TL;DR
Linux kernel version 7.2 has removed the deprecated strncpy API after six years of development and hundreds of patches. The change aims to improve kernel safety and performance by replacing it with safer functions.
Linux kernel version 7.2 has officially removed the strncpy API after six years of development and over 360 patches, concluding a long-term effort to improve kernel safety and performance.
The Linux kernel team completed the removal of the strncpy() function in Linux 7.2, ending a six-year effort involving approximately 362 commits. The function, used for copying up to a specified number of bytes, has been a persistent source of bugs due to its counter-intuitive semantics and issues with NUL termination. Its removal aligns with efforts to enhance kernel stability and security.
In place of strncpy, developers are encouraged to use alternative functions such as strscpy(), strscpy_pad(), strtomem_pad(), memcpy_and_pad(), or memcpy(), depending on the specific use case. The change affects the last remaining per-CPU architecture implementations of strncpy, which have now been phased out.
Why Removing strncpy Improves Kernel Safety and Performance
The elimination of the strncpy API from the Linux kernel reduces the risk of bugs caused by its confusing behavior and inefficient zero-filling operations. It also aligns the kernel with safer string handling practices, potentially preventing security vulnerabilities related to buffer overflows or improper string termination. This change reflects ongoing efforts to modernize and harden the Linux kernel codebase.
LFM 2nd Edition: Linux Field Manual
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Background on Linux Kernel String Handling Changes
The strncpy() function has been part of the Linux kernel for years but has been criticized for its confusing semantics, especially around NUL termination and performance issues due to redundant zero-filling. Over the past six years, developers have worked through hundreds of patches to replace its usage with safer alternatives. The move to remove it culminates with the release of Linux 7.2, which is part of broader efforts to improve kernel code safety and maintainability.
“The removal of strncpy from the Linux kernel is a significant step toward safer and more efficient code. Its long history of bugs and performance issues made it a prime candidate for deprecation.”
— an anonymous researcher
safe string handling libraries for C programming
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Remaining Questions About Kernel String Handling Changes
It is not yet clear how widely adopted the new recommended functions will become across all kernel modules or if legacy code will persist in some branches. Additionally, the impact on kernel modules that relied heavily on strncpy remains to be seen in real-world applications.
Tux the Linux Penguin Embroidered Iron-on Patch
Measures 3 1/2 x 3 Inches
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Next Steps for Kernel Developers and Users
Kernel developers are expected to adopt the new string handling functions in future code updates, and distributions will incorporate Linux 7.2 with these changes. Monitoring the transition will be important to ensure compatibility and stability, especially for legacy systems still using older code.
Visual Studio Code: End-to-End Editing and Debugging Tools for Web Developers
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
Why was the strncpy API removed from the Linux kernel?
The strncpy API was removed because it was a persistent source of bugs, had confusing semantics, and caused performance issues due to redundant zero-filling. Its removal aims to improve kernel safety and efficiency.
What functions are recommended as replacements for strncpy in the Linux kernel?
Developers are advised to use strscpy(), strscpy_pad(), strtomem_pad(), memcpy_and_pad(), or memcpy() depending on the specific copying requirements.
Will legacy code still use strncpy after this change?
It is unlikely, but some older or unmaintained code might still depend on strncpy. Transitioning to the new functions is encouraged for better safety and performance.
When did the removal of strncpy officially happen?
The removal was completed in Linux 7.2, which was released recently after the six-year development effort.
What are the benefits of removing strncpy from the kernel?
The benefits include reduced bugs related to string handling, improved security by avoiding buffer overflows, and better performance due to eliminating redundant zero-filling.
Source: Hacker News
