1. Patchew
  2. linux
  3. View series

[PATCH v2] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()

Justin Stitt posted 1 patch 2 years, 2 months ago 
drivers/net/dsa/lan9303-core.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
[PATCH v2] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
Posted by Justin Stitt 2 years, 2 months ago 
This pattern of strncpy with some pointer arithmetic setting fixed-sized
intervals with string literal data is a bit weird so let's use
ethtool_sprintf() as this has more obvious behavior and is less-error
prone.

Nicely, we also get to drop a usage of the now deprecated strncpy() [1].

One might consider this pattern:
|       ethtool_sprintf(&buf, lan9303_mib[u].name);
... but this triggers a -Wformat-security warning.

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Justin Stitt <justinstitt@google.com>
Suggested-by: Alexander Lobakin <aleksander.lobakin@intel.com>
---
Changes in v2:
- use ethtool_sprintf (thanks Alexander)
- Link to v1: https://lore.kernel.org/r/20231005-strncpy-drivers-net-dsa-lan9303-core-c-v1-1-5a66c538147e@google.com
---
Note: build-tested only.
---
 drivers/net/dsa/lan9303-core.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/net/dsa/lan9303-core.c b/drivers/net/dsa/lan9303-core.c
index ee67adeb2cdb..95a8e5168c2a 100644
--- a/drivers/net/dsa/lan9303-core.c
+++ b/drivers/net/dsa/lan9303-core.c
@@ -1007,14 +1007,14 @@ static const struct lan9303_mib_desc lan9303_mib[] = {
 static void lan9303_get_strings(struct dsa_switch *ds, int port,
 				u32 stringset, uint8_t *data)
 {
+	u8 *buf = data;
 	unsigned int u;
 
 	if (stringset != ETH_SS_STATS)
 		return;
 
 	for (u = 0; u < ARRAY_SIZE(lan9303_mib); u++) {
-		strncpy(data + u * ETH_GSTRING_LEN, lan9303_mib[u].name,
-			ETH_GSTRING_LEN);
+		ethtool_sprintf(&buf, "%s", lan9303_mib[u].name);
 	}
 }
 

---
base-commit: cbf3a2cb156a2c911d8f38d8247814b4c07f49a2
change-id: 20231005-strncpy-drivers-net-dsa-lan9303-core-c-6386858e5c22

Best regards,
--
Justin Stitt <justinstitt@google.com>
Re: [PATCH v2] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
Posted by Kees Cook 2 years, 1 month ago 
On Thu, 05 Oct 2023 18:56:50 +0000, Justin Stitt wrote:
> This pattern of strncpy with some pointer arithmetic setting fixed-sized
> intervals with string literal data is a bit weird so let's use
> ethtool_sprintf() as this has more obvious behavior and is less-error
> prone.
> 
> Nicely, we also get to drop a usage of the now deprecated strncpy() [1].
> 
> [...]

Applied to for-next/hardening, thanks!

[1/1] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
      https://git.kernel.org/kees/c/f1c7720549bf

Take care,

-- 
Kees Cook
Re: [PATCH v2] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
Posted by Jakub Kicinski 2 years, 1 month ago 
On Thu, 30 Nov 2023 13:59:58 -0800 Kees Cook wrote:
> Applied to for-next/hardening, thanks!
> 
> [1/1] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
>       https://git.kernel.org/kees/c/f1c7720549bf

Please drop this, it got changes requested on our end because
I figured Alexander's comment is worth addressing.
Re: [PATCH v2] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
Posted by Kees Cook 2 years, 1 month ago 
On Thu, Nov 30, 2023 at 10:40:21PM -0800, Jakub Kicinski wrote:
> On Thu, 30 Nov 2023 13:59:58 -0800 Kees Cook wrote:
> > Applied to for-next/hardening, thanks!
> > 
> > [1/1] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
> >       https://git.kernel.org/kees/c/f1c7720549bf
> 
> Please drop this, it got changes requested on our end because
> I figured Alexander's comment is worth addressing.

Done. Justin, can you please refresh this patch (or, actually, make sure
the ethtool_puts() series lands?)

-- 
Kees Cook
Re: [PATCH v2] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
Posted by Justin Stitt 2 years ago 
On Fri, Dec 1, 2023 at 10:19 AM Kees Cook <keescook@chromium.org> wrote:
>
> On Thu, Nov 30, 2023 at 10:40:21PM -0800, Jakub Kicinski wrote:
> > On Thu, 30 Nov 2023 13:59:58 -0800 Kees Cook wrote:
> > > Applied to for-next/hardening, thanks!
> > >
> > > [1/1] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
> > >       https://git.kernel.org/kees/c/f1c7720549bf
> >
> > Please drop this, it got changes requested on our end because
> > I figured Alexander's comment is worth addressing.
>
> Done. Justin, can you please refresh this patch (or, actually, make sure
> the ethtool_puts() series lands?)

Yeah, let's let this patch die. The ethtool_puts() is on v5 and is
getting good reviewed-by's. I suspect it
will be in soon. Then I'll double back and do right by the intent of this patch.

>
> --
> Kees Cook

Justin
Re: [PATCH v2] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
Posted by Alexander Lobakin 2 years, 2 months ago 
From: Justin Stitt <justinstitt@google.com>
Date: Thu, 05 Oct 2023 18:56:50 +0000

> This pattern of strncpy with some pointer arithmetic setting fixed-sized
> intervals with string literal data is a bit weird so let's use
> ethtool_sprintf() as this has more obvious behavior and is less-error
> prone.

[...]

> diff --git a/drivers/net/dsa/lan9303-core.c b/drivers/net/dsa/lan9303-core.c
> index ee67adeb2cdb..95a8e5168c2a 100644
> --- a/drivers/net/dsa/lan9303-core.c
> +++ b/drivers/net/dsa/lan9303-core.c
> @@ -1007,14 +1007,14 @@ static const struct lan9303_mib_desc lan9303_mib[] = {
>  static void lan9303_get_strings(struct dsa_switch *ds, int port,
>  				u32 stringset, uint8_t *data)
>  {
> +	u8 *buf = data;

Is it needed here? I thought you could pass @data directly to
ethtool_sprintf(), if it doesn't mind.

>  	unsigned int u;
>  
>  	if (stringset != ETH_SS_STATS)
>  		return;
>  
>  	for (u = 0; u < ARRAY_SIZE(lan9303_mib); u++) {
> -		strncpy(data + u * ETH_GSTRING_LEN, lan9303_mib[u].name,
> -			ETH_GSTRING_LEN);
> +		ethtool_sprintf(&buf, "%s", lan9303_mib[u].name);
>  	}
>  }

Either way, this was a nitpick, so

Reviewed-by: Alexander Lobakin <aleksander.lobakin@intel.com>

>  
> 
> ---
> base-commit: cbf3a2cb156a2c911d8f38d8247814b4c07f49a2
> change-id: 20231005-strncpy-drivers-net-dsa-lan9303-core-c-6386858e5c22
> 
> Best regards,
> --
> Justin Stitt <justinstitt@google.com>
> 

Thanks,
Olek
Re: [PATCH v2] net: dsa: lan9303: use ethtool_sprintf() for lan9303_get_strings()
Posted by Kees Cook 2 years, 2 months ago 
On Thu, Oct 05, 2023 at 06:56:50PM +0000, Justin Stitt wrote:
> This pattern of strncpy with some pointer arithmetic setting fixed-sized
> intervals with string literal data is a bit weird so let's use
> ethtool_sprintf() as this has more obvious behavior and is less-error
> prone.
> 
> Nicely, we also get to drop a usage of the now deprecated strncpy() [1].
> 
> One might consider this pattern:
> |       ethtool_sprintf(&buf, lan9303_mib[u].name);
> ... but this triggers a -Wformat-security warning.
> 
> Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-hardening@vger.kernel.org
> Cc: Kees Cook <keescook@chromium.org>
> Signed-off-by: Justin Stitt <justinstitt@google.com>

Ah, cool ethtool_sprintf() works. Maybe some day we can fix the whole
API to actually have bounds, but yes, this is fine.

Reviewed-by: Kees Cook <keescook@chromium.org>

-- 
Kees Cook

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.