lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 26 Oct 2023 15:03:11 -0700
From: Justin Stitt <justinstitt@...gle.com>
To: Kees Cook <keescook@...omium.org>
Cc: Kalle Valo <kvalo@...nel.org>, Johannes Berg <johannes.berg@...el.com>, 
	Max Chen <mxchen@...eaurora.org>, Yang Shen <shenyang39@...wei.com>, 
	Steven Rostedt <rostedt@...dmis.org>, "Matthew Wilcox (Oracle)" <willy@...radead.org>, 
	Christoph Hellwig <hch@....de>, Kent Overstreet <kent.overstreet@...ux.dev>, Petr Mladek <pmladek@...e.com>, 
	Andy Shevchenko <andriy.shevchenko@...ux.intel.com>, 
	Rasmus Villemoes <linux@...musvillemoes.dk>, Sergey Senozhatsky <senozhatsky@...omium.org>, 
	Masami Hiramatsu <mhiramat@...nel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, 
	Arnd Bergmann <arnd@...db.de>, Jonathan Corbet <corbet@....net>, Yun Zhou <yun.zhou@...driver.com>, 
	Jacob Keller <jacob.e.keller@...el.com>, Zhen Lei <thunder.leizhen@...wei.com>, 
	linux-trace-kernel@...r.kernel.org, linux-wireless@...r.kernel.org, 
	linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [RFC][PATCH] wifi: wil6210: Replace strlcat() usage with seq_buf

On Thu, Oct 26, 2023 at 10:13 AM Kees Cook <keescook@...omium.org> wrote:
>
> The use of strlcat() is fragile at best, and we'd like to remove it from
> the available string APIs in the kernel. Instead, use the safer seq_buf
> APIs.
>
> Cc: Kalle Valo <kvalo@...nel.org>
> Cc: Johannes Berg <johannes.berg@...el.com>
> Cc: Max Chen <mxchen@...eaurora.org>
> Cc: Yang Shen <shenyang39@...wei.com>
> Cc: Steven Rostedt <rostedt@...dmis.org>
> Cc: "Matthew Wilcox (Oracle)" <willy@...radead.org>
> Cc: Christoph Hellwig <hch@....de>
> Cc: Justin Stitt <justinstitt@...gle.com>
> Cc: Kent Overstreet <kent.overstreet@...ux.dev>
> Cc: Petr Mladek <pmladek@...e.com>
> Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
> Cc: Rasmus Villemoes <linux@...musvillemoes.dk>
> Cc: Sergey Senozhatsky <senozhatsky@...omium.org>
> Cc: Masami Hiramatsu <mhiramat@...nel.org>
> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> Cc: Arnd Bergmann <arnd@...db.de>
> Cc: Jonathan Corbet <corbet@....net>
> Cc: Yun Zhou <yun.zhou@...driver.com>
> Cc: Jacob Keller <jacob.e.keller@...el.com>
> Cc: Zhen Lei <thunder.leizhen@...wei.com>
> Cc: linux-trace-kernel@...r.kernel.org
> Cc: linux-wireless@...r.kernel.org
> Signed-off-by: Kees Cook <keescook@...omium.org>
> ---
> This is mainly an example of where/how to use the ongoing seq_buf
> refactoring happening in the tracing tree:
> https://lore.kernel.org/lkml/20231026170722.work.638-kees@kernel.org/

I like it. C-strings and many of their associated apis are dodgy. This
looks like a worthwhile replacement.

I think many of my strncpy -> strscpy replacements could've easily
been something along these lines as well.

Happy to see robustness increasing in the kernel by means
of replacing sketchy C-string stuff.

> ---
>  drivers/net/wireless/ath/wil6210/wmi.c | 23 ++++++++++-------------
>  1 file changed, 10 insertions(+), 13 deletions(-)
>
> diff --git a/drivers/net/wireless/ath/wil6210/wmi.c b/drivers/net/wireless/ath/wil6210/wmi.c
> index 6fdb77d4c59e..45b8c651b8e2 100644
> --- a/drivers/net/wireless/ath/wil6210/wmi.c
> +++ b/drivers/net/wireless/ath/wil6210/wmi.c
> @@ -3159,36 +3159,34 @@ int wmi_suspend(struct wil6210_priv *wil)
>         return rc;
>  }
>
> -static void resume_triggers2string(u32 triggers, char *string, int str_size)
> +static void resume_triggers2string(u32 triggers, struct seq_buf *s)
>  {
> -       string[0] = '\0';
> -
>         if (!triggers) {
> -               strlcat(string, " UNKNOWN", str_size);
> +               seq_buf_puts(s, " UNKNOWN");
>                 return;
>         }
>
>         if (triggers & WMI_RESUME_TRIGGER_HOST)
> -               strlcat(string, " HOST", str_size);
> +               seq_buf_puts(s, " HOST")
>
>         if (triggers & WMI_RESUME_TRIGGER_UCAST_RX)
> -               strlcat(string, " UCAST_RX", str_size);
> +               seq_buf_puts(s, " UCAST_RX");
>
>         if (triggers & WMI_RESUME_TRIGGER_BCAST_RX)
> -               strlcat(string, " BCAST_RX", str_size);
> +               seq_buf_puts(s, " BCAST_RX");
>
>         if (triggers & WMI_RESUME_TRIGGER_WMI_EVT)
> -               strlcat(string, " WMI_EVT", str_size);
> +               seq_buf_puts(s, " WMI_EVT");
>
>         if (triggers & WMI_RESUME_TRIGGER_DISCONNECT)
> -               strlcat(string, " DISCONNECT", str_size);
> +               seq_buf_puts(s, " DISCONNECT");
>  }
>
>  int wmi_resume(struct wil6210_priv *wil)
>  {
>         struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev);
>         int rc;
> -       char string[100];
> +       DECLARE_SEQ_BUF(s, 100);
>         struct {
>                 struct wmi_cmd_hdr wmi;
>                 struct wmi_traffic_resume_event evt;
> @@ -3203,10 +3201,9 @@ int wmi_resume(struct wil6210_priv *wil)
>                       WIL_WAIT_FOR_SUSPEND_RESUME_COMP);
>         if (rc)
>                 return rc;
> -       resume_triggers2string(le32_to_cpu(reply.evt.resume_triggers), string,
> -                              sizeof(string));
> +       resume_triggers2string(le32_to_cpu(reply.evt.resume_triggers), s);
>         wil_dbg_pm(wil, "device resume %s, resume triggers:%s (0x%x)\n",
> -                  reply.evt.status ? "failed" : "passed", string,
> +                  reply.evt.status ? "failed" : "passed", seq_buf_cstr(s),
>                    le32_to_cpu(reply.evt.resume_triggers));
>
>         return reply.evt.status;
> --
> 2.34.1
>

Thanks
Justin

Powered by blists - more mailing lists