From patchwork Thu Jan 11 19:06:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Grund X-Patchwork-Id: 13517729 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 57921C47DA2 for ; Thu, 11 Jan 2024 19:08:16 +0000 (UTC) Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) by mx.groups.io with SMTP id smtpd.web10.1134.1705000087999103128 for ; Thu, 11 Jan 2024 11:08:08 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=GKAoOqb6; spf=pass (domain: gmail.com, ip: 209.85.128.46, mailfrom: theflamefire89@gmail.com) Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-40e63cceae2so346575e9.2 for ; Thu, 11 Jan 2024 11:08:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705000086; x=1705604886; darn=lists.cip-project.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ScMmApvS/yrYOTNF+jY/GL9uefdDXA5zKkImVV3nLLc=; b=GKAoOqb6vDtvwHwT6LJSeKOTubAaRvlhyqcFsdDZueVqHmW8f673l7QLVaCVWF5Cr9 0bgxSTPl/r/0hXUdqS0l4SX6aoOg1Z1zjLmHWe/3T7d25dSy3LwMGkLtQHpN/pEAQxEy AKCzc4tO4DCbIIqy0V5HLMQx86RDBcrEhnzi+zKL9iaQGQ19dT1XQNTDnIh/7ZfsFPen z4CLMnxZpwYzlM+QFR89bZXsmSr2R910WoXhDuQXKD3FuqfsJub0+9uTctXF1dd1l3op mmcb8x6ufiHt7E5xvsyYcIpeybt4rlcTJtfYf5Fw3q/9dHrZQ71dB/nSN1vzZJC8pR8H 2Ryg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705000086; x=1705604886; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ScMmApvS/yrYOTNF+jY/GL9uefdDXA5zKkImVV3nLLc=; b=jJXJtkhsEItc8yiAh6l6tfW/meAxf85hfEruCBilUiBDHZN70o+qhIu//0vBZmjQMV ZUFbMdZ/hn2tIYiU7L3JoHI1ZkDv5wJGe/cIGBuMYex4VAlQYz34JUlRlxR1PmQzkhQh itjqbGm/59/B4zGhrEzegn3k49RmcWN+AemYVLwHzMSRnJBADQUPi79W5IgYIsFlg955 KmulPhSONVhXKmmn65UUTi7Y2new6KnDlQEkc1740c0bIGb3xc6/kmCeCE96Ksg25cWU X5U1vHQQab2FgJHixUpuAKGol7FMfzMojz7Ti53KqETAnIWisNHoyuptG2ZPRqwDWVsR yu8g== X-Gm-Message-State: AOJu0YyPGqJPqZ6CzfYJuzmR01CgUVvDJVXM1QUivVvmpHmFmwkkwMno xy8SDXiV0Pyvd37LMqmkEP+jqPHtUZQ= X-Google-Smtp-Source: AGHT+IG4OArpd5Hh24q8d61fiut+ymgu/FH/Bu4dUJd5pfJ0DmqZPtPnJ7XQvhp1Y5Wk+3saoVSeCg== X-Received: by 2002:a05:600c:1e0b:b0:40e:629a:b7d2 with SMTP id ay11-20020a05600c1e0b00b0040e629ab7d2mr158405wmb.0.1705000086345; Thu, 11 Jan 2024 11:08:06 -0800 (PST) Received: from alex-Mint.fritz.box (p200300f6af47620043a7429456d42e7a.dip0.t-ipconnect.de. [2003:f6:af47:6200:43a7:4294:56d4:2e7a]) by smtp.googlemail.com with ESMTPSA id p12-20020a05600c468c00b0040e56830a35sm2964641wmo.18.2024.01.11.11.08.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 11 Jan 2024 11:08:05 -0800 (PST) From: Alexander Grund To: cip-dev@lists.cip-project.org Cc: uli+cip@fpond.eu Subject: [PATCH 4.4 1/4] string.h: add memcpy_and_pad() Date: Thu, 11 Jan 2024 20:06:55 +0100 Message-Id: <20240111190658.153488-2-theflamefire89@gmail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20240111190658.153488-1-theflamefire89@gmail.com> References: <20240111190658.153488-1-theflamefire89@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 11 Jan 2024 19:08:16 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/14334 From: Martin Wilck commit 01f33c336e2d298ea5d4ce5d6e5bcd12865cc30f upstream. This helper function is useful for the nvme subsystem, and maybe others. Note: the warnings reported by the kbuild test robot for this patch are actually generated by the use of CONFIG_PROFILE_ALL_BRANCHES together with __FORTIFY_INLINE. Signed-off-by: Martin Wilck Reviewed-by: Sagi Grimberg Signed-off-by: Christoph Hellwig [AG: Backported to 4.4] Signed-off-by: Alexander Grund --- include/linux/string.h | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/include/linux/string.h b/include/linux/string.h index 1a9589a5ace62..84af888924e11 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -204,4 +204,33 @@ static inline const char *kbasename(const char *path) return tail ? tail + 1 : path; } +/** + * memcpy_and_pad - Copy one buffer to another with padding + * @dest: Where to copy to + * @dest_len: The destination buffer size + * @src: Where to copy from + * @count: The number of bytes to copy + * @pad: Character to use for padding if space is left in destination. + */ +__FORTIFY_INLINE void memcpy_and_pad(void *dest, size_t dest_len, + const void *src, size_t count, int pad) +{ + size_t dest_size = __builtin_object_size(dest, 0); + size_t src_size = __builtin_object_size(src, 0); + + if (__builtin_constant_p(dest_len) && __builtin_constant_p(count)) { + if (dest_size < dest_len && dest_size < count) + __write_overflow(); + else if (src_size < dest_len && src_size < count) + __read_overflow3(); + } + if (dest_size < dest_len) + fortify_panic(__func__); + if (dest_len > count) { + memcpy(dest, src, count); + memset(dest + count, pad, dest_len - count); + } else + memcpy(dest, src, dest_len); +} + #endif /* _LINUX_STRING_H_ */ From patchwork Thu Jan 11 19:06:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Grund X-Patchwork-Id: 13517725 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5668CC47258 for ; Thu, 11 Jan 2024 19:08:16 +0000 (UTC) Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) by mx.groups.io with SMTP id smtpd.web11.1117.1705000089309606570 for ; Thu, 11 Jan 2024 11:08:09 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=YqAqYg4j; spf=pass (domain: gmail.com, ip: 209.85.128.41, mailfrom: theflamefire89@gmail.com) Received: by mail-wm1-f41.google.com with SMTP id 5b1f17b1804b1-40e5f615a32so9444925e9.1 for ; Thu, 11 Jan 2024 11:08:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705000088; x=1705604888; darn=lists.cip-project.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rPpfficv0BuJb/aoQ4lMKtbb3XZTVeN6zAa5Fp50CQQ=; b=YqAqYg4jkP/XGTrKrYw0qgOvIL62d8pT5ltrwtRelVI9e7TToSWA6HWJLYH4WCphRy +czjtRAy32KGPns73LM99shYwmNq6Yd9YkQpPVYV5qVdmFkUxrxn2xBpaTEIgnD7X9Ol d8W0d2OSjCe5owho2oEMCQV1iDO62FV1VQk9qzzfFKSOAMv5GpRvDZQlawzRssaX46Gi qOihsIMtmYLJA3NrlIQBv79WyMNVtQQD1UQTNsqGjlOlYMla1BnU72Mhpia/holyzc3A qZJs/NbAtuqtHznCIzZemtfjaSlJ5PcnRxd0lBP8xWam2mTeMaHTmlwJyiWylUC4tv/T ifNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705000088; x=1705604888; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rPpfficv0BuJb/aoQ4lMKtbb3XZTVeN6zAa5Fp50CQQ=; b=qSnWDEA0+j1R+vgA8F2fEZ0fNEXexo2xTfCGlS7QyCMdCY3A3DpQOs7qX9rlO4xe3x 19IgQ8PiZTJ7y69XjMky1tJZicfRwZdpI9umy+F/x92/sak3SAedh1ezNu84ghYRpIIv TsovZCtkl5NTEjJDirW+WzG9ULA2dObPbqMpdwwb7qEneJWoJ3oacR6S38dcwAxSamKV 9a0s2WX2tKPf9e+VklrtjYe6WYWHgxKoR7gC8nM7YXPifgyptdTC7Md25Lz69jBtFCyY fG7NPDjjoqK8xd3NH8PU0B8aHdW2Sulx2Fnt8sHtrW6QQdp/mz0IqeslfYB+mOHuuHVq iEvQ== X-Gm-Message-State: AOJu0YyysFDQqrEmgaTy6HdGxeB/1mfdiJwLsIghQTZcOkZQu8mZqyzQ UwrF+1EtPYd0WAONRj2LspzENINEscw= X-Google-Smtp-Source: AGHT+IHTRObukcB4T9YCre+Ds1MAzRUTJHho+mG5qj5PHhu2yiL3Ua9mXyHHfCwYj5mkjR+Oav9s8g== X-Received: by 2002:a05:600c:8506:b0:40e:545b:80b9 with SMTP id gw6-20020a05600c850600b0040e545b80b9mr75896wmb.8.1705000087764; Thu, 11 Jan 2024 11:08:07 -0800 (PST) Received: from alex-Mint.fritz.box (p200300f6af47620043a7429456d42e7a.dip0.t-ipconnect.de. [2003:f6:af47:6200:43a7:4294:56d4:2e7a]) by smtp.googlemail.com with ESMTPSA id p12-20020a05600c468c00b0040e56830a35sm2964641wmo.18.2024.01.11.11.08.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 11 Jan 2024 11:08:06 -0800 (PST) From: Alexander Grund To: cip-dev@lists.cip-project.org Cc: uli+cip@fpond.eu Subject: [PATCH 4.4 2/4] string.h: un-fortify memcpy_and_pad Date: Thu, 11 Jan 2024 20:06:56 +0100 Message-Id: <20240111190658.153488-3-theflamefire89@gmail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20240111190658.153488-1-theflamefire89@gmail.com> References: <20240111190658.153488-1-theflamefire89@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 11 Jan 2024 19:08:16 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/14335 From: Martin Wilck commit 1359798f9d4082eb04575efdd19512fbd9c28464 upstream. The way I'd implemented the new helper memcpy_and_pad with __FORTIFY_INLINE caused compiler warnings for certain kernel configurations. This helper is only used in a single place at this time, and thus doesn't benefit much from fortification. So simplify the code by dropping fortification support for now. Fixes: 01f33c336e2d "string.h: add memcpy_and_pad()" Signed-off-by: Martin Wilck Acked-by: Arnd Bergmann Signed-off-by: Christoph Hellwig Signed-off-by: Alexander Grund --- include/linux/string.h | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/include/linux/string.h b/include/linux/string.h index 84af888924e11..c874f5ea9bb3e 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -212,20 +212,9 @@ static inline const char *kbasename(const char *path) * @count: The number of bytes to copy * @pad: Character to use for padding if space is left in destination. */ -__FORTIFY_INLINE void memcpy_and_pad(void *dest, size_t dest_len, - const void *src, size_t count, int pad) +static inline void memcpy_and_pad(void *dest, size_t dest_len, + const void *src, size_t count, int pad) { - size_t dest_size = __builtin_object_size(dest, 0); - size_t src_size = __builtin_object_size(src, 0); - - if (__builtin_constant_p(dest_len) && __builtin_constant_p(count)) { - if (dest_size < dest_len && dest_size < count) - __write_overflow(); - else if (src_size < dest_len && src_size < count) - __read_overflow3(); - } - if (dest_size < dest_len) - fortify_panic(__func__); if (dest_len > count) { memcpy(dest, src, count); memset(dest + count, pad, dest_len - count); From patchwork Thu Jan 11 19:06:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Grund X-Patchwork-Id: 13517728 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 67781C47DA6 for ; Thu, 11 Jan 2024 19:08:16 +0000 (UTC) Received: from mail-wm1-f42.google.com (mail-wm1-f42.google.com [209.85.128.42]) by mx.groups.io with SMTP id smtpd.web11.1119.1705000090685533082 for ; Thu, 11 Jan 2024 11:08:10 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=BpYt3/ir; spf=pass (domain: gmail.com, ip: 209.85.128.42, mailfrom: theflamefire89@gmail.com) Received: by mail-wm1-f42.google.com with SMTP id 5b1f17b1804b1-40d60c49ee7so64228075e9.0 for ; Thu, 11 Jan 2024 11:08:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705000089; x=1705604889; darn=lists.cip-project.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=GkqbZsH/PyEXNWR4TAZzFe8avEAGQDWyvPBjkesY+TA=; b=BpYt3/ir9Uji4sTLhKXcB/ORbDblxskPokf0qmj9rCk4IWecyXGrD0oMziCLfp9PJW OSUf2r/Gb1tq6z5kU6JPJUjAN1wQOAJp0Q1lnBTMVzmnvmVYTnpvCOgQhErm/sugw312 9sZku4jdqkwnjovpeATIis+o9j4HvBevIvaSsCdnAeHqqX+chTvz8pjAzu92nLwwfeAW 47rKIRxLQHOQClxkMmVwvUuVnSio41xe/6O1rup2UVsCAOubxPe5sJnOLi7nV/JNSKIA 3/nLuOPH8j4FUiYH1+XJHSumUvqqlQhZslypnH5qt0MS2uFVWecTgS7LmdYSnxDoQOl7 GbbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705000089; x=1705604889; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GkqbZsH/PyEXNWR4TAZzFe8avEAGQDWyvPBjkesY+TA=; b=BbW2n2Y0jwSli7s6q8LvkH7VW+Oo2d3MW1o1uM/P2m9IZR7gG5eIVc7VBfKIHQl5sT jQvM4QsinN5pRYktAOgmLRUnFASNHQsauxV++b0XK52/jEreWu+t4jXbUK9A71h99nnt dcYT5tbK5rxrLdiKMn/LjRtMvc29nOYFhouDKvBIn25bZHTRXQZepvkxbPW6BemkjfCW lkIcTL8N4J8sl5iHUm6ZMZagtoxfuJhNfawZPowBzKdeQ+cVLc/1wE9+gA5m4Rd4Pue/ ueXrzDAjZTJ8UH1CSx3at64S1nZO7kTZcd/AB/ccgb4l9xzEnYeKgv/JlPICRaowgp9e ivSg== X-Gm-Message-State: AOJu0YwSHaNx1i8uTK0r/5k5sr/mFaxsU/wYTjNVxkssDrL+1BrQrnEA xXXTV82Bf+7iAgqDq42qcFPLIL9hZoU= X-Google-Smtp-Source: AGHT+IEU4L6MU+SA/3Qx0ISQMLT8jE0MptJ5tbTql9F2uhQfUljqpKnaBneeODYfXd2sJiYpIjOoqA== X-Received: by 2002:a05:600c:1909:b0:40c:2411:80 with SMTP id j9-20020a05600c190900b0040c24110080mr135769wmq.121.1705000088855; Thu, 11 Jan 2024 11:08:08 -0800 (PST) Received: from alex-Mint.fritz.box (p200300f6af47620043a7429456d42e7a.dip0.t-ipconnect.de. [2003:f6:af47:6200:43a7:4294:56d4:2e7a]) by smtp.googlemail.com with ESMTPSA id p12-20020a05600c468c00b0040e56830a35sm2964641wmo.18.2024.01.11.11.08.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 11 Jan 2024 11:08:08 -0800 (PST) From: Alexander Grund To: cip-dev@lists.cip-project.org Cc: uli+cip@fpond.eu Subject: [PATCH 4.4 3/4] string: uninline memcpy_and_pad Date: Thu, 11 Jan 2024 20:06:57 +0100 Message-Id: <20240111190658.153488-4-theflamefire89@gmail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20240111190658.153488-1-theflamefire89@gmail.com> References: <20240111190658.153488-1-theflamefire89@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 11 Jan 2024 19:08:16 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/14336 From: Guenter Roeck commit 5c4e0a21fae877a7ef89be6dcc6263ec672372b8 upstream. When building m68k:allmodconfig, recent versions of gcc generate the following error if the length of UTS_RELEASE is less than 8 bytes. In function 'memcpy_and_pad', inlined from 'nvmet_execute_disc_identify' at drivers/nvme/target/discovery.c:268:2: arch/m68k/include/asm/string.h:72:25: error: '__builtin_memcpy' reading 8 bytes from a region of size 7 Discussions around the problem suggest that this only happens if an architecture does not provide strlen(), if -ffreestanding is provided as compiler option, and if CONFIG_FORTIFY_SOURCE=n. All of this is the case for m68k. The exact reasons are unknown, but seem to be related to the ability of the compiler to evaluate the return value of strlen() and the resulting execution flow in memcpy_and_pad(). It would be possible to work around the problem by using sizeof(UTS_RELEASE) instead of strlen(UTS_RELEASE), but that would only postpone the problem until the function is called in a similar way. Uninline memcpy_and_pad() instead to solve the problem for good. Suggested-by: Linus Torvalds Reviewed-by: Geert Uytterhoeven Acked-by: Andy Shevchenko Signed-off-by: Guenter Roeck Signed-off-by: Linus Torvalds Signed-off-by: Alexander Grund --- include/linux/string.h | 19 ++----------------- lib/string_helpers.c | 20 ++++++++++++++++++++ 2 files changed, 22 insertions(+), 17 deletions(-) diff --git a/include/linux/string.h b/include/linux/string.h index c874f5ea9bb3e..9f745d7e9f3f7 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -204,22 +204,7 @@ static inline const char *kbasename(const char *path) return tail ? tail + 1 : path; } -/** - * memcpy_and_pad - Copy one buffer to another with padding - * @dest: Where to copy to - * @dest_len: The destination buffer size - * @src: Where to copy from - * @count: The number of bytes to copy - * @pad: Character to use for padding if space is left in destination. - */ -static inline void memcpy_and_pad(void *dest, size_t dest_len, - const void *src, size_t count, int pad) -{ - if (dest_len > count) { - memcpy(dest, src, count); - memset(dest + count, pad, dest_len - count); - } else - memcpy(dest, src, dest_len); -} +void memcpy_and_pad(void *dest, size_t dest_len, const void *src, size_t count, + int pad); #endif /* _LINUX_STRING_H_ */ diff --git a/lib/string_helpers.c b/lib/string_helpers.c index 5c88204b6f1f1..f46075b3d9e41 100644 --- a/lib/string_helpers.c +++ b/lib/string_helpers.c @@ -534,3 +534,23 @@ int string_escape_mem(const char *src, size_t isz, char *dst, size_t osz, return p - dst; } EXPORT_SYMBOL(string_escape_mem); + +/** + * memcpy_and_pad - Copy one buffer to another with padding + * @dest: Where to copy to + * @dest_len: The destination buffer size + * @src: Where to copy from + * @count: The number of bytes to copy + * @pad: Character to use for padding if space is left in destination. + */ +void memcpy_and_pad(void *dest, size_t dest_len, const void *src, size_t count, + int pad) +{ + if (dest_len > count) { + memcpy(dest, src, count); + memset(dest + count, pad, dest_len - count); + } else { + memcpy(dest, src, dest_len); + } +} +EXPORT_SYMBOL(memcpy_and_pad); From patchwork Thu Jan 11 19:06:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Grund X-Patchwork-Id: 13517727 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 67821C47DA7 for ; Thu, 11 Jan 2024 19:08:16 +0000 (UTC) Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by mx.groups.io with SMTP id smtpd.web11.1122.1705000091981706567 for ; Thu, 11 Jan 2024 11:08:12 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=LCMaa+ug; spf=pass (domain: gmail.com, ip: 209.85.128.43, mailfrom: theflamefire89@gmail.com) Received: by mail-wm1-f43.google.com with SMTP id 5b1f17b1804b1-40e63bc90f2so544425e9.2 for ; Thu, 11 Jan 2024 11:08:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705000090; x=1705604890; darn=lists.cip-project.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=vx0y2GgJm+XAKKEP7rJjn7HJUmbZ6sWmYvGUxi+/gKo=; b=LCMaa+ugmqIjxOBsHavs2WgS7wTIqqxBuSRhZp6hYqy9PWf5Con7OUzEQk/waMLsuB Alz85c3evLIpQj0eloJzXuDNOnHUJAfcOLZb1rZeY8vagtmpsQCi/rQuoX3gDfJHUWOR lx5nkOorjfVMplp9qrBxf+AOmxhXY7s1dzxP8U5n3ZygCdHxsDVPzeXOmwmdl/MTrHj3 Gt0WvK+h8y52BmCMmTiBx2BQ4o/pezH3NrVMBSxBY0lWR12phF4Qg682hp0ZZNWSlk7G 7/qyBRpGBpZdtArTFqIdQhler/9Wrxosh4XCukAdcz3kcEC9T04hdReF7nZrqzSaNY2+ B6OQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705000090; x=1705604890; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vx0y2GgJm+XAKKEP7rJjn7HJUmbZ6sWmYvGUxi+/gKo=; b=M/60UVy6fOn0xfihhmNKJohLKqWp45iOkf00iLkH0e6xeQdVXBDlRyAoQ8Dt/XwvWf hU9eL9jn3QsJoIdjmcUdFxDFlNjJWIXuwvtUAtgoNQ88b+5u6ZmdhOCXbxPvuhuuD5rE Bn7EYyekva5L+YDEmXjOkdlx8oH+vdwQYE5LP0jGgWBynsDQGFe2citEF+vsXH7UQSsr LQRV7QVR7/uDAkWGU26NzOhe/YkM4qfO2iZoxOk+Ss7iwcZLefmcMXwcy0MssQX6HHpL kVjExX1YPqwDy8S7NNAKWcjTSyZxpmRwG99vP6cGBp77ftW3kprWKwmmgm7VZoSd8gk3 uVow== X-Gm-Message-State: AOJu0YxlSoq2Bt0VHROfUNK3ZuTWP3bgR6UEITmNoOp/pLUx08FDJmNQ tD+Gz346vj4P/fcj9raWlm1E5PpDzMo= X-Google-Smtp-Source: AGHT+IFlMo0uz+9nsAKymALkHbBFSNCsXxuQnswS7ti87+S0fDwPNMsChpWpQPdKG5Sg7+H6Id8hag== X-Received: by 2002:a05:600c:4f08:b0:40e:39dd:b319 with SMTP id l8-20020a05600c4f0800b0040e39ddb319mr151712wmq.123.1705000090474; Thu, 11 Jan 2024 11:08:10 -0800 (PST) Received: from alex-Mint.fritz.box (p200300f6af47620043a7429456d42e7a.dip0.t-ipconnect.de. [2003:f6:af47:6200:43a7:4294:56d4:2e7a]) by smtp.googlemail.com with ESMTPSA id p12-20020a05600c468c00b0040e56830a35sm2964641wmo.18.2024.01.11.11.08.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 11 Jan 2024 11:08:09 -0800 (PST) From: Alexander Grund To: cip-dev@lists.cip-project.org Cc: uli+cip@fpond.eu Subject: [PATCH 4.4 4/4] Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name Date: Thu, 11 Jan 2024 20:06:58 +0100 Message-Id: <20240111190658.153488-5-theflamefire89@gmail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20240111190658.153488-1-theflamefire89@gmail.com> References: <20240111190658.153488-1-theflamefire89@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 11 Jan 2024 19:08:16 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/14337 From: Kees Cook The code pattern of memcpy(dst, src, strlen(src)) is almost always wrong. In this case it is wrong because it leaves memory uninitialized if it is less than sizeof(ni->name), and overflows ni->name when longer. Normally strtomem_pad() could be used here, but since ni->name is a trailing array in struct hci_mon_new_index, compilers that don't support -fstrict-flex-arrays=3 can't tell how large this array is via __builtin_object_size(). Instead, open-code the helper and use sizeof() since it will work correctly. Additionally mark ni->name as __nonstring since it appears to not be a %NUL terminated C string. Cc: Luiz Augusto von Dentz Cc: Edward AD Cc: Marcel Holtmann Cc: Johan Hedberg Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: linux-bluetooth@vger.kernel.org Cc: netdev@vger.kernel.org Fixes: 18f547f3fc07 ("Bluetooth: hci_sock: fix slab oob read in create_monitor_event") Link: https://lore.kernel.org/lkml/202310110908.F2639D3276@keescook/ Signed-off-by: Kees Cook Signed-off-by: Luiz Augusto von Dentz [AG: Remove __nonstring attribute not present in 4.4] Signed-off-by: Alexander Grund --- net/bluetooth/hci_sock.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c index 48fcbbde9d3f0..dbbd69bf43191 100644 --- a/net/bluetooth/hci_sock.c +++ b/net/bluetooth/hci_sock.c @@ -333,7 +333,8 @@ static struct sk_buff *create_monitor_event(struct hci_dev *hdev, int event) ni->type = hdev->dev_type; ni->bus = hdev->bus; bacpy(&ni->bdaddr, &hdev->bdaddr); - memcpy(ni->name, hdev->name, strlen(hdev->name)); + memcpy_and_pad(ni->name, sizeof(ni->name), hdev->name, + strnlen(hdev->name, sizeof(ni->name)), '\0'); opcode = cpu_to_le16(HCI_MON_NEW_INDEX); break;