| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <jgk536vpai32yf4ozjx66pah2nvi67j7cnbs4wlfrj5vsetg3w@sgd6huslhtk2>
Date: Tue, 24 Jun 2025 19:46:25 +0530
From: Brahmajit Das <listout@...tout.xyz>
To: "Rafael J. Wysocki" <rafael@...nel.org>
Cc: linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-acpi@...r.kernel.org, lenb@...nel.org, lv.zheng@...el.com, kees@...nel.org,
rui.zhang@...el.com, len.brown@...el.com
Subject: Re: [PATCH] ACPI / sysfs: Replace deprecated and unsafe functions
with sysfs_emit
On 24.06.2025 15:46, Rafael J. Wysocki wrote:
> On Tue, Jun 24, 2025 at 3:38 PM Brahmajit Das <listout@...tout.xyz> wrote:
> >
> > acpi/sysfs.c has many instances of unsafe or deprecated functions such
> > as sprintf, strcpy. This patch relaces them with sysfs_emit to safer
>
> "replaces"
>
> > alternavtive and better following of kernel API.
>
> "alternative"
>
> 1. Have you tested all of the affected interfaces and verified that
> they still work as expected after the changes?
> 2. While the replaced functions are unsafe in principle, is the usage
> of them in any places affected by this patch actually unsafe?
>
The previous patch's idea came while I was working to remove strcpy from
acpi/sysfs.c. But I guess this is not a good way of sending patch and me
being a new comer didn't help that I didn't completely tested the patch
before sending, even it was meant for RFC.
I vaguely remember a tread by GHK where he asked to leave out old code
and only work on new code that you've tested. So I'll follow that for
now until I've learnt testing my changes properly.
And again sorry.
I'm working on a patch that replaces deprecated strcpy (which according
to kernel docs) with sysfs_emit. And looks like:
diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c
index a48ebbf768f9..7ce90998ab97 100644
--- a/drivers/acpi/sysfs.c
+++ b/drivers/acpi/sysfs.c
@@ -181,10 +181,9 @@ static int param_set_trace_method_name(const char *val,
/* This is a hack. We can't kmalloc in early boot. */
if (is_abs_path)
- strcpy(trace_method_name, val);
+ sysfs_emit(trace_method_name, "%s", val);
else {
- trace_method_name[0] = '\\';
- strcpy(trace_method_name+1, val);
+ sysfs_emit(trace_method_name, "\%s", val);
}
/* Restore the original tracer state */
I guess I'll keep this, instead of replacing every instance of sprint
with sysfs_emit blindly.
--
Regards,
listout
Powered by blists - more mailing lists