diff mbox series

[v2] net/ipv4/tcp_cong: Replace strncpy() with strscpy()

Message ID 20240714041111.it.918-kees@kernel.org (mailing list archive)
State Accepted
Commit a3bfc095060b51f0198755020daf80d1e14413b1
Delegated to: Netdev Maintainers
Headers show
Series [v2] net/ipv4/tcp_cong: Replace strncpy() with strscpy() | expand

Checks

Context Check Description
netdev/series_format warning Single patches do not need cover letters; Target tree name not specified in the subject
netdev/tree_selection success Guessed tree name to be net-next
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 816 this patch: 816
netdev/build_tools success No tools touched, skip
netdev/cc_maintainers success CCed 5 of 5 maintainers
netdev/build_clang success Errors and warnings before: 821 this patch: 821
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 823 this patch: 823
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 21 lines checked
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0
netdev/contest success net-next-2024-07-14--09-00 (tests: 696)

Commit Message

Kees Cook July 14, 2024, 4:11 a.m. UTC 
Replace the deprecated[1] uses of strncpy() in tcp_ca_get_name_by_key()
and tcp_get_default_congestion_control(). The callers use the results as
standard C strings (via nla_put_string() and proc handlers respectively),
so trailing padding is not needed.

Since passing the destination buffer arguments decays it to a pointer,
the size can't be trivially determined by the compiler. ca->name is
the same length in both cases, so strscpy() won't fail (when ca->name
is NUL-terminated). Include the length explicitly instead of using the
2-argument strscpy().

Link: https://github.com/KSPP/linux/issues/90 [1]
Signed-off-by: Kees Cook <kees@kernel.org>
---
 v2: add tcp_get_default_congestion_control() conversion
 v1: https://lore.kernel.org/lkml/20240711171652.work.887-kees@kernel.org/
Cc: Eric Dumazet <edumazet@google.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: David Ahern <dsahern@kernel.org>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: netdev@vger.kernel.org
---
 net/ipv4/tcp_cong.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

Comments

Simon Horman July 15, 2024, 9:41 a.m. UTC | #1 
On Sat, Jul 13, 2024 at 09:11:15PM -0700, Kees Cook wrote:
> Replace the deprecated[1] uses of strncpy() in tcp_ca_get_name_by_key()
> and tcp_get_default_congestion_control(). The callers use the results as
> standard C strings (via nla_put_string() and proc handlers respectively),
> so trailing padding is not needed.
> 
> Since passing the destination buffer arguments decays it to a pointer,
> the size can't be trivially determined by the compiler. ca->name is
> the same length in both cases, so strscpy() won't fail (when ca->name
> is NUL-terminated). Include the length explicitly instead of using the
> 2-argument strscpy().
> 
> Link: https://github.com/KSPP/linux/issues/90 [1]
> Signed-off-by: Kees Cook <kees@kernel.org>

nit: Looking at git history, the subject prefix should probably be 'tcp'.
     And it would be best to explicitly target the patch against net-next.

     Subject: [PATCH net-next v2] tcp: ...

That notwithstanding, this looks good to me.

Reviewed-by: Simon Horman <horms@kernel.org>

...
Paolo Abeni July 16, 2024, 11:31 a.m. UTC | #2 
On 7/15/24 11:41, Simon Horman wrote:
> On Sat, Jul 13, 2024 at 09:11:15PM -0700, Kees Cook wrote:
>> Replace the deprecated[1] uses of strncpy() in tcp_ca_get_name_by_key()
>> and tcp_get_default_congestion_control(). The callers use the results as
>> standard C strings (via nla_put_string() and proc handlers respectively),
>> so trailing padding is not needed.
>>
>> Since passing the destination buffer arguments decays it to a pointer,
>> the size can't be trivially determined by the compiler. ca->name is
>> the same length in both cases, so strscpy() won't fail (when ca->name
>> is NUL-terminated). Include the length explicitly instead of using the
>> 2-argument strscpy().
>>
>> Link: https://github.com/KSPP/linux/issues/90 [1]
>> Signed-off-by: Kees Cook <kees@kernel.org>
> 
> nit: Looking at git history, the subject prefix should probably be 'tcp'.
>       And it would be best to explicitly target the patch against net-next.
> 
>       Subject: [PATCH net-next v2] tcp: ...
> 
> That notwithstanding, this looks good to me.
> 
> Reviewed-by: Simon Horman <horms@kernel.org>

@Eric: I can fix the prefix when applying the patch. Please LMK if you 
prefer otherwise.

Thanks,

Paolo
Eric Dumazet July 16, 2024, 2:39 p.m. UTC | #3 
On Tue, Jul 16, 2024 at 4:32 AM Paolo Abeni <pabeni@redhat.com> wrote:
>
> On 7/15/24 11:41, Simon Horman wrote:
> > On Sat, Jul 13, 2024 at 09:11:15PM -0700, Kees Cook wrote:
> >> Replace the deprecated[1] uses of strncpy() in tcp_ca_get_name_by_key()
> >> and tcp_get_default_congestion_control(). The callers use the results as
> >> standard C strings (via nla_put_string() and proc handlers respectively),
> >> so trailing padding is not needed.
> >>
> >> Since passing the destination buffer arguments decays it to a pointer,
> >> the size can't be trivially determined by the compiler. ca->name is
> >> the same length in both cases, so strscpy() won't fail (when ca->name
> >> is NUL-terminated). Include the length explicitly instead of using the
> >> 2-argument strscpy().
> >>
> >> Link: https://github.com/KSPP/linux/issues/90 [1]
> >> Signed-off-by: Kees Cook <kees@kernel.org>
> >
> > nit: Looking at git history, the subject prefix should probably be 'tcp'.
> >       And it would be best to explicitly target the patch against net-next.
> >
> >       Subject: [PATCH net-next v2] tcp: ...
> >
> > That notwithstanding, this looks good to me.
> >
> > Reviewed-by: Simon Horman <horms@kernel.org>
>
> @Eric: I can fix the prefix when applying the patch. Please LMK if you
> prefer otherwise.

Sure thing, thanks for taking care of this Paolo, Simon, and Kees.

Reviewed-by: Eric Dumazet <edumazet@google.com>
patchwork-bot+netdevbpf@kernel.org July 16, 2024, 3 p.m. UTC | #4 
Hello:

This patch was applied to netdev/net-next.git (main)
by Jakub Kicinski <kuba@kernel.org>:

On Sat, 13 Jul 2024 21:11:15 -0700 you wrote:
> Replace the deprecated[1] uses of strncpy() in tcp_ca_get_name_by_key()
> and tcp_get_default_congestion_control(). The callers use the results as
> standard C strings (via nla_put_string() and proc handlers respectively),
> so trailing padding is not needed.
> 
> Since passing the destination buffer arguments decays it to a pointer,
> the size can't be trivially determined by the compiler. ca->name is
> the same length in both cases, so strscpy() won't fail (when ca->name
> is NUL-terminated). Include the length explicitly instead of using the
> 2-argument strscpy().
> 
> [...]

Here is the summary with links:
  - [v2] net/ipv4/tcp_cong: Replace strncpy() with strscpy()
    https://git.kernel.org/netdev/net-next/c/a3bfc095060b

You are awesome, thank you!
diff mbox series

Patch

diff --git a/net/ipv4/tcp_cong.c b/net/ipv4/tcp_cong.c
index 28ffcfbeef14..874531c7c08b 100644
--- a/net/ipv4/tcp_cong.c
+++ b/net/ipv4/tcp_cong.c
@@ -203,9 +203,10 @@  char *tcp_ca_get_name_by_key(u32 key, char *buffer)
 
 	rcu_read_lock();
 	ca = tcp_ca_find_key(key);
-	if (ca)
-		ret = strncpy(buffer, ca->name,
-			      TCP_CA_NAME_MAX);
+	if (ca) {
+		strscpy(buffer, ca->name, TCP_CA_NAME_MAX);
+		ret = buffer;
+	}
 	rcu_read_unlock();
 
 	return ret;
@@ -338,7 +339,7 @@  void tcp_get_default_congestion_control(struct net *net, char *name)
 
 	rcu_read_lock();
 	ca = rcu_dereference(net->ipv4.tcp_congestion_control);
-	strncpy(name, ca->name, TCP_CA_NAME_MAX);
+	strscpy(name, ca->name, TCP_CA_NAME_MAX);
 	rcu_read_unlock();
 }