[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <202010221302.5BA047AC9@keescook>
Date: Thu, 22 Oct 2020 13:04:32 -0700
From: Kees Cook <keescook@...omium.org>
To: Francis Laniel <laniel_francis@...vacyrequired.com>
Cc: linux-hardening@...r.kernel.org, netdev@...r.kernel.org,
davem@...emloft.net, kuba@...nel.org
Subject: Re: [RFC][PATCH v3 3/3] Rename nla_strlcpy to nla_strscpy.
On Thu, Oct 22, 2020 at 11:41:31AM +0200, Francis Laniel wrote:
> Le jeudi 22 octobre 2020, 01:49:59 CEST Kees Cook a écrit :
> > On Tue, Oct 20, 2020 at 06:47:07PM +0200, laniel_francis@...vacyrequired.com
> wrote:
> > > From: Francis Laniel <laniel_francis@...vacyrequired.com>
> > >
> > > Calls to nla_strlcpy are now replaced by calls to nla_strscpy which is the
> > > new name of this function.
> > >
> > > Signed-off-by: Francis Laniel <laniel_francis@...vacyrequired.com>
> >
> > The Subject could also be: "treewide: Rename nla_strlcpy to nla_strscpy"
> >
> > But otherwise, yup, easy mechanical change.
>
> Should I submit a v4 for this change?
I'll say yes. :) Drop the RFC, bump to v4, and send it to netdev (along
with all the other CCs you have here already), and add the Reviewed-bys
from v3.
Thanks!
-Kees
>
> >
> > Reviewed-by: Kees Cook <keescook@...omium.org>
> >
> > > ---
> > >
> > > drivers/infiniband/core/nldev.c | 10 +++++-----
> > > drivers/net/can/vxcan.c | 4 ++--
> > > drivers/net/veth.c | 4 ++--
> > > include/linux/genl_magic_struct.h | 2 +-
> > > include/net/netlink.h | 4 ++--
> > > include/net/pkt_cls.h | 2 +-
> > > kernel/taskstats.c | 2 +-
> > > lib/nlattr.c | 6 +++---
> > > net/core/fib_rules.c | 4 ++--
> > > net/core/rtnetlink.c | 12 ++++++------
> > > net/decnet/dn_dev.c | 2 +-
> > > net/ieee802154/nl-mac.c | 2 +-
> > > net/ipv4/devinet.c | 2 +-
> > > net/ipv4/fib_semantics.c | 2 +-
> > > net/ipv4/metrics.c | 2 +-
> > > net/netfilter/ipset/ip_set_hash_netiface.c | 4 ++--
> > > net/netfilter/nf_tables_api.c | 6 +++---
> > > net/netfilter/nfnetlink_acct.c | 2 +-
> > > net/netfilter/nfnetlink_cthelper.c | 4 ++--
> > > net/netfilter/nft_ct.c | 2 +-
> > > net/netfilter/nft_log.c | 2 +-
> > > net/netlabel/netlabel_mgmt.c | 2 +-
> > > net/nfc/netlink.c | 2 +-
> > > net/sched/act_api.c | 2 +-
> > > net/sched/act_ipt.c | 2 +-
> > > net/sched/act_simple.c | 4 ++--
> > > net/sched/cls_api.c | 2 +-
> > > net/sched/sch_api.c | 2 +-
> > > net/tipc/netlink_compat.c | 2 +-
> > > 29 files changed, 49 insertions(+), 49 deletions(-)
> > >
> > > diff --git a/drivers/infiniband/core/nldev.c
> > > b/drivers/infiniband/core/nldev.c index 12d29d54a081..08366e254b1d 100644
> > > --- a/drivers/infiniband/core/nldev.c
> > > +++ b/drivers/infiniband/core/nldev.c
> > > @@ -932,7 +932,7 @@ static int nldev_set_doit(struct sk_buff *skb, struct
> > > nlmsghdr *nlh,>
> > > if (tb[RDMA_NLDEV_ATTR_DEV_NAME]) {
> > >
> > > char name[IB_DEVICE_NAME_MAX] = {};
> > >
> > > - nla_strlcpy(name, tb[RDMA_NLDEV_ATTR_DEV_NAME],
> > > + nla_strscpy(name, tb[RDMA_NLDEV_ATTR_DEV_NAME],
> > >
> > > IB_DEVICE_NAME_MAX);
> > >
> > > if (strlen(name) == 0) {
> > >
> > > err = -EINVAL;
> > >
> > > @@ -1529,13 +1529,13 @@ static int nldev_newlink(struct sk_buff *skb,
> > > struct nlmsghdr *nlh,>
> > > !tb[RDMA_NLDEV_ATTR_LINK_TYPE] || !tb[RDMA_NLDEV_ATTR_NDEV_NAME])
> > >
> > > return -EINVAL;
> > >
> > > - nla_strlcpy(ibdev_name, tb[RDMA_NLDEV_ATTR_DEV_NAME],
> > > + nla_strscpy(ibdev_name, tb[RDMA_NLDEV_ATTR_DEV_NAME],
> > >
> > > sizeof(ibdev_name));
> > >
> > > if (strchr(ibdev_name, '%') || strlen(ibdev_name) == 0)
> > >
> > > return -EINVAL;
> > >
> > > - nla_strlcpy(type, tb[RDMA_NLDEV_ATTR_LINK_TYPE], sizeof(type));
> > > - nla_strlcpy(ndev_name, tb[RDMA_NLDEV_ATTR_NDEV_NAME],
> > > + nla_strscpy(type, tb[RDMA_NLDEV_ATTR_LINK_TYPE], sizeof(type));
> > > + nla_strscpy(ndev_name, tb[RDMA_NLDEV_ATTR_NDEV_NAME],
> > >
> > > sizeof(ndev_name));
> > >
> > > ndev = dev_get_by_name(sock_net(skb->sk), ndev_name);
> > >
> > > @@ -1602,7 +1602,7 @@ static int nldev_get_chardev(struct sk_buff *skb,
> > > struct nlmsghdr *nlh,>
> > > if (err || !tb[RDMA_NLDEV_ATTR_CHARDEV_TYPE])
> > >
> > > return -EINVAL;
> > >
> > > - nla_strlcpy(client_name, tb[RDMA_NLDEV_ATTR_CHARDEV_TYPE],
> > > + nla_strscpy(client_name, tb[RDMA_NLDEV_ATTR_CHARDEV_TYPE],
> > >
> > > sizeof(client_name));
> > >
> > > if (tb[RDMA_NLDEV_ATTR_DEV_INDEX]) {
> > >
> > > diff --git a/drivers/net/can/vxcan.c b/drivers/net/can/vxcan.c
> > > index d6ba9426be4d..fa47bab510bb 100644
> > > --- a/drivers/net/can/vxcan.c
> > > +++ b/drivers/net/can/vxcan.c
> > > @@ -186,7 +186,7 @@ static int vxcan_newlink(struct net *net, struct
> > > net_device *dev,>
> > > }
> > >
> > > if (ifmp && tbp[IFLA_IFNAME]) {
> > >
> > > - nla_strlcpy(ifname, tbp[IFLA_IFNAME], IFNAMSIZ);
> > > + nla_strscpy(ifname, tbp[IFLA_IFNAME], IFNAMSIZ);
> > >
> > > name_assign_type = NET_NAME_USER;
> > >
> > > } else {
> > >
> > > snprintf(ifname, IFNAMSIZ, DRV_NAME "%%d");
> > >
> > > @@ -223,7 +223,7 @@ static int vxcan_newlink(struct net *net, struct
> > > net_device *dev,>
> > > /* register first device */
> > > if (tb[IFLA_IFNAME])
> > >
> > > - nla_strlcpy(dev->name, tb[IFLA_IFNAME], IFNAMSIZ);
> > > + nla_strscpy(dev->name, tb[IFLA_IFNAME], IFNAMSIZ);
> > >
> > > else
> > >
> > > snprintf(dev->name, IFNAMSIZ, DRV_NAME "%%d");
> > >
> > > diff --git a/drivers/net/veth.c b/drivers/net/veth.c
> > > index 8c737668008a..359d3ab33c4d 100644
> > > --- a/drivers/net/veth.c
> > > +++ b/drivers/net/veth.c
> > > @@ -1329,7 +1329,7 @@ static int veth_newlink(struct net *src_net, struct
> > > net_device *dev,>
> > > }
> > >
> > > if (ifmp && tbp[IFLA_IFNAME]) {
> > >
> > > - nla_strlcpy(ifname, tbp[IFLA_IFNAME], IFNAMSIZ);
> > > + nla_strscpy(ifname, tbp[IFLA_IFNAME], IFNAMSIZ);
> > >
> > > name_assign_type = NET_NAME_USER;
> > >
> > > } else {
> > >
> > > snprintf(ifname, IFNAMSIZ, DRV_NAME "%%d");
> > >
> > > @@ -1379,7 +1379,7 @@ static int veth_newlink(struct net *src_net, struct
> > > net_device *dev,>
> > > eth_hw_addr_random(dev);
> > >
> > > if (tb[IFLA_IFNAME])
> > >
> > > - nla_strlcpy(dev->name, tb[IFLA_IFNAME], IFNAMSIZ);
> > > + nla_strscpy(dev->name, tb[IFLA_IFNAME], IFNAMSIZ);
> > >
> > > else
> > >
> > > snprintf(dev->name, IFNAMSIZ, DRV_NAME "%%d");
> > >
> > > diff --git a/include/linux/genl_magic_struct.h
> > > b/include/linux/genl_magic_struct.h index eeae59d3ceb7..35d21fddaf2d
> > > 100644
> > > --- a/include/linux/genl_magic_struct.h
> > > +++ b/include/linux/genl_magic_struct.h
> > > @@ -89,7 +89,7 @@ static inline int nla_put_u64_0pad(struct sk_buff *skb,
> > > int attrtype, u64 value)>
> > > nla_get_u64, nla_put_u64_0pad, false)
> > >
> > > #define __str_field(attr_nr, attr_flag, name, maxlen) \
> > >
> > > __array(attr_nr, attr_flag, name, NLA_NUL_STRING, char, maxlen, \
> > >
> > > - nla_strlcpy, nla_put, false)
> > > + nla_strscpy, nla_put, false)
> > >
> > > #define __bin_field(attr_nr, attr_flag, name, maxlen) \
> > >
> > > __array(attr_nr, attr_flag, name, NLA_BINARY, char, maxlen, \
> > >
> > > nla_memcpy, nla_put, false)
> > >
> > > diff --git a/include/net/netlink.h b/include/net/netlink.h
> > > index 446ca182e13d..1ceec518ab49 100644
> > > --- a/include/net/netlink.h
> > > +++ b/include/net/netlink.h
> > > @@ -142,7 +142,7 @@
> > >
> > > * Attribute Misc:
> > > * nla_memcpy(dest, nla, count) copy attribute into memory
> > > * nla_memcmp(nla, data, size) compare attribute with memory area
> > >
> > > - * nla_strlcpy(dst, nla, size) copy attribute to a sized string
> > > + * nla_strscpy(dst, nla, size) copy attribute to a sized string
> > >
> > > * nla_strcmp(nla, str) compare attribute with string
> > > *
> > >
> > > * Attribute Parsing:
> > > @@ -506,7 +506,7 @@ int __nla_parse(struct nlattr **tb, int maxtype, const
> > > struct nlattr *head,>
> > > struct netlink_ext_ack *extack);
> > >
> > > int nla_policy_len(const struct nla_policy *, int);
> > > struct nlattr *nla_find(const struct nlattr *head, int len, int
> > > attrtype);
> > >
> > > -ssize_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize);
> > > +ssize_t nla_strscpy(char *dst, const struct nlattr *nla, size_t dstsize);
> > >
> > > char *nla_strdup(const struct nlattr *nla, gfp_t flags);
> > > int nla_memcpy(void *dest, const struct nlattr *src, int count);
> > > int nla_memcmp(const struct nlattr *nla, const void *data, size_t size);
> > >
> > > diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h
> > > index db9a828f4f4f..133f9ad4d4f9 100644
> > > --- a/include/net/pkt_cls.h
> > > +++ b/include/net/pkt_cls.h
> > > @@ -512,7 +512,7 @@ tcf_change_indev(struct net *net, struct nlattr
> > > *indev_tlv,>
> > > char indev[IFNAMSIZ];
> > > struct net_device *dev;
> > >
> > > - if (nla_strlcpy(indev, indev_tlv, IFNAMSIZ) < 0) {
> > > + if (nla_strscpy(indev, indev_tlv, IFNAMSIZ) < 0) {
> > >
> > > NL_SET_ERR_MSG_ATTR(extack, indev_tlv,
> > >
> > > "Interface name too long");
> > >
> > > return -EINVAL;
> > >
> > > diff --git a/kernel/taskstats.c b/kernel/taskstats.c
> > > index a2802b6ff4bb..2b4898b4752e 100644
> > > --- a/kernel/taskstats.c
> > > +++ b/kernel/taskstats.c
> > > @@ -346,7 +346,7 @@ static int parse(struct nlattr *na, struct cpumask
> > > *mask)>
> > > data = kmalloc(len, GFP_KERNEL);
> > > if (!data)
> > >
> > > return -ENOMEM;
> > >
> > > - nla_strlcpy(data, na, len);
> > > + nla_strscpy(data, na, len);
> > >
> > > ret = cpulist_parse(data, mask);
> > > kfree(data);
> > > return ret;
> > >
> > > diff --git a/lib/nlattr.c b/lib/nlattr.c
> > > index 447182543c03..09aa181569e0 100644
> > > --- a/lib/nlattr.c
> > > +++ b/lib/nlattr.c
> > > @@ -709,7 +709,7 @@ struct nlattr *nla_find(const struct nlattr *head, int
> > > len, int attrtype)>
> > > EXPORT_SYMBOL(nla_find);
> > >
> > > /**
> > >
> > > - * nla_strlcpy - Copy string attribute payload into a sized buffer
> > > + * nla_strscpy - Copy string attribute payload into a sized buffer
> > >
> > > * @dst: Where to copy the string to.
> > > * @nla: Attribute to copy the string from.
> > > * @dstsize: Size of destination buffer.
> > >
> > > @@ -722,7 +722,7 @@ EXPORT_SYMBOL(nla_find);
> > >
> > > * * -E2BIG - If @dstsize is 0 or greater than U16_MAX or @nla length
> > > greater * than @dstsize.
> > > */
> > >
> > > -ssize_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize)
> > > +ssize_t nla_strscpy(char *dst, const struct nlattr *nla, size_t dstsize)
> > >
> > > {
> > >
> > > size_t srclen = nla_len(nla);
> > > char *src = nla_data(nla);
> > >
> > > @@ -749,7 +749,7 @@ ssize_t nla_strlcpy(char *dst, const struct nlattr
> > > *nla, size_t dstsize)>
> > > return ret;
> > >
> > > }
> > >
> > > -EXPORT_SYMBOL(nla_strlcpy);
> > > +EXPORT_SYMBOL(nla_strscpy);
> > >
> > > /**
> > >
> > > * nla_strdup - Copy string attribute payload into a newly allocated
> > > buffer
> > >
> > > diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
> > > index 7bcfb16854cb..cd80ffed6d26 100644
> > > --- a/net/core/fib_rules.c
> > > +++ b/net/core/fib_rules.c
> > > @@ -563,7 +563,7 @@ static int fib_nl2rule(struct sk_buff *skb, struct
> > > nlmsghdr *nlh,>
> > > struct net_device *dev;
> > >
> > > nlrule->iifindex = -1;
> > >
> > > - nla_strlcpy(nlrule->iifname, tb[FRA_IIFNAME], IFNAMSIZ);
> > > + nla_strscpy(nlrule->iifname, tb[FRA_IIFNAME], IFNAMSIZ);
> > >
> > > dev = __dev_get_by_name(net, nlrule->iifname);
> > > if (dev)
> > >
> > > nlrule->iifindex = dev->ifindex;
> > >
> > > @@ -573,7 +573,7 @@ static int fib_nl2rule(struct sk_buff *skb, struct
> > > nlmsghdr *nlh,>
> > > struct net_device *dev;
> > >
> > > nlrule->oifindex = -1;
> > >
> > > - nla_strlcpy(nlrule->oifname, tb[FRA_OIFNAME], IFNAMSIZ);
> > > + nla_strscpy(nlrule->oifname, tb[FRA_OIFNAME], IFNAMSIZ);
> > >
> > > dev = __dev_get_by_name(net, nlrule->oifname);
> > > if (dev)
> > >
> > > nlrule->oifindex = dev->ifindex;
> > >
> > > diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
> > > index 68e0682450c6..e0059256fe93 100644
> > > --- a/net/core/rtnetlink.c
> > > +++ b/net/core/rtnetlink.c
> > > @@ -1939,7 +1939,7 @@ static const struct rtnl_link_ops
> > > *linkinfo_to_kind_ops(const struct nlattr *nla>
> > > if (linfo[IFLA_INFO_KIND]) {
> > >
> > > char kind[MODULE_NAME_LEN];
> > >
> > > - nla_strlcpy(kind, linfo[IFLA_INFO_KIND], sizeof(kind));
> > > + nla_strscpy(kind, linfo[IFLA_INFO_KIND], sizeof(kind));
> > >
> > > ops = rtnl_link_ops_get(kind);
> > >
> > > }
> > >
> > > @@ -2953,9 +2953,9 @@ static struct net_device *rtnl_dev_get(struct net
> > > *net,>
> > > if (!ifname) {
> > >
> > > ifname = buffer;
> > > if (ifname_attr)
> > >
> > > - nla_strlcpy(ifname, ifname_attr, IFNAMSIZ);
> > > + nla_strscpy(ifname, ifname_attr, IFNAMSIZ);
> > >
> > > else if (altifname_attr)
> > >
> > > - nla_strlcpy(ifname, altifname_attr, ALTIFNAMSIZ);
> > > + nla_strscpy(ifname, altifname_attr, ALTIFNAMSIZ);
> > >
> > > else
> > >
> > > return NULL;
> > >
> > > }
> > >
> > > @@ -2983,7 +2983,7 @@ static int rtnl_setlink(struct sk_buff *skb, struct
> > > nlmsghdr *nlh,>
> > > goto errout;
> > >
> > > if (tb[IFLA_IFNAME])
> > >
> > > - nla_strlcpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
> > > + nla_strscpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
> > >
> > > else
> > >
> > > ifname[0] = '\0';
> > >
> > > @@ -3264,7 +3264,7 @@ static int __rtnl_newlink(struct sk_buff *skb,
> > > struct nlmsghdr *nlh,>
> > > return err;
> > >
> > > if (tb[IFLA_IFNAME])
> > >
> > > - nla_strlcpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
> > > + nla_strscpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
> > >
> > > else
> > >
> > > ifname[0] = '\0';
> > >
> > > @@ -3296,7 +3296,7 @@ static int __rtnl_newlink(struct sk_buff *skb,
> > > struct nlmsghdr *nlh,>
> > > memset(linkinfo, 0, sizeof(linkinfo));
> > >
> > > if (linkinfo[IFLA_INFO_KIND]) {
> > >
> > > - nla_strlcpy(kind, linkinfo[IFLA_INFO_KIND], sizeof(kind));
> > > + nla_strscpy(kind, linkinfo[IFLA_INFO_KIND], sizeof(kind));
> > >
> > > ops = rtnl_link_ops_get(kind);
> > >
> > > } else {
> > >
> > > kind[0] = '\0';
> > >
> > > diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c
> > > index 15d42353f1a3..d1c50a48614b 100644
> > > --- a/net/decnet/dn_dev.c
> > > +++ b/net/decnet/dn_dev.c
> > > @@ -658,7 +658,7 @@ static int dn_nl_newaddr(struct sk_buff *skb, struct
> > > nlmsghdr *nlh,>
> > > ifa->ifa_dev = dn_db;
> > >
> > > if (tb[IFA_LABEL])
> > >
> > > - nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
> > > + nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
> > >
> > > else
> > >
> > > memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
> > >
> > > diff --git a/net/ieee802154/nl-mac.c b/net/ieee802154/nl-mac.c
> > > index 6d091e419d3e..9c640d670ffe 100644
> > > --- a/net/ieee802154/nl-mac.c
> > > +++ b/net/ieee802154/nl-mac.c
> > > @@ -149,7 +149,7 @@ static struct net_device *ieee802154_nl_get_dev(struct
> > > genl_info *info)>
> > > if (info->attrs[IEEE802154_ATTR_DEV_NAME]) {
> > >
> > > char name[IFNAMSIZ + 1];
> > >
> > > - nla_strlcpy(name, info->attrs[IEEE802154_ATTR_DEV_NAME],
> > > + nla_strscpy(name, info->attrs[IEEE802154_ATTR_DEV_NAME],
> > >
> > > sizeof(name));
> > >
> > > dev = dev_get_by_name(&init_net, name);
> > >
> > > } else if (info->attrs[IEEE802154_ATTR_DEV_INDEX]) {
> > >
> > > diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
> > > index 123a6d39438f..a50951a90f63 100644
> > > --- a/net/ipv4/devinet.c
> > > +++ b/net/ipv4/devinet.c
> > > @@ -881,7 +881,7 @@ static struct in_ifaddr *rtm_to_ifaddr(struct net
> > > *net, struct nlmsghdr *nlh,>
> > > ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
> > >
> > > if (tb[IFA_LABEL])
> > >
> > > - nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
> > > + nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
> > >
> > > else
> > >
> > > memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
> > >
> > > diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
> > > index 1f75dc686b6b..4b505074b24f 100644
> > > --- a/net/ipv4/fib_semantics.c
> > > +++ b/net/ipv4/fib_semantics.c
> > > @@ -973,7 +973,7 @@ bool fib_metrics_match(struct fib_config *cfg, struct
> > > fib_info *fi)>
> > > char tmp[TCP_CA_NAME_MAX];
> > > bool ecn_ca = false;
> > >
> > > - nla_strlcpy(tmp, nla, sizeof(tmp));
> > > + nla_strscpy(tmp, nla, sizeof(tmp));
> > >
> > > val = tcp_ca_get_key_by_name(fi->fib_net, tmp, &ecn_ca);
> > >
> > > } else {
> > >
> > > if (nla_len(nla) != sizeof(u32))
> > >
> > > diff --git a/net/ipv4/metrics.c b/net/ipv4/metrics.c
> > > index 3205d5f7c8c9..25ea6ac44db9 100644
> > > --- a/net/ipv4/metrics.c
> > > +++ b/net/ipv4/metrics.c
> > > @@ -31,7 +31,7 @@ static int ip_metrics_convert(struct net *net, struct
> > > nlattr *fc_mx,>
> > > if (type == RTAX_CC_ALGO) {
> > >
> > > char tmp[TCP_CA_NAME_MAX];
> > >
> > > - nla_strlcpy(tmp, nla, sizeof(tmp));
> > > + nla_strscpy(tmp, nla, sizeof(tmp));
> > >
> > > val = tcp_ca_get_key_by_name(net, tmp, &ecn_ca);
> > > if (val == TCP_CA_UNSPEC) {
> > >
> > > NL_SET_ERR_MSG(extack, "Unknown tcp congestion algorithm");
> > >
> > > diff --git a/net/netfilter/ipset/ip_set_hash_netiface.c
> > > b/net/netfilter/ipset/ip_set_hash_netiface.c index
> > > be5e95a0d876..b96fd0c55eaa 100644
> > > --- a/net/netfilter/ipset/ip_set_hash_netiface.c
> > > +++ b/net/netfilter/ipset/ip_set_hash_netiface.c
> > > @@ -225,7 +225,7 @@ hash_netiface4_uadt(struct ip_set *set, struct nlattr
> > > *tb[],>
> > > if (e.cidr > HOST_MASK)
> > >
> > > return -IPSET_ERR_INVALID_CIDR;
> > >
> > > }
> > >
> > > - nla_strlcpy(e.iface, tb[IPSET_ATTR_IFACE], IFNAMSIZ);
> > > + nla_strscpy(e.iface, tb[IPSET_ATTR_IFACE], IFNAMSIZ);
> > >
> > > if (tb[IPSET_ATTR_CADT_FLAGS]) {
> > >
> > > u32 cadt_flags = ip_set_get_h32(tb[IPSET_ATTR_CADT_FLAGS]);
> > >
> > > @@ -442,7 +442,7 @@ hash_netiface6_uadt(struct ip_set *set, struct nlattr
> > > *tb[],>
> > > ip6_netmask(&e.ip, e.cidr);
> > >
> > > - nla_strlcpy(e.iface, tb[IPSET_ATTR_IFACE], IFNAMSIZ);
> > > + nla_strscpy(e.iface, tb[IPSET_ATTR_IFACE], IFNAMSIZ);
> > >
> > > if (tb[IPSET_ATTR_CADT_FLAGS]) {
> > >
> > > u32 cadt_flags = ip_set_get_h32(tb[IPSET_ATTR_CADT_FLAGS]);
> > >
> > > diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
> > > index 9957e0ed8658..90c39e694e87 100644
> > > --- a/net/netfilter/nf_tables_api.c
> > > +++ b/net/netfilter/nf_tables_api.c
> > > @@ -1281,7 +1281,7 @@ static struct nft_chain *nft_chain_lookup(struct net
> > > *net,>
> > > if (nla == NULL)
> > >
> > > return ERR_PTR(-EINVAL);
> > >
> > > - nla_strlcpy(search, nla, sizeof(search));
> > > + nla_strscpy(search, nla, sizeof(search));
> > >
> > > WARN_ON(!rcu_read_lock_held() &&
> > >
> > > !lockdep_commit_lock_is_held(net));
> > >
> > > @@ -1721,7 +1721,7 @@ static struct nft_hook *nft_netdev_hook_alloc(struct
> > > net *net,>
> > > goto err_hook_alloc;
> > >
> > > }
> > >
> > > - nla_strlcpy(ifname, attr, IFNAMSIZ);
> > > + nla_strscpy(ifname, attr, IFNAMSIZ);
> > >
> > > dev = __dev_get_by_name(net, ifname);
> > > if (!dev) {
> > >
> > > err = -ENOENT;
> > >
> > > @@ -5734,7 +5734,7 @@ struct nft_object *nft_obj_lookup(const struct net
> > > *net,>
> > > struct rhlist_head *tmp, *list;
> > > struct nft_object *obj;
> > >
> > > - nla_strlcpy(search, nla, sizeof(search));
> > > + nla_strscpy(search, nla, sizeof(search));
> > >
> > > k.name = search;
> > >
> > > WARN_ON_ONCE(!rcu_read_lock_held() &&
> > >
> > > diff --git a/net/netfilter/nfnetlink_acct.c
> > > b/net/netfilter/nfnetlink_acct.c index 5bfec829c12f..5e511df8d709 100644
> > > --- a/net/netfilter/nfnetlink_acct.c
> > > +++ b/net/netfilter/nfnetlink_acct.c
> > > @@ -112,7 +112,7 @@ static int nfnl_acct_new(struct net *net, struct sock
> > > *nfnl,>
> > > nfacct->flags = flags;
> > >
> > > }
> > >
> > > - nla_strlcpy(nfacct->name, tb[NFACCT_NAME], NFACCT_NAME_MAX);
> > > + nla_strscpy(nfacct->name, tb[NFACCT_NAME], NFACCT_NAME_MAX);
> > >
> > > if (tb[NFACCT_BYTES]) {
> > >
> > > atomic64_set(&nfacct->bytes,
> > >
> > > diff --git a/net/netfilter/nfnetlink_cthelper.c
> > > b/net/netfilter/nfnetlink_cthelper.c index 5b0d0a77379c..0f94fce1d3ed
> > > 100644
> > > --- a/net/netfilter/nfnetlink_cthelper.c
> > > +++ b/net/netfilter/nfnetlink_cthelper.c
> > > @@ -146,7 +146,7 @@ nfnl_cthelper_expect_policy(struct
> > > nf_conntrack_expect_policy *expect_policy,>
> > > !tb[NFCTH_POLICY_EXPECT_TIMEOUT])
> > >
> > > return -EINVAL;
> > >
> > > - nla_strlcpy(expect_policy->name,
> > > + nla_strscpy(expect_policy->name,
> > >
> > > tb[NFCTH_POLICY_NAME], NF_CT_HELPER_NAME_LEN);
> > >
> > > expect_policy->max_expected =
> > >
> > > ntohl(nla_get_be32(tb[NFCTH_POLICY_EXPECT_MAX]));
> > >
> > > @@ -233,7 +233,7 @@ nfnl_cthelper_create(const struct nlattr * const tb[],
> > >
> > > if (ret < 0)
> > >
> > > goto err1;
> > >
> > > - nla_strlcpy(helper->name,
> > > + nla_strscpy(helper->name,
> > >
> > > tb[NFCTH_NAME], NF_CT_HELPER_NAME_LEN);
> > >
> > > size = ntohl(nla_get_be32(tb[NFCTH_PRIV_DATA_LEN]));
> > > if (size > sizeof_field(struct nf_conn_help, data)) {
> > >
> > > diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
> > > index 322bd674963e..a8c4d442231c 100644
> > > --- a/net/netfilter/nft_ct.c
> > > +++ b/net/netfilter/nft_ct.c
> > > @@ -990,7 +990,7 @@ static int nft_ct_helper_obj_init(const struct nft_ctx
> > > *ctx,>
> > > if (!priv->l4proto)
> > >
> > > return -ENOENT;
> > >
> > > - nla_strlcpy(name, tb[NFTA_CT_HELPER_NAME], sizeof(name));
> > > + nla_strscpy(name, tb[NFTA_CT_HELPER_NAME], sizeof(name));
> > >
> > > if (tb[NFTA_CT_HELPER_L3PROTO])
> > >
> > > family = ntohs(nla_get_be16(tb[NFTA_CT_HELPER_L3PROTO]));
> > >
> > > diff --git a/net/netfilter/nft_log.c b/net/netfilter/nft_log.c
> > > index 57899454a530..a06a46b039c5 100644
> > > --- a/net/netfilter/nft_log.c
> > > +++ b/net/netfilter/nft_log.c
> > > @@ -152,7 +152,7 @@ static int nft_log_init(const struct nft_ctx *ctx,
> > >
> > > priv->prefix = kmalloc(nla_len(nla) + 1, GFP_KERNEL);
> > > if (priv->prefix == NULL)
> > >
> > > return -ENOMEM;
> > >
> > > - nla_strlcpy(priv->prefix, nla, nla_len(nla) + 1);
> > > + nla_strscpy(priv->prefix, nla, nla_len(nla) + 1);
> > >
> > > } else {
> > >
> > > priv->prefix = (char *)nft_log_null_prefix;
> > >
> > > }
> > >
> > > diff --git a/net/netlabel/netlabel_mgmt.c b/net/netlabel/netlabel_mgmt.c
> > > index eb1d66d20afb..df1b41ed73fd 100644
> > > --- a/net/netlabel/netlabel_mgmt.c
> > > +++ b/net/netlabel/netlabel_mgmt.c
> > > @@ -95,7 +95,7 @@ static int netlbl_mgmt_add_common(struct genl_info
> > > *info,
> > >
> > > ret_val = -ENOMEM;
> > > goto add_free_entry;
> > >
> > > }
> > >
> > > - nla_strlcpy(entry->domain,
> > > + nla_strscpy(entry->domain,
> > >
> > > info->attrs[NLBL_MGMT_A_DOMAIN], tmp_size);
> > >
> > > }
> > >
> > > diff --git a/net/nfc/netlink.c b/net/nfc/netlink.c
> > > index e894254c17d4..438ff1f30a33 100644
> > > --- a/net/nfc/netlink.c
> > > +++ b/net/nfc/netlink.c
> > > @@ -1226,7 +1226,7 @@ static int nfc_genl_fw_download(struct sk_buff *skb,
> > > struct genl_info *info)>
> > > if (!dev)
> > >
> > > return -ENODEV;
> > >
> > > - nla_strlcpy(firmware_name, info->attrs[NFC_ATTR_FIRMWARE_NAME],
> > > + nla_strscpy(firmware_name, info->attrs[NFC_ATTR_FIRMWARE_NAME],
> > >
> > > sizeof(firmware_name));
> > >
> > > rc = nfc_fw_download(dev, firmware_name);
> > >
> > > diff --git a/net/sched/act_api.c b/net/sched/act_api.c
> > > index 541574520c52..eac24a73115f 100644
> > > --- a/net/sched/act_api.c
> > > +++ b/net/sched/act_api.c
> > > @@ -935,7 +935,7 @@ struct tc_action *tcf_action_init_1(struct net *net,
> > > struct tcf_proto *tp,>
> > > NL_SET_ERR_MSG(extack, "TC action kind must be specified");
> > > goto err_out;
> > >
> > > }
> > >
> > > - if (nla_strlcpy(act_name, kind, IFNAMSIZ) < 0) {
> > > + if (nla_strscpy(act_name, kind, IFNAMSIZ) < 0) {
> > >
> > > NL_SET_ERR_MSG(extack, "TC action name too long");
> > > goto err_out;
> > >
> > > }
> > >
> > > diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c
> > > index 8dc3bec0d325..ac7297f42355 100644
> > > --- a/net/sched/act_ipt.c
> > > +++ b/net/sched/act_ipt.c
> > > @@ -166,7 +166,7 @@ static int __tcf_ipt_init(struct net *net, unsigned
> > > int id, struct nlattr *nla,>
> > > if (unlikely(!tname))
> > >
> > > goto err1;
> > >
> > > if (tb[TCA_IPT_TABLE] == NULL ||
> > >
> > > - nla_strlcpy(tname, tb[TCA_IPT_TABLE], IFNAMSIZ) >= IFNAMSIZ)
> > > + nla_strscpy(tname, tb[TCA_IPT_TABLE], IFNAMSIZ) >= IFNAMSIZ)
> > >
> > > strcpy(tname, "mangle");
> > >
> > > t = kmemdup(td, td->u.target_size, GFP_KERNEL);
> > >
> > > diff --git a/net/sched/act_simple.c b/net/sched/act_simple.c
> > > index a4f3d0f0daa9..726cc956d06f 100644
> > > --- a/net/sched/act_simple.c
> > > +++ b/net/sched/act_simple.c
> > > @@ -52,7 +52,7 @@ static int alloc_defdata(struct tcf_defact *d, const
> > > struct nlattr *defdata)>
> > > d->tcfd_defdata = kzalloc(SIMP_MAX_DATA, GFP_KERNEL);
> > > if (unlikely(!d->tcfd_defdata))
> > >
> > > return -ENOMEM;
> > >
> > > - nla_strlcpy(d->tcfd_defdata, defdata, SIMP_MAX_DATA);
> > > + nla_strscpy(d->tcfd_defdata, defdata, SIMP_MAX_DATA);
> > >
> > > return 0;
> > >
> > > }
> > >
> > > @@ -71,7 +71,7 @@ static int reset_policy(struct tc_action *a, const
> > > struct nlattr *defdata,>
> > > spin_lock_bh(&d->tcf_lock);
> > > goto_ch = tcf_action_set_ctrlact(a, p->action, goto_ch);
> > > memset(d->tcfd_defdata, 0, SIMP_MAX_DATA);
> > >
> > > - nla_strlcpy(d->tcfd_defdata, defdata, SIMP_MAX_DATA);
> > > + nla_strscpy(d->tcfd_defdata, defdata, SIMP_MAX_DATA);
> > >
> > > spin_unlock_bh(&d->tcf_lock);
> > > if (goto_ch)
> > >
> > > tcf_chain_put_by_act(goto_ch);
> > >
> > > diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
> > > index c78241c853a5..6ff3b817083a 100644
> > > --- a/net/sched/cls_api.c
> > > +++ b/net/sched/cls_api.c
> > > @@ -223,7 +223,7 @@ static inline u32 tcf_auto_prio(struct tcf_proto *tp)
> > >
> > > static bool tcf_proto_check_kind(struct nlattr *kind, char *name)
> > > {
> > >
> > > if (kind)
> > >
> > > - return nla_strlcpy(name, kind, IFNAMSIZ) < 0;
> > > + return nla_strscpy(name, kind, IFNAMSIZ) < 0;
> > >
> > > memset(name, 0, IFNAMSIZ);
> > > return false;
> > >
> > > }
> > >
> > > diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c
> > > index f9b053b30a7b..cb4f30700c74 100644
> > > --- a/net/sched/sch_api.c
> > > +++ b/net/sched/sch_api.c
> > > @@ -1170,7 +1170,7 @@ static struct Qdisc *qdisc_create(struct net_device
> > > *dev,>
> > > #ifdef CONFIG_MODULES
> > >
> > > if (ops == NULL && kind != NULL) {
> > >
> > > char name[IFNAMSIZ];
> > >
> > > - if (nla_strlcpy(name, kind, IFNAMSIZ) > 0) {
> > > + if (nla_strscpy(name, kind, IFNAMSIZ) > 0) {
> > >
> > > /* We dropped the RTNL semaphore in order to
> > >
> > > * perform the module load. So, even if we
> > > * succeeded in loading the module we have to
> > >
> > > diff --git a/net/tipc/netlink_compat.c b/net/tipc/netlink_compat.c
> > > index 1c7aa51cc2a3..644c7ec41ddf 100644
> > > --- a/net/tipc/netlink_compat.c
> > > +++ b/net/tipc/netlink_compat.c
> > > @@ -695,7 +695,7 @@ static int tipc_nl_compat_link_dump(struct
> > > tipc_nl_compat_msg *msg,>
> > > link_info.dest = nla_get_flag(link[TIPC_NLA_LINK_DEST]);
> > > link_info.up = htonl(nla_get_flag(link[TIPC_NLA_LINK_UP]));
> > >
> > > - nla_strlcpy(link_info.str, link[TIPC_NLA_LINK_NAME],
> > > + nla_strscpy(link_info.str, link[TIPC_NLA_LINK_NAME],
> > >
> > > TIPC_MAX_LINK_NAME);
> > >
> > > return tipc_add_tlv(msg->rep, TIPC_TLV_LINK_INFO,
>
>
>
--
Kees Cook
Powered by blists - more mailing lists