From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1ED29C369D5 for ; Wed, 23 Apr 2025 11:37:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3BDAD6B00A9; Wed, 23 Apr 2025 07:37:51 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 36F4D6B00AA; Wed, 23 Apr 2025 07:37:51 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1E7216B00AB; Wed, 23 Apr 2025 07:37:51 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id F21786B00A9 for ; Wed, 23 Apr 2025 07:37:50 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id C77EA1A06AC for ; Wed, 23 Apr 2025 11:37:51 +0000 (UTC) X-FDA: 83365109142.07.DE32F39 Received: from mail-wm1-f42.google.com (mail-wm1-f42.google.com [209.85.128.42]) by imf17.hostedemail.com (Postfix) with ESMTP id CB4FA40009 for ; Wed, 23 Apr 2025 11:37:49 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=J5Oj6hln; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf17.hostedemail.com: domain of mykyta.yatsenko5@gmail.com designates 209.85.128.42 as permitted sender) smtp.mailfrom=mykyta.yatsenko5@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1745408269; a=rsa-sha256; cv=none; b=jjeO0glMa2761dyWrCVsjykLC4Yp2cyWN/FoEf3ZfUq9YN01qkCQh016eSY/gP6pr8IvEw g05tk85MG5wCqednlINLQIcqufZTldwgfcJwzhf4Qsc7t1vhd/UMX/6J4BRjQlG+zDlsce ngv4aF4D7FUmN6QPpp4zBkNJXVoNYJQ= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=J5Oj6hln; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf17.hostedemail.com: domain of mykyta.yatsenko5@gmail.com designates 209.85.128.42 as permitted sender) smtp.mailfrom=mykyta.yatsenko5@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1745408269; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=mhExEbzgWbHRdVPDka5irWi7FH/fa2wSUUhM4mfor5I=; b=RmrbdNm5hfqcT9F4oWrnrWjd+Gz8WxgH+ME77wEr12Xd5158OwPthmv0EivwF9r4ha0Xhy ee0VdQTh3MSv0q49YG5MNY3zhJhHz4CjyHVd0e+08RXwIugKd1FSgPpL5GD8LV9/9ylOKJ ljbNL0SLXJH9w6Vs/WjBF6resEEbSxQ= Received: by mail-wm1-f42.google.com with SMTP id 5b1f17b1804b1-43ede096d73so46253075e9.2 for ; Wed, 23 Apr 2025 04:37:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1745408268; x=1746013068; darn=kvack.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=mhExEbzgWbHRdVPDka5irWi7FH/fa2wSUUhM4mfor5I=; b=J5Oj6hlnYqUYJJ3cwKbVGA2ABTwIFTN+L76QqwGzDOs3cS+4dDNC8tipjcmbccOgMP 8bS+QXsqOVO7gmyGa140DlnfmiUpKPab3kJVgHOagSMBWe2kwPU1p6lnww1XcbcneMkr phMwJtpvlCaAZbT6hOKoS431KoCB7DV7sHzvHYduRHO8yYE+KnvxsKzCVV3c0hOTXOT2 szkj2feawknU3PqZxyC3G83QJ5UlmEezvNrHfPkysVgQZ9aL3sM22mUCcKF0BHN4wED9 3Zvr7RI6wXgkg3jCqrfBQanfl7nHnOuwm71ovXE/Ueg7Kjzynrh+vsAz6pun1Y15/iiR xEYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745408268; x=1746013068; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=mhExEbzgWbHRdVPDka5irWi7FH/fa2wSUUhM4mfor5I=; b=IzyC3h10wTZb/rNqccBaRvMgR9L564yNpq/HUTo/xHJPYdfb+3owmMDgeU1sRybelM J7NWWZVYKFw+uWPfDjnop4oIjETQT+ur8e+PS4Nlr5x9TR+CM3H3JmlP/uny65hDIUev zeFIk7nHc+U/LIlPqbLxHZTWVhPrYG4tCNwibERM9r1wpnlaWcYfdi88mxQ7XLpVd9DS xEWzKEt92QHdu2JwvRb2NfvkXOTiyDtyw40seethiT6jQ3S2DpqqP6od3j/ZqmQHXYeQ KthuV12DSvtgaiZIHMD6oyfH97TcP6qNQtuhduQ4m/XxzOgHqRY71gQS60LnByLfrrDW 7dtA== X-Gm-Message-State: AOJu0YxbIchyMx+AvgPJ90PITu7URSbH6YC7/hnn/Gs5NpcTix7Dkj+5 zpK/wLcK1q4v42kc3NexB7AAqSLzVmX2LNc41i/qt8e/OXv0jn8o X-Gm-Gg: ASbGnctyLfFwEeVDD0Nx903MuZY6cZoajwFY/VKjPPEjkYs+OgDGru02BoDgpI7kxy4 2C4LS4x35KJ8fhaovDJeT4mdafGqDC4zDtlD39bnOvyfs8O6ct8Tvsaq0JY35DkhMRYx43m3fZD FF75Z+JTw1u6sh2O60BEPpH1WTO0OgdbsFudmTD7VyX34koGMxC27dpiAmJglXOHCHXcP6eyJWg KLAeEh1e7AkUvOLjiWMRZFL91BY9AwljP2fZLgjxCJPXsLyvcZ9+YJezjX8YmQodgqNEWpgSCCD 4UGs1KAxmM83GYLkLoncXCZjdQQUvMDtbr6A/3bPdsibK8i6tWv5mO4hJfB9dpzrsMNOv26rEX9 Q9OrNbTeKE2JUJ43p2HEskU5qsaKbiT6Y X-Google-Smtp-Source: AGHT+IGYez2ECW8B1kEuSylophgfv1+Bkfs2ZDLT9gQj6bh2P/nNq51jUvWpsxpfSvT8b90/rY8rxg== X-Received: by 2002:a05:600c:cc8:b0:43d:54a:221c with SMTP id 5b1f17b1804b1-44074f18848mr156108385e9.18.1745408267809; Wed, 23 Apr 2025 04:37:47 -0700 (PDT) Received: from ?IPV6:2a01:4b00:bf28:2e00:ff96:2dac:a39:3e10? ([2a01:4b00:bf28:2e00:ff96:2dac:a39:3e10]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-44092d3ed88sm22899445e9.35.2025.04.23.04.37.46 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 23 Apr 2025 04:37:47 -0700 (PDT) Message-ID: <08e3ec4c-4401-403e-9d81-5ee0abebba5c@gmail.com> Date: Wed, 23 Apr 2025 12:37:46 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v2] maccess: fix strncpy_from_user_nofault empty string handling To: Andrew Morton Cc: linux-mm@kvack.org, rostedt@goodmis.org, mhiramat@kernel.org, andrii@kernel.org, kernel-team@meta.com, linux-kernel@vger.kernel.org, Mykyta Yatsenko , Kees Cook References: <20250422131449.57177-1-mykyta.yatsenko5@gmail.com> <20250422172011.feb243d2f7478c0e7109b74c@linux-foundation.org> Content-Language: en-US From: Mykyta Yatsenko In-Reply-To: <20250422172011.feb243d2f7478c0e7109b74c@linux-foundation.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspam-User: X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: CB4FA40009 X-Stat-Signature: qqt9fxafrka47n1zzg1fb9h5dat4a8ns X-HE-Tag: 1745408269-615040 X-HE-Meta: U2FsdGVkX1/M1JFbIaepie/EFesbbE1e/cebyPoYwejrKoHQHwayfBOmQK5fyvbZ5PUEffO+Uh3/mENsgUJa5DW7eA6qQ6IBXqO9EoBIgwsAHOajysa4jQwg18x1f0qqOxzYFOJgsRFsWqnhaSa8RZ/yqvrK/ZuItL+aaxYEslE7Ze6SeoCVhKgqUVw7DRYYnKYho7aYKJsvndciFGuAHO7NSBFdYgvnDaMuXRbEItdJDcOHACLsS9E1tlmRumRD7QvB8A0Pcwn/50imcmN2emiG7fOzSfOWlqP/0rI7TsKTl49YQgHmOHwrEkbsjDbjFkREf4riyPXfV5i7W/fSMCmYps0HVTg05hIdRGN6JGVkRJ+DXMOZIdBo9SbspEkK1+SBT7MoisL5TzKO+NKVV/3G0VMZGatzOP1oWgjL2SJ3xEHo8EtAL0iZzIQOCBZUApo8y3RwdWGb+kRMj62UGc7McOiU6iZJG8JFW3nQrYx0AXIyMcTXiPoRI5qhO6tslIWQD4VH55BmphlTL+jDPHlxHdIcpTs/W03fvtw2HfI8Sbpd1ILEHUeJvyyM50E9lI48dtSu1Xu6pO8z2nKpfhoFjPeZbJOL/juGm+YamYJQRK4qZGGA+Fr7eltLULSdXsLqM2eYPXom1H9YLvIrTLE66LHzF9iVLmv7bicbdEV18ZRGvXRs94TiZwUrCv/55jUABs8J9Ik35cq9kHd1oCu7NLknSzTj5RI2Qk9bb9IVCnoapCzea72/Fpo2iO1oe6PTbUBJXl20IkgXqHXOm93buyO1DUhFkmQ3P+Od+YzjxkIai3F6ArFjzsO+CHVqoy+lY3EMzJJsbM7LdCkdsDH2dD59LUfnacp0Cku7ppXNRlyHSccreiXqJg5cDHxq5cDfp2WYrdLgQoid2VgNjg6kzy1i3fDXqlwjhwLwWXpL+ZUZk8wBWas93sx/zWLOMrmr0PqoTPZKy01jNUV e8kt+xUD G1TrSteM86RpMPr5bnn1YqfFcX98FuX/vDneZVWXn8eD42rhN5Cwo59Bvz3Bipg7zMPu57v1NvFD8ZX7oO+QS0fyt+1+OEIBcG4cPTfNGa0obRrfdgun645tFswBCHzULlrkkJOEAfN2UyhzpQaO0T1PLzhV/80HOZed2Wbpsgw+hFk01Pa+LKV+D9HxMXoY76aLBN67z6gETv5aNdrRRE9YGiWGIa5vpVyoWE37djq3Ydj+3KJw7ZTWmT7Z4T626KU65D5URac1xmuiXsM+masO0PE/JGzUjsrQsrZvwtq2vysDDqudz53LhKVvmYmaUZvsOXjiYYbGSMONo1MspNYoTNaN34lp88ozOa2GasRWqtnQgDMk/BEULJsI40+KwhShjlntcpepKNlzj9ZYe0iJsPK57CQDW7eNfTCEBEjZ8TFx75GaO0vdE1IH7kgVos8rG3Fg9cwMw/qRhdPLBZ7N+fnRJT1RPP+kg1Co+R3W029WXKM0WwPZD8f4xje4VM/VZ4ZIIgvXuH0J8/MUaimglQRjXzS4Ln1WnjffJYOV8dxcpv0UDYx9rQBIXbnwVM06Y X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 4/23/25 01:20, Andrew Morton wrote: > On Tue, 22 Apr 2025 14:14:49 +0100 Mykyta Yatsenko wrote: > >> From: Mykyta Yatsenko >> >> strncpy_from_user_nofault should return the length of the copied string >> including the trailing NUL, but if the argument unsafe_addr points to >> an empty string ({'\0'}), the return value is 0. >> >> This happens as strncpy_from_user copies terminal symbol into dst >> and returns 0 (as expected), but strncpy_from_user_nofault does not >> modify ret as it is not equal to count and not greater than 0, so 0 is >> returned, which contradicts the contract. >> >> ... >> > Thanks. > > Does this fix any known runtime issue? If so, please fully describe this? Not that I'm aware of. The issue could be found when trying to copy empty user space string in BPF program (and relying on return value).There are some usage of `strncpy_from_user_nofault` in tracing subsystem, but I'm not sure how to hit those code paths. > >> --- a/mm/maccess.c >> +++ b/mm/maccess.c >> @@ -196,7 +196,7 @@ long strncpy_from_user_nofault(char *dst, const void __user *unsafe_addr, >> if (ret >= count) { >> ret = count; >> dst[ret - 1] = '\0'; >> - } else if (ret > 0) { >> + } else if (ret >= 0) { >> ret++; >> } >>