Received: by 2002:a89:48b:0:b0:1f5:f2ab:c469 with SMTP id a11csp995111lqd;
        Thu, 25 Apr 2024 03:00:27 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCUL8TPaCyMx2BKL6PW/aCc0Tey2ER537iurd/2shNd8gZi3xUAU3/QpSvCRsDwc0zL7i0YInf8Zhi2SJrAUlgEEUo8yKVfAT+ZFj9laFA==
X-Google-Smtp-Source: AGHT+IGSotXRJ6an1SYzYg4XZOQwmeGusAVQ502xRK8g9OekI32+hcAj3SxEMTpN1fyxrdf5VfrK
X-Received: by 2002:a17:902:ce8c:b0:1e0:c37d:cfcb with SMTP id f12-20020a170902ce8c00b001e0c37dcfcbmr6712016plg.49.1714039226779;
        Thu, 25 Apr 2024 03:00:26 -0700 (PDT)
Return-Path: <linux-kernel+bounces-158344-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1])
        by mx.google.com with ESMTPS id u13-20020a170902e80d00b001e8505652aasi13115309plg.46.2024.04.25.03.00.26
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 25 Apr 2024 03:00:26 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-158344-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@gmx.de header.s=s31663417 header.b=go1NMMm8;
       arc=fail (body hash mismatch);
       spf=pass (google.com: domain of linux-kernel+bounces-158344-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-158344-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=gmx.de
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 6369C288C5B
	for <linux.lists.archive@gmail.com>; Thu, 25 Apr 2024 10:00:26 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 5DE7E85646;
	Thu, 25 Apr 2024 10:00:18 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmx.de header.i=deller@gmx.de header.b="go1NMMm8"
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 19F9C1E892;
	Thu, 25 Apr 2024 10:00:13 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=212.227.17.20
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1714039217; cv=none; b=kIDn0hd0yXUWvcShyv5wNhg2b3d6U5ugiGWv6rW7sANBrVyx8ggjpEvdxFYKDX2Kju5DRgrNv41HULxlInSuuyBz3vl5tM/tiFUdRdP6J6MAFHrCXfiRODI6tdXNYWS0bIt2RQVVvDLbGuEVSmtlz3aeUuHgfK8vk0dIZHfFj7I=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1714039217; c=relaxed/simple;
	bh=HuJ7Il4qSm7zvnngyU8nOX2hmROWP/xcyXEHMkNuYVA=;
	h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:
	 In-Reply-To:Content-Type; b=k6UKRQOiYGO7Arb9dbWKxAW9Y+xlpYvHRU1XmpEgdBH+81ncii1Nkoj3kKkryk+j5Gahikntu6zPqTSXDQUo7Z2ibV/i1TqNcubDvgiyXURqM44XF4RTju4aSg0+5bjNmdsq5Llv1dJgsXPR/3vUJXS+UhgUMEzstlxb6ICeKxY=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gmx.de; spf=pass smtp.mailfrom=gmx.de; dkim=pass (2048-bit key) header.d=gmx.de header.i=deller@gmx.de header.b=go1NMMm8; arc=none smtp.client-ip=212.227.17.20
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gmx.de
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmx.de
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de;
	s=s31663417; t=1714039205; x=1714644005; i=deller@gmx.de;
	bh=EjRJv2J1LsFRTCkDYRdY+e9emuoXLT5hNsnD9Bd4Fw4=;
	h=X-UI-Sender-Class:Message-ID:Date:MIME-Version:Subject:To:Cc:
	 References:From:In-Reply-To:Content-Type:
	 Content-Transfer-Encoding:cc:content-transfer-encoding:
	 content-type:date:from:message-id:mime-version:reply-to:subject:
	 to;
	b=go1NMMm8fCwTPgYzzJXE5ALZx0/tX0ZH2WF1Rwx5VSeX1espNDU6suD+QlvszEWb
	 /PByczor3giD0cD8gjN3Uvk2JXGM0qtElGVkxxX5hyLqg1S4R+GBVxFXAQxW/jsNr
	 SygJo5OMe4O3r4gea/lSaV5xRHP9vbEzn0LwlwCUVCnWyDj6EPhPEUnmAFQ+LRiMv
	 grD66MsDT9bVx+fWnjDst00+vSDR9upqXahxJckSTnSHiJAueFQW2iA52jJE23kud
	 ms+OPQlGxK+l+da7xH2h7rXUM8AEe0JynRY0rYY+pYahJWjnMpL9iuWd0sTWwOY/c
	 2n7RZ7JyuiwyKWkKwQ==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from [10.8.0.6] ([78.94.87.245]) by mail.gmx.net (mrgmx104
 [212.227.17.168]) with ESMTPSA (Nemesis) id 1M4axq-1s0UOQ1eII-0008W6; Thu, 25
 Apr 2024 12:00:04 +0200
Message-ID: <1d6b90c8-1230-4254-9644-1ad56330ab97@gmx.de>
Date: Thu, 25 Apr 2024 12:00:02 +0200
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [PATCH] video: fbdev: au1200fb: replace deprecated strncpy with
 strscpy
To: Kees Cook <keescook@chromium.org>
Cc: Justin Stitt <justinstitt@google.com>, linux-fbdev@vger.kernel.org,
 dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org,
 linux-hardening@vger.kernel.org
References: <20240318-strncpy-drivers-video-fbdev-au1200fb-c-v1-1-680802a9f10a@google.com>
 <53670007-edbc-4762-9e57-0b3c29220d9e@gmx.de>
 <CAFhGd8ppVq9aGbfFLeL30jQ15KHS=FoLh0c1udXo=Z+pCfXL1g@mail.gmail.com>
 <49ba1e7d-d256-4644-beb9-c84b9feb0052@gmx.de> <202404241647.E1DE1D9@keescook>
Content-Language: en-US
From: Helge Deller <deller@gmx.de>
Autocrypt: addr=deller@gmx.de; keydata=
 xsFNBF3Ia3MBEAD3nmWzMgQByYAWnb9cNqspnkb2GLVKzhoH2QD4eRpyDLA/3smlClbeKkWT
 HLnjgkbPFDmcmCz5V0Wv1mKYRClAHPCIBIJgyICqqUZo2qGmKstUx3pFAiztlXBANpRECgwJ
 r+8w6mkccOM9GhoPU0vMaD/UVJcJQzvrxVHO8EHS36aUkjKd6cOpdVbCt3qx8cEhCmaFEO6u
 CL+k5AZQoABbFQEBocZE1/lSYzaHkcHrjn4cQjc3CffXnUVYwlo8EYOtAHgMDC39s9a7S90L
 69l6G73lYBD/Br5lnDPlG6dKfGFZZpQ1h8/x+Qz366Ojfq9MuuRJg7ZQpe6foiOtqwKym/zV
 dVvSdOOc5sHSpfwu5+BVAAyBd6hw4NddlAQUjHSRs3zJ9OfrEx2d3mIfXZ7+pMhZ7qX0Axlq
 Lq+B5cfLpzkPAgKn11tfXFxP+hcPHIts0bnDz4EEp+HraW+oRCH2m57Y9zhcJTOJaLw4YpTY
 GRUlF076vZ2Hz/xMEvIJddRGId7UXZgH9a32NDf+BUjWEZvFt1wFSW1r7zb7oGCwZMy2LI/G
 aHQv/N0NeFMd28z+deyxd0k1CGefHJuJcOJDVtcE1rGQ43aDhWSpXvXKDj42vFD2We6uIo9D
 1VNre2+uAxFzqqf026H6cH8hin9Vnx7p3uq3Dka/Y/qmRFnKVQARAQABzRxIZWxnZSBEZWxs
 ZXIgPGRlbGxlckBnbXguZGU+wsGRBBMBCAA7AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
 FiEERUSCKCzZENvvPSX4Pl89BKeiRgMFAl3J1zsCGQEACgkQPl89BKeiRgNK7xAAg6kJTPje
 uBm9PJTUxXaoaLJFXbYdSPfXhqX/BI9Xi2VzhwC2nSmizdFbeobQBTtRIz5LPhjk95t11q0s
 uP5htzNISPpwxiYZGKrNnXfcPlziI2bUtlz4ke34cLK6MIl1kbS0/kJBxhiXyvyTWk2JmkMi
 REjR84lCMAoJd1OM9XGFOg94BT5aLlEKFcld9qj7B4UFpma8RbRUpUWdo0omAEgrnhaKJwV8
 qt0ULaF/kyP5qbI8iA2PAvIjq73dA4LNKdMFPG7Rw8yITQ1Vi0DlDgDT2RLvKxEQC0o3C6O4
 iQq7qamsThLK0JSDRdLDnq6Phv+Yahd7sDMYuk3gIdoyczRkXzncWAYq7XTWl7nZYBVXG1D8
 gkdclsnHzEKpTQIzn/rGyZshsjL4pxVUIpw/vdfx8oNRLKj7iduf11g2kFP71e9v2PP94ik3
 Xi9oszP+fP770J0B8QM8w745BrcQm41SsILjArK+5mMHrYhM4ZFN7aipK3UXDNs3vjN+t0zi
 qErzlrxXtsX4J6nqjs/mF9frVkpv7OTAzj7pjFHv0Bu8pRm4AyW6Y5/H6jOup6nkJdP/AFDu
 5ImdlA0jhr3iLk9s9WnjBUHyMYu+HD7qR3yhX6uWxg2oB2FWVMRLXbPEt2hRGq09rVQS7DBy
 dbZgPwou7pD8MTfQhGmDJFKm2jvOwU0EXchrcwEQAOsDQjdtPeaRt8EP2pc8tG+g9eiiX9Sh
 rX87SLSeKF6uHpEJ3VbhafIU6A7hy7RcIJnQz0hEUdXjH774B8YD3JKnAtfAyuIU2/rOGa/v
 UN4BY6U6TVIOv9piVQByBthGQh4YHhePSKtPzK9Pv/6rd8H3IWnJK/dXiUDQllkedrENXrZp
 eLUjhyp94ooo9XqRl44YqlsrSUh+BzW7wqwfmu26UjmAzIZYVCPCq5IjD96QrhLf6naY6En3
 ++tqCAWPkqKvWfRdXPOz4GK08uhcBp3jZHTVkcbo5qahVpv8Y8mzOvSIAxnIjb+cklVxjyY9
 dVlrhfKiK5L+zA2fWUreVBqLs1SjfHm5OGuQ2qqzVcMYJGH/uisJn22VXB1c48yYyGv2HUN5
 lC1JHQUV9734I5cczA2Gfo27nTHy3zANj4hy+s/q1adzvn7hMokU7OehwKrNXafFfwWVK3OG
 1dSjWtgIv5KJi1XZk5TV6JlPZSqj4D8pUwIx3KSp0cD7xTEZATRfc47Yc+cyKcXG034tNEAc
 xZNTR1kMi9njdxc1wzM9T6pspTtA0vuD3ee94Dg+nDrH1As24uwfFLguiILPzpl0kLaPYYgB
 wumlL2nGcB6RVRRFMiAS5uOTEk+sJ/tRiQwO3K8vmaECaNJRfJC7weH+jww1Dzo0f1TP6rUa
 fTBRABEBAAHCwXYEGAEIACAWIQRFRIIoLNkQ2+89Jfg+Xz0Ep6JGAwUCXchrcwIbDAAKCRA+
 Xz0Ep6JGAxtdEAC54NQMBwjUNqBNCMsh6WrwQwbg9tkJw718QHPw43gKFSxFIYzdBzD/YMPH
 l+2fFiefvmI4uNDjlyCITGSM+T6b8cA7YAKvZhzJyJSS7pRzsIKGjhk7zADL1+PJei9p9idy
 RbmFKo0dAL+ac0t/EZULHGPuIiavWLgwYLVoUEBwz86ZtEtVmDmEsj8ryWw75ZIarNDhV74s
 BdM2ffUJk3+vWe25BPcJiaZkTuFt+xt2CdbvpZv3IPrEkp9GAKof2hHdFCRKMtgxBo8Kao6p
 Ws/Vv68FusAi94ySuZT3fp1xGWWf5+1jX4ylC//w0Rj85QihTpA2MylORUNFvH0MRJx4mlFk
 XN6G+5jIIJhG46LUucQ28+VyEDNcGL3tarnkw8ngEhAbnvMJ2RTx8vGh7PssKaGzAUmNNZiG
 MB4mPKqvDZ02j1wp7vthQcOEg08z1+XHXb8ZZKST7yTVa5P89JymGE8CBGdQaAXnqYK3/yWf
 FwRDcGV6nxanxZGKEkSHHOm8jHwvQWvPP73pvuPBEPtKGLzbgd7OOcGZWtq2hNC6cRtsRdDx
 4TAGMCz4j238m+2mdbdhRh3iBnWT5yPFfnv/2IjFAk+sdix1Mrr+LIDF++kiekeq0yUpDdc4
 ExBy2xf6dd+tuFFBp3/VDN4U0UfG4QJ2fg19zE5Z8dS4jGIbLg==
In-Reply-To: <202404241647.E1DE1D9@keescook>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:OZITWyG7DDOsg7JW0yLRNGhPzcuvSPWWR6js/s060uyYCSokR1l
 Q/tb36T37Jcb1p93nX3Q2EP/BL3FYTlCarczf7hZ3L7CX/1Tz5LHzU0s2VDhe6WSydX5Asm
 PRJ47jdbO34PS8RnmV27iLzSP2TUD9eDFoGVXL+0pzf0uCgrP63MY1qHWShJUW7gmN5PklU
 mKhPsHkLHDCNb95kqMyAg==
X-Spam-Flag: NO
UI-OutboundReport: notjunk:1;M01:P0:fmnyAbrNY+g=;jVXMSliqtZRmvCJGMMQ/jImxwpf
 zRfWSUx1ghILnnm7xWEeCdEZ8A9nI1puCMazzqrtzk+E59ifmj4ueOm+OS8bnaVjNq34IV/sx
 g/2rlot6c4RECeaC9NHpRNgfJhfr6nT8pIpu8/mkFis7+3HAR4xpqxgm8s+84+EZ/LqO5Xlps
 +o3ldeRrvM+lonbN4CKiP5y32aabKnFNiG2O9rcnyG1EJHygMFA9808wTaunOQOSYMFUyCGZa
 N/cEmyH0OW7qjwJNC3ZyLYXfPLtPTy3oCL94qzROb644tSr2FWbFbxzbSxCRpeywUMiLZBGn8
 lmvnnv0fpoHYkmAlQJJs2aWyE49XV7nptAGtaETvdlRKJO7t1MmooQbaWxIwV53/U2TprNAo9
 wnLvljKiSBF7m9FwyGy8Qwh7AcJ0gnp0ucM6f2E3CH5YpEkxhhD+E86ALiyjtHa+gOwB1ZHkv
 Up9NcD3VJVHJ2jWnrM6gxCQmlIo7DjxT8xYlrCskmWB2a0NLAkHolOCNrMmU5F4BmQzaiyrTi
 KxeaEa808Mk0u5mysxTrT6bOVxJmdFshuEaeaz7eTlpxOe3TRtSbKZpgPAXmkCj1T5Kt/D+A/
 V6a91t+x8jtP3qBJDV+KbwQEIMlI2QsoivEpoh1qhS8AzEROphXPsMu7sWjoJTT3fCgL1qqlm
 VTOhgXbr1qNOiXWIHmIbUVL8EIWQVs/QL6G9UL7V1b04Gkp70cznX8RBAznsVJqQGG0nWctC2
 n4VBmiwc74QzBekRGArjfTue9laN03N0w==

On 4/25/24 01:49, Kees Cook wrote:
> On Wed, Mar 20, 2024 at 11:48:52PM +0100, Helge Deller wrote:
>> On 3/20/24 23:35, Justin Stitt wrote:
>>> Hi,
>>>
>>> On Wed, Mar 20, 2024 at 12:56=E2=80=AFAM Helge Deller <deller@gmx.de> =
wrote:
>>>>
>>>> On 3/19/24 00:46, Justin Stitt wrote:
>>>>> strncpy() is deprecated for use on NUL-terminated destination string=
s
>>>>> [1] and as such we should prefer more robust and less ambiguous stri=
ng
>>>>> interfaces.
>>>>>
>>>>> Let's use the new 2-argument strscpy() which guarantees NUL-terminat=
ion
>>>>> on the destination buffer while also simplifying the syntax. Note th=
at
>>>>> strscpy() will not NUL-pad the destination buffer like strncpy() doe=
s.
>>>>>
>>>>> However, the NUL-padding behavior of strncpy() is not required since
>>>>> fbdev is already NUL-allocated from au1200fb_drv_probe() ->
>>>>> frameuffer_alloc(), rendering any additional NUL-padding redundant.
>>>>> |     p =3D kzalloc(fb_info_size + size, GFP_KERNEL);
>>>>>
>>>>> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html=
#strncpy-on-nul-terminated-strings [1]
>>>>> Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9=
en.html [2]
>>>>> Link: https://github.com/KSPP/linux/issues/90
>>>>> Cc: linux-hardening@vger.kernel.org
>>>>> Signed-off-by: Justin Stitt <justinstitt@google.com>
>>>>> ---
>>>>> Note: build-tested only.
>>>>>
>>>>> Found with: $ rg "strncpy\("
>>>>> ---
>>>>>     drivers/video/fbdev/au1200fb.c | 2 +-
>>>>>     1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/drivers/video/fbdev/au1200fb.c b/drivers/video/fbdev/au=
1200fb.c
>>>>> index 6f20efc663d7..e718fea63662 100644
>>>>> --- a/drivers/video/fbdev/au1200fb.c
>>>>> +++ b/drivers/video/fbdev/au1200fb.c
>>>>> @@ -1557,7 +1557,7 @@ static int au1200fb_init_fbinfo(struct au1200f=
b_device *fbdev)
>>>>>                 return ret;
>>>>>         }
>>>>>
>>>>> -     strncpy(fbi->fix.id, "AU1200", sizeof(fbi->fix.id));
>>>>> +     strscpy(fbi->fix.id, "AU1200");
>>>>
>>>> I wonder if you really build-tested this, as this driver is for the m=
ips architecture...
>>>> And I don't see a strscpy() function which takes just 2 arguments.
>>>> But I might be wrong....
>>>
>>> I did build successfully :thumbs_up:
>>>
>>> Commit e6584c3964f2f ("string: Allow 2-argument strscpy()") introduced
>>> this new strscpy() form; it is present in string.h on Linus' tree.
>>
>> Interesting patch.
>> Might give compile problems if patches like yours gets automatically
>> picked up to stable series as long as Kees patch hasn't been backported=
 yet...
>> Anyway, thanks for the pointer!
>> I'll apply your patch in the next round for fbdev.
>
> Hi! I haven't seen this show up in -next yet. Have you had a chance to
> pick it up?
>
> There are also these too:
>
> https://lore.kernel.org/all/20240320-strncpy-drivers-video-fbdev-fsl-diu=
-fb-c-v1-1-3cd3c012fa8c@google.com/
> https://patchwork.kernel.org/project/linux-hardening/patch/20240320-strn=
cpy-drivers-video-fbdev-uvesafb-c-v1-1-fd6af3766c80@google.com/
> https://patchwork.kernel.org/project/linux-hardening/patch/20240320-strn=
cpy-drivers-video-hdmi-c-v1-1-f9a08168cdaf@google.com/

All 4 patches picked up into fbdev for-next git tree now.

Thanks!
Helge