lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAHp75VfqWkAEk3deJmjBzeinmJY3MXTWVxO4FdBWyxcY8oXtAQ@mail.gmail.com>
Date:   Thu, 23 Apr 2020 13:21:06 +0300
From:   Andy Shevchenko <andy.shevchenko@...il.com>
To:     Jithu Joseph <jithu.joseph@...el.com>
Cc:     Darren Hart <dvhart@...radead.org>,
        Andy Shevchenko <andy@...radead.org>,
        Platform Driver <platform-driver-x86@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        maurice.ma@...el.com, ravi.p.rangarajan@...el.com,
        sean.v.kelley@...el.com, kuo-lang.tseng@...el.com
Subject: Re: [PATCH 1/1] platform/x86: Add Slim Bootloader firmware update
 signaling driver

On Thu, Apr 23, 2020 at 5:08 AM Jithu Joseph <jithu.joseph@...el.com> wrote:

...

> > > +static ssize_t firmware_update_request_store(struct device *dev,
> > > +                                            struct
> > > device_attribute *attr,
> > > +                                            const char *buf,
> > > size_t count)
> > > +{
> > > +       bool val;
> > > +       int ret;
> > > +
> > > +       ret = kstrtobool(buf, &val);
> > > +       if (ret)
> > > +               return ret;
> > > +
> > > +       ret = set_fwu_request(dev, val ? 1 : 0);
> >
> > Hmm... If you are going to extend this, why not to pass integer
> > directly? (And thus take one from user)
>
> We have also been thinking about  extensibility …
>
> So I will modify the code to allow any u32 input by the user  to be
> passed down via wmi_set_block(), though 0 and 1 will be the only
> inputs  documented  in the ABI today.( Or did you still mean  to error
> out if the user input is something other than 0 or 1 ?)

I think the best approach is to allow to parse integer input
(kstrtouint() is good enough) and return -ERANGE for values > 1. Also
put a comment before that check why is done like this (some
justification that interface may be extended in the future or so), and
pass integer value directly to set_fwu_request().

-- 
With Best Regards,
Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ