On Tue, Oct 06 2015, Ingo Molnar <mi...@kernel.org> wrote: > * Rasmus Villemoes <li...@rasmusvillemoes.dk> wrote: > >> >> I'm not against making strlcpy more robust, but I think the theoretical race >> is >> far more likely to manifest through a member of the printf family. > > So the printf family is generally less frequently used in ABI output than > string > copies,
Huh? snprintf and friends are often used just to copy or concatenate strings (essentially, any format string containing no specifiers other than %s does exactly that) - even if a str*() function could do the same thing. I see no reason to believe this wouldn't also be done in cases where the final string ends up being presented to userspace. > but yeah, since there are 15,000 s[n]printf() calls in the kernel it's > more likely to be an issue not just by virtue of timing, but also by sheer > mass of > usage, statistically. Yes. > So I'd improve it all in the following order: > > - fix the strscpy() uninitialized use > > - base strlcpy() on strscpy() via the patch I sent. This makes all users > faster > and eliminates the theoretical race. I'm not so sure about that part. I'd strongly suspect that the vast majority of strings handled by strlcpy (and in the future strscpy) are shorter than 32 bytes, so is all the word_at_a_time and pre/post alignment yoga really worth it? strscpy is 299 bytes - that's a lot of instruction cache lines, and it will almost always be cache cold. This isn't an argument against basing strlcpy on strscpy (that would likely just make the former a little smaller), but I'd like to see numbers (cycle counts, distribution of input lengths, ...) before I believe in the performance argument. > - phase out 'simple' strlcpy() uses via an automated patch. This gets rid > of > 2,000 strlcpy() call sites in a single pass. That seems to be exactly the kind of mass-conversion Linus referred to above. Also, you can't really do it if strscpy keeps it __must_check annotation, as you'd then introduce 2000+ warnings... Rasmus -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
