| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAFhGd8p8Ako1zFrUrE62OxhqGqmDVEFi3NtT754gZP_sLAZ99w@mail.gmail.com>
Date: Thu, 26 Oct 2023 15:03:11 -0700
From: Justin Stitt <justinstitt@...gle.com>
To: Kees Cook <keescook@...omium.org>
Cc: Kalle Valo <kvalo@...nel.org>, Johannes Berg <johannes.berg@...el.com>,
Max Chen <mxchen@...eaurora.org>, Yang Shen <shenyang39@...wei.com>,
Steven Rostedt <rostedt@...dmis.org>, "Matthew Wilcox (Oracle)" <willy@...radead.org>,
Christoph Hellwig <hch@....de>, Kent Overstreet <kent.overstreet@...ux.dev>, Petr Mladek <pmladek@...e.com>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>, Sergey Senozhatsky <senozhatsky@...omium.org>,
Masami Hiramatsu <mhiramat@...nel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Arnd Bergmann <arnd@...db.de>, Jonathan Corbet <corbet@....net>, Yun Zhou <yun.zhou@...driver.com>,
Jacob Keller <jacob.e.keller@...el.com>, Zhen Lei <thunder.leizhen@...wei.com>,
linux-trace-kernel@...r.kernel.org, linux-wireless@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [RFC][PATCH] wifi: wil6210: Replace strlcat() usage with seq_buf
On Thu, Oct 26, 2023 at 10:13 AM Kees Cook <keescook@...omium.org> wrote:
>
> The use of strlcat() is fragile at best, and we'd like to remove it from
> the available string APIs in the kernel. Instead, use the safer seq_buf
> APIs.
>
> Cc: Kalle Valo <kvalo@...nel.org>
> Cc: Johannes Berg <johannes.berg@...el.com>
> Cc: Max Chen <mxchen@...eaurora.org>
> Cc: Yang Shen <shenyang39@...wei.com>
> Cc: Steven Rostedt <rostedt@...dmis.org>
> Cc: "Matthew Wilcox (Oracle)" <willy@...radead.org>
> Cc: Christoph Hellwig <hch@....de>
> Cc: Justin Stitt <justinstitt@...gle.com>
> Cc: Kent Overstreet <kent.overstreet@...ux.dev>
> Cc: Petr Mladek <pmladek@...e.com>
> Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
> Cc: Rasmus Villemoes <linux@...musvillemoes.dk>
> Cc: Sergey Senozhatsky <senozhatsky@...omium.org>
> Cc: Masami Hiramatsu <mhiramat@...nel.org>
> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> Cc: Arnd Bergmann <arnd@...db.de>
> Cc: Jonathan Corbet <corbet@....net>
> Cc: Yun Zhou <yun.zhou@...driver.com>
> Cc: Jacob Keller <jacob.e.keller@...el.com>
> Cc: Zhen Lei <thunder.leizhen@...wei.com>
> Cc: linux-trace-kernel@...r.kernel.org
> Cc: linux-wireless@...r.kernel.org
> Signed-off-by: Kees Cook <keescook@...omium.org>
> ---
> This is mainly an example of where/how to use the ongoing seq_buf
> refactoring happening in the tracing tree:
> https://lore.kernel.org/lkml/20231026170722.work.638-kees@kernel.org/
I like it. C-strings and many of their associated apis are dodgy. This
looks like a worthwhile replacement.
I think many of my strncpy -> strscpy replacements could've easily
been something along these lines as well.
Happy to see robustness increasing in the kernel by means
of replacing sketchy C-string stuff.
> ---
> drivers/net/wireless/ath/wil6210/wmi.c | 23 ++++++++++-------------
> 1 file changed, 10 insertions(+), 13 deletions(-)
>
> diff --git a/drivers/net/wireless/ath/wil6210/wmi.c b/drivers/net/wireless/ath/wil6210/wmi.c
> index 6fdb77d4c59e..45b8c651b8e2 100644
> --- a/drivers/net/wireless/ath/wil6210/wmi.c
> +++ b/drivers/net/wireless/ath/wil6210/wmi.c
> @@ -3159,36 +3159,34 @@ int wmi_suspend(struct wil6210_priv *wil)
> return rc;
> }
>
> -static void resume_triggers2string(u32 triggers, char *string, int str_size)
> +static void resume_triggers2string(u32 triggers, struct seq_buf *s)
> {
> - string[0] = '\0';
> -
> if (!triggers) {
> - strlcat(string, " UNKNOWN", str_size);
> + seq_buf_puts(s, " UNKNOWN");
> return;
> }
>
> if (triggers & WMI_RESUME_TRIGGER_HOST)
> - strlcat(string, " HOST", str_size);
> + seq_buf_puts(s, " HOST")
>
> if (triggers & WMI_RESUME_TRIGGER_UCAST_RX)
> - strlcat(string, " UCAST_RX", str_size);
> + seq_buf_puts(s, " UCAST_RX");
>
> if (triggers & WMI_RESUME_TRIGGER_BCAST_RX)
> - strlcat(string, " BCAST_RX", str_size);
> + seq_buf_puts(s, " BCAST_RX");
>
> if (triggers & WMI_RESUME_TRIGGER_WMI_EVT)
> - strlcat(string, " WMI_EVT", str_size);
> + seq_buf_puts(s, " WMI_EVT");
>
> if (triggers & WMI_RESUME_TRIGGER_DISCONNECT)
> - strlcat(string, " DISCONNECT", str_size);
> + seq_buf_puts(s, " DISCONNECT");
> }
>
> int wmi_resume(struct wil6210_priv *wil)
> {
> struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev);
> int rc;
> - char string[100];
> + DECLARE_SEQ_BUF(s, 100);
> struct {
> struct wmi_cmd_hdr wmi;
> struct wmi_traffic_resume_event evt;
> @@ -3203,10 +3201,9 @@ int wmi_resume(struct wil6210_priv *wil)
> WIL_WAIT_FOR_SUSPEND_RESUME_COMP);
> if (rc)
> return rc;
> - resume_triggers2string(le32_to_cpu(reply.evt.resume_triggers), string,
> - sizeof(string));
> + resume_triggers2string(le32_to_cpu(reply.evt.resume_triggers), s);
> wil_dbg_pm(wil, "device resume %s, resume triggers:%s (0x%x)\n",
> - reply.evt.status ? "failed" : "passed", string,
> + reply.evt.status ? "failed" : "passed", seq_buf_cstr(s),
> le32_to_cpu(reply.evt.resume_triggers));
>
> return reply.evt.status;
> --
> 2.34.1
>
Thanks
Justin
Powered by blists - more mailing lists