diff mbox series

[v2] wifi: ipw2x00: refactor to use kstrtoul

Message ID 20230802-wifi-ipw2x00-refactor-v2-1-d33f765e9cd5@google.com (mailing list archive)
State Accepted
Commit 87677749463463973589a85edd96b1468c9ea4ea
Delegated to: Kalle Valo
Headers show
Series [v2] wifi: ipw2x00: refactor to use kstrtoul | expand

Commit Message

Justin Stitt Aug. 2, 2023, 1:23 a.m. UTC
The current implementation seems to reinvent what `kstrtoul` already does
in terms of functionality and error handling. Remove uses of `simple_strtoul()`
in favor of `kstrtoul()`.

There is the following note at `lib/vsprintf.c:simple_strtoull()` which
further backs this change:
| * This function has caveats. Please use kstrtoull (or kstrtoul) instead.

And here, simple_str* are explicitly deprecated [3].

This patch also removes an instance of the deprecated `strncpy` which helps [2].

Link: https://lore.kernel.org/all/202308011602.3CC1C0244C@keescook/ [1]
Link: https://github.com/KSPP/linux/issues/90 [2]
Link: https://docs.kernel.org/process/deprecated.html#simple-strtol-simple-strtoll-simple-strtoul-simple-strtoull [3]
Cc: linux-hardening@vger.kernel.org
Suggested-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Justin Stitt <justinstitt@google.com>
---


Link: https://lore.kernel.org/all/20230801-drivers-net-wireless-intel-ipw2x00-v1-1-ffd185c91292@google.com/
---
Changes in v2:
- Create unsigned long and pass reference to kstrtoul (thanks Kees)
- Link to v1: https://lore.kernel.org/r/20230802-wifi-ipw2x00-refactor-v1-1-6047659410d4@google.com
---
 drivers/net/wireless/intel/ipw2x00/ipw2200.c | 39 +++++++++-------------------
 1 file changed, 12 insertions(+), 27 deletions(-)


---
base-commit: 5d0c230f1de8c7515b6567d9afba1f196fb4e2f4
change-id: 20230801-wifi-ipw2x00-refactor-fa6deb6c67ea

Best regards,
--
Justin Stitt <justinstitt@google.com>

Comments

Kalle Valo Aug. 3, 2023, 12:01 p.m. UTC | #1
Justin Stitt <justinstitt@google.com> wrote:

> The current implementation seems to reinvent what `kstrtoul` already does
> in terms of functionality and error handling. Remove uses of `simple_strtoul()`
> in favor of `kstrtoul()`.
> 
> There is the following note at `lib/vsprintf.c:simple_strtoull()` which
> further backs this change:
> | * This function has caveats. Please use kstrtoull (or kstrtoul) instead.
> 
> And here, simple_str* are explicitly deprecated [3].
> 
> This patch also removes an instance of the deprecated `strncpy` which helps [2].
> 
> Link: https://lore.kernel.org/all/202308011602.3CC1C0244C@keescook/ [1]
> Link: https://github.com/KSPP/linux/issues/90 [2]
> Link: https://docs.kernel.org/process/deprecated.html#simple-strtol-simple-strtoll-simple-strtoul-simple-strtoull [3]
> Cc: linux-hardening@vger.kernel.org
> Suggested-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Justin Stitt <justinstitt@google.com>

I assume this is just compile tested? In that case it's always good to add
"Compile tested only." to the commit log. But I can add that this time.
Kees Cook Aug. 4, 2023, 8:21 a.m. UTC | #2
On Wed, Aug 02, 2023 at 01:23:06AM +0000, Justin Stitt wrote:
> The current implementation seems to reinvent what `kstrtoul` already does
> in terms of functionality and error handling. Remove uses of `simple_strtoul()`
> in favor of `kstrtoul()`.
> 
> There is the following note at `lib/vsprintf.c:simple_strtoull()` which
> further backs this change:
> | * This function has caveats. Please use kstrtoull (or kstrtoul) instead.
> 
> And here, simple_str* are explicitly deprecated [3].
> 
> This patch also removes an instance of the deprecated `strncpy` which helps [2].
> 
> Link: https://lore.kernel.org/all/202308011602.3CC1C0244C@keescook/ [1]
> Link: https://github.com/KSPP/linux/issues/90 [2]
> Link: https://docs.kernel.org/process/deprecated.html#simple-strtol-simple-strtoll-simple-strtoul-simple-strtoull [3]
> Cc: linux-hardening@vger.kernel.org
> Suggested-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Justin Stitt <justinstitt@google.com>

This looks correct to me. I would be curious to hear back from the intel
folks if the interface continues to work correctly with real hardware.

Reviewed-by: Kees Cook <keescook@chromium.org>
Kalle Valo Aug. 4, 2023, 9:05 a.m. UTC | #3
Kees Cook <keescook@chromium.org> writes:

> On Wed, Aug 02, 2023 at 01:23:06AM +0000, Justin Stitt wrote:
>> The current implementation seems to reinvent what `kstrtoul` already does
>> in terms of functionality and error handling. Remove uses of `simple_strtoul()`
>> in favor of `kstrtoul()`.
>> 
>> There is the following note at `lib/vsprintf.c:simple_strtoull()` which
>> further backs this change:
>> | * This function has caveats. Please use kstrtoull (or kstrtoul) instead.
>> 
>> And here, simple_str* are explicitly deprecated [3].
>> 
>> This patch also removes an instance of the deprecated `strncpy` which helps [2].
>> 
>> Link: https://lore.kernel.org/all/202308011602.3CC1C0244C@keescook/ [1]
>> Link: https://github.com/KSPP/linux/issues/90 [2]
>> Link:
>> https://docs.kernel.org/process/deprecated.html#simple-strtol-simple-strtoll-simple-strtoul-simple-strtoull
>> [3]
>> Cc: linux-hardening@vger.kernel.org
>> Suggested-by: Kees Cook <keescook@chromium.org>
>> Signed-off-by: Justin Stitt <justinstitt@google.com>
>
> This looks correct to me. I would be curious to hear back from the intel
> folks if the interface continues to work correctly with real hardware.
>
> Reviewed-by: Kees Cook <keescook@chromium.org>

This is ancient hardware, not sure if anyone even have a working setup.
And even if they would have one I doubt anyone uses this sysfs interface
for anything.
Kees Cook Aug. 16, 2023, 8:47 p.m. UTC | #4
On Fri, Aug 04, 2023 at 12:05:26PM +0300, Kalle Valo wrote:
> Kees Cook <keescook@chromium.org> writes:
> 
> > On Wed, Aug 02, 2023 at 01:23:06AM +0000, Justin Stitt wrote:
> >> The current implementation seems to reinvent what `kstrtoul` already does
> >> in terms of functionality and error handling. Remove uses of `simple_strtoul()`
> >> in favor of `kstrtoul()`.
> >> 
> >> There is the following note at `lib/vsprintf.c:simple_strtoull()` which
> >> further backs this change:
> >> | * This function has caveats. Please use kstrtoull (or kstrtoul) instead.
> >> 
> >> And here, simple_str* are explicitly deprecated [3].
> >> 
> >> This patch also removes an instance of the deprecated `strncpy` which helps [2].
> >> 
> >> Link: https://lore.kernel.org/all/202308011602.3CC1C0244C@keescook/ [1]
> >> Link: https://github.com/KSPP/linux/issues/90 [2]
> >> Link:
> >> https://docs.kernel.org/process/deprecated.html#simple-strtol-simple-strtoll-simple-strtoul-simple-strtoull
> >> [3]
> >> Cc: linux-hardening@vger.kernel.org
> >> Suggested-by: Kees Cook <keescook@chromium.org>
> >> Signed-off-by: Justin Stitt <justinstitt@google.com>
> >
> > This looks correct to me. I would be curious to hear back from the intel
> > folks if the interface continues to work correctly with real hardware.
> >
> > Reviewed-by: Kees Cook <keescook@chromium.org>
> 
> This is ancient hardware, not sure if anyone even have a working setup.
> And even if they would have one I doubt anyone uses this sysfs interface
> for anything.

Just a quick ping; is this patch ready to land?
Kalle Valo Aug. 21, 2023, 4:10 p.m. UTC | #5
Justin Stitt <justinstitt@google.com> wrote:

> The current implementation seems to reinvent what `kstrtoul` already does
> in terms of functionality and error handling. Remove uses of `simple_strtoul()`
> in favor of `kstrtoul()`.
> 
> There is the following note at `lib/vsprintf.c:simple_strtoull()` which
> further backs this change:
> | * This function has caveats. Please use kstrtoull (or kstrtoul) instead.
> 
> And here, simple_str* are explicitly deprecated [3].
> 
> This patch also removes an instance of the deprecated `strncpy` which helps [2].
> 
> Compile tested only.
> 
> Link: https://lore.kernel.org/all/202308011602.3CC1C0244C@keescook/ [1]
> Link: https://github.com/KSPP/linux/issues/90 [2]
> Link: https://docs.kernel.org/process/deprecated.html#simple-strtol-simple-strtoll-simple-strtoul-simple-strtoull [3]
> Cc: linux-hardening@vger.kernel.org
> Suggested-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Justin Stitt <justinstitt@google.com>
> Reviewed-by: Kees Cook <keescook@chromium.org>

Patch applied to wireless-next.git, thanks.

876777494634 wifi: ipw2x00: refactor to use kstrtoul
diff mbox series

Patch

diff --git a/drivers/net/wireless/intel/ipw2x00/ipw2200.c b/drivers/net/wireless/intel/ipw2x00/ipw2200.c
index dfe0f74369e6..820100cac491 100644
--- a/drivers/net/wireless/intel/ipw2x00/ipw2200.c
+++ b/drivers/net/wireless/intel/ipw2x00/ipw2200.c
@@ -1176,23 +1176,20 @@  static ssize_t debug_level_show(struct device_driver *d, char *buf)
 static ssize_t debug_level_store(struct device_driver *d, const char *buf,
 				 size_t count)
 {
-	char *p = (char *)buf;
-	u32 val;
+	unsigned long val;
 
-	if (p[1] == 'x' || p[1] == 'X' || p[0] == 'x' || p[0] == 'X') {
-		p++;
-		if (p[0] == 'x' || p[0] == 'X')
-			p++;
-		val = simple_strtoul(p, &p, 16);
-	} else
-		val = simple_strtoul(p, &p, 10);
-	if (p == buf)
+	int result = kstrtoul(buf, 0, &val);
+
+	if (result == -EINVAL)
 		printk(KERN_INFO DRV_NAME
 		       ": %s is not in hex or decimal form.\n", buf);
+	else if (result == -ERANGE)
+		printk(KERN_INFO DRV_NAME
+			 ": %s has overflowed.\n", buf);
 	else
 		ipw_debug_level = val;
 
-	return strnlen(buf, count);
+	return count;
 }
 static DRIVER_ATTR_RW(debug_level);
 
@@ -1461,25 +1458,13 @@  static ssize_t scan_age_store(struct device *d, struct device_attribute *attr,
 {
 	struct ipw_priv *priv = dev_get_drvdata(d);
 	struct net_device *dev = priv->net_dev;
-	char buffer[] = "00000000";
-	unsigned long len =
-	    (sizeof(buffer) - 1) > count ? count : sizeof(buffer) - 1;
-	unsigned long val;
-	char *p = buffer;
 
 	IPW_DEBUG_INFO("enter\n");
 
-	strncpy(buffer, buf, len);
-	buffer[len] = 0;
+	unsigned long val;
+	int result = kstrtoul(buf, 0, &val);
 
-	if (p[1] == 'x' || p[1] == 'X' || p[0] == 'x' || p[0] == 'X') {
-		p++;
-		if (p[0] == 'x' || p[0] == 'X')
-			p++;
-		val = simple_strtoul(p, &p, 16);
-	} else
-		val = simple_strtoul(p, &p, 10);
-	if (p == buffer) {
+	if (result == -EINVAL || result == -ERANGE) {
 		IPW_DEBUG_INFO("%s: user supplied invalid value.\n", dev->name);
 	} else {
 		priv->ieee->scan_age = val;
@@ -1487,7 +1472,7 @@  static ssize_t scan_age_store(struct device *d, struct device_attribute *attr,
 	}
 
 	IPW_DEBUG_INFO("exit\n");
-	return len;
+	return count;
 }
 
 static DEVICE_ATTR_RW(scan_age);