From patchwork Mon Apr 24 11:23:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Potapenko X-Patchwork-Id: 13222046 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE93BC7618E for ; Mon, 24 Apr 2023 11:23:21 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 468136B0071; Mon, 24 Apr 2023 07:23:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 417B66B0074; Mon, 24 Apr 2023 07:23:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2E02C6B0075; Mon, 24 Apr 2023 07:23:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 203916B0071 for ; Mon, 24 Apr 2023 07:23:21 -0400 (EDT) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id E01BFACA2F for ; Mon, 24 Apr 2023 11:23:20 +0000 (UTC) X-FDA: 80716048560.14.20F054C Received: from mail-ej1-f73.google.com (mail-ej1-f73.google.com [209.85.218.73]) by imf01.hostedemail.com (Postfix) with ESMTP id 31C0F40006 for ; Mon, 24 Apr 2023 11:23:18 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=mxilGFIr; spf=pass (imf01.hostedemail.com: domain of 3pWZGZAYKCLQafcXYlaiiafY.Wigfchor-ggepUWe.ila@flex--glider.bounces.google.com designates 209.85.218.73 as permitted sender) smtp.mailfrom=3pWZGZAYKCLQafcXYlaiiafY.Wigfchor-ggepUWe.ila@flex--glider.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1682335399; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=klWy9eDeY9DLyh7eLsNz2mZGZzQpgILthmxtoxhfJPs=; b=LgiN3ws7N31XsvryKeiDZd+LD0xr6IW/+vU13kEekEtAlaVzM0UvFiCiZylLOjJmgN3ruH ttq6Q7hV/coH0g52BX8YD8lDiLc7i09FfkteTAEFj9gUwM2kqChHN3g0I1cmcqUpn6H/Ta THEQkSoeU15leQwoKrZxbbNlLUIW73Y= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1682335399; a=rsa-sha256; cv=none; b=ONErYIi78DbqLUZVsMMNBOsFcEETCxecL4tB8nutWMUOBu21xA6GoexwikrI0aKG5mg2L4 3g8XYY5foMj8UY8TFgdd9VpZVvniTK8uD/l1nyVg6YBoFAJscRl9+cUkgd+4JqVVrvcvFc 4lS0j3U7r3tStr+AWE6saEdKZnRuJxI= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=mxilGFIr; spf=pass (imf01.hostedemail.com: domain of 3pWZGZAYKCLQafcXYlaiiafY.Wigfchor-ggepUWe.ila@flex--glider.bounces.google.com designates 209.85.218.73 as permitted sender) smtp.mailfrom=3pWZGZAYKCLQafcXYlaiiafY.Wigfchor-ggepUWe.ila@flex--glider.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-ej1-f73.google.com with SMTP id a640c23a62f3a-94f5a1fa123so444049166b.0 for ; Mon, 24 Apr 2023 04:23:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1682335397; x=1684927397; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=klWy9eDeY9DLyh7eLsNz2mZGZzQpgILthmxtoxhfJPs=; b=mxilGFIr6qGQEG87YfDW5J2uPJURyiX6HOl+bYW2jIP+y/R1nS+GY4Tsz7SEqVu3q8 iNJGENUs/fkJ3IN1UwEagRLu2Wi5OlRC7rePMrAw9JGnYNxTomfP2wZYgrHfuGSVXj0Y My7mMOBWyZgKnguCH465dASmx7AqHjBBQXnDDJ6xM8msgN/Bxd5IwFfe3kkS94UhaNDT ovYKX+1R9as8Iuam+OMrwLCe8BgEP8G/RFnQhSpzLFDHuuiZ2oIpxdscyG/kGa/yyo// aJ1odHmuhZRINrZ++FlEeC5GrfKHmpwy4EZmvKhYlXcIjy27ObQZLdGXel85oh9qehA+ izyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682335397; x=1684927397; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=klWy9eDeY9DLyh7eLsNz2mZGZzQpgILthmxtoxhfJPs=; b=QbX2roFa5EMIaH9QNMxB1dq9SvrAvinc1Fxv66SJHLYqC0SG+1+j/OvwkrSeGaVqtY qYy/srzFDG/u1vQq2xFuSUySYdGTwOWNorw9+Mi1ZXVjapgmn/tPo1WK8fK5WYfoU/bO iLn6znsst+wy2Gz6cLjcvcALAfkfTXqd/srZO4UB3FaLh6MkkL8+7l4eFmJ1stcEhVof YEdWxFOrFlrMNqCwNl1C8X+32xCmCEzehcWFoBf7ImlIAsmoEqz0eBY/48q3QgBHnjSS LqQO13S07MkeZazGf/OQa8eA+iA0+GJFpIRjdkSN4jOQPNjwlWsY0L35FYPgy9EeaF0u SxXA== X-Gm-Message-State: AAQBX9d2vlfU98DJ2AIcO8HH3OKzQmLCJ4xQpgzSlDkPAiZBfedGvBLw rPlSojvGxS3AX10G/F/Z6T5GdBcu/CY= X-Google-Smtp-Source: AKy350ZoNzOeasIEj2Fw8MS4uKUsSHqBrI5tm7dytA+d4XYszcR9uTtOdoUCuGTHYrUT6uw+vIKdqIb0D7U= X-Received: from glider.muc.corp.google.com ([2a00:79e0:9c:201:ae04:112a:7904:fef5]) (user=glider job=sendgmr) by 2002:a17:906:eb1a:b0:94f:c72:1de0 with SMTP id mb26-20020a170906eb1a00b0094f0c721de0mr3297825ejb.14.1682335397499; Mon, 24 Apr 2023 04:23:17 -0700 (PDT) Date: Mon, 24 Apr 2023 13:23:13 +0200 Mime-Version: 1.0 X-Mailer: git-send-email 2.40.0.634.g4ca3ef3211-goog Message-ID: <20230424112313.3408363-1-glider@google.com> Subject: [PATCH] string: use __builtin_memcpy() in strlcpy/strlcat From: Alexander Potapenko To: glider@google.com Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, akpm@linux-foundation.org, elver@google.com, dvyukov@google.com, kasan-dev@googlegroups.com, andy@kernel.org, ndesaulniers@google.com, nathan@kernel.org X-Rspam-User: X-Rspamd-Queue-Id: 31C0F40006 X-Rspamd-Server: rspam09 X-Stat-Signature: 8u5spxrampyaxdtnfamqbp641mkqhqfa X-HE-Tag: 1682335398-259403 X-HE-Meta: U2FsdGVkX19y/F/phgFPv/lMPvcmXAJY7qMizquy+ASGNh/Yptcz6tnkotL39yD2x+caW/KF8RIgOQ7nHjiFjrF4s9cVRl15KCNomrQIm6S3h4Z7oYoMWpnYdmWMdJz6OVzTy+JXukbPMbR/L0OIvpe4iJGgErdOAm7BnRrYG747N5FoClaCDHqWk9iZzq//GIT62sBdIUQJhrxoYgYDVQo4NDnXRrePpHvCxsOq1VqTKpqceRbersc7bE6xcxyn/qNnhPn0Ek46qY9eqE7Taf1zXGJZkG1iyrJCq47Qsy8fH0Zg+ndPI4eD9Tispvrigh+2epck3J3Fola0MQh5JhIh/zrpN94tJH1vxiB4K9paqy/SbnK/o4iqEpJqHnm/YwnAWunm/+2vw5nQhyl+Ri9tM8yzXUNZ0MG2MbsmJYpMLigXbHKCv0vslNeEJyU0tKD8MpPsV74DDfp/Bhen4hW7XfVkaulggTsXwB3TGhIlJVdEyEA34eEMUaO8UPk4gMnCNI3c+Qm0v9achEPkVzmGrQ94MN7nCC4ANvPfCGcNkVvG/OCO184gbvNYGxT5/+blCg+JczhIbBvc7wM3p1Rbpsl2pTHob+nqzX6CCla+caeLfz6S6KtPdh/Gkc1oAp4GpQBxIiCQ4OdJCJkC3WDyVhWHlvQpVBVXJulg2yD5XCOramafjjHHMiG/JLwhhE2v7GQ72gMw8hkVVHqgTBxKJAVi7MKCvJ7eSA4RRH+a9rTjDYAwmKw9yl1IjOkEwxYoMRhsfs1zkDLv1YPaxRs4hFUrdEyygMZe1L0eEO+YkBaQcelAcS7LUeXKLfRzrOdoZGyXjcM6x7rDfDMCkdSRKfU+XD45mLu8kWpxtIJ0woym7xJdcFDyC7o9Mmdm7AB7YoUNVVIU7kMmMJpvdO1Jx+yGb40TfT2liBLXFXzlqtvFIZ/Z0Kwy2OXPzSiQoUdockvEU9auT0/zVvt MZMeTR+G u3kZaW0kQMMEO3BBIapBezsuvtsxXUP37t0IYzo1mMG5bJUFrpc1RuhhSweQsYvENnkCMGVg1RMWAUvjvYFycUaCTfQd3Mh3BjgPr6pVVQ1NmGhyvfawbj7u4r0ARhyxgrmwhkUR5O6ViWdiy8jioOSQlioauz8KEtkCR5htpXlVCr0e+Yzy6Nqt5kGi4CJfAQXPI/faz2C0pMadS9b8ZKIxX8VNc/zkWyOuSj5PR+aiktqT7kJizXLg5ER3VAGRwV7LH2A34+frBye9VYRL4uJ0A9IP/puz9o5HLKNOhBW28w621wKDtmOQ2kCGG23r+kejvUyPgXv/N+rsYo5IpLxNao5m8XSy8l6FvvV7JtlbRwr3EqMg8oBy0oJUu6j7zMUDBp7wZze2j0Ry7tU+kLUx3s6I1MBT1nouxEO8vfgBe7hyTxtrXs5w+i4We4iZ8g2CSTkncqINF+HXXv/e7FSBDD+MeVw8OoCa772vA1+gnlCikIYBNjv0rqH07b40C1pNY1iOWvJ0mJO1tgqFR5VZ+hQOFzj9yVp1MFiJkI3Enn2OGQjZYgb44Y6uC82bCuabzCz4I8rdES07RLl32VbeUN4kQlvz5D0UfeJO5bljGZYQtLpfo+mA/Eg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: lib/string.c is built with -ffreestanding, which prevents the compiler from replacing certain functions with calls to their library versions. On the other hand, this also prevents Clang and GCC from instrumenting calls to memcpy() when building with KASAN, KCSAN or KMSAN: - KASAN normally replaces memcpy() with __asan_memcpy() with the additional cc-param,asan-kernel-mem-intrinsic-prefix=1; - KCSAN and KMSAN replace memcpy() with __tsan_memcpy() and __msan_memcpy() by default. To let the tools catch memory accesses from strlcpy/strlcat, replace the calls to memcpy() with __builtin_memcpy(), which KASAN, KCSAN and KMSAN are able to replace even in -ffreestanding mode. This preserves the behavior in normal builds (__builtin_memcpy() ends up being replaced with memcpy()), and does not introduce new instrumentation in unwanted places, as strlcpy/strlcat are already instrumented. Suggested-by: Marco Elver Signed-off-by: Alexander Potapenko Link: https://lore.kernel.org/all/20230224085942.1791837-1-elver@google.com/ Reviewed-by: Marco Elver Acked-by: Kees Cook --- lib/string.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/string.c b/lib/string.c index 3d55ef8901068..be26623953d2e 100644 --- a/lib/string.c +++ b/lib/string.c @@ -110,7 +110,7 @@ size_t strlcpy(char *dest, const char *src, size_t size) if (size) { size_t len = (ret >= size) ? size - 1 : ret; - memcpy(dest, src, len); + __builtin_memcpy(dest, src, len); dest[len] = '\0'; } return ret; @@ -260,7 +260,7 @@ size_t strlcat(char *dest, const char *src, size_t count) count -= dsize; if (len >= count) len = count-1; - memcpy(dest, src, len); + __builtin_memcpy(dest, src, len); dest[len] = 0; return res; }