Re: [Ksummit-discuss] [MAINTAINERS SUMMIT] API replacement/deprecation

ksummit.lists.linux.dev archive mirror
 help / color / mirror / Atom feed

From: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
To: Kees Cook <keescook@chromium.org>
Cc: ksummit <ksummit-discuss@lists.linuxfoundation.org>
Subject: Re: [Ksummit-discuss] [MAINTAINERS SUMMIT] API replacement/deprecation
Date: Mon, 10 Sep 2018 09:28:14 -0300	[thread overview]
Message-ID: <20180910092814.085dcebd@coco.lan> (raw)
In-Reply-To: <CAGXu5jKQJfeOmTRBXB7ofW1iH6FNGROnSZzYdpG=H_Hu8zep=w@mail.gmail.com>

Em Thu, 6 Sep 2018 16:24:03 -0700
Kees Cook <keescook@chromium.org> escreveu:

> On Thu, Sep 6, 2018 at 4:18 PM, Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> > Hi Kees,
> >
> > On Thu, 6 Sep 2018 11:24:11 -0700 Kees Cook <keescook@chromium.org> wrote:  
> >>
> >> If there was an agreement by all maintainers that deprecated
> >> functions/patterns should not be added, and we documented the
> >> deprecation somewhere like Documentation/process/deprecated.rst, then
> >> we could make the declaration that if such functions got added (it's
> >> easy to mechanically check for them), it would be the responsibility
> >> of the author and maintainer chain to see that it got fixed before the
> >> release is cut. We already have this for things like "breaks the x86
> >> allmodconfig build" or similar. The checking would be manual, and the
> >> enforcement would be by agreement, but it'd be better than the kind of
> >> "please don't do this" hand-waving we've had in the past.  
> >
> > I could do this in linux-next, of course, the same way I check for
> > missing signed-off-bys.  All I would need is the list of deprecated
> > things.  
> 
> Hopefully we can all agree on deprecating strcpy() and strncpy() in
> favor of strscpy()?

I suspect that that's the way to go for most use cases.

In the case of media, I double-checked: 100% of the usages can be
replaced by strscpy() [1]. I just sent a patchset for review with
such changes.

[1] doing a:
	
$ git grep -E "str.?cpy" drivers/media drivers/staging/media/ |grep -v strscpy

after this patchset, we have one case of strncpy_from_user(), 
at av7110:

		if (strncpy_from_user(textbuf, dc->data, 240) < 0) {
			ret = -EFAULT;
			break;
		}
		textbuf[239] = 0;

The above code seems OK, so no real need to change.

Yet, there are 104 occurrences of strncpy_from_user(). If they
all do something similar, it could make sense to have a 
strscpy_from_user() function. If you're willing to do so, 
feel free to also convert av7110 to it.

Thanks,
Mauro

next prev parent reply	other threads:[~2018-09-10 12:28 UTC|newest]

Thread overview: 39+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-09-05 22:57 Kees Cook
2018-09-05 23:41 ` Stephen Rothwell
2018-09-06  2:24   ` Steven Rostedt
2018-09-06  6:12     ` Julia Lawall
2018-09-06 18:24     ` Kees Cook
2018-09-06 23:18       ` Stephen Rothwell
2018-09-06 23:24         ` Kees Cook
2018-09-07  7:03           ` Takashi Iwai
2018-09-07  7:20             ` Johannes Berg
2018-09-07  7:31               ` Takashi Iwai
2018-09-07  9:42               ` Julia Lawall
2018-09-07  8:04             ` Jani Nikula
2018-09-07  9:38               ` Julia Lawall
2018-09-07  9:54                 ` Jani Nikula
2018-09-07 10:05                   ` Julia Lawall
2018-09-07 10:43                     ` Jani Nikula
2018-09-07 10:25                   ` Alexandre Belloni
2018-09-07 11:44                     ` Mark Brown
2018-09-10 12:51                   ` Mauro Carvalho Chehab
2018-09-11  8:10                     ` Jani Nikula
2018-09-11  9:34                       ` Mauro Carvalho Chehab
2018-09-11 11:08                         ` Arnd Bergmann
2018-09-07  8:19           ` Jan Kara
2018-09-07 14:33           ` Theodore Y. Ts'o
2018-09-07 16:10             ` Kees Cook
2018-09-07 20:30               ` Arnd Bergmann
2018-09-07 20:56                 ` Theodore Y. Ts'o
2018-09-08  8:15                   ` Geert Uytterhoeven
2018-09-08 15:19                     ` Theodore Y. Ts'o
2018-09-10 12:28           ` Mauro Carvalho Chehab [this message]
2018-09-10 16:09             ` Kees Cook
2018-09-07 10:14         ` Dan Carpenter
2018-09-07 10:40         ` Geert Uytterhoeven
2018-09-07  8:40       ` Maxime Ripard
2018-09-06  4:44 ` Julia Lawall
2018-09-06 10:04 ` Linus Walleij
2018-09-06 10:11 ` Geert Uytterhoeven
2018-09-06 14:59   ` Kees Cook
2018-09-06 15:06     ` Geert Uytterhoeven

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180910092814.085dcebd@coco.lan \
    --to=mchehab+samsung@kernel.org \
    --cc=keescook@chromium.org \
    --cc=ksummit-discuss@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox