Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp1760535ybi; Wed, 3 Jul 2019 22:57:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqx7W2gkc/noW4hUTBzZpChZ9kDv03wAZGdtlzjH7R0ht/YgDigyIXOtZa9nClcl8v7RG3lx X-Received: by 2002:a63:db4b:: with SMTP id x11mr41063334pgi.254.1562219824675; Wed, 03 Jul 2019 22:57:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562219824; cv=none; d=google.com; s=arc-20160816; b=yEuerUY8xh2A470I6uU3JrLNXZBjTaQcsRc2Gcr2raoKqOzmkxSPL4MCjDdSmQpj7a d+rZtiFVWSpBOtZoB7bj4gxLzcOuG6+QkKsq2WkRRW9mkrKAavLE3oCv08zafTtTnIWh 0QZc3W2qeFE/yZ/nEi2F0XP7BbLpoBLozFWNM+xz7wQr6trVtp2U0FgssmNkHRfnr++l reMJL8kG9nAep6iHzWCWXi7LmbmTDfyQnuTYlZge3MoYh58SAPakzOyBBrljNvx7CMyI mb7Iy7JwmXEKS68vw1UyroG8uHGGwt4UbBJdS/n1k9qRZFtcyhbN8cISNJKPMxk9SgWV K39A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=aA/wR+pGLL6/oqq7LkqZY9E7/9MxFhoCY3juTZVdyns=; b=tPBGS0l2psmEgix2mJFt0ZIdIqFfw3xaBdq0oFlCjQMSDARsb5kJZ6cNxzMZTLVBPn owfY8mIQucFLvhLHz7u5Fnn+6/bVy/METHJZbDBGg4scD8mfYXtXyt1BI+iNeSF51RF+ kxlcZrLFIwV+g8LCw+Q8LgDKN6YXr1gFlwASVYaBmmE7zH5GZC4TboxpL/jxXvKMq+rA KKW4ic/TIjhPIu491PcygpLaNgWUZIOiOpELwvOpj8UCq3AMIv11n4Tm/PjV01iU5mBt zDKX1qpKG8CMAlfzPik6t/NY20BYgsIt5tFMclQ+xCAX80jUWXJf9RxrQZk6enoMhJ1l 0wHQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f17si4302745pgv.338.2019.07.03.22.56.49; Wed, 03 Jul 2019 22:57:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727241AbfGDFzv (ORCPT + 99 others); Thu, 4 Jul 2019 01:55:51 -0400 Received: from mga05.intel.com ([192.55.52.43]:17596 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725879AbfGDFzv (ORCPT ); Thu, 4 Jul 2019 01:55:51 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Jul 2019 22:55:51 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.63,449,1557212400"; d="scan'208";a="164547665" Received: from pedapalapati-ip.iind.intel.com ([10.106.124.123]) by fmsmga008.fm.intel.com with ESMTP; 03 Jul 2019 22:55:48 -0700 From: Nitin Gote To: akpm@linux-foundation.org Cc: corbet@lwn.net, apw@canonical.com, joe@perches.com, keescook@chromium.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Nitin Gote Subject: [PATCH] checkpatch: Added warnings in favor of strscpy(). Date: Thu, 4 Jul 2019 11:24:43 +0530 Message-Id: <1562219683-15474-1-git-send-email-nitin.r.gote@intel.com> X-Mailer: git-send-email 2.7.4 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Added warnings in checkpatch.pl script to : 1. Deprecate strcpy() in favor of strscpy(). 2. Deprecate strlcpy() in favor of strscpy(). 3. Deprecate strncpy() in favor of strscpy() or strscpy_pad(). Updated strncpy() section in Documentation/process/deprecated.rst to cover strscpy_pad() case. Signed-off-by: Nitin Gote --- This patch is already reviewed by mailing list kernel-hardening@lists.openwall.com. Refer below link Acked-by: Kees Cook Documentation/process/deprecated.rst | 6 +++--- scripts/checkpatch.pl | 5 +++++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/Documentation/process/deprecated.rst b/Documentation/process/deprecated.rst index 49e0f64..f564de3 100644 --- a/Documentation/process/deprecated.rst +++ b/Documentation/process/deprecated.rst @@ -93,9 +93,9 @@ will be NUL terminated. This can lead to various linear read overflows and other misbehavior due to the missing termination. It also NUL-pads the destination buffer if the source contents are shorter than the destination buffer size, which may be a needless performance penalty for callers using -only NUL-terminated strings. The safe replacement is :c:func:`strscpy`. -(Users of :c:func:`strscpy` still needing NUL-padding will need an -explicit :c:func:`memset` added.) +only NUL-terminated strings. In this case, the safe replacement is +:c:func:`strscpy`. If, however, the destination buffer still needs +NUL-padding, the safe replacement is :c:func:`strscpy_pad`. If a caller is using non-NUL-terminated strings, :c:func:`strncpy()` can still be used, but destinations should be marked with the `__nonstring diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 342c7c7..3d80967 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -595,6 +595,11 @@ our %deprecated_apis = ( "rcu_barrier_sched" => "rcu_barrier", "get_state_synchronize_sched" => "get_state_synchronize_rcu", "cond_synchronize_sched" => "cond_synchronize_rcu", + "strcpy" => "strscpy", + "strlcpy" => "strscpy", + "strncpy" => "strscpy, strscpy_pad or for + non-NUL-terminated strings, strncpy() can still be used, but + destinations should be marked with the __nonstring", ); #Create a search pattern for all these strings to speed up a loop below -- 2.7.4