• Tejun Heo's avatar
    string: drop __must_check from strscpy() and restore strscpy() usages in cgroup · 08a77676
    Tejun Heo authored
    e7fd37ba ("cgroup: avoid copying strings longer than the buffers")
    converted possibly unsafe strncpy() usages in cgroup to strscpy().
    However, although the callsites are completely fine with truncated
    copied, because strscpy() is marked __must_check, it led to the
    following warnings.
    
      kernel/cgroup/cgroup.c: In function ‘cgroup_file_name’:
      kernel/cgroup/cgroup.c:1400:10: warning: ignoring return value of ‘strscpy’, declared with attribute warn_unused_result [-Wunused-result]
         strscpy(buf, cft->name, CGROUP_FILE_NAME_MAX);
    	       ^
    
    To avoid the warnings, 50034ed4 ("cgroup: use strlcpy() instead of
    strscpy() to avoid spurious warning") switched them to strlcpy().
    
    strlcpy() is worse than strlcpy() because it unconditionally runs
    strlen() on the source string, and the only reason we switched to
    strlcpy() here was because it was lacking __must_check, which doesn't
    reflect any material differences between the two function.  It's just
    that someone added __must_check to strscpy() and not to strlcpy().
    
    These basic string copy operations are used in variety of ways, and
    one of not-so-uncommon use cases is safely handling truncated copies,
    where the caller naturally doesn't care about the return value.  The
    __must_check doesn't match the actual use cases and forces users to
    opt for inferior variants which lack __must_check by happenstance or
    spread ugly (void) casts.
    
    Remove __must_check from strscpy() and restore strscpy() usages in
    cgroup.
    Signed-off-by: default avatarTejun Heo <tj@kernel.org>
    Suggested-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    Cc: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
    Cc: Arnd Bergmann <arnd@arndb.de>
    Cc: Chris Metcalf <cmetcalf@ezchip.com>
    08a77676
cgroup.c 156 KB