Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp2361289rwb; Sat, 29 Jul 2023 05:33:31 -0700 (PDT) X-Google-Smtp-Source: APBJJlHHBozt6SPWtLWJphkOWfHXwZ/rLkSO5eW/tS6KbMrJoVTCUObPZw5Zdmr2jq84aCzAa6zY X-Received: by 2002:a05:6a20:5483:b0:137:db14:e87c with SMTP id i3-20020a056a20548300b00137db14e87cmr5082446pzk.13.1690634011501; Sat, 29 Jul 2023 05:33:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690634011; cv=none; d=google.com; s=arc-20160816; b=OcrtqAw7E/nUCBAXWG9fgUTZenq2tr5wYhtLXz/e5dKE5H9tMceT3RKGt93+6Vwtpn 5Ifk2993hlkuCIwlhuLlruxTgQslE6UWn+iBbZfwR7EYT3q6phm79UfI/c7g1ruGf8Bd DIR66R/7WV9aNY5AZLTjw4B2wGm7yuhT6CswN92OHZ8Vs5se64dFbAyxYsXtYCk5kHZq MFCefgd1ESePWZe11n9dv1gkJHSt31rAJ/fHNmhxj/fHVK2Glj9BzNOXGq5bB49ES/mz iitPvoxOnWpIM/Am182JeUqisvelHbNJIebKnkJ5pmXCfR4QHfdMUp0Y/RPBK+ql6Y96 byhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent:references:in-reply-to :subject:cc:to:from:message-id:date:dkim-signature:dkim-signature; bh=Og/4urZItaDoPrqR068TFRdUJk+qNCxhcstZwekFiAg=; fh=0r48pqYBBodqOHTfZhs0QNdVa84eH/xiz+ABkRZQQSg=; b=dVJvZ1PVUxMHY58Ecz8WKWt1JGDwMC1gEkjp9T8k/2BDz2o++cdLoraSoJzD3xME8X nwxWLNNAIqqzwFLOkeqkfmx0uK/djv/JHJ03o/Bq1bVbW3WtoYDuk5N2fZSDO9Ia6fYS ddNdR8bs5dL7eDiH6QuiPzUZ4HGMle59So1Eeok6r24hu+asSFRpMFRRZun1uT3rvDcH otvtmB3OifmNwc88Q0p7Pt3qSYPxJEsRVxDMcgedpbwtI3rfqukt93q2VP00PmimHDEs map5IuCIKyue/MliKZHY/6u9Dl99Scz6OPSFeylpBDHh+FyU82GuqTYZ+R0M/wExDles Hh7g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=QYGnugli; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y33-20020a634b21000000b00557221f00c7si4540422pga.335.2023.07.29.05.33.16; Sat, 29 Jul 2023 05:33:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=QYGnugli; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230005AbjG2MAn (ORCPT + 99 others); Sat, 29 Jul 2023 08:00:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49842 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229481AbjG2MAm (ORCPT ); Sat, 29 Jul 2023 08:00:42 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A7F9E1737 for ; Sat, 29 Jul 2023 05:00:40 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 2AEE8216DA; Sat, 29 Jul 2023 12:00:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1690632039; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Og/4urZItaDoPrqR068TFRdUJk+qNCxhcstZwekFiAg=; b=QYGnugli6rutLEo+kJ+ZftYb7EXCKpsSPU7RmEy/7nYr2hO+uHW9UP8K0IDGIbj2FnSb25 oGBEqfRtvvIThGze/OFnXY7qL4CUtEBk5QpiL0NfwIuWB5X+xLxiFpNqfJ0DE4uLgF1thh 7iJMdZRc5S4EwaCE9xhNVpG9Xbu8Zeo= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1690632039; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Og/4urZItaDoPrqR068TFRdUJk+qNCxhcstZwekFiAg=; b=QJaimAam/uW1kKz6sI4J6IlBDWgUMY0aTmoM+wWSHaXT6n593FEcE16ddZnk5QcAP+Q8Nb aHA46TInyhT2i2Ag== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id E735713596; Sat, 29 Jul 2023 12:00:38 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id qrlrN2b/xGThewAAMHmgww (envelope-from ); Sat, 29 Jul 2023 12:00:38 +0000 Date: Sat, 29 Jul 2023 14:00:38 +0200 Message-ID: <87mszfc4gp.wl-tiwai@suse.de> From: Takashi Iwai To: Justin Stitt Cc: Oleksandr Andrushchenko , Jaroslav Kysela , Takashi Iwai , xen-devel@lists.xenproject.org, alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, Kees Cook Subject: Re: [PATCH] ALSA: xen-front: refactor deprecated strncpy In-Reply-To: <20230727-sound-xen-v1-1-89dd161351f1@google.com> References: <20230727-sound-xen-v1-1-89dd161351f1@google.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/27.2 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 27 Jul 2023 23:53:24 +0200, Justin Stitt wrote: > > `strncpy` is deprecated for use on NUL-terminated destination strings [1]. > > A suitable replacement is `strscpy` [2] due to the fact that it > guarantees NUL-termination on its destination buffer argument which is > _not_ always the case for `strncpy`! > > It should be noted that, in this case, the destination buffer has a > length strictly greater than the source string. Moreover, the source > string is NUL-terminated (and so is the destination) which means there > was no real bug happening here. Nonetheless, this patch would get us one > step closer to eliminating the `strncpy` API in the kernel, as its use > is too ambiguous. We need to favor less ambiguous replacements such as: > strscpy, strscpy_pad, strtomem and strtomem_pad (amongst others). > > Technically, my patch yields subtly different behavior. The original > implementation with `strncpy` would fill the entire destination buffer > with null bytes [3] while `strscpy` will leave the junk, uninitialized > bytes trailing after the _mandatory_ NUL-termination. So, if somehow > `pcm->name` or `card->driver/shortname/longname` require this > NUL-padding behavior then `strscpy_pad` should be used. My > interpretation, though, is that the aforementioned fields are just fine > as NUL-terminated strings. Please correct my assumptions if needed and > I'll send in a v2. > > [1]: www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings > [2]: manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html > [3]: https://linux.die.net/man/3/strncpy > > Link: https://github.com/KSPP/linux/issues/90 > Signed-off-by: Justin Stitt Applied now. Thanks. Takashi