Hi Linus,
Please pull this strlcpy removal for v6.8-rc1. As promised, it is the
"part 2" of the hardening tree, late in -rc1 now that all the other trees
with strlcpy() removals have landed. One new user appeared (in bcachefs)
but was a trivial refactor. The kernel is now free of the strlcpy() API!
Thanks!
-Kees
The following changes since commit b0d326da462e20285236e11e4cbc32085de9f363:
Merge tag 'sched-urgent-2024-01-18' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip (2024-01-18 11:57:33 -0800)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/strlcpy-removal-v6.8-rc1
for you to fetch changes up to d26270061ae66b915138af7cd73ca6f8b85e6b44:
string: Remove strlcpy() (2024-01-19 11:59:11 -0800)
----------------------------------------------------------------
strlcpy removal for v6.8-rc1
- Remove of the final (very recent) user of strlcpy() (in bcachefs).
- Remove the strlcpy() API. Long live strscpy().
----------------------------------------------------------------
Kees Cook (2):
bcachefs: Replace strlcpy() with strscpy()
string: Remove strlcpy()
fs/bcachefs/super.c | 4 +--
include/linux/fortify-string.h | 51 ---------------------------
include/linux/string.h | 3 --
lib/nlattr.c | 2 +-
lib/string.c | 15 --------
lib/test_fortify/write_overflow-strlcpy-src.c | 5 ---
lib/test_fortify/write_overflow-strlcpy.c | 5 ---
7 files changed, 3 insertions(+), 82 deletions(-)
delete mode 100644 lib/test_fortify/write_overflow-strlcpy-src.c
delete mode 100644 lib/test_fortify/write_overflow-strlcpy.c
--
Kees Cook
On Fri, Jan 19, 2024 at 01:14:55PM -0800, Kees Cook wrote:
> Hi Linus,
>
> Please pull this strlcpy removal for v6.8-rc1. As promised, it is the
> "part 2" of the hardening tree, late in -rc1 now that all the other trees
> with strlcpy() removals have landed. One new user appeared (in bcachefs)
> but was a trivial refactor. The kernel is now free of the strlcpy() API!
>
> Thanks!
>
> -Kees
>
> The following changes since commit b0d326da462e20285236e11e4cbc32085de9f363:
>
> Merge tag 'sched-urgent-2024-01-18' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip (2024-01-18 11:57:33 -0800)
>
> are available in the Git repository at:
>
> https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/strlcpy-removal-v6.8-rc1
>
> for you to fetch changes up to d26270061ae66b915138af7cd73ca6f8b85e6b44:
>
> string: Remove strlcpy() (2024-01-19 11:59:11 -0800)
>
> ----------------------------------------------------------------
> strlcpy removal for v6.8-rc1
>
> - Remove of the final (very recent) user of strlcpy() (in bcachefs).
>
> - Remove the strlcpy() API. Long live strscpy().
For the bcachefs patch
Acked-by: Kent Overstreet <[email protected]>
On Fri, 19 Jan 2024 at 13:14, Kees Cook <[email protected]> wrote:
>
> The kernel is now free of the strlcpy() API!
. still mentioned in docs and checkpatch. Maybe remove that too?
Linus
The pull request you sent on Fri, 19 Jan 2024 13:14:55 -0800:
> https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/strlcpy-removal-v6.8-rc1
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/57f22c8dab6b266ae36b89b073a4a33dea71e762
Thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html
On Fri, Jan 19, 2024 at 02:00:14PM -0800, Linus Torvalds wrote:
> On Fri, 19 Jan 2024 at 13:14, Kees Cook <[email protected]> wrote:
> >
> > The kernel is now free of the strlcpy() API!
>
> .. still mentioned in docs and checkpatch. Maybe remove that too?
Sorry, I should have called that out in the PR, but the commit itself
had my rationale for intentionally leaving those in:
Leave mentions in Documentation (about its deprecation), and in
checkpatch.pl (to help migrate host-only tools/ usage).
If you feel like that's not right, I can either respin or send a
follow-up patch?
-Kees
--
Kees Cook
On Fri, 19 Jan 2024 at 14:53, Kees Cook <[email protected]> wrote:
>
> Sorry, I should have called that out in the PR, but the commit itself
> had my rationale for intentionally leaving those in:
>
> Leave mentions in Documentation (about its deprecation), and in
> checkpatch.pl (to help migrate host-only tools/ usage).
Hmm. Yeah, I guess the host tooling is an issue, although there
strlcpy makes a lot more sense since I think it exists in various user
space libraries (while strscpy() is kernel-only).
> If you feel like that's not right, I can either respin or send a
> follow-up patch?
Oh, I already took the pull request, I was just reacting to leftovers.
This is not a big deal.
Linus