Hello:
This patch was applied to netdev/net-next.git (main)
by Jakub Kicinski :
On Thu, 19 Oct 2023 18:21:22 + you wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expe
On Fri, 20 Oct 2023 18:59:34 +, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect bq2515x->model_name to be NUL-terminated based on its usage with
>
On Fri, 20 Oct 2023 19:21:46 +, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect cm->psy_name_buf to be NUL-terminated based on its usage with
> for
On Fri, 20 Oct 2023 19:39:02 +, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect bat->name to be NUL-terminated based on its usage with
> strcmp():
On Fri, 20 Oct 2023 19:46:11 +, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect ac->name to be NUL-terminated based on its usage with format
> stri
On Fri, 20 Oct 2023 19:05:25 +, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect bq->model_name to be NUL-terminated based on its usage with
> sysfs
On Fri, 20 Oct 2023 18:14:47 +, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect bdi->model_name to be NUL-terminated based on its usage with
> sysf
On Fri, 20 Oct 2023 19:11:07 +, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect bq->model_name to be NUL-terminated based on its usage with
> sysfs
->name, RPMSG_NAME_SIZE);
+ strscpy(rpdev->id.name, chinfo->name, sizeof(rpdev->id.name));
rpdev->dev.parent = &vrp->vdev->dev;
rpdev->dev.release = virtio_rpmsg_release_device;
---
base-commit: 9c5d00cb7b6bbc5a7965d9ab7d223b5402d1f02c
change-id: 20231020-strncpy-drivers-rpmsg-virtio_rpmsg_bus-c-dba15db4e890
Best regards,
--
Justin Stitt
;name, sizeof(chinfo.name));
+ strscpy_pad(chinfo.name, msg->name, sizeof(chinfo.name));
chinfo.src = RPMSG_ADDR_ANY;
chinfo.dst = rpmsg32_to_cpu(rpdev, msg->addr);
---
base-commit: 9c5d00cb7b6bbc5a7965d9ab7d223b5402d1f02c
change-id: 20231020-strncpy-drivers-rpmsg-rpmsg_ns-c-ffe3fa2bb9ff
Best regards,
--
Justin Stitt
chinfo.src = rpdev->src;
chinfo.dst = RPMSG_ADDR_ANY;
---
base-commit: bb55d7f7f7445abcc8db50e6a65d4315e79f75c7
change-id: 20231020-strncpy-drivers-rpmsg-rpmsg_core-c-e32ea739a375
Best regards,
--
Justin Stitt
);
+ strscpy(ac->name, name, sizeof(ac->name));
ac->sdev = sdev;
---
base-commit: bb55d7f7f7445abcc8db50e6a65d4315e79f75c7
change-id: 20231020-strncpy-drivers-power-supply-surface_charger-c-466920fb1f48
Best regards,
--
Justin Stitt
c
> @@ -722,7 +722,7 @@ static void spwr_battery_init(struct spwr_battery_device
> *bat, struct ssam_devic
> struct ssam_event_registry registry, const char
> *name)
> {
> mutex_init(&bat->lock);
> - strncpy(bat->name, name, ARRAY
rg/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt
---
Changes in v2:
- fix subject line
- Link to v1:
https://lore.kernel.org/r/20231020-strncpy-drivers-power-supply-surface_battery-c-v
t;name));
bat->sdev = sdev;
---
base-commit: bb55d7f7f7445abcc8db50e6a65d4315e79f75c7
change-id: 20231020-strncpy-drivers-power-supply-surface_battery-c-b0c84b05ac28
Best regards,
--
Justin Stitt
t;psy_name_buf, desc->psy_name, PSY_NAME_MAX);
+ strscpy(cm->psy_name_buf, desc->psy_name,
+ sizeof(cm->psy_name_buf));
cm->charger_psy_desc.name = cm->psy_name_buf;
/* Allocate for psy properties because they may vary */
-
ink: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Similar-to:
https://lore.kernel.org/all/20231020-strncpy-drivers-power-supply-bq24190_charger-c-v1-1-e896223cb...@google.com/
Similar-to:
ian.org/testing/linux-manual-4.8/strscpy.9.en.html
> [2]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Similar-to:
> https://lore.kernel.org/all/20231020-strncpy-drivers-power-supply-bq24190_charger-c-v1-1-e896223cb...@google.com/
> Similar-to:
> https://lore.kernel.org/all/20231020-strncpy-drivers-power-supply-bq2515x_charger-c-v1-1-46664c6ed...@google.com/
> Signed-off-by: Justin Stitt
Reviewed-by: Kees Cook
--
Kees Cook
On Fri, Oct 20, 2023 at 06:59:34PM +, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect bq2515x->model_name to be NUL-terminated based on its usage wit
ink: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Similar-to:
https://lore.kernel.org/all/20231020-strncpy-drivers-power-supply-bq24190_charger-c-v1-1-e896223cb...@google.com/
Similar-to:
cpy-on-nul-terminated-strings
[1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt
Similar-to:
https://lore.kernel.org/all/20231020-strncpy-drivers-power-supply-
On Fri, Oct 20, 2023 at 06:14:47PM +, Justin Stitt wrote:
> strncpy() is deprecated for use on NUL-terminated destination strings
> [1] and as such we should prefer more robust and less ambiguous string
> interfaces.
>
> We expect bdi->model_name to be NUL-terminated based on its usage with
>
On Fri, Oct 20, 2023 at 10:40:12AM -0700, Justin Stitt wrote:
> On Thu, Oct 19, 2023 at 9:46 PM Christoph Hellwig wrote:
> >
> > On Wed, Oct 18, 2023 at 11:01:54PM -0700, Kees Cook wrote:
> > > Almost all of the remaining strncpy() usage is just string to string
> > > copying, but the corner cases
On Fri, Oct 20, 2023 at 10:56:31AM -0700, Linus Torvalds wrote:
> On Fri, 20 Oct 2023 at 10:40, Justin Stitt wrote:
> >
> > There's some docs at [1]. Perhaps there could be more?
> >
> > [1]:
> > https://elixir.bootlin.com/linux/v6.6-rc6/source/include/linux/fortify-string.h#L292
>
> Note that w
name, I2C_NAME_SIZE);
+ strscpy(bdi->model_name, id->name, sizeof(bdi->model_name));
mutex_init(&bdi->f_reg_lock);
bdi->charge_type = POWER_SUPPLY_CHARGE_TYPE_FAST;
bdi->f_reg = 0;
---
base-commit: bb55d7f7f7445abcc8db50e6a65d4315e79f75c7
change-i
On Fri, 20 Oct 2023 at 10:40, Justin Stitt wrote:
>
> There's some docs at [1]. Perhaps there could be more?
>
> [1]:
> https://elixir.bootlin.com/linux/v6.6-rc6/source/include/linux/fortify-string.h#L292
Note that we have so few 'strlcpy()' calls that we really should
remove that horrid horrid
On Fri, Oct 20, 2023 at 2:31 AM Kees Cook wrote:
>
> On Thu, Oct 19, 2023 at 11:28:32PM +, Justin Stitt wrote:
> > strncpy() is deprecated for use on NUL-terminated destination strings
> > [1] and as such we should prefer more robust and less ambiguous
> > interfaces.
> >
> > After having prec
On Fri, Oct 20, 2023 at 1:06 AM Kees Cook wrote:
>
> On Thu, Oct 19, 2023 at 10:47:58PM +, Justin Stitt wrote:
> > strncpy() is deprecated for use on NUL-terminated destination strings
> > [1] and as such we should prefer more robust and less ambiguous string
> > interfaces.
> >
> > We know de
On Thu, Oct 19, 2023 at 9:46 PM Christoph Hellwig wrote:
>
> On Wed, Oct 18, 2023 at 11:01:54PM -0700, Kees Cook wrote:
> > Almost all of the remaining strncpy() usage is just string to string
> > copying, but the corner cases that are being spun out that aren't
> > strscpy() or strscpy_pad() are
On Wed, Oct 18, 2023 at 05:46:20PM -0700, Kees Cook wrote:
> While most of the gcc-plugins are self-contained in the
> scripts/gcc-plugins directory, stackleak actually has some additional
> files. Add those so changes are directed to the hardening list.
>
> Suggested-by: Mark Rutland
> Signed-of
30 matches
Mail list logo
