| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202503111540.8EB9B4702@keescook> Date: Tue, 11 Mar 2025 15:41:29 -0700 From: Kees Cook <kees@...nel.org> To: Andrew Lunn <andrew@...n.ch> Cc: Nicolas Ferre <nicolas.ferre@...rochip.com>, Claudiu Beznea <claudiu.beznea@...on.dev>, Andrew Lunn <andrew+netdev@...n.ch>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH] net: macb: Truncate TX1519CNT for trailing NUL On Tue, Mar 11, 2025 at 03:12:00PM +0100, Andrew Lunn wrote: > On Mon, Mar 10, 2025 at 03:24:16PM -0700, Kees Cook wrote: > > GCC 15's -Wunterminated-string-initialization saw that this string was > > being truncated. Adjust the initializer so that the needed final NUL > > character will be present. > > This is where we get into the ugliness of the ethtool API for strings. > It is not actually NUL terminated. The code uses memcpy(), see: > > https://elixir.bootlin.com/linux/v6.13.6/source/drivers/net/ethernet/cadence/macb_main.c#L3193 > > The kAPI is that userspace provides a big buffer, and the kernel then > copies these strings into the buffer at 32 byte offsets. There is no > requirement for a NUL between them since they are all 32 bytes long. Oh right! Yes, I always forget these are not NUL terminated. Okay, I will resend this with a proper __nonstring annotation. I see the title use in drivers/net/ethernet/cadence/macb_main.c and can confirm it's not using C String APIs. -- Kees Cook
Powered by blists - more mailing lists