Message ID | 20230730161906.606163-2-luzmaximilian@gmail.com |
---|---|
State | New |
Headers | show |
Series | firmware: Add support for Qualcomm UEFI Secure Application | expand |
On Sun, Jul 30, 2023 at 06:19:02PM +0200, Maximilian Luz wrote: > Add a ucs2_strscpy() function for UCS-2 strings. The behavior is > equivalent to the standard strscpy() function, just for 16-bit character > UCS-2 strings. > > Signed-off-by: Maximilian Luz <luzmaximilian@gmail.com> Reviewed-by: Bjorn Andersson <andersson@kernel.org> Regards, Bjorn
On Sun, Jul 30, 2023 at 06:19:02PM +0200, Maximilian Luz wrote: > Add a ucs2_strscpy() function for UCS-2 strings. The behavior is > equivalent to the standard strscpy() function, just for 16-bit character > UCS-2 strings. > > Signed-off-by: Maximilian Luz <luzmaximilian@gmail.com> > --- > > Changes in v5: > - Add ucs2_strscpy() instead of ucs2_strlcpy() > > Patch introduced in v4. > > --- > include/linux/ucs2_string.h | 1 + > lib/ucs2_string.c | 35 +++++++++++++++++++++++++++++++++++ > 2 files changed, 36 insertions(+) > > diff --git a/include/linux/ucs2_string.h b/include/linux/ucs2_string.h > index cf3ada3e820e..c499ae809c7d 100644 > --- a/include/linux/ucs2_string.h > +++ b/include/linux/ucs2_string.h > @@ -10,6 +10,7 @@ typedef u16 ucs2_char_t; > unsigned long ucs2_strnlen(const ucs2_char_t *s, size_t maxlength); > unsigned long ucs2_strlen(const ucs2_char_t *s); > unsigned long ucs2_strsize(const ucs2_char_t *data, unsigned long maxlength); > +ssize_t ucs2_strscpy(ucs2_char_t *dst, const ucs2_char_t *src, size_t count); > int ucs2_strncmp(const ucs2_char_t *a, const ucs2_char_t *b, size_t len); > > unsigned long ucs2_utf8size(const ucs2_char_t *src); > diff --git a/lib/ucs2_string.c b/lib/ucs2_string.c > index 0a559a42359b..b608129fcbdc 100644 > --- a/lib/ucs2_string.c > +++ b/lib/ucs2_string.c > @@ -32,6 +32,41 @@ ucs2_strsize(const ucs2_char_t *data, unsigned long maxlength) > } > EXPORT_SYMBOL(ucs2_strsize); > > +ssize_t ucs2_strscpy(ucs2_char_t *dst, const ucs2_char_t *src, size_t count) > +{ > + long res; > + > + /* > + * Ensure that we have a valid amount of space. We need to store at > + * least one NUL-character. > + */ > + if (count == 0 || WARN_ON_ONCE(count > INT_MAX)) Is "count" a measure of bytes or characters? It seems to be characters. can you please add some kern-doc for this function to clarify this. Also, I wonder if the above check should be "count > INT_MAX / 2" since the INT_MAX is, generally, done in byte counts. > + return -E2BIG; > + > + /* > + * Copy at most 'count' bytes, return early if we find a If "count" is characters, this comment should not say "bytes". :) > + * NUL-terminator. > + */ > + for (res = 0; res < count; res++) { > + ucs2_char_t c; > + > + c = src[res]; > + dst[res] = c; > + > + if (!c) > + return res; > + } > + > + /* > + * The loop above terminated without finding a NUL-terminator, > + * exceeding the 'count': Enforce proper NUL-termination and return > + * error. > + */ > + dst[count - 1] = 0; > + return -E2BIG; > +} > +EXPORT_SYMBOL(ucs2_strscpy); > + > int > ucs2_strncmp(const ucs2_char_t *a, const ucs2_char_t *b, size_t len) > { > -- > 2.41.0 > Otherwise looks good to me!
On 8/4/23 10:18, Kees Cook wrote: > On Sun, Jul 30, 2023 at 06:19:02PM +0200, Maximilian Luz wrote: >> Add a ucs2_strscpy() function for UCS-2 strings. The behavior is >> equivalent to the standard strscpy() function, just for 16-bit character >> UCS-2 strings. >> >> Signed-off-by: Maximilian Luz <luzmaximilian@gmail.com> >> --- >> >> Changes in v5: >> - Add ucs2_strscpy() instead of ucs2_strlcpy() >> >> Patch introduced in v4. >> >> --- >> include/linux/ucs2_string.h | 1 + >> lib/ucs2_string.c | 35 +++++++++++++++++++++++++++++++++++ >> 2 files changed, 36 insertions(+) >> >> diff --git a/include/linux/ucs2_string.h b/include/linux/ucs2_string.h >> index cf3ada3e820e..c499ae809c7d 100644 >> --- a/include/linux/ucs2_string.h >> +++ b/include/linux/ucs2_string.h >> @@ -10,6 +10,7 @@ typedef u16 ucs2_char_t; >> unsigned long ucs2_strnlen(const ucs2_char_t *s, size_t maxlength); >> unsigned long ucs2_strlen(const ucs2_char_t *s); >> unsigned long ucs2_strsize(const ucs2_char_t *data, unsigned long maxlength); >> +ssize_t ucs2_strscpy(ucs2_char_t *dst, const ucs2_char_t *src, size_t count); >> int ucs2_strncmp(const ucs2_char_t *a, const ucs2_char_t *b, size_t len); >> >> unsigned long ucs2_utf8size(const ucs2_char_t *src); >> diff --git a/lib/ucs2_string.c b/lib/ucs2_string.c >> index 0a559a42359b..b608129fcbdc 100644 >> --- a/lib/ucs2_string.c >> +++ b/lib/ucs2_string.c >> @@ -32,6 +32,41 @@ ucs2_strsize(const ucs2_char_t *data, unsigned long maxlength) >> } >> EXPORT_SYMBOL(ucs2_strsize); >> >> +ssize_t ucs2_strscpy(ucs2_char_t *dst, const ucs2_char_t *src, size_t count) >> +{ >> + long res; >> + >> + /* >> + * Ensure that we have a valid amount of space. We need to store at >> + * least one NUL-character. >> + */ >> + if (count == 0 || WARN_ON_ONCE(count > INT_MAX)) > > Is "count" a measure of bytes or characters? It seems to be characters. > can you please add some kern-doc for this function to clarify this. > Also, I wonder if the above check should be "count > INT_MAX / 2" since > the INT_MAX is, generally, done in byte counts. Count is a measure of characters. I'll add a doc-comment. Regarding INT_MAX / 2: I'm fine with either. I'd change it to INT_MAX / sizeof(*dst) if you say it's generally enforced in bytes. >> + return -E2BIG; >> + >> + /* >> + * Copy at most 'count' bytes, return early if we find a > > If "count" is characters, this comment should not say "bytes". :) Correct. Will fix this. >> + * NUL-terminator. >> + */ >> + for (res = 0; res < count; res++) { >> + ucs2_char_t c; >> + >> + c = src[res]; >> + dst[res] = c; >> + >> + if (!c) >> + return res; >> + } >> + >> + /* >> + * The loop above terminated without finding a NUL-terminator, >> + * exceeding the 'count': Enforce proper NUL-termination and return >> + * error. >> + */ >> + dst[count - 1] = 0; >> + return -E2BIG; >> +} >> +EXPORT_SYMBOL(ucs2_strscpy); >> + >> int >> ucs2_strncmp(const ucs2_char_t *a, const ucs2_char_t *b, size_t len) >> { >> -- >> 2.41.0 >> > > Otherwise looks good to me! Thanks! Regards Max
diff --git a/include/linux/ucs2_string.h b/include/linux/ucs2_string.h index cf3ada3e820e..c499ae809c7d 100644 --- a/include/linux/ucs2_string.h +++ b/include/linux/ucs2_string.h @@ -10,6 +10,7 @@ typedef u16 ucs2_char_t; unsigned long ucs2_strnlen(const ucs2_char_t *s, size_t maxlength); unsigned long ucs2_strlen(const ucs2_char_t *s); unsigned long ucs2_strsize(const ucs2_char_t *data, unsigned long maxlength); +ssize_t ucs2_strscpy(ucs2_char_t *dst, const ucs2_char_t *src, size_t count); int ucs2_strncmp(const ucs2_char_t *a, const ucs2_char_t *b, size_t len); unsigned long ucs2_utf8size(const ucs2_char_t *src); diff --git a/lib/ucs2_string.c b/lib/ucs2_string.c index 0a559a42359b..b608129fcbdc 100644 --- a/lib/ucs2_string.c +++ b/lib/ucs2_string.c @@ -32,6 +32,41 @@ ucs2_strsize(const ucs2_char_t *data, unsigned long maxlength) } EXPORT_SYMBOL(ucs2_strsize); +ssize_t ucs2_strscpy(ucs2_char_t *dst, const ucs2_char_t *src, size_t count) +{ + long res; + + /* + * Ensure that we have a valid amount of space. We need to store at + * least one NUL-character. + */ + if (count == 0 || WARN_ON_ONCE(count > INT_MAX)) + return -E2BIG; + + /* + * Copy at most 'count' bytes, return early if we find a + * NUL-terminator. + */ + for (res = 0; res < count; res++) { + ucs2_char_t c; + + c = src[res]; + dst[res] = c; + + if (!c) + return res; + } + + /* + * The loop above terminated without finding a NUL-terminator, + * exceeding the 'count': Enforce proper NUL-termination and return + * error. + */ + dst[count - 1] = 0; + return -E2BIG; +} +EXPORT_SYMBOL(ucs2_strscpy); + int ucs2_strncmp(const ucs2_char_t *a, const ucs2_char_t *b, size_t len) {
Add a ucs2_strscpy() function for UCS-2 strings. The behavior is equivalent to the standard strscpy() function, just for 16-bit character UCS-2 strings. Signed-off-by: Maximilian Luz <luzmaximilian@gmail.com> --- Changes in v5: - Add ucs2_strscpy() instead of ucs2_strlcpy() Patch introduced in v4. --- include/linux/ucs2_string.h | 1 + lib/ucs2_string.c | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+)