From: Mitch Bradley <wmb@firmworks.com>
To: Pekka Enberg <penberg@cs.helsinki.fi>
Cc: "OLPC Developer's List" <devel@laptop.org>,
Linux Kernel ML <linux-kernel@vger.kernel.org>,
Jim Gettys <jg@laptop.org>
Subject: Re: [PATCH] Open Firmware device tree virtual filesystem
Date: Sun, 31 Dec 2006 08:55:28 -1000 [thread overview]
Message-ID: <459807A0.9080604@firmworks.com> (raw)
In-Reply-To: <84144f020612310524u5e2e179esd5af4a11c1c1d2f8@mail.gmail.com>
I made all the changes Pekka suggested, except:
> + security = strncmp(propname, "security-", 9) == 0;
>> + len = 0;
>
> Redundant assignment, no?
>
>> + if (!security)
>> + (void)callofw("getproplen", 2, 1, node,
>> propname, &len);
>
That assignment turns out not to be redundant. If a security variable
is recognized, you want the length to be 0 so as not to expose the
password. In that case the following "getproplen" call won't be executed.
That logic was adapted from the existing file fs/proc/devtree.c . It
turns out that the code there has a bug: You really want to look for
just "security-password" ; there is no need to, and good reasons not to,
suppress the length of "security-mode" and "security-#badlogins". (Good
OFW implementations won't leak the password length anyway, so check is
only needed as a workaround).
I have rewritten the code for clarity and correctness thusly:
if (strcmp(propname, "security-password") == 0) {
len = 0; /* Don't leak password length */
} else {
callofw("getproplen", 2, 1, node, propname, &len);
}
next prev parent reply other threads:[~2006-12-31 18:55 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-12-31 1:38 [PATCH] Open Firmware device tree virtual filesystem Mitch Bradley
2006-12-31 5:19 ` David Miller
2006-12-31 9:36 ` Mitch Bradley
2006-12-31 9:52 ` David Miller
2006-12-31 10:11 ` David Kahn
2006-12-31 10:49 ` David Miller
2006-12-31 11:47 ` Rene Rebe
2006-12-31 11:53 ` David Kahn
2007-01-01 3:48 ` Segher Boessenkool
2007-01-02 3:56 ` Benjamin Herrenschmidt
2007-01-02 18:43 ` Richard Smith
2006-12-31 15:41 ` Christoph Hellwig
2006-12-31 20:46 ` David Miller
2007-01-01 3:37 ` David Kahn
2007-01-01 8:54 ` David Miller
2007-01-02 4:02 ` Benjamin Herrenschmidt
2007-01-02 12:28 ` Segher Boessenkool
2007-01-01 3:33 ` Segher Boessenkool
2007-01-01 8:57 ` David Miller
2007-01-01 17:48 ` Segher Boessenkool
2007-01-01 23:08 ` David Miller
2007-01-01 23:52 ` Segher Boessenkool
2007-01-02 3:31 ` David Miller
2007-01-02 11:26 ` Segher Boessenkool
2007-01-02 1:40 ` David Kahn
2007-01-02 3:36 ` David Miller
2007-01-01 18:10 ` Mitch Bradley
2007-01-01 19:21 ` Jan Engelhardt
2007-01-02 4:05 ` Benjamin Herrenschmidt
2007-01-02 4:30 ` David Miller
2007-01-02 4:57 ` Benjamin Herrenschmidt
2007-01-02 5:01 ` David Miller
2007-01-02 5:09 ` Benjamin Herrenschmidt
2007-01-02 5:44 ` David Miller
2007-01-02 12:36 ` Segher Boessenkool
2007-01-02 11:03 ` Segher Boessenkool
2007-01-02 3:53 ` Benjamin Herrenschmidt
2007-01-02 12:22 ` Segher Boessenkool
2007-01-02 20:12 ` Benjamin Herrenschmidt
2007-01-02 21:28 ` Segher Boessenkool
2007-01-02 21:32 ` Benjamin Herrenschmidt
2007-01-02 21:40 ` Segher Boessenkool
2007-01-02 22:10 ` David Miller
2007-01-02 22:05 ` David Miller
2007-01-03 0:48 ` Segher Boessenkool
2007-01-03 4:34 ` David Miller
2007-01-03 15:23 ` Segher Boessenkool
2007-01-04 2:15 ` David Miller
2007-01-02 3:45 ` Benjamin Herrenschmidt
2007-01-02 3:49 ` David Miller
2007-01-02 11:45 ` Segher Boessenkool
2007-01-02 20:07 ` Benjamin Herrenschmidt
2006-12-31 13:24 ` Pekka Enberg
2006-12-31 18:55 ` Mitch Bradley [this message]
2006-12-31 14:12 ` Jan Engelhardt
2006-12-31 20:45 ` David Miller
2006-12-31 21:30 ` Jan Engelhardt
2007-01-02 3:43 ` Benjamin Herrenschmidt
2007-01-02 11:37 ` Segher Boessenkool
2007-01-02 13:22 ` Stefan Reinauer
2007-01-02 20:08 ` Benjamin Herrenschmidt
2007-01-02 20:11 ` Mitch Bradley
2007-01-02 20:48 ` Benjamin Herrenschmidt
2007-01-02 21:37 ` Segher Boessenkool
2007-01-02 21:47 ` Benjamin Herrenschmidt
2007-01-03 0:35 ` Segher Boessenkool
2007-01-03 0:44 ` Benjamin Herrenschmidt
2007-01-03 1:14 ` Segher Boessenkool
2007-01-03 4:35 ` David Miller
2007-01-02 22:07 ` David Miller
2007-01-03 0:52 ` Segher Boessenkool
2007-01-03 1:13 ` Jan Engelhardt
2007-01-03 4:38 ` David Miller
2007-01-03 5:05 ` Benjamin Herrenschmidt
2007-01-03 15:59 ` Segher Boessenkool
2007-01-03 15:31 ` Segher Boessenkool
2007-01-03 4:34 ` David Miller
2007-01-02 21:15 ` Segher Boessenkool
2007-01-02 21:59 ` David Miller
2007-01-01 3:40 ` Segher Boessenkool
2007-01-01 4:21 ` Segher Boessenkool
-- strict thread matches above, loose matches on Subject: below --
2007-01-11 17:39 ron minnich
2007-01-11 17:53 ` Mitch Bradley
2007-01-11 17:55 ` ron minnich
2007-01-11 18:36 ` Segher Boessenkool
2007-01-11 18:20 ` Stefan Reinauer
2007-01-11 18:47 ` Segher Boessenkool
2007-01-11 19:12 ` ron minnich
2007-01-11 19:11 ` ron minnich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=459807A0.9080604@firmworks.com \
--to=wmb@firmworks.com \
--cc=devel@laptop.org \
--cc=jg@laptop.org \
--cc=linux-kernel@vger.kernel.org \
--cc=penberg@cs.helsinki.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.