| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Mar 2023 16:13:31 +0000
From: David Howells <dhowells@...hat.com>
To: Shreenidhi Shedi <yesshedi@...il.com>
Cc: dhowells@...hat.com, dwmw2@...radead.org,
gregkh@...uxfoundation.org, linux-kernel@...r.kernel.org,
sshedi@...are.com
Subject: Re: [ PATCH v4 3/6] sign-file: add support sign modules in bulk
Shreenidhi Shedi <yesshedi@...il.com> wrote:
> @@ -378,6 +385,16 @@ static int sign_file(int argc, char **argv, struct cmd_opts *opts)
> use_signed_attrs = PKCS7_NOATTR;
> #endif
>
> + for (i = 0; i < argc; i++) {
> + module_name = argv[i];
> +
> + if (bulk_sign) {
> + ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0,
> + "asprintf");
> + if (!replace_orig)
> + replace_orig = true;
> + }
> +
> /* Open the module file */
> bm = BIO_new_file(module_name, "rb");
> ERR(!bm, "%s", module_name);
> @@ -486,6 +503,7 @@ static int sign_file(int argc, char **argv, struct cmd_opts *opts)
> /* Finally, if we're signing in place, replace the original. */
> if (replace_orig)
> ERR(rename(dest_name, module_name) < 0, "%s", dest_name);
> + }
>
> return 0;
> }
This looks a bit weird (I know the next patch applies the indent). I would
recommend putting the existing part of the loop body into its own function -
say sign_one_file() - and then call that from the loop.
David
Powered by blists - more mailing lists