Re: [PATCH v4.19.y] drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions

Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> · Fri, 4 Aug 2023 12:22:09 +0200

On Tue, Aug 01, 2023 at 02:30:44PM -0700, Brennan Lamoreaux wrote:
> From: Joe Perches <joe@xxxxxxxxxxx>
> 
> commit aa838896d87af561a33ecefea1caa4c15a68bc47 upstream
> 
> Convert the various sprintf fmaily calls in sysfs device show functions
> to sysfs_emit and sysfs_emit_at for PAGE_SIZE buffer safety.
> 
> Done with:
> 
> $ spatch -sp-file sysfs_emit_dev.cocci --in-place --max-width=80 .
> 
> And cocci script:
> 
> $ cat sysfs_emit_dev.cocci
> @@
> identifier d_show;
> identifier dev, attr, buf;
> @@
> 
> ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> 	<...
> 	return
> -	sprintf(buf,
> +	sysfs_emit(buf,
> 	...);
> 	...>
> }
> 
> @@
> identifier d_show;
> identifier dev, attr, buf;
> @@
> 
> ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> 	<...
> 	return
> -	snprintf(buf, PAGE_SIZE,
> +	sysfs_emit(buf,
> 	...);
> 	...>
> }
> 
> @@
> identifier d_show;
> identifier dev, attr, buf;
> @@
> 
> ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> 	<...
> 	return
> -	scnprintf(buf, PAGE_SIZE,
> +	sysfs_emit(buf,
> 	...);
> 	...>
> }
> 
> @@
> identifier d_show;
> identifier dev, attr, buf;
> expression chr;
> @@
> 
> ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> 	<...
> 	return
> -	strcpy(buf, chr);
> +	sysfs_emit(buf, chr);
> 	...>
> }
> 
> @@
> identifier d_show;
> identifier dev, attr, buf;
> identifier len;
> @@
> 
> ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> 	<...
> 	len =
> -	sprintf(buf,
> +	sysfs_emit(buf,
> 	...);
> 	...>
> 	return len;
> }
> 
> @@
> identifier d_show;
> identifier dev, attr, buf;
> identifier len;
> @@
> 
> ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> 	<...
> 	len =
> -	snprintf(buf, PAGE_SIZE,
> +	sysfs_emit(buf,
> 	...);
> 	...>
> 	return len;
> }
> 
> @@
> identifier d_show;
> identifier dev, attr, buf;
> identifier len;
> @@
> 
> ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> 	<...
> 	len =
> -	scnprintf(buf, PAGE_SIZE,
> +	sysfs_emit(buf,
> 	...);
> 	...>
> 	return len;
> }
> 
> @@
> identifier d_show;
> identifier dev, attr, buf;
> identifier len;
> @@
> 
> ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> 	<...
> -	len += scnprintf(buf + len, PAGE_SIZE - len,
> +	len += sysfs_emit_at(buf, len,
> 	...);
> 	...>
> 	return len;
> }
> 
> @@
> identifier d_show;
> identifier dev, attr, buf;
> expression chr;
> @@
> 
> ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> {
> 	...
> -	strcpy(buf, chr);
> -	return strlen(buf);
> +	return sysfs_emit(buf, chr);
> }
> 
> Signed-off-by: Joe Perches <joe@xxxxxxxxxxx>
> Link: https://lore.kernel.org/r/3d033c33056d88bbe34d4ddb62afd05ee166ab9a.1600285923.git.joe@xxxxxxxxxxx
> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> [ Brennan : Regenerated for 4.19 to fix CVE-2022-20166 ]
> Signed-off-by: Brennan Lamoreaux <blamoreaux@xxxxxxxxxx>

Thanks, now queued up.

greg k-h