Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp8877957ybi;
        Tue, 23 Jul 2019 17:14:29 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzYpfMEaWH01mVX5CTOmkeHBLM5i2QiziAL4l+8OBJhLOZeL7GNdAilVw84N8s/g78z1kZp
X-Received: by 2002:a63:5452:: with SMTP id e18mr62470759pgm.232.1563927268926;
        Tue, 23 Jul 2019 17:14:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1563927268; cv=none;
        d=google.com; s=arc-20160816;
        b=m0FzAfpvYiYYdZyvWyjf5KZts6im8KHVElciOVT+0CSNYxuYs37833/6aZ21vHOY3n
         N9ug1AG6lMV4z6Vn2yKOHoqFS7IvPMcDUY4aplr3djxwXk7lwkMMUuxKsgInzWfJB8zV
         SWXUPYg+V+O08iZqOHlHObCRo70wfzSVFPaG0W7ktc/qOBVg0qUN17BC5dC2Gz4rjaE7
         hanWrBoL9fFxmjCmKLJzC1KLErJTDQNFSkmWZJnW7fiPKRG8CcsLU8luLcpEi75PFpzQ
         icInpuL6SNBzNHbiYmiHVBxK0FLbJjehv/DuVHNsrVqL8XhmwcPglnU/G53smyC01V+T
         ICgg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature;
        bh=YBcNl1Cx1gVNSGn+Kq9310BI1gMrWUUWqNCvZ/2rb/s=;
        b=OpHkSZmOzzdWON0vAD/DRfTKig+eNKpWx87R1yO+iF1O0ma+AlV7VxsRKr75fB7gMg
         8PA9noPsNEVjGeNtucMbLLCGC3HaoDGj9gBnJV8o+5DHdJTpR1tTLki2GCCOodKAKXh5
         xnrSAG8KjEi58jz5dPkRJl1JPcpkVyoRddfH9YiWqNIBuieuVTgoa/l3zs8FHwtZaerB
         zm/yQ+KN3gjOpwS+zCuBQpswy0VnSJgZAac3BS6a1P+2fGfNW3BuEsCq/epKEN95UhZ3
         9Nf596xKoyjuksmNUSgzUiFlcrSYmFPt5zk+NZV11DqDLMAcuIPZsVJS/SBNxAkr7oAj
         5ndw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=RRbq2pjM;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d39si10974952pla.371.2019.07.23.17.14.13;
        Tue, 23 Jul 2019 17:14:28 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@rasmusvillemoes.dk header.s=google header.b=RRbq2pjM;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2390580AbfGWOhG (ORCPT <rfc822;atom.tux.beastie@gmail.com>
        + 99 others); Tue, 23 Jul 2019 10:37:06 -0400
Received: from mail-lf1-f66.google.com ([209.85.167.66]:33937 "EHLO
        mail-lf1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727845AbfGWOhF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 23 Jul 2019 10:37:05 -0400
Received: by mail-lf1-f66.google.com with SMTP id b29so22288281lfq.1
        for <linux-kernel@vger.kernel.org>; Tue, 23 Jul 2019 07:37:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=rasmusvillemoes.dk; s=google;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=YBcNl1Cx1gVNSGn+Kq9310BI1gMrWUUWqNCvZ/2rb/s=;
        b=RRbq2pjMpXvz9KgvzBNVhBIj6k2ETFnueG4QX8xDJ5WLNruHjwz1L6JINxAG0AoLtJ
         c5QjfhUPBMbc9oGLYyjKO+/cooINg5BDHACf/+q6fNCge217NgFndpxjTo7RrTxBPoZw
         anV3B+QvbgTWq3vsY28TiRMC7b7EwF4WtpagU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=YBcNl1Cx1gVNSGn+Kq9310BI1gMrWUUWqNCvZ/2rb/s=;
        b=ntNyad2yITLzZ51Fo8cix5BTT4pC0gyMz2DhIXiDPym52yEw+j2PrLU07+hy6XmU9C
         skY2hu5jSI7/TD9wvPhwZs0oU2h0OVHWm93BRVw1kkIe4hG4bNVZuU6JeeKweH9/3q8j
         wuu0SshfWY0T8S4EWdo1uif5pbAL/RU8bHkC/CgbGOFsfKtOyczUfwlIbl0j7ShT2luI
         g/VDTFlPArLYC8ME45dvZ3kI8RtADRbiS1L1tY7L/Uec2gnS24kWC3+3nbKteZAWmjdx
         ZlaeDiAGFyOQLx+IbVVrXcbI8RKbzwFqd+m4Hwu5HKaci1NKHNtb/YUSLYLoi5Q6UwPp
         WpSQ==
X-Gm-Message-State: APjAAAXApbf3gD0xqZTdfTx46u5iZMjHPaxxU3Tng8NrLchXMmOjWC6C
        up9rUxlZYjulHlO/FgUrT4Q=
X-Received: by 2002:ac2:43cf:: with SMTP id u15mr23454716lfl.188.1563892623570;
        Tue, 23 Jul 2019 07:37:03 -0700 (PDT)
Received: from [172.16.11.28] ([81.216.59.226])
        by smtp.gmail.com with ESMTPSA id e13sm8107351ljg.102.2019.07.23.07.37.02
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 23 Jul 2019 07:37:03 -0700 (PDT)
Subject: Re: [PATCH V2 1/2] string: Add stracpy and stracpy_pad mechanisms
To:     Joe Perches <joe@perches.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        linux-kernel@vger.kernel.org
Cc:     Jonathan Corbet <corbet@lwn.net>, Stephen Kitt <steve@sk2.org>,
        Kees Cook <keescook@chromium.org>,
        Nitin Gote <nitin.r.gote@intel.com>, jannh@google.com,
        kernel-hardening@lists.openwall.com,
        Andrew Morton <akpm@linux-foundation.org>
References: <cover.1563889130.git.joe@perches.com>
 <ed4611a4a96057bf8076856560bfbf9b5e95d390.1563889130.git.joe@perches.com>
From:   Rasmus Villemoes <linux@rasmusvillemoes.dk>
Message-ID: <ce1320d8-60df-7c54-2348-6aabac63c24d@rasmusvillemoes.dk>
Date:   Tue, 23 Jul 2019 16:37:01 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.7.2
MIME-Version: 1.0
In-Reply-To: <ed4611a4a96057bf8076856560bfbf9b5e95d390.1563889130.git.joe@perches.com>
Content-Type: text/plain; charset=windows-1252
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 23/07/2019 15.51, Joe Perches wrote:
> Several uses of strlcpy and strscpy have had defects because the
> last argument of each function is misused or typoed.
> 
> Add macro mechanisms to avoid this defect.
> 
> stracpy (copy a string to a string array) must have a string
> array as the first argument (dest) and uses sizeof(dest) as the
> count of bytes to copy.
> 
> These mechanisms verify that the dest argument is an array of
> char or other compatible types like u8 or s8 or equivalent.

Sorry, but "compatible types" has a very specific meaning in C, so
please don't use that word. And yes, the kernel disables -Wpointer-sign,
so passing an u8* or s8* when strscpy() expects a char* is silently
accepted, but does such code exist?

> 
> V2: Use __same_type testing char[], signed char[], and unsigned char[]
>     Rename to, from, and size, dest, src and count

count is just as bad as size in terms of "the expression src might
contain that identifier". But there's actually no reason to even declare
a local variable, just use ARRAY_SIZE() directly as the third argument
to strscpy().

Rasmus