[v2] wifi: ath10k: replace deprecated strncpy with memcpy

Message ID	20231024-strncpy-drivers-net-wireless-ath-ath10k-mac-c-v2-1-4c1f4cd4b4df@google.com (mailing list archive)
State	Mainlined
Commit	ac2f43d3d34e52b0d388b4c573ff6bbac90235b9
Headers	show Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 85FF53993D for <linux-hardening@vger.kernel.org>; Tue, 24 Oct 2023 17:42:20 +0000 (UTC) Date: Tue, 24 Oct 2023 17:42:16 +0000 Precedence: bulk Mime-Version: 1.0 Message-ID: <20231024-strncpy-drivers-net-wireless-ath-ath10k-mac-c-v2-1-4c1f4cd4b4df@google.com> Subject: [PATCH v2] wifi: ath10k: replace deprecated strncpy with memcpy From: Justin Stitt <justinstitt@google.com> To: Kalle Valo <kvalo@kernel.org>, Jeff Johnson <quic_jjohnson@quicinc.com> Cc: ath10k@lists.infradead.org, linux-wireless@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, Justin Stitt <justinstitt@google.com> Content-Type: text/plain; charset="utf-8"
Series	[v2] wifi: ath10k: replace deprecated strncpy with memcpy \| expand [v2] wifi: ath10k: replace deprecated strncpy with memcpy

Message ID

20231024-strncpy-drivers-net-wireless-ath-ath10k-mac-c-v2-1-4c1f4cd4b4df@google.com (mailing list archive)

State

Mainlined

Commit

ac2f43d3d34e52b0d388b4c573ff6bbac90235b9

Headers

Date: Tue, 24 Oct 2023 17:42:16 +0000
Precedence: bulk
Mime-Version: 1.0
Message-ID: 
 <20231024-strncpy-drivers-net-wireless-ath-ath10k-mac-c-v2-1-4c1f4cd4b4df@google.com>
Subject: [PATCH v2] wifi: ath10k: replace deprecated strncpy with memcpy
From: Justin Stitt <justinstitt@google.com>
To: Kalle Valo <kvalo@kernel.org>, Jeff Johnson <quic_jjohnson@quicinc.com>
Cc: ath10k@lists.infradead.org, linux-wireless@vger.kernel.org,
	linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org,
	Justin Stitt <justinstitt@google.com>
Content-Type: text/plain; charset="utf-8"

Series

[v2] wifi: ath10k: replace deprecated strncpy with memcpy | expand

Commit Message

Justin Stitt Oct. 24, 2023, 5:42 p.m. UTC

strncpy() is deprecated [1] and we should prefer less ambiguous
interfaces.

In this case, arvif->u.ap.ssid has its length maintained by
arvif->u.ap.ssid_len which indicates it may not need to be
NUL-terminated. Make this explicit with __nonstring and use a plain old
memcpy.

This is also consistent with future copies into arvif->u.ap.ssid:

	if (changed & BSS_CHANGED_SSID &&
	    vif->type == NL80211_IFTYPE_AP) {
		arvif->u.ap.ssid_len = vif->cfg.ssid_len;
		if (vif->cfg.ssid_len)
			memcpy(arvif->u.ap.ssid, vif->cfg.ssid,
			       vif->cfg.ssid_len);
		arvif->u.ap.hidden_ssid = info->hidden_ssid;
	}

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt <justinstitt@google.com>
---
Changes in v2:
- update subject to include wifi
- prefer memcpy() over strtomem() (thanks Kalle, Jeff)
- rebase onto 6.6-rc7 @d88520ad73b79e71
- Link to v1: https://lore.kernel.org/r/20231013-strncpy-drivers-net-wireless-ath-ath10k-mac-c-v1-1-24e40201afa3@google.com
---
Note: build-tested only.

Found with: $ rg "strncpy\("
---
 drivers/net/wireless/ath/ath10k/core.h | 2 +-
 drivers/net/wireless/ath/ath10k/mac.c  | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)


---
base-commit: d88520ad73b79e71e3ddf08de335b8520ae41c5c
change-id: 20231013-strncpy-drivers-net-wireless-ath-ath10k-mac-c-c73a55666e6a

Best regards,
--
Justin Stitt <justinstitt@google.com>

Comments

Jeff Johnson Oct. 24, 2023, 6:14 p.m. UTC | #1

On 10/24/2023 10:42 AM, Justin Stitt wrote:
> strncpy() is deprecated [1] and we should prefer less ambiguous
> interfaces.
> 
> In this case, arvif->u.ap.ssid has its length maintained by
> arvif->u.ap.ssid_len which indicates it may not need to be
> NUL-terminated. Make this explicit with __nonstring and use a plain old
> memcpy.
> 
> This is also consistent with future copies into arvif->u.ap.ssid:
> 
> 	if (changed & BSS_CHANGED_SSID &&
> 	    vif->type == NL80211_IFTYPE_AP) {
> 		arvif->u.ap.ssid_len = vif->cfg.ssid_len;
> 		if (vif->cfg.ssid_len)
> 			memcpy(arvif->u.ap.ssid, vif->cfg.ssid,
> 			       vif->cfg.ssid_len);
> 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
> 	}
> 
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Justin Stitt <justinstitt@google.com>
Acked-by: Jeff Johnson <quic_jjohnson@quicinc.com>

Kees Cook Oct. 24, 2023, 9:34 p.m. UTC | #2

On Tue, Oct 24, 2023 at 05:42:16PM +0000, Justin Stitt wrote:
> strncpy() is deprecated [1] and we should prefer less ambiguous
> interfaces.
> 
> In this case, arvif->u.ap.ssid has its length maintained by
> arvif->u.ap.ssid_len which indicates it may not need to be
> NUL-terminated. Make this explicit with __nonstring and use a plain old
> memcpy.
> 
> This is also consistent with future copies into arvif->u.ap.ssid:
> 
> 	if (changed & BSS_CHANGED_SSID &&
> 	    vif->type == NL80211_IFTYPE_AP) {
> 		arvif->u.ap.ssid_len = vif->cfg.ssid_len;
> 		if (vif->cfg.ssid_len)
> 			memcpy(arvif->u.ap.ssid, vif->cfg.ssid,
> 			       vif->cfg.ssid_len);
> 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
> 	}
> 
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Justin Stitt <justinstitt@google.com>
> ---
> Changes in v2:
> - update subject to include wifi
> - prefer memcpy() over strtomem() (thanks Kalle, Jeff)
> - rebase onto 6.6-rc7 @d88520ad73b79e71
> - Link to v1: https://lore.kernel.org/r/20231013-strncpy-drivers-net-wireless-ath-ath10k-mac-c-v1-1-24e40201afa3@google.com
> ---
> Note: build-tested only.
> 
> Found with: $ rg "strncpy\("
> ---
>  drivers/net/wireless/ath/ath10k/core.h | 2 +-
>  drivers/net/wireless/ath/ath10k/mac.c  | 3 +--
>  2 files changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/net/wireless/ath/ath10k/core.h b/drivers/net/wireless/ath/ath10k/core.h
> index 4b5239de4018..ba9795a8378a 100644
> --- a/drivers/net/wireless/ath/ath10k/core.h
> +++ b/drivers/net/wireless/ath/ath10k/core.h
> @@ -607,7 +607,7 @@ struct ath10k_vif {
>  			u8 tim_bitmap[64];
>  			u8 tim_len;
>  			u32 ssid_len;
> -			u8 ssid[IEEE80211_MAX_SSID_LEN];
> +			u8 ssid[IEEE80211_MAX_SSID_LEN] __nonstring;
>  			bool hidden_ssid;
>  			/* P2P_IE with NoA attribute for P2P_GO case */
>  			u32 noa_len;
> diff --git a/drivers/net/wireless/ath/ath10k/mac.c b/drivers/net/wireless/ath/ath10k/mac.c
> index 03e7bc5b6c0b..f3f6deb354c6 100644
> --- a/drivers/net/wireless/ath/ath10k/mac.c
> +++ b/drivers/net/wireless/ath/ath10k/mac.c
> @@ -6125,9 +6125,8 @@ static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
>  
>  		if (ieee80211_vif_is_mesh(vif)) {
>  			/* mesh doesn't use SSID but firmware needs it */
> -			strncpy(arvif->u.ap.ssid, "mesh",
> -				sizeof(arvif->u.ap.ssid));
>  			arvif->u.ap.ssid_len = 4;
> +			memcpy(arvif->u.ap.ssid, "mesh", arvif->u.ap.ssid_len);

This is a behavior change, isn't it? i.e. arvif->u.ap.ssid is no longer
zero-padded. Is this actually ok for the driver?

-Kees

Jeff Johnson Oct. 24, 2023, 11:19 p.m. UTC | #3

On 10/24/2023 2:34 PM, Kees Cook wrote:
> On Tue, Oct 24, 2023 at 05:42:16PM +0000, Justin Stitt wrote:
>> strncpy() is deprecated [1] and we should prefer less ambiguous
>> interfaces.
>>
>> In this case, arvif->u.ap.ssid has its length maintained by
>> arvif->u.ap.ssid_len which indicates it may not need to be
>> NUL-terminated. Make this explicit with __nonstring and use a plain old
>> memcpy.
>>
>> This is also consistent with future copies into arvif->u.ap.ssid:
>>
>> 	if (changed & BSS_CHANGED_SSID &&
>> 	    vif->type == NL80211_IFTYPE_AP) {
>> 		arvif->u.ap.ssid_len = vif->cfg.ssid_len;
>> 		if (vif->cfg.ssid_len)
>> 			memcpy(arvif->u.ap.ssid, vif->cfg.ssid,
>> 			       vif->cfg.ssid_len);
>> 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
>> 	}
>>
>> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
>> Link: https://github.com/KSPP/linux/issues/90
>> Cc: linux-hardening@vger.kernel.org
>> Signed-off-by: Justin Stitt <justinstitt@google.com>
>> ---
>> Changes in v2:
>> - update subject to include wifi
>> - prefer memcpy() over strtomem() (thanks Kalle, Jeff)
>> - rebase onto 6.6-rc7 @d88520ad73b79e71
>> - Link to v1: https://lore.kernel.org/r/20231013-strncpy-drivers-net-wireless-ath-ath10k-mac-c-v1-1-24e40201afa3@google.com
>> ---
>> Note: build-tested only.
>>
>> Found with: $ rg "strncpy\("
>> ---
>>   drivers/net/wireless/ath/ath10k/core.h | 2 +-
>>   drivers/net/wireless/ath/ath10k/mac.c  | 3 +--
>>   2 files changed, 2 insertions(+), 3 deletions(-)
>>
>> diff --git a/drivers/net/wireless/ath/ath10k/core.h b/drivers/net/wireless/ath/ath10k/core.h
>> index 4b5239de4018..ba9795a8378a 100644
>> --- a/drivers/net/wireless/ath/ath10k/core.h
>> +++ b/drivers/net/wireless/ath/ath10k/core.h
>> @@ -607,7 +607,7 @@ struct ath10k_vif {
>>   			u8 tim_bitmap[64];
>>   			u8 tim_len;
>>   			u32 ssid_len;
>> -			u8 ssid[IEEE80211_MAX_SSID_LEN];
>> +			u8 ssid[IEEE80211_MAX_SSID_LEN] __nonstring;
>>   			bool hidden_ssid;
>>   			/* P2P_IE with NoA attribute for P2P_GO case */
>>   			u32 noa_len;
>> diff --git a/drivers/net/wireless/ath/ath10k/mac.c b/drivers/net/wireless/ath/ath10k/mac.c
>> index 03e7bc5b6c0b..f3f6deb354c6 100644
>> --- a/drivers/net/wireless/ath/ath10k/mac.c
>> +++ b/drivers/net/wireless/ath/ath10k/mac.c
>> @@ -6125,9 +6125,8 @@ static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
>>   
>>   		if (ieee80211_vif_is_mesh(vif)) {
>>   			/* mesh doesn't use SSID but firmware needs it */
>> -			strncpy(arvif->u.ap.ssid, "mesh",
>> -				sizeof(arvif->u.ap.ssid));
>>   			arvif->u.ap.ssid_len = 4;
>> +			memcpy(arvif->u.ap.ssid, "mesh", arvif->u.ap.ssid_len);
> 
> This is a behavior change, isn't it? i.e. arvif->u.ap.ssid is no longer
> zero-padded. Is this actually ok for the driver?

yes, it is safe, and consistent with other uses of this field as noted 
in the commit description.

Kalle Valo Oct. 31, 2023, 7:46 a.m. UTC | #4

Justin Stitt <justinstitt@google.com> wrote:

> strncpy() is deprecated [1] and we should prefer less ambiguous
> interfaces.
> 
> In this case, arvif->u.ap.ssid has its length maintained by
> arvif->u.ap.ssid_len which indicates it may not need to be
> NUL-terminated. Make this explicit with __nonstring and use a plain old
> memcpy.
> 
> This is also consistent with future copies into arvif->u.ap.ssid:
> 
>         if (changed & BSS_CHANGED_SSID &&
>             vif->type == NL80211_IFTYPE_AP) {
>                 arvif->u.ap.ssid_len = vif->cfg.ssid_len;
>                 if (vif->cfg.ssid_len)
>                         memcpy(arvif->u.ap.ssid, vif->cfg.ssid,
>                                vif->cfg.ssid_len);
>                 arvif->u.ap.hidden_ssid = info->hidden_ssid;
>         }
> 
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Justin Stitt <justinstitt@google.com>
> Acked-by: Jeff Johnson <quic_jjohnson@quicinc.com>
> Signed-off-by: Kalle Valo <quic_kvalo@quicinc.com>

Patch applied to ath-next branch of ath.git, thanks.

ac2f43d3d34e wifi: ath10k: replace deprecated strncpy with memcpy

diff --git a/drivers/net/wireless/ath/ath10k/core.h b/drivers/net/wireless/ath/ath10k/core.h
index 4b5239de4018..ba9795a8378a 100644
--- a/drivers/net/wireless/ath/ath10k/core.h
+++ b/drivers/net/wireless/ath/ath10k/core.h
@@ -607,7 +607,7 @@  struct ath10k_vif {
 			u8 tim_bitmap[64];
 			u8 tim_len;
 			u32 ssid_len;
-			u8 ssid[IEEE80211_MAX_SSID_LEN];
+			u8 ssid[IEEE80211_MAX_SSID_LEN] __nonstring;
 			bool hidden_ssid;
 			/* P2P_IE with NoA attribute for P2P_GO case */
 			u32 noa_len;
diff --git a/drivers/net/wireless/ath/ath10k/mac.c b/drivers/net/wireless/ath/ath10k/mac.c
index 03e7bc5b6c0b..f3f6deb354c6 100644
--- a/drivers/net/wireless/ath/ath10k/mac.c
+++ b/drivers/net/wireless/ath/ath10k/mac.c
@@ -6125,9 +6125,8 @@  static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
 
 		if (ieee80211_vif_is_mesh(vif)) {
 			/* mesh doesn't use SSID but firmware needs it */
-			strncpy(arvif->u.ap.ssid, "mesh",
-				sizeof(arvif->u.ap.ssid));
 			arvif->u.ap.ssid_len = 4;
+			memcpy(arvif->u.ap.ssid, "mesh", arvif->u.ap.ssid_len);
 		}
 	}