| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 May 2015 09:10:18 +1000 From: Michael Ellerman <mpe@...erman.id.au> To: Chris Metcalf <cmetcalf@...hip.com> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Al Viro <viro@...iv.linux.org.uk>, Fabian Frederick <fabf@...net.be>, Randy Dunlap <rdunlap@...radead.org>, Rickard Strandqvist <rickard_strandqvist@...ctrumdigital.se>, gregkh@...uxfoundation.org, Peter Zijlstra <peterz@...radead.org>, "David S. Miller" <davem@...emloft.net>, Frederic Weisbecker <fweisbec@...il.com>, Andrew Morton <akpm@...ux-foundation.org>, Sam Ravnborg <sam@...nborg.org>, Stephen Rothwell <sfr@...b.auug.org.au>, Theodore Ts'o <tytso@....edu>, Grant Likely <grant.likely@...aro.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, linux-arch@...r.kernel.org Subject: Re: [PATCH 0/3] add new strscpy() API for string copy On Thu, 2015-04-30 at 12:01 -0400, Chris Metcalf wrote: > This patch series addresses limitations in strncpy() and strlcpy(); > both the old APIs are unpleasant, as Linus nicely summarized here > a couple of days ago: > > https://lkml.org/lkml/2015/4/28/570 > > and of course as other folks (Greg K-H and Linus again) said last year: > > https://plus.google.com/+gregkroahhartman/posts/1amLbuhWbh5 > > The proposed new API (strscpy(), for "s"afe string copy) has an > easy-to-use API for detecting buffer overflow, avoids unsafe truncation > by default, and isn't subject to thread-safety attacks like the current > strlcpy implementation. See patch 2/3 for more on why strscpy() is a > good thing. +1 on the concept. > To make strscpy() work more efficiently I did the minimum tweaking > necessary to allow <asm/word-at-a-time.h> to work on all architectures, > though of course individual maintainers can still make their versions > more efficient as needed. > > It's likely not necessary for per-architecture implementations of > strscpy() to be written, but I stuck with the standard __HAVE_ARCH_XXX > model just for consistency with the rest of <linux/string.h>. > > I tested the implementation with a simple user-space harness, so I > believe it is correct for the corner cases I could think of. In > particular I pairwise-tested all the unaligned values of source and > dest, and tested the restriction on src page-crossing at all > unaligned offsets approaching the page boundary. Can you please put that in tools/testing/selftests and merge it as part of the series? That way I can run the tests and be confident it works on powerpc. cheers -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists