lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ZGTV054XzxkP8Y/F@kernel.org>
Date:   Wed, 17 May 2023 10:25:39 -0300
From:   Arnaldo Carvalho de Melo <acme@...nel.org>
To:     Azeem Shaikh <azeemshaikh38@...il.com>
Cc:     Kees Cook <keescook@...omium.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Ingo Molnar <mingo@...hat.com>,
        linux-hardening@...r.kernel.org,
        Mark Rutland <mark.rutland@....com>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
        Jiri Olsa <jolsa@...nel.org>,
        Namhyung Kim <namhyung@...nel.org>,
        Ian Rogers <irogers@...gle.com>,
        Adrian Hunter <adrian.hunter@...el.com>,
        linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org,
        Kan Liang <kan.liang@...ux.intel.com>,
        Yang Jihong <yangjihong1@...wei.com>,
        Liam Howlett <liam.howlett@...cle.com>,
        Miguel Ojeda <ojeda@...nel.org>,
        Andrii Nakryiko <andrii@...nel.org>,
        Leo Yan <leo.yan@...aro.org>,
        James Clark <james.clark@....com>,
        Suzuki Poulouse <suzuki.poulose@....com>,
        Sean Christopherson <seanjc@...gle.com>,
        Paolo Bonzini <pbonzini@...hat.com>
Subject: Re: [PATCH] perf pmu: Replace all non-returning strlcpy with strscpy

Em Tue, May 16, 2023 at 11:14:38AM -0700, Kees Cook escreveu:
> On Tue, May 16, 2023 at 12:05:00AM +0000, Azeem Shaikh wrote:
> > strlcpy() reads the entire source buffer first.
> > This read may exceed the destination size limit.
> > This is both inefficient and can lead to linear read
> > overflows if a source string is not NUL-terminated [1].
> > In an effort to remove strlcpy() completely [2], replace
> > strlcpy() here with strscpy().
> > No return values were used, so direct replacement is safe.
> > 
> > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
> > [2] https://github.com/KSPP/linux/issues/89
> > 
> > Signed-off-by: Azeem Shaikh <azeemshaikh38@...il.com>
> 
> Reviewed-by: Kees Cook <keescook@...omium.org>

Not building as strscpy() doesn't seem to be available for tools/ code,
probably you'll need to first copy from the kernel too tools/lib/.

- Arnaldo

  CLANG   /tmp/build/perf-tools-next/util/bpf_skel/.tmp/sample_filter.bpf.o
jvmti/libjvmti.c: In function ‘copy_class_filename’:
jvmti/libjvmti.c:161:17: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
  161 |                 strscpy(result, file_name, max_length);
      |                 ^~~~~~~
      |                 strlcpy
cc1: all warnings being treated as errors
make[3]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/jvmti/libjvmti.o] Error 1
make[2]: *** [Makefile.perf:818: /tmp/build/perf-tools-next/jvmti/jvmti-in.o] Error 2
make[2]: *** Waiting for unfinished jobs....
/var/home/acme/git/perf-tools-next/tools/perf/util/pmu-hybrid.c: In function ‘perf_pmu__hybrid_mounted’:
/var/home/acme/git/perf-tools-next/tools/perf/util/pmu-hybrid.c:30:9: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
   30 |         strscpy(pmu_name, name, sizeof(pmu_name));
      |         ^~~~~~~
      |         strlcpy
cc1: all warnings being treated as errors
error: command '/usr/lib64/ccache/gcc' failed with exit code 1
cp: cannot stat '/tmp/build/perf-tools-next/python_ext_build/lib/perf*.so': No such file or directory
make[2]: *** [Makefile.perf:651: /tmp/build/perf-tools-next/python/perf.cpython-311-x86_64-linux-gnu.so] Error 1

Auto-detecting system features:
...                         clang-bpf-co-re: [ on  ]
...                                    llvm: [ OFF ]
...                                  libcap: [ on  ]
...                                  libbfd: [ on  ]

  MKDIR   /tmp/build/perf-tools-next/util/bpf_skel/.tmp/bootstrap/libbpf/include/bpf
  MKDIR   /tmp/build/perf-tools-next/util/bpf_skel/.tmp/bootstrap/

  CC      /tmp/build/perf-tools-next/util/intel-pt-decoder/intel-pt-log.o
util/llvm-utils.c: In function ‘search_program’:
util/llvm-utils.c:83:33: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
   83 |                                 strscpy(output, def, PATH_MAX);
      |                                 ^~~~~~~
      |                                 strlcpy
cc1: all warnings being treated as errors
  CC      /tmp/build/perf-tools-next/util/intel-pt-decoder/intel-pt-decoder.o
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:98: /tmp/build/perf-tools-next/util/llvm-utils.o] Error 1
make[4]: *** Waiting for unfinished jobs....
  CC      /tmp/build/perf-tools-next/util/cs-etm-base.o
  CC      /tmp/build/perf-tools-next/util/parse-branch-options.o
  LD      /tmp/build/perf-tools-next/util/cs-etm-decoder/perf-in.o
  LD      /tmp/build/perf-tools-next/util/hisi-ptt-decoder/perf-in.o
  LD      /tmp/build/perf-tools-next/util/arm-spe-decoder/perf-in.o
  CC      /tmp/build/perf-tools-next/util/intel-pt-decoder/intel-pt-insn-decoder.o
  LD      /tmp/build/perf-tools-next/util/scripting-engines/perf-in.o
util/pmu-hybrid.c: In function ‘perf_pmu__hybrid_mounted’:
util/pmu-hybrid.c:30:9: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
   30 |         strscpy(pmu_name, name, sizeof(pmu_name));
      |         ^~~~~~~
      |         strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/util/pmu-hybrid.o] Error 1
tests/symbols.c: In function ‘get_test_dso_filename’:
tests/symbols.c:48:17: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
   48 |                 strscpy(filename, dso_to_test, max_sz);
      |                 ^~~~~~~
      |                 strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/tests/symbols.o] Error 1
make[4]: *** Waiting for unfinished jobs....
tests/dlfilter-test.c: In function ‘get_dlfilters_path’:
tests/dlfilter-test.c:237:9: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
  237 |         strscpy(buf, dirname(path), sz);
      |         ^~~~~~~
      |         strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/tests/dlfilter-test.o] Error 1
make[3]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:140: tests] Error 2
/var/home/acme/git/perf-tools-next/tools/perf/util/pmu-hybrid.c: In function ‘perf_pmu__hybrid_mounted’:
/var/home/acme/git/perf-tools-next/tools/perf/util/pmu-hybrid.c:30:9: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
   30 |         strscpy(pmu_name, name, sizeof(pmu_name));
      |         ^~~~~~~
      |         strlcpy
cc1: all warnings being treated as errors
error: command '/usr/lib64/ccache/gcc' failed with exit code 1
cp: cannot stat '/tmp/build/perf-tools-next/python_ext_build/lib/perf*.so': No such file or directory
make[2]: *** [Makefile.perf:651: /tmp/build/perf-tools-next/python/perf.cpython-311-x86_64-linux-gnu.so] Error 1
util/svghelper.c: In function ‘cpu_model’:
util/svghelper.c:335:33: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
  335 |                                 strscpy(cpu_m, &buf[13], 255);
      |                                 ^~~~~~~
      |                                 strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/util/svghelper.o] Error 1
util/dso.c: In function ‘filename__decompress’:
util/dso.c:354:17: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
  354 |                 strscpy(pathname, tmpbuf, len);
      |                 ^~~~~~~
      |                 strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/util/dso.o] Error 1
util/symbol.c: In function ‘dso__load’:
util/symbol.c:1970:33: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
 1970 |                                 strscpy(name, new_name, PATH_MAX);
      |                                 ^~~~~~~
      |                                 strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/util/symbol.o] Error 1
util/annotate.c: In function ‘dso__disassemble_filename’:
util/annotate.c:1718:33: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
 1718 |                                 strscpy(filename, new_name, filename_size);
      |                                 ^~~~~~~
      |                                 strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/util/annotate.o] Error 1
util/synthetic-events.c: In function ‘perf_event__synthesize_event_update_unit’:
util/synthetic-events.c:1982:9: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
 1982 |         strscpy(ev->unit, evsel->unit, size + 1);
      |         ^~~~~~~
      |         strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/util/synthetic-events.o] Error 1
util/auxtrace.c: In function ‘auxtrace_synth_guest_error’:
util/auxtrace.c:1216:9: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
 1216 |         strscpy(auxtrace_error->msg, msg, MAX_AUXTRACE_ERROR_MSG);
      |         ^~~~~~~
      |         strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/util/auxtrace.o] Error 1
util/intel-pt-decoder/intel-pt-decoder.c: In function ‘intel_pt__strerror’:
util/intel-pt-decoder/intel-pt-decoder.c:510:9: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
  510 |         strscpy(buf, intel_pt_err_msgs[code], buflen);
      |         ^~~~~~~
      |         strlcpy
cc1: all warnings being treated as errors
make[5]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/util/intel-pt-decoder/intel-pt-decoder.o] Error 1
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:140: intel-pt-decoder] Error 2
util/machine.c: In function ‘machine__create_extra_kernel_map’:
util/machine.c:1226:9: error: implicit declaration of function ‘strscpy’; did you mean ‘strlcpy’? [-Werror=implicit-function-declaration]
 1226 |         strscpy(kmap->name, xm->name, KMAP_NAME_LEN);
      |         ^~~~~~~
      |         strlcpy
cc1: all warnings being treated as errors
make[4]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:97: /tmp/build/perf-tools-next/util/machine.o] Error 1
make[3]: *** [/var/home/acme/git/perf-tools-next/tools/build/Makefile.build:140: util] Error 2
make[2]: *** [Makefile.perf:676: /tmp/build/perf-tools-next/perf-in.o] Error 2
  CC      /tmp/build/perf-tools-next/pmu-events/pmu-events.o
  LD      /tmp/build/perf-tools-next/pmu-events/pmu-events-in.o
make[1]: *** [Makefile.perf:236: sub-make] Error 2
make: *** [Makefile:113: install-bin] Error 2
make: Leaving directory '/var/home/acme/git/perf-tools-next/tools/perf'

 Performance counter stats for 'make -k BUILD_BPF_SKEL=1 CORESIGHT=1 O=/tmp/build/perf-tools-next -C tools/perf install-bin':

       61899912971      cycles:u                                                              
      106832920114      instructions:u                   #    1.73  insn per cycle            

       4.586621727 seconds time elapsed

      14.384368000 seconds user
       5.495604000 seconds sys


⬢[acme@...lbox perf-tools-next]$ 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ