Message ID | 20220628064301.v3.1.Ie7b480cd99e2c13319220cbc108caf2bcd41286b@changeid |
---|---|
State | Accepted |
Commit | fe72f9bce137055fb744d4f8a91baa234ec07baa |
Headers | show |
Series | [v3] soc: qcom: cmd-db: replace strscpy_pad() with strncpy() | expand |
On 28/06/2022 15:43, Douglas Anderson wrote: > Commit ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with > strscpy_pad()") breaks booting on my sc7280-herobrine-herobrine > device. From printouts I see that at bootup the function is called > with an id of "lnbclka2" which is 8 bytes big. > > Previously all 8 bytes of this string were copied to the > destination. Now only 7 bytes will be copied since strscpy_pad() saves > a byte for '\0' termination. > > We don't need the '\0' termination in the destination. Let's go back > to strncpy(). According to the warning: > If a caller is using non-NUL-terminated strings, strncpy() can still > be used, but destinations should be marked with the __nonstring > attribute to avoid future compiler warnings. > ...so we'll do that. > > While we're at it, let's change the query array to use > "sizeof(ent->id)" so it can't possibly go out of sync with our later > copy. > > Fixes: ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with strscpy_pad()") > Signed-off-by: Douglas Anderson <dianders@chromium.org> > Reviewed-by: Matthias Kaehlcke <mka@chromium.org> > Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> > --- > > Changes in v3: > - Add comment that query isn't necessarily '\0' terminated. > Thanks! Best regards, Krzysztof
On Tue, 28 Jun 2022 06:43:13 -0700, Douglas Anderson wrote: > Commit ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with > strscpy_pad()") breaks booting on my sc7280-herobrine-herobrine > device. From printouts I see that at bootup the function is called > with an id of "lnbclka2" which is 8 bytes big. > > Previously all 8 bytes of this string were copied to the > destination. Now only 7 bytes will be copied since strscpy_pad() saves > a byte for '\0' termination. > > [...] Applied, thanks! [1/1] soc: qcom: cmd-db: replace strscpy_pad() with strncpy() commit: fe72f9bce137055fb744d4f8a91baa234ec07baa Best regards,
Quoting Douglas Anderson (2022-06-28 06:43:13) > Commit ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with > strscpy_pad()") breaks booting on my sc7280-herobrine-herobrine > device. From printouts I see that at bootup the function is called > with an id of "lnbclka2" which is 8 bytes big. > > Previously all 8 bytes of this string were copied to the > destination. Now only 7 bytes will be copied since strscpy_pad() saves > a byte for '\0' termination. > > We don't need the '\0' termination in the destination. Let's go back > to strncpy(). According to the warning: > If a caller is using non-NUL-terminated strings, strncpy() can still > be used, but destinations should be marked with the __nonstring > attribute to avoid future compiler warnings. > ...so we'll do that. > > While we're at it, let's change the query array to use > "sizeof(ent->id)" so it can't possibly go out of sync with our later > copy. > > Fixes: ac0126a01735 ("soc: qcom: cmd-db: replace strncpy() with strscpy_pad()") > Signed-off-by: Douglas Anderson <dianders@chromium.org> > Reviewed-by: Matthias Kaehlcke <mka@chromium.org> > Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> > --- Reviewed-by: Stephen Boyd <sboyd@kernel.org>
diff --git a/drivers/soc/qcom/cmd-db.c b/drivers/soc/qcom/cmd-db.c index c5137c25d819..629a7188b576 100644 --- a/drivers/soc/qcom/cmd-db.c +++ b/drivers/soc/qcom/cmd-db.c @@ -141,14 +141,18 @@ static int cmd_db_get_header(const char *id, const struct entry_header **eh, const struct rsc_hdr *rsc_hdr; const struct entry_header *ent; int ret, i, j; - u8 query[8]; + u8 query[sizeof(ent->id)] __nonstring; ret = cmd_db_ready(); if (ret) return ret; - /* Pad out query string to same length as in DB */ - strscpy_pad(query, id, sizeof(query)); + /* + * Pad out query string to same length as in DB. NOTE: the output + * query string is not necessarily '\0' terminated if it bumps up + * against the max size. That's OK and expected. + */ + strncpy(query, id, sizeof(query)); for (i = 0; i < MAX_SLV_ID; i++) { rsc_hdr = &cmd_db_header->header[i];