linux/fs/pstore/blk.c
Justin Stitt 9dd12ed95c pstore/blk: replace deprecated strncpy with strscpy
strncpy() is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces.

We know that info-device should be NUL-terminated based on its use with
strlen():
|	static int __init mtdpstore_init(void)
|	{
|		int ret;
|		struct mtdpstore_context *cxt = &oops_cxt;
|		struct pstore_blk_config *info = &cxt->info;
|
|		ret = pstore_blk_get_config(info);
|		if (unlikely(ret))
|			return ret;
|
|		if (strlen(info->device) == 0) {
|			pr_err("mtd device must be supplied (device name is empty)\n");
...

Considering the above, a suitable replacement is `strscpy` [2] due to
the fact that it guarantees NUL-termination on the destination buffer.

Note that this patch relies on the _new_ 2-argument version of strscpy()
introduced in Commit e6584c3964f2f ("string: Allow 2-argument strscpy()").

Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc:  <linux-hardening@vger.kernel.org>
Signed-off-by: Justin Stitt <justinstitt@google.com>
Link: https://lore.kernel.org/r/20240328-strncpy-fs-pstore-blk-c-v1-1-5748cdc22a53@google.com
Signed-off-by: Kees Cook <keescook@chromium.org>
2024-04-11 09:37:26 -07:00

362 lines
9.1 KiB
C

// SPDX-License-Identifier: GPL-2.0
/*
* Implements pstore backend driver that write to block (or non-block) storage
* devices, using the pstore/zone API.
*/
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/blkdev.h>
#include <linux/string.h>
#include <linux/of.h>
#include <linux/of_address.h>
#include <linux/platform_device.h>
#include <linux/pstore_blk.h>
#include <linux/fs.h>
#include <linux/file.h>
#include <linux/init_syscalls.h>
#include <linux/mount.h>
static long kmsg_size = CONFIG_PSTORE_BLK_KMSG_SIZE;
module_param(kmsg_size, long, 0400);
MODULE_PARM_DESC(kmsg_size, "kmsg dump record size in kbytes");
static int max_reason = CONFIG_PSTORE_BLK_MAX_REASON;
module_param(max_reason, int, 0400);
MODULE_PARM_DESC(max_reason,
"maximum reason for kmsg dump (default 2: Oops and Panic)");
#if IS_ENABLED(CONFIG_PSTORE_PMSG)
static long pmsg_size = CONFIG_PSTORE_BLK_PMSG_SIZE;
#else
static long pmsg_size = -1;
#endif
module_param(pmsg_size, long, 0400);
MODULE_PARM_DESC(pmsg_size, "pmsg size in kbytes");
#if IS_ENABLED(CONFIG_PSTORE_CONSOLE)
static long console_size = CONFIG_PSTORE_BLK_CONSOLE_SIZE;
#else
static long console_size = -1;
#endif
module_param(console_size, long, 0400);
MODULE_PARM_DESC(console_size, "console size in kbytes");
#if IS_ENABLED(CONFIG_PSTORE_FTRACE)
static long ftrace_size = CONFIG_PSTORE_BLK_FTRACE_SIZE;
#else
static long ftrace_size = -1;
#endif
module_param(ftrace_size, long, 0400);
MODULE_PARM_DESC(ftrace_size, "ftrace size in kbytes");
static bool best_effort;
module_param(best_effort, bool, 0400);
MODULE_PARM_DESC(best_effort, "use best effort to write (i.e. do not require storage driver pstore support, default: off)");
/*
* blkdev - the block device to use for pstore storage
* See Documentation/admin-guide/pstore-blk.rst for details.
*/
static char blkdev[80] = CONFIG_PSTORE_BLK_BLKDEV;
module_param_string(blkdev, blkdev, 80, 0400);
MODULE_PARM_DESC(blkdev, "block device for pstore storage");
/*
* All globals must only be accessed under the pstore_blk_lock
* during the register/unregister functions.
*/
static DEFINE_MUTEX(pstore_blk_lock);
static struct file *psblk_file;
static struct pstore_device_info *pstore_device_info;
#define check_size(name, alignsize) ({ \
long _##name_ = (name); \
_##name_ = _##name_ <= 0 ? 0 : (_##name_ * 1024); \
if (_##name_ & ((alignsize) - 1)) { \
pr_info(#name " must align to %d\n", \
(alignsize)); \
_##name_ = ALIGN(name, (alignsize)); \
} \
_##name_; \
})
#define verify_size(name, alignsize, enabled) { \
long _##name_; \
if (enabled) \
_##name_ = check_size(name, alignsize); \
else \
_##name_ = 0; \
/* Synchronize module parameters with resuls. */ \
name = _##name_ / 1024; \
dev->zone.name = _##name_; \
}
static int __register_pstore_device(struct pstore_device_info *dev)
{
int ret;
lockdep_assert_held(&pstore_blk_lock);
if (!dev) {
pr_err("NULL device info\n");
return -EINVAL;
}
if (!dev->zone.total_size) {
pr_err("zero sized device\n");
return -EINVAL;
}
if (!dev->zone.read) {
pr_err("no read handler for device\n");
return -EINVAL;
}
if (!dev->zone.write) {
pr_err("no write handler for device\n");
return -EINVAL;
}
/* someone already registered before */
if (pstore_device_info)
return -EBUSY;
/* zero means not limit on which backends to attempt to store. */
if (!dev->flags)
dev->flags = UINT_MAX;
/* Copy in module parameters. */
verify_size(kmsg_size, 4096, dev->flags & PSTORE_FLAGS_DMESG);
verify_size(pmsg_size, 4096, dev->flags & PSTORE_FLAGS_PMSG);
verify_size(console_size, 4096, dev->flags & PSTORE_FLAGS_CONSOLE);
verify_size(ftrace_size, 4096, dev->flags & PSTORE_FLAGS_FTRACE);
dev->zone.max_reason = max_reason;
/* Initialize required zone ownership details. */
dev->zone.name = KBUILD_MODNAME;
dev->zone.owner = THIS_MODULE;
ret = register_pstore_zone(&dev->zone);
if (ret == 0)
pstore_device_info = dev;
return ret;
}
/**
* register_pstore_device() - register non-block device to pstore/blk
*
* @dev: non-block device information
*
* Return:
* * 0 - OK
* * Others - something error.
*/
int register_pstore_device(struct pstore_device_info *dev)
{
int ret;
mutex_lock(&pstore_blk_lock);
ret = __register_pstore_device(dev);
mutex_unlock(&pstore_blk_lock);
return ret;
}
EXPORT_SYMBOL_GPL(register_pstore_device);
static void __unregister_pstore_device(struct pstore_device_info *dev)
{
lockdep_assert_held(&pstore_blk_lock);
if (pstore_device_info && pstore_device_info == dev) {
unregister_pstore_zone(&dev->zone);
pstore_device_info = NULL;
}
}
/**
* unregister_pstore_device() - unregister non-block device from pstore/blk
*
* @dev: non-block device information
*/
void unregister_pstore_device(struct pstore_device_info *dev)
{
mutex_lock(&pstore_blk_lock);
__unregister_pstore_device(dev);
mutex_unlock(&pstore_blk_lock);
}
EXPORT_SYMBOL_GPL(unregister_pstore_device);
static ssize_t psblk_generic_blk_read(char *buf, size_t bytes, loff_t pos)
{
return kernel_read(psblk_file, buf, bytes, &pos);
}
static ssize_t psblk_generic_blk_write(const char *buf, size_t bytes,
loff_t pos)
{
/* Console/Ftrace backend may handle buffer until flush dirty zones */
if (in_interrupt() || irqs_disabled())
return -EBUSY;
return kernel_write(psblk_file, buf, bytes, &pos);
}
/*
* This takes its configuration only from the module parameters now.
*/
static int __register_pstore_blk(struct pstore_device_info *dev,
const char *devpath)
{
int ret = -ENODEV;
lockdep_assert_held(&pstore_blk_lock);
psblk_file = filp_open(devpath, O_RDWR | O_DSYNC | O_NOATIME | O_EXCL, 0);
if (IS_ERR(psblk_file)) {
ret = PTR_ERR(psblk_file);
pr_err("failed to open '%s': %d!\n", devpath, ret);
goto err;
}
if (!S_ISBLK(file_inode(psblk_file)->i_mode)) {
pr_err("'%s' is not block device!\n", devpath);
goto err_fput;
}
dev->zone.total_size =
bdev_nr_bytes(I_BDEV(psblk_file->f_mapping->host));
ret = __register_pstore_device(dev);
if (ret)
goto err_fput;
return 0;
err_fput:
fput(psblk_file);
err:
psblk_file = NULL;
return ret;
}
/* get information of pstore/blk */
int pstore_blk_get_config(struct pstore_blk_config *info)
{
strscpy(info->device, blkdev);
info->max_reason = max_reason;
info->kmsg_size = check_size(kmsg_size, 4096);
info->pmsg_size = check_size(pmsg_size, 4096);
info->ftrace_size = check_size(ftrace_size, 4096);
info->console_size = check_size(console_size, 4096);
return 0;
}
EXPORT_SYMBOL_GPL(pstore_blk_get_config);
#ifndef MODULE
static const char devname[] = "/dev/pstore-blk";
static __init const char *early_boot_devpath(const char *initial_devname)
{
/*
* During early boot the real root file system hasn't been
* mounted yet, and no device nodes are present yet. Use the
* same scheme to find the device that we use for mounting
* the root file system.
*/
dev_t dev;
if (early_lookup_bdev(initial_devname, &dev)) {
pr_err("failed to resolve '%s'!\n", initial_devname);
return initial_devname;
}
init_unlink(devname);
init_mknod(devname, S_IFBLK | 0600, new_encode_dev(dev));
return devname;
}
#else
static inline const char *early_boot_devpath(const char *initial_devname)
{
return initial_devname;
}
#endif
static int __init __best_effort_init(void)
{
struct pstore_device_info *best_effort_dev;
int ret;
/* No best-effort mode requested. */
if (!best_effort)
return 0;
/* Reject an empty blkdev. */
if (!blkdev[0]) {
pr_err("blkdev empty with best_effort=Y\n");
return -EINVAL;
}
best_effort_dev = kzalloc(sizeof(*best_effort_dev), GFP_KERNEL);
if (!best_effort_dev)
return -ENOMEM;
best_effort_dev->zone.read = psblk_generic_blk_read;
best_effort_dev->zone.write = psblk_generic_blk_write;
ret = __register_pstore_blk(best_effort_dev,
early_boot_devpath(blkdev));
if (ret)
kfree(best_effort_dev);
else
pr_info("attached %s (%lu) (no dedicated panic_write!)\n",
blkdev, best_effort_dev->zone.total_size);
return ret;
}
static void __exit __best_effort_exit(void)
{
/*
* Currently, the only user of psblk_file is best_effort, so
* we can assume that pstore_device_info is associated with it.
* Once there are "real" blk devices, there will need to be a
* dedicated pstore_blk_info, etc.
*/
if (psblk_file) {
struct pstore_device_info *dev = pstore_device_info;
__unregister_pstore_device(dev);
kfree(dev);
fput(psblk_file);
psblk_file = NULL;
}
}
static int __init pstore_blk_init(void)
{
int ret;
mutex_lock(&pstore_blk_lock);
ret = __best_effort_init();
mutex_unlock(&pstore_blk_lock);
return ret;
}
late_initcall(pstore_blk_init);
static void __exit pstore_blk_exit(void)
{
mutex_lock(&pstore_blk_lock);
__best_effort_exit();
/* If we've been asked to unload, unregister any remaining device. */
__unregister_pstore_device(pstore_device_info);
mutex_unlock(&pstore_blk_lock);
}
module_exit(pstore_blk_exit);
MODULE_LICENSE("GPL");
MODULE_AUTHOR("WeiXiong Liao <liaoweixiong@allwinnertech.com>");
MODULE_AUTHOR("Kees Cook <keescook@chromium.org>");
MODULE_DESCRIPTION("pstore backend for block devices");