Commit 07f8230b authored Apr 02, 2024 by Justin Stitt Committed by Kees Cook Apr 30, 2024

init: replace deprecated strncpy with strscpy_pad

strncpy() is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces.

data_page wants to be NUL-terminated and NUL-padded, use strscpy_pad to
provide both of these. data_page no longer awkwardly relies on
init_mount to perform its NUL-termination, although that sanity check is
left unchanged.

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90


Cc:  <linux-hardening@vger.kernel.org>
Signed-off-by: Justin Stitt <justinstitt@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20240402-strncpy-init-do_mounts-c-v1-1-e16d7bc20974@google.com


Signed-off-by: Kees Cook <keescook@chromium.org>

parent 998b1807

init/do_mounts.c

+1 −2

Original line number	Diff line number	Diff line
		@@ -159,8 +159,7 @@ static int __init do_mount_root(const char name, const char fs,
		if (!p)
		return -ENOMEM;
		data_page = page_address(p);
		/* zero-pad. init_mount() will make sure it's terminated */
		strncpy(data_page, data, PAGE_SIZE);
		strscpy_pad(data_page, data, PAGE_SIZE);
		}

		ret = init_mount(name, "/root", fs, flags, data_page);