Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp2301322rdg; Sun, 15 Oct 2023 22:48:19 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHUsB1w1ZBgeIhky+GBAUWMCUcm4rh66iV601+pByHxvVcTQ94apYG4Qs68iUvsXMu39Yqz X-Received: by 2002:a05:6a20:8e12:b0:161:28dd:c09d with SMTP id y18-20020a056a208e1200b0016128ddc09dmr41880389pzj.15.1697435299581; Sun, 15 Oct 2023 22:48:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697435299; cv=none; d=google.com; s=arc-20160816; b=pB0kxZeQeUsn00MNRArSD5UNBRlP4vIUr1jGdpfqr45uInAxgdcBipmh6A0Oi0dozq AOkVF4GVigyRp1hm9xr/O+8lSiFRpc2MQBY1CYJAVwu1vBtt4XiOtVDld53UoLSpD/i/ Hlgt46Dq9MA5B/RG3Y98hahgnFaasSkl7C+l9xmxbPe5J9LCSHpZ3kJgWj1EyKRVbU2f 2Ohglt5T+SZvmCMU6d3m7KUMh1EYVDPY/dK9WlKSnuSosRI0XaQqhvKZKLCWoDq4cRFv aNhpu3Z1P1S+VII4H9wYpkc3kzRDqCNKvH5f0ANZ9fZj3DLvMb7AgCMFofW0VJGC91Sf 1RQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=APqyNWoGiniVbLUmpGHDy/Anj/nDAihOoYwD68G5Kvc=; fh=SX7MWANp1uydNl/6p8e8LFqXmUzYwGW6Epwp+r8k4tg=; b=dNQKVhMkzBiqkcur02VQLRhiXOd7KcmozrWnytygL9C8WbNMKadkOP1HEoaB6tDjBR 8ych9HU23SKMZa1XaF4UAAcMO12wgDoKNQDBBiqmvfY6v33aSF1TzNwLAt293FzccGIN QDTixrCF3Ti5hPPbmxZur4lMuN+EwthYUfnbkQ9i8aOjd8Vo7g9u9DDKIJIdS5v706d5 sqzqIbtCJ+5295EZKo6QdrXfXCDwQtxki0UmLx6PuezDHQi8AcZcospjhoK0EBlFD0Dm P8H6aT4yLG/OoUzRrk5sdIeUTozF3UwphYmJEzgPT2pZrTy6mPB1PLNG2diMqrmKZumY j67A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WWU1oiPl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id bt8-20020a632908000000b005891a066de8si9925964pgb.416.2023.10.15.22.48.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Oct 2023 22:48:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WWU1oiPl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id D7E4A80BEF14; Sun, 15 Oct 2023 22:48:15 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229841AbjJPFsD (ORCPT + 99 others); Mon, 16 Oct 2023 01:48:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59302 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229686AbjJPFsC (ORCPT ); Mon, 16 Oct 2023 01:48:02 -0400 Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0BE98D6 for ; Sun, 15 Oct 2023 22:47:59 -0700 (PDT) Received: by mail-wm1-x329.google.com with SMTP id 5b1f17b1804b1-4056ce55e7eso40689655e9.2 for ; Sun, 15 Oct 2023 22:47:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1697435277; x=1698040077; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=APqyNWoGiniVbLUmpGHDy/Anj/nDAihOoYwD68G5Kvc=; b=WWU1oiPlc2oIE3KUL3ECJKHqPSwtY7jmAM8/djDse3R9aZ3mxcrbCKET+DXtdvMc2L C3IfIUhp5c1pL2GmgF8zG2UZQi3pIfShRxWF6GWnMLQmyEMdZg9+MdLoCkDr//A8EqH8 K4EmYcPbFpeosN1CQg5Yr5CRGYBtR9UjTbT0vFGTQMDHSW0MWWg4DEU9pmiWe8CAc8/g d1xs8+MPshvxhuA4L2E3vTM0u8vEEAAvNTVzCmztn3N4QAVaMYteWMp9mPQFnmYHfkZW CYJDG8EN3StEWsqe+n5wcV3NTcs44itulq4wOIOq4NFlSQZwlVAWOXGpeVwRZcAoJbVC c3YQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697435277; x=1698040077; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=APqyNWoGiniVbLUmpGHDy/Anj/nDAihOoYwD68G5Kvc=; b=hTgFFQLaPpx/roXBkgfPpyZgfG5C/ycK1ffObSu4c1uEFQVEyXnkznI/axWdpsonH4 om21f/oogJA/nsn+TANDCRYoh1DnK3vsbXurjDAOUTfE5YyUDYQuzOeU3SNGI9gsfizX p+Jwa4EYcIL4VWcKmuraiOtS8t2VhHOCWaLH15KmXJ3u4Dx4froILOtqOnOy8oyXE75U 5T3NfkbJw2a5XNL4pkjn21M70iU5596y5lkzxfOE1ssCtAlIsj8QYr/lCXj/48ku1mSF OrTK+3BPya6vOljIJvlPhndnQTXJKRL7qeyJ5C4ihsqSOLk9lLCex1mnvYByB1zYBjVG 4wtw== X-Gm-Message-State: AOJu0YwegYevxUUWIp0wZ23PB+S+QdHmDDyjvz6UhG07okF0yO7AMmi/ 64uCKwB+R/qX2Z6H8sJ+PO1YAw== X-Received: by 2002:a05:600c:2298:b0:3fe:1af6:6542 with SMTP id 24-20020a05600c229800b003fe1af66542mr27821090wmf.33.1697435277411; Sun, 15 Oct 2023 22:47:57 -0700 (PDT) Received: from localhost ([102.36.222.112]) by smtp.gmail.com with ESMTPSA id 13-20020a05600c230d00b004068495910csm6156468wmo.23.2023.10.15.22.47.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Oct 2023 22:47:56 -0700 (PDT) Date: Mon, 16 Oct 2023 08:47:53 +0300 From: Dan Carpenter To: Simon Horman Cc: Justin Stitt , Thomas Sailer , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , linux-hams@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] hamradio: replace deprecated strncpy with strscpy Message-ID: References: <20231012-strncpy-drivers-net-hamradio-baycom_epp-c-v1-1-8f4097538ee4@google.com> <20231015150619.GC1386676@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20231015150619.GC1386676@kernel.org> X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Sun, 15 Oct 2023 22:48:16 -0700 (PDT) On Sun, Oct 15, 2023 at 05:06:19PM +0200, Simon Horman wrote: > On Thu, Oct 12, 2023 at 09:33:32PM +0000, Justin Stitt wrote: > > strncpy() is deprecated for use on NUL-terminated destination strings > > [1] and as such we should prefer more robust and less ambiguous string > > interfaces. > > > > We expect both hi.data.modename and hi.data.drivername to be > > NUL-terminated but not necessarily NUL-padded which is evident by its > > usage with sprintf: > > | sprintf(hi.data.modename, "%sclk,%smodem,fclk=%d,bps=%d%s", > > | bc->cfg.intclk ? "int" : "ext", > > | bc->cfg.extmodem ? "ext" : "int", bc->cfg.fclk, bc->cfg.bps, > > | bc->cfg.loopback ? ",loopback" : ""); > > > > Note that this data is copied out to userspace with: > > | if (copy_to_user(data, &hi, sizeof(hi))) > > ... however, the data was also copied FROM the user here: > > | if (copy_from_user(&hi, data, sizeof(hi))) > > Thanks Justin, > > I see that too. > > Perhaps I am off the mark here, and perhaps it's out of scope for this > patch, but I do think it would be nicer if the kernel only sent > intended data to user-space, even if any unintended payload came > from user-space. > It's kind of normal to pass user space data back to itself. We generally only worry about info leaks. regards, dan carpenter