From mboxrd@z Thu Jan  1 00:00:00 1970
From: Pavel Machek <pavel@ucw.cz>
Subject: Re: [PATCH 1115/1285] Replace numeric parameter like 0444 with macro
Date: Tue, 2 Aug 2016 19:47:33 +0200
Message-ID: <20160802174733.GB4628@amd>
References: <20160802121749.24461-1-baolex.ni@intel.com>
 <8737mns0qg.fsf@x220.int.ebiederm.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Baole Ni <baolex.ni@intel.com>, pablo@netfilter.org,
	kaber@trash.net, kadlec@blackhole.kfki.hu, davem@davemloft.net,
	jmorris@namei.org, yoshfuji@linux-ipv6.org,
	m.szyprowski@samsung.com, kyungmin.park@samsung.com,
	k.kozlowski@samsung.com, netfilter-devel@vger.kernel.org,
	coreteam@netfilter.org, netdev@vger.kernel.org,
	linux-kernel@vger.kernel.org, johunt@akamai.com, vpai@akamai.com,
	chuansheng.liu@intel.com, aryabinin@virtuozzo.com
To: "Eric W. Biederman" <ebiederm@xmission.com>
Return-path: <netfilter-devel-owner@vger.kernel.org>
Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:47488 "EHLO
	atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S968217AbcHBRyr (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Tue, 2 Aug 2016 13:54:47 -0400
Content-Disposition: inline
In-Reply-To: <8737mns0qg.fsf@x220.int.ebiederm.org>
Sender: netfilter-devel-owner@vger.kernel.org
List-ID: <netfilter-devel.vger.kernel.org>

On Tue 2016-08-02 09:29:27, Eric W. Biederman wrote:
> Baole Ni <baolex.ni@intel.com> writes:
> 
> > I find that the developers often just specified the numeric value
> > when calling a macro which is defined with a parameter for access permission.
> > As we know, these numeric value for access permission have had the corresponding macro,
> > and that using macro can improve the robustness and readability of the code,
> > thus, I suggest replacing the numeric parameter with the macro.
> 
> *Scratches my head*  The permissions are not 0444 below.
> With 1285 patches I wonder how many typos you may have made.
> 
> Was this generated by a script?

I think he got it right:

/usr/include/linux/stat.h:#define S_IRUSR 00400

But that does not make me like the series. And yes, hiding backdoor in
one of those would be way too easy...

									Pavel

> Eric
> 
> > Signed-off-by: Chuansheng Liu <chuansheng.liu@intel.com>
> > Signed-off-by: Baole Ni <baolex.ni@intel.com>
> > ---
> >  net/netfilter/ipset/ip_set_core.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c
> > index a748b0c..b6c060d3 100644
> > --- a/net/netfilter/ipset/ip_set_core.c
> > +++ b/net/netfilter/ipset/ip_set_core.c
> > @@ -48,7 +48,7 @@ static inline struct ip_set_net *ip_set_pernet(struct net *net)
> >  
> >  static unsigned int max_sets;
> >  
> > -module_param(max_sets, int, 0600);
> > +module_param(max_sets, int, S_IRUSR | S_IWUSR);
> >  MODULE_PARM_DESC(max_sets, "maximal number of sets");
> >  MODULE_LICENSE("GPL");
> >  MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html