3ufoM9me7Aq67Q7K2Pigcx8UjpsokDHiCaY=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=hbXKBghm+qbdMvdw81r1lsnZLIoDZl8D5Ii0/7Ks9Ft7sv9wrx5YNaS3tXDq/hgty
	 YC8Q6ZNAECMZyV4azX7Wzp29v86FyQMo32FpJgDBu1/5sh+yRKcO8wq+KAuKmKKNy3
	 dt0up2hJSh+3VEakg4g7mGt4oJKZTW7HTfvG+29mX64AI0ykndFEpR8UYGfjcn7qMo
	 3T5mtQ8thZkaV//3LGyPhIaDal8XkRhx5KdAaWLYDrUrSmrpaujJbbuoEPOKg+x4QM
	 go+gcLzMuU1f+bEy0zErvdtqk8emodnViMk5eSH9WBjl4+H9aIwP74gCt2m/qj/9hS
	 1y+aipVkvP/Hw==
From: Kees Cook <kees@kernel.org>
To: Suren Baghdasaryan <surenb@google.com>
Cc: Kees Cook <kees@kernel.org>,
	Kent Overstreet <kent.overstreet@linux.dev>,
	Miguel Ojeda <ojeda@kernel.org>,
	kernel test robot <lkp@intel.com>,
	Andy Shevchenko <andy@kernel.org>,
	Luc Van Oostenryck <luc.vanoostenryck@gmail.com>,
	Nathan Chancellor <nathan@kernel.org>,
	Nick Desaulniers <ndesaulniers@google.com>,
	Bill Wendling <morbo@google.com>,
	Justin Stitt <justinstitt@google.com>,
	Philipp Reisner <philipp.reisner@linbit.com>,
	linux-kernel@vger.kernel.org,
	linux-hardening@vger.kernel.org,
	llvm@lists.linux.dev
Subject: [PATCH v2 2/3] compiler.h: Introduce __must_be_byte_array()
Date: Thu,  6 Feb 2025 13:40:07 -0800
Message-Id: <20250206214014.3567372-2-kees@kernel.org>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250206213532.it.087-kees@kernel.org>
References: <20250206213532.it.087-kees@kernel.org>
Precedence: bulk
X-Mailing-List: linux-hardening@vger.kernel.org
List-Id: <linux-hardening.vger.kernel.org>
List-Subscribe: <mailto:linux-hardening+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-hardening+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Developer-Signature: v=1; a=openpgp-sha256; l=1276; i=kees@kernel.org;
 h=from:subject; bh=wTdFK+jD3ufoM9me7Aq67Q7K2Pigcx8UjpsokDHiCaY=;
 b=owGbwMvMwCVmps19z/KJym7G02pJDOlLdcxPHFATtbyYF3NuprAdb95Vu1gHraUPeL/+bW/PN
 /hRaSLSUcrCIMbFICumyBJk5x7n4vG2Pdx9riLMHFYmkCEMXJwCMJF0MYb/3vperxI6WJZ9PXBA
 lY1Lm2fTFsZFcT/LkgRXeOXJn9BfxshwqHpWs83Oo+9mMDPZxkx8kPvnAv8s2ytbUg5FSEj7pIY
 wAgA=
X-Developer-Key: i=kees@kernel.org; a=openpgp;
 fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026

In preparation for adding stricter type checking to the str/mem*()
helpers, provide a way to check that a variable is a byte array
via __must_be_byte_array().

Suggested-by: Kent Overstreet <kent.overstreet@linux.dev>
Signed-off-by: Kees Cook <kees@kernel.org>
---
 include/linux/compiler.h | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/include/linux/compiler.h b/include/linux/compiler.h
index 7af999a131cb..1c0688319435 100644
--- a/include/linux/compiler.h
+++ b/include/linux/compiler.h
@@ -221,7 +221,13 @@ void ftrace_likely_update(struct ftrace_likely_data *f, int val,
 #endif /* __CHECKER__ */
 
 /* &a[0] degrades to a pointer: a different type from an array */
-#define __must_be_array(a)	__BUILD_BUG_ON_ZERO_MSG(__same_type((a), &(a)[0]), "must be array")
+#define __is_array(a)		(!__same_type((a), &(a)[0]))
+#define __must_be_array(a)	__BUILD_BUG_ON_ZERO_MSG(!__is_array(a), \
+							"must be array")
+
+#define __is_byte_array(a)	(__is_array(a) && sizeof((a)[0]) == 1)
+#define __must_be_byte_array(a)	__BUILD_BUG_ON_ZERO_MSG(!__is_byte_array(a), \
+							"must be byte array")
 
 /* Require C Strings (i.e. NUL-terminated) lack the "nonstring" attribute. */
 #define __must_be_cstr(p) \

From patchwork Thu Feb  6 21:40:08 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kees Cook <kees@kernel.org>
X-Patchwork-Id: 13963803
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org
 [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id F1C2D222591;
	Thu,  6 Feb 2025 21:40:15 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=10.30.226.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1738878016; cv=none;
 b=Hr4YVckvtB/mXKryM8QJFdy6VXTdbTWCObQ6FDN2JP/2C1MzAIlnFBNOUiExLQq1whgiWhIaHcm45yMnXVckHPK7Qp8r9ndkvg+AMisG5LC4zvm9WudaBCLTPCL9jI7TN99Guv/LVe1Dsg7wjQblahUbJC+1I6gYYf1PTogEQz8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1738878016; c=relaxed/simple;
	bh=78wBv+9G2VAp0kLDdXBV3e2olGRXqyDiAENcay93QmU=;
	h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:
	 MIME-Version;
 b=XxB2+V8TwvZ3inRZHXFFJI3+zXEnWNLFIliIKjifB140lqG8J8UxDRi4q9w1XefT0ZLcKUPhT6JQTVNruEir3Tobj/gjP26rSkMhfWqB9ug5k/809ybOmFpo+yHw3VmOJSbpqlPflB1GHMw7sfG0mbYhmjnFnhzi7RXqSRVRm7s=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b=aCapocjT; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org
 header.b="aCapocjT"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 80BBCC4CEE3;
	Thu,  6 Feb 2025 21:40:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1738878015;
	bh=78wBv+9G2VAp0kLDdXBV3e2olGRXqyDiAENcay93QmU=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=aCapocjTUW0bLcHO2dxCdYtT6Z5+Pur7RgkZsr3gc8oAaEGJ1bZN3BjXnxie1hsDK
	 6wbUTZ9XvHW8x0sXB4pOkQ8n8/sZY3IexkItUEjG6INHw9As1cOLjGgAJE33eKoQvc
	 XDGW+WFFc9FTEy3bz1OOGSRHm2vCHDNJJv4vyDw0xBP2rEOHEXw+MBO3e14H4AyGuz
	 akrcsu8dsHSO8CNs0HsOKQS8rqdFR18jiF90Sx15OABMkMoGUmUGLGDqAu3FR34pSe
	 UJfFhaKe0mobCzLSTqQHMJ+gtNuUHliCmQxPcD/9SVeslzv76dR7XLv91jLfqPU1HY
	 rhETZRVJa8A/A==
From: Kees Cook <kees@kernel.org>
To: Suren Baghdasaryan <surenb@google.com>
Cc: Kees Cook <kees@kernel.org>,
	kernel test robot <lkp@intel.com>,
	Kent Overstreet <kent.overstreet@linux.dev>,
	nathan@kernel.org,
	Andy Shevchenko <andy@kernel.org>,
	linux-hardening@vger.kernel.org,
	Miguel Ojeda <ojeda@kernel.org>,
	Luc Van Oostenryck <luc.vanoostenryck@gmail.com>,
	Nick Desaulniers <ndesaulniers@google.com>,
	Bill Wendling <morbo@google.com>,
	Justin Stitt <justinstitt@google.com>,
	Philipp Reisner <philipp.reisner@linbit.com>,
	linux-kernel@vger.kernel.org,
	llvm@lists.linux.dev
Subject: [PATCH v2 3/3] string.h: Use ARRAY_SIZE() for memtostr*()/strtomem*()
Date: Thu,  6 Feb 2025 13:40:08 -0800
Message-Id: <20250206214014.3567372-3-kees@kernel.org>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250206213532.it.087-kees@kernel.org>
References: <20250206213532.it.087-kees@kernel.org>
Precedence: bulk
X-Mailing-List: linux-hardening@vger.kernel.org
List-Id: <linux-hardening.vger.kernel.org>
List-Subscribe: <mailto:linux-hardening+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-hardening+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Developer-Signature: v=1; a=openpgp-sha256; l=3189; i=kees@kernel.org;
 h=from:subject; bh=78wBv+9G2VAp0kLDdXBV3e2olGRXqyDiAENcay93QmU=;
 b=owGbwMvMwCVmps19z/KJym7G02pJDOlLdczDhVbMnVuqFL2Dt6BbP+XT96rm3cqmL++vePTY/
 b71OmHXjlIWBjEuBlkxRZYgO/c4F4+37eHucxVh5rAygQxh4OIUgImoTGT4p2u2cdrvRo27Igaz
 u49fd/godPb4vzlbSnef1yhhdymfoMzwT/mA8HM31qubcm5JxPW9ONYj931z1lXTyfN6FKc71/S
 xMAIA
X-Developer-Key: i=kees@kernel.org; a=openpgp;
 fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026

The destination argument of memtostr*() and strtomem*() must be a
fixed-size char array at compile time, so there is no need to use
__builtin_object_size() (which is useful for when an argument is
either a pointer or unknown). Instead use ARRAY_SIZE(), which has the
benefit of working around a bug in Clang (fixed[1] in 15+) that got
__builtin_object_size() wrong sometimes.

Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202501310832.kiAeOt2z-lkp@intel.com/
Suggested-by: Kent Overstreet <kent.overstreet@linux.dev>
Link: https://github.com/llvm/llvm-project/commit/d8e0a6d5e9dd2311641f9a8a5d2bf90829951ddc [1]
Signed-off-by: Kees Cook <kees@kernel.org>
Tested-by: Suren Baghdasaryan <surenb@google.com>
---
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: nathan@kernel.org
Cc: Andy Shevchenko <andy@kernel.org>
Cc: linux-hardening@vger.kernel.org
---
 include/linux/string.h | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/include/linux/string.h b/include/linux/string.h
index 493ac4862c77..fc5ae145bd78 100644
--- a/include/linux/string.h
+++ b/include/linux/string.h
@@ -411,7 +411,8 @@ void memcpy_and_pad(void *dest, size_t dest_len, const void *src, size_t count,
  * must be discoverable by the compiler.
  */
 #define strtomem_pad(dest, src, pad)	do {				\
-	const size_t _dest_len = __builtin_object_size(dest, 1);	\
+	const size_t _dest_len = __must_be_byte_array(dest) +		\
+				 ARRAY_SIZE(dest);			\
 	const size_t _src_len = __builtin_object_size(src, 1);		\
 									\
 	BUILD_BUG_ON(!__builtin_constant_p(_dest_len) ||		\
@@ -434,7 +435,8 @@ void memcpy_and_pad(void *dest, size_t dest_len, const void *src, size_t count,
  * must be discoverable by the compiler.
  */
 #define strtomem(dest, src)	do {					\
-	const size_t _dest_len = __builtin_object_size(dest, 1);	\
+	const size_t _dest_len = __must_be_byte_array(dest) +		\
+				 ARRAY_SIZE(dest);			\
 	const size_t _src_len = __builtin_object_size(src, 1);		\
 									\
 	BUILD_BUG_ON(!__builtin_constant_p(_dest_len) ||		\
@@ -453,7 +455,8 @@ void memcpy_and_pad(void *dest, size_t dest_len, const void *src, size_t count,
  * Note that sizes of @dest and @src must be known at compile-time.
  */
 #define memtostr(dest, src)	do {					\
-	const size_t _dest_len = __builtin_object_size(dest, 1);	\
+	const size_t _dest_len = __must_be_byte_array(dest) +		\
+				 ARRAY_SIZE(dest);			\
 	const size_t _src_len = __builtin_object_size(src, 1);		\
 	const size_t _src_chars = strnlen(src, _src_len);		\
 	const size_t _copy_len = min(_dest_len - 1, _src_chars);	\
@@ -478,7 +481,8 @@ void memcpy_and_pad(void *dest, size_t dest_len, const void *src, size_t count,
  * Note that sizes of @dest and @src must be known at compile-time.
  */
 #define memtostr_pad(dest, src)		do {				\
-	const size_t _dest_len = __builtin_object_size(dest, 1);	\
+	const size_t _dest_len = __must_be_byte_array(dest) +		\
+				 ARRAY_SIZE(dest);			\
 	const size_t _src_len = __builtin_object_size(src, 1);		\
 	const size_t _src_chars = strnlen(src, _src_len);		\
 	const size_t _copy_len = min(_dest_len - 1, _src_chars);	\