Received: by 2002:a05:7412:31a9:b0:e2:908c:2ebd with SMTP id et41csp2996836rdb;
        Tue, 12 Sep 2023 20:51:10 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IF3ce4NpeVA5UkCsup+fWUgTT06pzhAhrmUPzCQhU9ZKvxO70PMYjMIHqQ22YiHJeorxn2u
X-Received: by 2002:a17:903:1210:b0:1bb:7f71:df43 with SMTP id l16-20020a170903121000b001bb7f71df43mr1902614plh.34.1694577070016;
        Tue, 12 Sep 2023 20:51:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694577069; cv=none;
        d=google.com; s=arc-20160816;
        b=hwGDKHviEehoZBsoitPLuDRDlnzjcHjckJIQ7NTJ2btD0MeLGJIf+baMeK1wQQUkm7
         YFMnVmfo/JXUUBJ1zu038mfPQG2jwC39TxdmkBicxMpjmJJrwv6Unws4WqTKZm2F/OIs
         NhJQaDJ5YeggKbp82NtAwIbA9qFjZ2AFdta2PIFH/zQ/RZPeuiuGc2mUN1fEVNxL7iFr
         xrt3x/v5M6I6K96nFDSDxCOZakDwHEreHwsENO9/CaKsD7Ive5pviwLVU+N3seT0Ykmz
         gH/egcxHGAmjH538SGbpgOLSDb4pglLFuXpyOLnC8oFdtEzOU0OGyZmkHH4Q9/YJfD+L
         wLwQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :references:cc:to:content-language:subject:user-agent:mime-version
         :date:message-id;
        bh=S8gJ+EOiK7eAqg5LiRsmPWAXOh/3cWTz/yMZP/O2SBQ=;
        fh=BdtccdJq3DrwAcZMKR8OxQ2Y7vZEahygE+3Mb9h2M+8=;
        b=qyw3SpEwXC7wSNj1w5xpWprUZBHu6wV48KFq2N8c5lyK6R77ZvgT0+SLURViAT0GE8
         zA8SoSGoe5hPUP3DnElu2LFOB5iRGnrZ2YEGtIZWv90wE10b2sUbF1rzTuzv3yMytWw0
         nZN54X8DxGU3e0/zcinW4cbk3S2tGMgfoSh4MVhcKNuaAQta8keKJyFUrs0J+cU2cOjR
         CBPGV1LUNMflh1Tl9/KrHHlXlzpy9h7n4sn+Ytp9wXyU3UZizopnLz1akhz292RVvwzU
         qyNXrPG5Qprb8jUZtDnrny9xKfiIzjfsslK0ymRsettWeke86NjW6vpUOdJO5VB5q2l6
         JaNw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from morse.vger.email (morse.vger.email. [2620:137:e000::3:1])
        by mx.google.com with ESMTPS id kh11-20020a170903064b00b001b53b6b029csi8944302plb.124.2023.09.12.20.51.09
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 12 Sep 2023 20:51:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) client-ip=2620:137:e000::3:1;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by morse.vger.email (Postfix) with ESMTP id 1C1C4801B8A6;
	Tue, 12 Sep 2023 20:47:55 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235972AbjIMDrv (ORCPT <rfc822;bchau3440@gmail.com> + 99 others);
        Tue, 12 Sep 2023 23:47:51 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38410 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230052AbjIMDrt (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 12 Sep 2023 23:47:49 -0400
Received: from out30-111.freemail.mail.aliyun.com (out30-111.freemail.mail.aliyun.com [115.124.30.111])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D791F1722;
        Tue, 12 Sep 2023 20:47:44 -0700 (PDT)
X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R831e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018046059;MF=joseph.qi@linux.alibaba.com;NM=1;PH=DS;RN=12;SR=0;TI=SMTPD_---0Vrz42ty_1694576860;
Received: from 30.221.128.188(mailfrom:joseph.qi@linux.alibaba.com fp:SMTPD_---0Vrz42ty_1694576860)
          by smtp.aliyun-inc.com;
          Wed, 13 Sep 2023 11:47:41 +0800
Message-ID: <923f3dd1-c264-9d5f-3f17-1212493a7daa@linux.alibaba.com>
Date:   Wed, 13 Sep 2023 11:47:39 +0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0)
 Gecko/20100101 Thunderbird/102.15.0
Subject: Re: [PATCH v2] fs: ocfs2: Replace strlcpy with sysfs_emit
Content-Language: en-US
To:     Azeem Shaikh <azeemshaikh38@gmail.com>,
        akpm <akpm@linux-foundation.org>
Cc:     linux-hardening@vger.kernel.org, ocfs2-devel@lists.linux.dev,
        linux-kernel@vger.kernel.org,
        Christian Brauner <brauner@kernel.org>,
        Dave Chinner <dchinner@redhat.com>, Jan Kara <jack@suse.cz>,
        Jeff Layton <jlayton@kernel.org>,
        Mark Fasheh <mark@fasheh.com>,
        Joel Becker <jlbec@evilplan.org>,
        Kees Cook <keescook@chromium.org>
References: <20230831193827.1528867-1-azeemshaikh38@gmail.com>
From:   Joseph Qi <joseph.qi@linux.alibaba.com>
In-Reply-To: <20230831193827.1528867-1-azeemshaikh38@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Tue, 12 Sep 2023 20:47:55 -0700 (PDT)
X-Spam-Status: No, score=-2.2 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,
	UNPARSEABLE_RELAY autolearn=unavailable autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email



On 9/1/23 3:38 AM, Azeem Shaikh wrote:
> strlcpy() reads the entire source buffer first.
> This read may exceed the destination size limit.
> This is both inefficient and can lead to linear read
> overflows if a source string is not NUL-terminated [1].
> In an effort to remove strlcpy() completely [2], replace
> strlcpy() here with sysfs_emit().
> 
> Direct replacement is safe here since its ok for `kernel_param_ops.get()`
> to return -errno [3].
> 
> [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
> [2] https://github.com/KSPP/linux/issues/89
> [3] https://elixir.bootlin.com/linux/v6.5/source/include/linux/moduleparam.h#L52
> 
> Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>

Reviewed-by: Joseph Qi <joseph.qi@linux.alibaba.com>

> ---
> v2:
>  * Removes patch [1/2] which replaced module_param_call with module_param_cb.
>  * Use sysfs_emit instead of strscpy.
> 
> v1:
>  * https://lore.kernel.org/all/20230830215426.4181755-1-azeemshaikh38@gmail.com/
> 
>  fs/ocfs2/dlmfs/dlmfs.c |    3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/fs/ocfs2/dlmfs/dlmfs.c b/fs/ocfs2/dlmfs/dlmfs.c
> index 81265123ce6c..b38776ba3306 100644
> --- a/fs/ocfs2/dlmfs/dlmfs.c
> +++ b/fs/ocfs2/dlmfs/dlmfs.c
> @@ -80,8 +80,7 @@ static int param_set_dlmfs_capabilities(const char *val,
>  static int param_get_dlmfs_capabilities(char *buffer,
>  					const struct kernel_param *kp)
>  {
> -	return strlcpy(buffer, DLMFS_CAPABILITIES,
> -		       strlen(DLMFS_CAPABILITIES) + 1);
> +	return sysfs_emit(buffer, DLMFS_CAPABILITIES);
>  }
>  module_param_call(capabilities, param_set_dlmfs_capabilities,
>  		  param_get_dlmfs_capabilities, NULL, 0444);
> --
> 2.42.0.283.g2d96d420d3-goog
>