| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Jun 2021 09:05:18 +0000
From: "Ksr, Prasanth" <Prasanth.Ksr@...l.com>
To: Hans de Goede <hdegoede@...hat.com>,
Prasanth KSR <kosigiprasanth@...il.com>,
"dvhart@...radead.org" <dvhart@...radead.org>
CC: LKML <linux-kernel@...r.kernel.org>,
"platform-driver-x86@...r.kernel.org"
<platform-driver-x86@...r.kernel.org>,
"Bharathi, Divya" <Divya.Bharathi@...l.com>
Subject: RE: [PATCH] platform/x86: dell-wmi-sysman: Change user experience
when Admin/System Password is modified
Hi,
> -----Original Message-----
> From: Hans de Goede <hdegoede@...hat.com>
> Sent: Monday, June 28, 2021 2:32 PM
> To: Prasanth KSR; dvhart@...radead.org
> Cc: LKML; platform-driver-x86@...r.kernel.org; Ksr, Prasanth; Bharathi, Divya
> Subject: Re: [PATCH] platform/x86: dell-wmi-sysman: Change user experience
> when Admin/System Password is modified
>
>
> [EXTERNAL EMAIL]
>
> Hi,
>
> On 6/28/21 10:49 AM, Prasanth KSR wrote:
> > Whenever user has changed an Admin/System Password using the sysfs,
> > then we are automatically copying the new password to existing
> > password field.
> >
> > Co-developed-by: Divya Bharathi <divya.bharathi@...l.com>
> > Signed-off-by: Divya Bharathi <divya.bharathi@...l.com>
> > Signed-off-by: Prasanth KSR <prasanth.ksr@...l.com>
>
> Thank you.
>
> I assume this was tested? The reason I'm asking because in the Lenovo Think*
> case it turned out that the modified password only becomes active after a reboot,
> so the right thing to do there was to just keep current_password as is.
>
Yes it is tested and Dell BIOS Admin/System password do not require a reboot to be active.
> Regards,
>
> Hans
>
>
>
> > ---
> > .../x86/dell/dell-wmi-sysman/passwordattr-interface.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git
> > a/drivers/platform/x86/dell/dell-wmi-sysman/passwordattr-interface.c
> > b/drivers/platform/x86/dell/dell-wmi-sysman/passwordattr-interface.c
> > index 339a082d6c18..86ec962aace9 100644
> > ---
> > a/drivers/platform/x86/dell/dell-wmi-sysman/passwordattr-interface.c
> > +++ b/drivers/platform/x86/dell/dell-wmi-sysman/passwordattr-interface
> > +++ .c
> > @@ -95,9 +95,9 @@ int set_new_password(const char *password_type,
> > const char *new)
> >
> > print_hex_dump_bytes("set new password data: ", DUMP_PREFIX_NONE,
> buffer, buffer_size);
> > ret = call_password_interface(wmi_priv.password_attr_wdev, buffer,
> buffer_size);
> > - /* clear current_password here and use user input from
> wmi_priv.current_password */
> > + /* on success copy the new password to current password */
> > if (!ret)
> > - memset(current_password, 0, MAX_BUFF);
> > + strscpy(current_password, new, MAX_BUFF);
> > /* explain to user the detailed failure reason */
> > else if (ret == -EOPNOTSUPP)
> > dev_err(&wmi_priv.password_attr_wdev->dev, "admin password
> must be
> > configured\n");
> >
Powered by blists - more mailing lists