From patchwork Tue May 30 08:39:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Potapenko X-Patchwork-Id: 13259461 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A1D8DC7EE2E for ; Tue, 30 May 2023 08:39:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E5190900002; Tue, 30 May 2023 04:39:19 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E00D76B0074; Tue, 30 May 2023 04:39:19 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CC843900002; Tue, 30 May 2023 04:39:19 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id BB7246B0072 for ; Tue, 30 May 2023 04:39:19 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 73FCB8013E for ; Tue, 30 May 2023 08:39:19 +0000 (UTC) X-FDA: 80846272038.18.0C6A3B6 Received: from mail-ed1-f73.google.com (mail-ed1-f73.google.com [209.85.208.73]) by imf08.hostedemail.com (Postfix) with ESMTP id B5A14160007 for ; Tue, 30 May 2023 08:39:17 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=Qr8jpDkX; spf=pass (imf08.hostedemail.com: domain of 3NLZ1ZAYKCKEHMJEFSHPPHMF.DPNMJOVY-NNLWBDL.PSH@flex--glider.bounces.google.com designates 209.85.208.73 as permitted sender) smtp.mailfrom=3NLZ1ZAYKCKEHMJEFSHPPHMF.DPNMJOVY-NNLWBDL.PSH@flex--glider.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1685435957; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=d2gZVOqgM2bnB8NENsAMpjub1Q/xoX1pCqU5k5h5AWY=; b=3E/7ge+Wk255hofXwSoXbvzObQiem5dDEfBD0MopQiY10sD0H7tV3Wx1UhTdpKyHCNoYC4 CwBp0hBCsaYczTwQtT5tHl/XMUk0O0V1uHS8hdCxOD+/46xxZtgChsINGmDnkWVs8pltLg b0spqb3eo31dJuRPiONMwzDsMGvWlvg= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1685435957; a=rsa-sha256; cv=none; b=T6PdopF9P74Qyi43x3m9PkA5oe63sKnNy0fRzSbiyIOpn0ZG7zqvvK9ODqoVWsMU3DfMOh 9EtFaxu59MAnvYdH6w6xnTnCu7AV3+zX1o0hXv/XoMogzGIneZeUxr/ddRxefBKCV3a2pf EAWKd7qk6Aeft0naM2g1o8GHedO7VfY= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=Qr8jpDkX; spf=pass (imf08.hostedemail.com: domain of 3NLZ1ZAYKCKEHMJEFSHPPHMF.DPNMJOVY-NNLWBDL.PSH@flex--glider.bounces.google.com designates 209.85.208.73 as permitted sender) smtp.mailfrom=3NLZ1ZAYKCKEHMJEFSHPPHMF.DPNMJOVY-NNLWBDL.PSH@flex--glider.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-ed1-f73.google.com with SMTP id 4fb4d7f45d1cf-506beab6a73so4100114a12.1 for ; Tue, 30 May 2023 01:39:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1685435956; x=1688027956; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=d2gZVOqgM2bnB8NENsAMpjub1Q/xoX1pCqU5k5h5AWY=; b=Qr8jpDkXiWtlWEKgM/OCiUY6Qr6uIug26AODpYGcZCgHTfMWI3yZaegQAjWlbgKu4z 104GXMaD2SXHLrPfTEEfuM9jfDznwWhEwcuiJuoh0higXz2jNLE7lzNCaL5n3nBCjacW +4FyxBv3CzhKMvvafis0fhTTfvmgShIcoQnQt3e2nDYnAr9DEl0ornOw8+oGgruVFraT 3nDsArzpfnNfbH/+0HI1ziVPlMgtUuqBISYUh+i2BGQ1NGqbPulsFH1ae3NrHFHtP+uF dGhVDhLJdr4OJfuu4gJzx3j6RhktmWrxEKilQRAG2UvMGfRIORAdf9bNp4Dvtj3JYb3q icYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685435956; x=1688027956; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=d2gZVOqgM2bnB8NENsAMpjub1Q/xoX1pCqU5k5h5AWY=; b=IK79K5HWrUoAw7JDPHYeyusUUNTXRLO2n3avdoFDH3ZK5630oLlFtvWIyd1quUUL2t XORWO+vlE5sVtThUDr3LQ3ggx5Ml6IOeGn1fsqkCOa5nSnQi0K3yzkAPKZ1Vtltyc4XA 8RPs92sM11DvOQEQ3GJpt4i4f7yt0ZSRsRNl4KmrXbopKZW57S3FToj9hH/00tOCDtb1 Q+F6TVd/O69Xmy0wHFFwcObY8c76To2xnL0c3jbQ2AV5yHW4/o0KBSYzmxFY423pPKJg gjI1BErmbXXkQJ+WLTua9Xu3RygoIHT++Y+cz/dKM6DD1TEbs6fN72FZFxSqWLlfSDQq h3dg== X-Gm-Message-State: AC+VfDyOj/K3WAhVipbOu/m2B2IFcM2FnUgKEH3M0phviglViUi3p6wl PRZpvblJD33cRXqEvRO3s0FCVIBh9+c= X-Google-Smtp-Source: ACHHUZ4l9kbotePBkAx85Fa8Beqd63nCciENdBm5Zvi4udP/o5anv8KJ2u5mcPW++drsyf/NxzsGKI/sXOk= X-Received: from glider.muc.corp.google.com ([2a00:79e0:9c:201:a4:5738:5a7f:a82e]) (user=glider job=sendgmr) by 2002:a50:8ada:0:b0:50b:c4f7:fa5a with SMTP id k26-20020a508ada000000b0050bc4f7fa5amr529352edk.3.1685435956071; Tue, 30 May 2023 01:39:16 -0700 (PDT) Date: Tue, 30 May 2023 10:39:11 +0200 Mime-Version: 1.0 X-Mailer: git-send-email 2.41.0.rc0.172.g3f132b7071-goog Message-ID: <20230530083911.1104336-1-glider@google.com> Subject: [PATCH v2] string: use __builtin_memcpy() in strlcpy/strlcat From: Alexander Potapenko To: glider@google.com, andy@kernel.org, akpm@linux-foundation.org Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, elver@google.com, dvyukov@google.com, kasan-dev@googlegroups.com, ndesaulniers@google.com, nathan@kernel.org, keescook@chromium.org X-Rspamd-Queue-Id: B5A14160007 X-Rspam-User: X-Stat-Signature: 4998pbi7zfdfx7pn7xogzfin5abg19xs X-Rspamd-Server: rspam03 X-HE-Tag: 1685435957-826499 X-HE-Meta: U2FsdGVkX18+srgBWYQ3HilFZhCqGF5L/oxzN/hYP6l7gfUswf0jpZ4CDPNV1KZUVeQJOJal41TJZzCfHPOrkxlJRSCi90AD2b/goDjvow6xinhWPXKvVAF/pfdS5KofgpuREvsaDZXBmF0vLs3DuAd2UGvFSIWkON21dGhXmoAuM6RkGxsIG72omuBl1ioblu098TEGfE7bZee3PFMbbnXfpsoi+pHrrG86meZCWLefsY4p1KkdhuUxL9pdGBUyTfqFWqIoI+VhpeI0lDsx5s1sE97viOTWy2HXSbmO/IDm1lIBw6FssTVNinkly7wiOeAUSmNOzHkdvLaxnUn2I2bGuE0HX7nKXiqan4r3wLZdiYhxhTd6+eoeCsRzu4495EnbONfMENYRx3sODMA97XgWmq9Kt30FZYxr/04A8IUl1HwOfYrfxgYb60+ktZdCTNaotjn4AIuse9qUjWK5qYqFEDxmtOxml71ftxE6wpYV4i7iVWI2+Ilfgq9KzyPqXLgjdV+HiYa19/wOHdaHJKJN5PfXa0o5BpFPGdCT9moq8vdjV6SkWHxs2G46C2dszQeqoaiJ0kivDsscO+7l9twKOPVLNZXc5sT0Gluz3Jnp2uWTDNg8ClblgkXB5SrEWKudJFC0HgtequuTTYVNI5XsMmKYRQlENJ+a18rcbeW0OPT0zmlJ269IwfpqF5fm7CmDusVoDIQ0s3jkJp6Tzh3Q1Xi+Ut5NpgMxXQAHcGDMyvU9Q/BWtnd+4LngiALCb62Xy6nFT49FuLnFScRzG5dGyfT1IcTVOyDMIZtAOrfzyqXHJb5+MEHkYPauKgyDKxOjTBeh2JOO+TUr8ZM4YX6JFFcpmj9nZJ0vfrJPWQZyMYqz0ZPF7S+YLNep56mek2aMrZeLkAVEDt4Sjc/9j8rbr6SWoMspk6rcxsH0AwpA9IOP80Ie6VB/iwN74h+0go2tUuJtgbcuMapmvZr YmIE3STf +vcxQvF4GsmCaYLYkX1CF0yxdFAyI8MDRi3KqYexvcSsB4TrgiBkDxHesJ8bnFazVQVl5gS0UYxWmtlie/xDor031J3xSPuhgOrU1IKMUnWW9yQWGue7zqxnw89DHcRz6r6N6xkoDSumFr2mN/FhyDrUKJsYhZO5tC8suNlw+nr3AnXYgU5TnKPc8beVkIlcZaJcNKOe9YhRczctQWilqTi1D9Jm3Bel2YgxIHpLFtIOWBDCaNf1AHiiwI+8So1NjpUXiARN0N327c46IyrrkYHRkc/NXIPnbFZIzrIOyIi+rh6myiltiy3AekEUu9UvpcLAfEMpkAy/ZX2fAxmIADuXNGWPXdTWS3PxD9kPl+msGFIaqrl1NsYQnlCxYeAmGVER8N/hJ4yuHN6cScRMwj08yJk0F/8/Ih9zCWpc6dZYBe/uAyHHFMeCwvHiN+cWvsjmUHAZ8BcQ9VuLePTRkMxzBK46x0CVc50Y5O6IQoiGJ1kxDy0PVJaThnh/GOzfEsRDpj8fXYeAEmI5WVBif2vNvz5IKSJxSvPcGrFWMRydz0mEBYPbFZtM1maywwzoe/lPo3GTuk6NIK3+BbCJmZ/qfJf1PzhdZmGHuPsbeHUc//ZPFLyZ1z9j8V0Ol+ciTq96yYIM84VRBa2axhwMes/EDSlwKITeZksXNqgZxPhz8bhGxhyhbS+fugA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: lib/string.c is built with -ffreestanding, which prevents the compiler from replacing certain functions with calls to their library versions. On the other hand, this also prevents Clang and GCC from instrumenting calls to memcpy() when building with KASAN, KCSAN or KMSAN: - KASAN normally replaces memcpy() with __asan_memcpy() with the additional cc-param,asan-kernel-mem-intrinsic-prefix=1; - KCSAN and KMSAN replace memcpy() with __tsan_memcpy() and __msan_memcpy() by default. To let the tools catch memory accesses from strlcpy/strlcat, replace the calls to memcpy() with __builtin_memcpy(), which KASAN, KCSAN and KMSAN are able to replace even in -ffreestanding mode. This preserves the behavior in normal builds (__builtin_memcpy() ends up being replaced with memcpy()), and does not introduce new instrumentation in unwanted places, as strlcpy/strlcat are already instrumented. Suggested-by: Marco Elver Signed-off-by: Alexander Potapenko Link: https://lore.kernel.org/all/20230224085942.1791837-1-elver@google.com/ Acked-by: Kees Cook --- lib/string.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/string.c b/lib/string.c index 3d55ef8901068..be26623953d2e 100644 --- a/lib/string.c +++ b/lib/string.c @@ -110,7 +110,7 @@ size_t strlcpy(char *dest, const char *src, size_t size) if (size) { size_t len = (ret >= size) ? size - 1 : ret; - memcpy(dest, src, len); + __builtin_memcpy(dest, src, len); dest[len] = '\0'; } return ret; @@ -260,7 +260,7 @@ size_t strlcat(char *dest, const char *src, size_t count) count -= dsize; if (len >= count) len = count-1; - memcpy(dest, src, len); + __builtin_memcpy(dest, src, len); dest[len] = 0; return res; }