Received: by 2002:a05:7412:251c:b0:e2:908c:2ebd with SMTP id w28csp2064767rda; Tue, 24 Oct 2023 11:08:50 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGnG5P0CeUQsg2uu1nkjtstYQrlQdob/96iZ4dfW0u2K0Hiv9XVQT4/NOReRnFSuW4MC3sl X-Received: by 2002:a17:902:d506:b0:1ca:abe:a090 with SMTP id b6-20020a170902d50600b001ca0abea090mr14499403plg.62.1698170929799; Tue, 24 Oct 2023 11:08:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698170929; cv=none; d=google.com; s=arc-20160816; b=GxZuceaN7bSVSf2+rRt6TX+T6pa+MJmrwrpi4j4sss9spIszogeG5opEapL9fkKvB5 KKI60MWRdL//r+bTN30/dvp1wfFL3eDVGpROVPzwLw4VpDiMSW+35xO9USfLZbZHvw4+ kkF0QsrZQby+IntBS6DKLkSGXaJl4VqcqWSX5WuJUnR7aCmJasivVzwUYFs87wzz2r4U Rc1GY3ram72tZ/tGBbvBWBXtbvBk79rHsuIEbq1bgGa6HppUNx8i/6iA30MVYpGaVUj+ 51bm5oxYAhZa2i6pz3Rzeju0wTZ0nMAxPLvvGed/b6iOQwRndWZnDajOnP2Po4O9O87O bACw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=k3017rfLAsmBWrjhLTGlW8FveYh7+csB/i8dPVteIyE=; fh=zTvSiL/itpsO5qCkqhPXVpkmPoYAQC1L+ZYMz1zwTNQ=; b=wHJuPaFqeB5boTkw62ZhVKm7F3ZGH6cGksidwd3wLorsxG8kmtmKVvuzLBWnHw54Kf Om2OoKCpa2ioXyX50DFKfDq8cpDZY0x3XhHW5H1mURbC27E3NSMgNCgbRLFb46rfGjOm c8zFPMdHjgzwKd+988yLI7su13gkkbDQK61FloOUURQPh5Pk5YzIi4/KSpDikevGnSBf MddpF0KuACbp0I0aVf2qRQVRnVe74CROdzWMrrSM2cdGSlRee8USEMaJAMYxXwpSwzPs L5T+vCu12O8mMBKnCrSEcqv5YjD4Mu5LRY660Q3EJ6+w0zHlmQGm6AF0ABkp9JalPGAP 8yyQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=KMSq+g5B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id j1-20020a170902690100b001bbd0450af8si8493077plk.187.2023.10.24.11.08.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Oct 2023 11:08:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=KMSq+g5B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 4A9B780A8BA4; Tue, 24 Oct 2023 11:08:36 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344103AbjJXSIY (ORCPT + 99 others); Tue, 24 Oct 2023 14:08:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48790 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344096AbjJXSIX (ORCPT ); Tue, 24 Oct 2023 14:08:23 -0400 Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2CBCD10D4 for ; Tue, 24 Oct 2023 11:08:21 -0700 (PDT) Received: by mail-pf1-x430.google.com with SMTP id d2e1a72fcca58-6b497c8575aso4738868b3a.1 for ; Tue, 24 Oct 2023 11:08:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1698170900; x=1698775700; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=k3017rfLAsmBWrjhLTGlW8FveYh7+csB/i8dPVteIyE=; b=KMSq+g5B/9/mmBrXtqyNbFrp+0a6B204TjFXffcvyOjFPY0rGmqwfBWVTDiv6HtseO MvfxKD0P36CPrfLAwoKQATvJPJk2T8W1WCFYc6eZCoNaSuDnsCgUoX6S4CXvqIcaKQOW ChWI30wJAjUeSLvpD7ATMycS43SqfZ3ziZ9j4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698170900; x=1698775700; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=k3017rfLAsmBWrjhLTGlW8FveYh7+csB/i8dPVteIyE=; b=Z8OX8e7z3Ns1XwI2lWWHnSkQV11rO0i3HByv+7GPiHr/B5dhKcW2iSjUr9eYKf5bnx WyjNXPCJZj3hY7UkZSaU3MVoZ4NNp0e/F8MImuhdcM7FObalaY8LTD0RlqUQ1U4jliiQ oYZsJbrhEYmsYph/8jh7voz8QOVxVrTcgc4okcp3wOPYT180wMrBsotFAOuRqjvKDXwM SkISoEWiZvgwEX9TP/Pn5OsYkHULEfyVQg95QrLWKzjZ1BnC8mKPj8KFYzOtMok86Dkz UlRY99Cu9fiOU5BuZL0B+1NzJypNk8yeeP2nuZcJH0KBIZY6GywfEN4TazlJbW2xjMtY wt4w== X-Gm-Message-State: AOJu0YwH8YSjSQj5cNf8WmeaceStZ94TnFtNlHUljSntGSxmuVxnmAJt FQKzknx8rtUOQezeNEdxTFKVOw== X-Received: by 2002:a05:6a21:7803:b0:16b:e46e:1246 with SMTP id be3-20020a056a21780300b0016be46e1246mr3564795pzc.30.1698170900569; Tue, 24 Oct 2023 11:08:20 -0700 (PDT) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id d15-20020a65620f000000b0057e7ae47893sm6448886pgv.47.2023.10.24.11.08.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Oct 2023 11:08:19 -0700 (PDT) Date: Tue, 24 Oct 2023 11:08:19 -0700 From: Kees Cook To: Justin Stitt Cc: Alexandra Winter , Wenjia Zhang , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , linux-s390@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] s390/qeth: replace deprecated strncpy with strscpy Message-ID: <202310241029.3E4A634@keescook> References: <20231023-strncpy-drivers-s390-net-qeth_core_main-c-v1-1-e7ce65454446@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20231023-strncpy-drivers-s390-net-qeth_core_main-c-v1-1-e7ce65454446@google.com> X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Tue, 24 Oct 2023 11:08:36 -0700 (PDT) On Mon, Oct 23, 2023 at 07:39:39PM +0000, Justin Stitt wrote: > strncpy() is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > We expect new_entry->dbf_name to be NUL-terminated based on its use with > strcmp(): > | if (strcmp(entry->dbf_name, name) == 0) { > > Moreover, NUL-padding is not required as new_entry is kzalloc'd just > before this assignment: > | new_entry = kzalloc(sizeof(struct qeth_dbf_entry), GFP_KERNEL); > > ... rendering any future NUL-byte assignments (like the ones strncpy() > does) redundant. > > Considering the above, a suitable replacement is `strscpy` [2] due to > the fact that it guarantees NUL-termination on the destination buffer > without unnecessarily NUL-padding. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt struct qeth_dbf_entry { char dbf_name[DBF_NAME_LEN]; The sizeof() replace looks right to me. Reviewed-by: Kees Cook -Kees > --- > Note: build-tested only. > > Found with: $ rg "strncpy\(" > --- > drivers/s390/net/qeth_core_main.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/s390/net/qeth_core_main.c b/drivers/s390/net/qeth_core_main.c > index cd783290bde5..6af2511e070c 100644 > --- a/drivers/s390/net/qeth_core_main.c > +++ b/drivers/s390/net/qeth_core_main.c > @@ -6226,7 +6226,7 @@ static int qeth_add_dbf_entry(struct qeth_card *card, char *name) > new_entry = kzalloc(sizeof(struct qeth_dbf_entry), GFP_KERNEL); > if (!new_entry) > goto err_dbg; > - strncpy(new_entry->dbf_name, name, DBF_NAME_LEN); > + strscpy(new_entry->dbf_name, name, sizeof(new_entry->dbf_name)); > new_entry->dbf_info = card->debug; > mutex_lock(&qeth_dbf_list_mutex); > list_add(&new_entry->dbf_list, &qeth_dbf_list); > > --- > base-commit: 9c5d00cb7b6bbc5a7965d9ab7d223b5402d1f02c > change-id: 20231023-strncpy-drivers-s390-net-qeth_core_main-c-0b0ee08672ec > > Best regards, > -- > Justin Stitt > > -- Kees Cook