lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20231026171349.work.928-kees@kernel.org>
Date:   Thu, 26 Oct 2023 10:13:49 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Kalle Valo <kvalo@...nel.org>
Cc:     Kees Cook <keescook@...omium.org>,
        Johannes Berg <johannes.berg@...el.com>,
        Max Chen <mxchen@...eaurora.org>,
        Yang Shen <shenyang39@...wei.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        "Matthew Wilcox (Oracle)" <willy@...radead.org>,
        Christoph Hellwig <hch@....de>,
        Justin Stitt <justinstitt@...gle.com>,
        Kent Overstreet <kent.overstreet@...ux.dev>,
        Petr Mladek <pmladek@...e.com>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Arnd Bergmann <arnd@...db.de>,
        Jonathan Corbet <corbet@....net>,
        Yun Zhou <yun.zhou@...driver.com>,
        Jacob Keller <jacob.e.keller@...el.com>,
        Zhen Lei <thunder.leizhen@...wei.com>,
        linux-trace-kernel@...r.kernel.org, linux-wireless@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: [RFC][PATCH] wifi: wil6210: Replace strlcat() usage with seq_buf

The use of strlcat() is fragile at best, and we'd like to remove it from
the available string APIs in the kernel. Instead, use the safer seq_buf
APIs.

Cc: Kalle Valo <kvalo@...nel.org>
Cc: Johannes Berg <johannes.berg@...el.com>
Cc: Max Chen <mxchen@...eaurora.org>
Cc: Yang Shen <shenyang39@...wei.com>
Cc: Steven Rostedt <rostedt@...dmis.org>
Cc: "Matthew Wilcox (Oracle)" <willy@...radead.org>
Cc: Christoph Hellwig <hch@....de>
Cc: Justin Stitt <justinstitt@...gle.com>
Cc: Kent Overstreet <kent.overstreet@...ux.dev>
Cc: Petr Mladek <pmladek@...e.com>
Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Cc: Rasmus Villemoes <linux@...musvillemoes.dk>
Cc: Sergey Senozhatsky <senozhatsky@...omium.org>
Cc: Masami Hiramatsu <mhiramat@...nel.org>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Arnd Bergmann <arnd@...db.de>
Cc: Jonathan Corbet <corbet@....net>
Cc: Yun Zhou <yun.zhou@...driver.com>
Cc: Jacob Keller <jacob.e.keller@...el.com>
Cc: Zhen Lei <thunder.leizhen@...wei.com>
Cc: linux-trace-kernel@...r.kernel.org
Cc: linux-wireless@...r.kernel.org
Signed-off-by: Kees Cook <keescook@...omium.org>
---
This is mainly an example of where/how to use the ongoing seq_buf
refactoring happening in the tracing tree:
https://lore.kernel.org/lkml/20231026170722.work.638-kees@kernel.org/
---
 drivers/net/wireless/ath/wil6210/wmi.c | 23 ++++++++++-------------
 1 file changed, 10 insertions(+), 13 deletions(-)

diff --git a/drivers/net/wireless/ath/wil6210/wmi.c b/drivers/net/wireless/ath/wil6210/wmi.c
index 6fdb77d4c59e..45b8c651b8e2 100644
--- a/drivers/net/wireless/ath/wil6210/wmi.c
+++ b/drivers/net/wireless/ath/wil6210/wmi.c
@@ -3159,36 +3159,34 @@ int wmi_suspend(struct wil6210_priv *wil)
 	return rc;
 }
 
-static void resume_triggers2string(u32 triggers, char *string, int str_size)
+static void resume_triggers2string(u32 triggers, struct seq_buf *s)
 {
-	string[0] = '\0';
-
 	if (!triggers) {
-		strlcat(string, " UNKNOWN", str_size);
+		seq_buf_puts(s, " UNKNOWN");
 		return;
 	}
 
 	if (triggers & WMI_RESUME_TRIGGER_HOST)
-		strlcat(string, " HOST", str_size);
+		seq_buf_puts(s, " HOST")
 
 	if (triggers & WMI_RESUME_TRIGGER_UCAST_RX)
-		strlcat(string, " UCAST_RX", str_size);
+		seq_buf_puts(s, " UCAST_RX");
 
 	if (triggers & WMI_RESUME_TRIGGER_BCAST_RX)
-		strlcat(string, " BCAST_RX", str_size);
+		seq_buf_puts(s, " BCAST_RX");
 
 	if (triggers & WMI_RESUME_TRIGGER_WMI_EVT)
-		strlcat(string, " WMI_EVT", str_size);
+		seq_buf_puts(s, " WMI_EVT");
 
 	if (triggers & WMI_RESUME_TRIGGER_DISCONNECT)
-		strlcat(string, " DISCONNECT", str_size);
+		seq_buf_puts(s, " DISCONNECT");
 }
 
 int wmi_resume(struct wil6210_priv *wil)
 {
 	struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev);
 	int rc;
-	char string[100];
+	DECLARE_SEQ_BUF(s, 100);
 	struct {
 		struct wmi_cmd_hdr wmi;
 		struct wmi_traffic_resume_event evt;
@@ -3203,10 +3201,9 @@ int wmi_resume(struct wil6210_priv *wil)
 		      WIL_WAIT_FOR_SUSPEND_RESUME_COMP);
 	if (rc)
 		return rc;
-	resume_triggers2string(le32_to_cpu(reply.evt.resume_triggers), string,
-			       sizeof(string));
+	resume_triggers2string(le32_to_cpu(reply.evt.resume_triggers), s);
 	wil_dbg_pm(wil, "device resume %s, resume triggers:%s (0x%x)\n",
-		   reply.evt.status ? "failed" : "passed", string,
+		   reply.evt.status ? "failed" : "passed", seq_buf_cstr(s),
 		   le32_to_cpu(reply.evt.resume_triggers));
 
 	return reply.evt.status;
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ