[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20200713112445.GJ34333@vkoul-mobl>
Date: Mon, 13 Jul 2020 16:54:45 +0530
From: Vinod Koul <vkoul@...nel.org>
To: Greg KH <greg@...ah.com>
Cc: "Alexander A. Klimov" <grandmaster@...klimov.de>,
chenyu56@...wei.com, wangbinghui@...ilicon.com, kishon@...com,
linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] USB IP DRIVER FOR HISILICON KIRIN: Replace HTTP links
with HTTPS ones
On 10-07-20, 09:06, Greg KH wrote:
> On Thu, Jul 09, 2020 at 11:09:33PM +0200, Alexander A. Klimov wrote:
> > Rationale:
> > Reduces attack surface on kernel devs opening the links for MITM
> > as HTTPS traffic is much harder to manipulate.
> >
> > Deterministic algorithm:
> > For each file:
> > If not .svg:
> > For each line:
> > If doesn't contain `\bxmlns\b`:
> > For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
> > If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`:
> > If both the HTTP and HTTPS versions
> > return 200 OK and serve the same content:
> > Replace HTTP with HTTPS.
> >
> > Signed-off-by: Alexander A. Klimov <grandmaster@...klimov.de>
> > ---
> > Continuing my work started at 93431e0607e5.
> > See also: git log --oneline '--author=Alexander A. Klimov <grandmaster@...klimov.de>' v5.7..master
> > (Actually letting a shell for loop submit all this stuff for me.)
> >
> > If there are any URLs to be removed completely or at least not HTTPSified:
> > Just clearly say so and I'll *undo my change*.
> > See also: https://lkml.org/lkml/2020/6/27/64
> >
> > If there are any valid, but yet not changed URLs:
> > See: https://lkml.org/lkml/2020/6/26/837
> >
> > If you apply the patch, please let me know.
>
> Again, please fix your subject line.
Is there any rationale for these patches? They replace documentation
link of vendors, am not sure if that is super helpful to kernel devs and
does it really protect :)
--
~Vinod
Powered by blists - more mailing lists