Received: by 2002:ab2:6a05:0:b0:1f8:1780:a4ed with SMTP id w5csp1204902lqo; Sat, 11 May 2024 12:01:00 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVMjMbdzBYEz1YfF7dPLJmq3YpE+IP6QT6kTGlcOfNtJz/x6IjM2+j1TAvVYkHsdINcLdPVoqBTNs4dDL0d1tFgjvTQbplS9LwbRDi4Uw== X-Google-Smtp-Source: AGHT+IGz3h/F6sWcSowddyvNDYvqE//qhE5Aumsf7J3Lub2K45L5eQzYhiCnT423iKaJm3eMo5oA X-Received: by 2002:a05:6358:5694:b0:18d:b8bf:dff with SMTP id e5c5f4694b2df-193baed816cmr623871255d.0.1715454060436; Sat, 11 May 2024 12:01:00 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715454060; cv=pass; d=google.com; s=arc-20160816; b=nia+i6JIu/ZcHHPc425nkAdy/kWyQobkGqBXSiEdoD5Tlzz01b+U4W4C4kqwztqP14 dK/MlG7V987OgPIJ0LDZfYx89OdLSeImNr5dX+1y1+np62d+nGWhnSfwk6ud9FPFpLCx 9gFrYb0K+GEGlSX4lStT2bP30GasOEyfU6dr02zQuRl74TRM+Qma3/dC1+RcU4ovY3rB PYf800P3fMXf6fb+mvFzQUQ2Zi8l97n72y93RMsBSp5qMKO+9Lfb4hDnaI9pTuoJc9ov F9mOxBB+hJ8O3GbzP6M4RL/TlxJPyZbBvV/KCFyOh9CcvLqAGkGoj/qXsdU9HqYDqF93 qF8A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=V6g8oKn6rig+zs765hUUYo3FL3WRsS9mpUom0ai8PII=; fh=xFVUzX0cB1lznvIcGqNsMPN0VDC00sny4UQorhY2NgY=; b=GDXLO12O0x2gyL3ojTt6fiGEfbE2JzLNGYf8lQnapb7bq4K0YP7teKC6+y2IG2r8vn 5XQzo6jkJu6eOC8YHT3NazaAgaA6RjZv7eWMQ5PhrjPSagXdvpyAvXtZULy7H4WDfpNH FWSxiUA4suxbtswcM9lzTFPxphzHHDz70XWE5gsRTy9yUykyWDB1dxiYSkE7enlH+qy1 W0HrFwDO4J1AXj+VQQdgVtc6XuuOUjyFfBOuciXG2MiccBMigVB6/51TbuzOlw3ghfHU GkysqDm55E28C0Zq41Up5+jWq3AQBLm9YPgtXqxJUCKjLT31XFW/GElCjePzZrUvWgAS FCfw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-11-20 header.b=L5kCz3c6; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel+bounces-176689-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-176689-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=oracle.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id 41be03b00d2f7-6341180e1b0si5989048a12.539.2024.05.11.12.00.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 11 May 2024 12:01:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-176689-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2023-11-20 header.b=L5kCz3c6; arc=pass (i=1 spf=pass spfdomain=oracle.com dkim=pass dkdomain=oracle.com dmarc=pass fromdomain=oracle.com); spf=pass (google.com: domain of linux-kernel+bounces-176689-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-176689-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=oracle.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 5A582B211A2 for ; Sat, 11 May 2024 19:00:56 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AD6331DA53; Sat, 11 May 2024 19:00:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="L5kCz3c6" Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 30B4118EBF; Sat, 11 May 2024 19:00:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.165.32 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715454042; cv=none; b=Rxhm2FLZknILZlFtq+inuZPNl6fCYMSDJzJ1hjO6A/ezEtDTjFXzwkByqxAWSH9uE2Vhj/Fwu6lDTjbLrSjvumqxchSqWnSOZGJrF79P1oUmYql8HemJ6Sk+7yfq86XyyOaGQKHKrTVa8bq8c5TNRS4Cq4rXzZV8XktLwP1Kow0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715454042; c=relaxed/simple; bh=g1p0fcYuj6Vmv6EravnVzqiDOl2tHcv3wZAdG0Cs3TM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=K2BqSEHqQvAE3qliZCsQSeliVcSciw61kOMUwhbpPEdqB/oW8TJh+TJWzDhFyQjW3UZIXb5V9XEwshzCoLK0zqhm4oJY65Ac5s8i3jv5WECVltdDr+Y27IPS/n05FFZtjCKvaXYeddcKwZ+pqzYsGrCStH8wO2PaLyaJZO+2bUM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=L5kCz3c6; arc=none smtp.client-ip=205.220.165.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Received: from pps.filterd (m0246627.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 44BIbdYX023817; Sat, 11 May 2024 18:55:03 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=corp-2023-11-20; bh=V6g8oKn6rig+zs765hUUYo3FL3WRsS9mpUom0ai8PII=; b=L5kCz3c6MAFuvjwHXxSN80HLlCHhMi8kw2XYu3pCPFMu0dLU9umpVv5pz0ys/hwoKlgM ku074/oaX76Xw3MJCrvXzQsXHyZeX6pxAhFNtuajAwoFjs5FmZ+JM/T5J1ZCV4NcFdyQ qPF8uWPNgB1vSsOHt7/dJIJbOCe3g7xhyNrOpRWMTCRCQjgspt7cTQiaXgbGKpEpS3Ku h08iKB/n0S6pwiKQStV23Ss/bMJrLnJdQ/f4moTAgsAUd1Tb4Px/PocmW+hqZiqJL8xP GXG/rbzHgBPOFjz/ikxDR3Frn3h+XFTL0bm9HZQrThXfoKa3nrN57LSamjfpFzbVWrCQ gA== Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.appoci.oracle.com [138.1.37.129]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3y2c2cg2w6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 11 May 2024 18:55:02 +0000 Received: from pps.filterd (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 44BGN5Dn022420; Sat, 11 May 2024 18:39:58 GMT Received: from pps.reinject (localhost [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 3y1y44fn7c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 11 May 2024 18:39:58 +0000 Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 44BIZYPU028255; Sat, 11 May 2024 18:39:57 GMT Received: from ca-mkp2.ca.oracle.com.com (mpeterse-ol9.allregionaliads.osdevelopmeniad.oraclevcn.com [100.100.251.135]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTP id 3y1y44fn5r-4; Sat, 11 May 2024 18:39:57 +0000 From: "Martin K. Petersen" To: Jesse Brandeburg , Tony Nguyen , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Paul M Stillwell Jr , Rasesh Mody , Sudarsana Kalluru , GR-Linux-NIC-Dev@marvell.com, Anil Gurumurthy , Sudarsana Kalluru , "James E.J. Bottomley" , Fabian Frederick , Saurav Kashyap , GR-QLogic-Storage-Upstream@marvell.com, Nilesh Javali , Arun Easi , Manish Rangankar , Vineeth Vijayan , Peter Oberparleiter , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , Sunil Goutham , Linu Cherian , Geetha sowjanya , Jerin Jacob , hariprasad , Subbaraya Sundeep , Bui Quang Minh Cc: "Martin K . Petersen" , intel-wired-lan@lists.osuosl.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-scsi@vger.kernel.org, Saurav Kashyap , linux-s390@vger.kernel.org, Jens Axboe , Przemek Kitszel Subject: Re: [PATCH v2 0/6] Ensure the copied buf is NUL terminated Date: Sat, 11 May 2024 14:39:10 -0400 Message-ID: <171545260076.2119337.3238318559945813238.b4-ty@oracle.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240424-fix-oob-read-v2-0-f1f1b53a10f4@gmail.com> References: <20240424-fix-oob-read-v2-0-f1f1b53a10f4@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.650,FMLib:17.11.176.26 definitions=2024-05-11_06,2024-05-10_02,2023-05-22_02 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 mlxlogscore=986 adultscore=0 bulkscore=0 phishscore=0 suspectscore=0 spamscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2405010000 definitions=main-2405110139 X-Proofpoint-ORIG-GUID: JSR1LgQlB64XVUSSquWoWZNhZ3hLuE8Y X-Proofpoint-GUID: JSR1LgQlB64XVUSSquWoWZNhZ3hLuE8Y On Wed, 24 Apr 2024 21:44:17 +0700, Bui Quang Minh wrote: > I found that some drivers contains an out-of-bound read pattern like this > > kern_buf = memdup_user(user_buf, count); > ... > sscanf(kern_buf, ...); > > The sscanf can be replaced by some other string-related functions. This > pattern can lead to out-of-bound read of kern_buf in string-related > functions. > > [...] Applied to 6.10/scsi-queue, thanks! [3/6] bfa: ensure the copied buf is NUL terminated https://git.kernel.org/mkp/scsi/c/13d0cecb4626 [4/6] qedf: ensure the copied buf is NUL terminated https://git.kernel.org/mkp/scsi/c/d0184a375ee7 -- Martin K. Petersen Oracle Linux Engineering