Re: [PATCH] net: dsa: remove deprecated strncpy

[Kees Cook]

On July 17, 2023 5:04:19 PM PDT, justinstitt@xxxxxxxxxx wrote:
>`strncpy` is deprecated for use on NUL-terminated destination strings [1].
>
>Even call sites utilizing length-bounded destination buffers should
>switch over to using `strtomem` or `strtomem_pad`. In this case,
>however, the compiler is unable to determine the size of the `data`
>buffer which renders `strtomem` unusable. Due to this, `strscpy`
>should be used.
>
>It should be noted that most call sites already zero-initialize the
>destination buffer. However, I've opted to use `strscpy_pad` to maintain
>the same exact behavior that `strncpy` produced (zero-padded tail up to
>`len`).
>
>Also see [3].
>
>[1]: www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings
>[2]: elixir.bootlin.com/linux/v6.3/source/net/ethtool/ioctl.c#L1944
>[3]: manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html
>
>Link: https://github.com/KSPP/linux/issues/90
>Signed-off-by: Justin Stitt <justinstitt@xxxxxxxxxx>

This looks fine to me. I think the _pad variant is overkill (this region is already zero-initialized[1]), but it's a reasonable precaution for robustness.

Honestly I find the entire get_strings API to be very fragile given the lack of passing the length of the buffer, instead depending on the string set length lookups in each callback, but refactoring that looks like a ton of work for an uncertain benefit.

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

-Kees

[1] https://elixir.bootlin.com/linux/v6.3/source/net/ethtool/ioctl.c#L1944


-- 
Kees Cook