lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 12 Feb 2021 16:39:25 -0800
From:   Joe Perches <>
To:     "Eric W. Biederman" <>
Cc:     Andrew Morton <>,
        Alexey Dobriyan <>,
        linux-fsdevel <>,
        LKML <>
Subject: Re: [PATCH] proc: Convert S_<FOO> permission uses to octal

On Fri, 2021-02-12 at 17:44 -0600, Eric W. Biederman wrote:

> I certainly do not see sufficient consensus to go around changing code
> other people maintain.

Every patch by a non-maintainer that doesn't have commit rights to
whatever tree is just a proposal.

> My suggest has the nice property that it handles all 512 different
> combinations.  I think that was the only real downside of Ingo's
> suggestion.  There are just too many different combinations to define
> a set of macros to cover all of the cases.

The treewide kernel use of octal vs symbolic permissions is ~2:1

There are about 11k uses of 4 digit octal values used for permissions
already in the kernel sources that are not in comments or strings.

$ git ls-files -- '*.[ch]' | xargs scc | sed 's/".*"//g' | grep -P -w '0[0-7]{3,3}' | wc -l

(scc is a utility tool that strips comments from c source


$ git grep -w -P 'S_I[RWX][A-Z]{3,5}' | wc -l

To my knowledge there just aren't many 4 digit octal uses in the
kernel sources that are _not_ permissions.

I believe the only non-permission 4 digit octal int uses not in
comments are:

#define OMAGIC 0407
#define NMAGIC 0410
#define ZMAGIC 0413
#define QMAGIC 0314
#define CMAGIC 0421
#define N_STAB 0340

#define COFF_STMAGIC	0401
#define COFF_OMAGIC     0404
#define COFF_JMAGIC     0407     
#define COFF_DMAGIC     0410     
#define COFF_ZMAGIC     0413     
#define COFF_SHMAGIC	0443

	if ((buf[0] != 037) || ((buf[1] != 0213) && (buf[1] != 0236))) {

	((magic[1] != 0213) && (magic[1] != 0236))) {

And maybe those last 2 tests for gzip identification should be combined
into some static inline and use something other than magic constants.

Powered by blists - more mailing lists