• L
    x86: make word-at-a-time strncpy_from_user clear bytes at the end · 07497083
    Linus Torvalds 提交于
    This makes the newly optimized x86 strncpy_from_user clear the final
    bytes in the word past the final NUL character, rather than copy them as
    the word they were in the source.
    
    NOTE! Unlike the silly semantics of the libc 'strncpy()' function, the
    kernel strncpy_from_user() has never cleared all of the end of the
    destination buffer.  And neither does it do so now: it only clears the
    bytes at the end of the last word it copied.
    
    So why make this change at all? It doesn't really cost us anything extra
    (we have to calculate the mask to get the length anyway), and it means
    that *if* any user actually cares about zeroing the whole buffer, they
    can do a "memset()" before the strncpy_from_user(), and we will no
    longer write random bytes after the NUL character.
    
    In particular, the buffer contents will now at no point contain random
    source data from beyond the end of the string.
    
    In other words, it makes behavior a bit more repeatable at no new cost,
    so it's a small cleanup.  I've been carrying this as a patch for the
    last few weeks or so in my tree (done at the same time the sign error
    was fixed in commit 12e993b8), I might as well commit it.
    Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
    07497083
usercopy.c 3.3 KB