On 13-09-23, 00:07, Justin Stitt wrote:
> `strncpy` is deprecated for use on NUL-terminated destination strings [1].
>
> We should prefer more robust and less ambiguous string interfaces.
>
> Both `policy->last_governor` and `default_governor` are expected to be
> NUL-terminated which is shown by
On Sat, Sep 23, 2023 at 2:53 AM Kees Cook wrote:
>
> Prepare for the coming implementation by GCC and Clang of the __counted_by
> attribute. Flexible array members annotated with __counted_by can have
> their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
> (for array indexin
On Sat, Sep 23, 2023 at 2:54 AM Kees Cook wrote:
>
> Prepare for the coming implementation by GCC and Clang of the __counted_by
> attribute. Flexible array members annotated with __counted_by can have
> their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
> (for array indexin
On 9/23/23 9:37 AM, Gustavo A. R. Silva wrote:
>
>
> On 9/22/23 11:53, Kees Cook wrote:
>> Prepare for the coming implementation by GCC and Clang of the __counted_by
>> attribute. Flexible array members annotated with __counted_by can have
>> their accesses bounds-checked at run-time checking via
On Fri, 22 Sep 2023, Kees Cook wrote:
Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
(for array indexing) and CONFIG_FORTI
On Fri, 22 Sep 2023 10:54:14 -0700, Kees Cook wrote:
> Prepare for the coming implementation by GCC and Clang of the __counted_by
> attribute. Flexible array members annotated with __counted_by can have
> their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
> (for array inde
Hi,
I notice a regression report on Bugzilla [1]. Quoting from it:
> Ever since 6.6.0-rc1 we've seen S3 and S2idle resume take 100ms longer
> because of resume_comsole. resume_console ordinarily takes only a few
> milliseconds, but now it's consistently 100ms. I've bisected the issue to
> this
On Tue, Sep 26, 2023 at 10:25:15PM +0100, Al Viro wrote:
> Before your patch: foo_kill_super() calls kill_anon_super(),
> which calls kill_super_notify(), which removes the sucker from
> the list, then frees ->s_fs_info. After your patch:
> removal from the lists happens via the call of kill_supe
Kees Cook writes:
> Errors with padzero() should be caught unless we're expecting a
> pathological (non-writable) segment. Report -EFAULT only when PROT_WRITE
> is present.
>
> Additionally add some more documentation to padzero(), elf_map(), and
> elf_load().
I wonder if this might be easier to
Kees Cook writes:
> Hi,
>
> This is the continuation of the work Eric started for handling
> "p_memsz > p_filesz" in arbitrary segments (rather than just the last,
> BSS, segment). I've added the suggested changes:
>
> - drop unused "elf_bss" variable
> - report padzero() errors when PROT_WRITE
On 9/19/2023 4:10 AM, Przemek Kitszel wrote:
On 9/12/23 18:16, Kees Cook wrote:
On Tue, Sep 12, 2023 at 07:59:30AM -0400, Przemek Kitszel wrote:
Add DEFINE_FLEX() macro, that helps on-stack allocation of structures
with trailing flex array member.
Expose __struct_size() macro which reads siz
On Fri, Sep 22, 2023 at 10:28:42AM -0700, Kees Cook wrote:
> This is the batch 1 of patches touching netdev for preparing for
> the coming implementation by GCC and Clang of the __counted_by
> attribute. Flexible array members annotated with __counted_by can have
> their accesses bounds-checked at
Kees,
> Prepare for the coming implementation by GCC and Clang of the
> __counted_by attribute. Flexible array members annotated with
> __counted_by can have their accesses bounds-checked at run-time
> checking via CONFIG_UBSAN_BOUNDS (for array indexing) and
> CONFIG_FORTIFY_SOURCE (for strcpy/
On Wed, Sep 27, 2023 at 11:05 PM Justin Stitt wrote:
>
> On Wed, Sep 27, 2023 at 9:49 PM Guenter Roeck wrote:
> >
> > On Thu, Sep 21, 2023 at 05:41:46AM +, Justin Stitt wrote:
> > > `strncpy` is deprecated for use on NUL-terminated destination strings [1].
> > >
> > > Let's refactor this kcal
On Wed, Sep 27, 2023 at 9:49 PM Guenter Roeck wrote:
>
> On Thu, Sep 21, 2023 at 05:41:46AM +, Justin Stitt wrote:
> > `strncpy` is deprecated for use on NUL-terminated destination strings [1].
> >
> > Let's refactor this kcalloc() + strncpy() into a kmemdup_nul() which has
> > more obvious be
On Fri, 22 Sep 2023 10:52:35 -0700, Kees Cook wrote:
> Prepare for the coming implementation by GCC and Clang of the __counted_by
> attribute. Flexible array members annotated with __counted_by can have
> their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
> (for array indexi
On Thu, Sep 21, 2023 at 05:41:46AM +, Justin Stitt wrote:
> `strncpy` is deprecated for use on NUL-terminated destination strings [1].
>
> Let's refactor this kcalloc() + strncpy() into a kmemdup_nul() which has
> more obvious behavior and is less error prone.
>
> To avoid truncating the last
gt; retval = request_firmware(&fw, vub300->vub_name, &card->dev);
> if (retval < 0) {
> - strncpy(vub300->vub_name,
> + strscpy(vub300->vub_name,
> "no SDIO offload firmware found",
> sizeof(vub300->vub_name));
> } else {
> @@ -1758,7 +1758,7 @@ static void vub300_cmndwork_thread(struct work_struct
> *work)
> * has been already downloaded to the VUB300 chip
> */
> } else if (0 == vub300->mmc->card->sdio_funcs) {
> - strncpy(vub300->vub_name, "SD memory device",
> + strscpy(vub300->vub_name, "SD memory device",
> sizeof(vub300->vub_name));
> } else {
> download_offload_pseudocode(vub300);
>
> ---
> base-commit: 6465e260f48790807eef06b583b38ca9789b6072
> change-id: 20230927-strncpy-drivers-mmc-host-vub300-c-b7b39f82e584
>
> Best regards,
> --
> Justin Stitt
>
On Fri, Sep 22, 2023 at 7:50 PM Kees Cook wrote:
> Prepare for the coming implementation by GCC and Clang of the __counted_by
> attribute. Flexible array members annotated with __counted_by can have
> their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
> (for array indexing
19 matches
Mail list logo
