lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAOOmCE9PFi5Xwmyr4jMPZ7LgofPY1fwLW71itfXw1km50B-Ybg@mail.gmail.com>
Date:   Mon, 14 Aug 2023 08:44:27 -0500
From:   Jorge Lopez <jorgealtxwork@...il.com>
To:     Hans de Goede <hdegoede@...hat.com>
Cc:     platform-driver-x86@...r.kernel.org, linux-kernel@...r.kernel.org,
        thomas@...ch.de, ilpo.jarvinen@...ux.intel.com,
        dan.carpenter@...aro.org
Subject: Re: [PATCH] hp-bioscfg: Update steps how order list elements are evaluated

Hi Hans,

On Mon, Aug 14, 2023 at 3:41 AM Hans de Goede <hdegoede@...hat.com> wrote:
>
> Hi Jorge,
>
> On 8/9/23 23:07, Jorge Lopez wrote:
> > Update steps how order list elements data and elements size are
> > evaluated
> >
> > Signed-off-by: Jorge Lopez <jorge.lopez2@...com>
> >
> > ---
> > Based on the latest platform-drivers-x86.git/for-next
> > ---
> >  .../x86/hp/hp-bioscfg/order-list-attributes.c    | 16 ++++++++++++++--
> >  1 file changed, 14 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/platform/x86/hp/hp-bioscfg/order-list-attributes.c b/drivers/platform/x86/hp/hp-bioscfg/order-list-attributes.c
> > index b19644ed12e0..d2b61ab950d4 100644
> > --- a/drivers/platform/x86/hp/hp-bioscfg/order-list-attributes.c
> > +++ b/drivers/platform/x86/hp/hp-bioscfg/order-list-attributes.c
> > @@ -152,7 +152,7 @@ static int hp_populate_ordered_list_elements_from_package(union acpi_object *ord
> >
> >               switch (order_obj[elem].type) {
> >               case ACPI_TYPE_STRING:
> > -                     if (elem != PREREQUISITES && elem != ORD_LIST_ELEMENTS) {
> > +                     if (elem != PREREQUISITES) {
> >                               ret = hp_convert_hexstr_to_str(order_obj[elem].string.pointer,
> >                                                              order_obj[elem].string.length,
> >                                                              &str_value, &value_len);
> > @@ -266,6 +266,15 @@ static int hp_populate_ordered_list_elements_from_package(union acpi_object *ord
> >                       if (ret)
> >                               goto exit_list;
> >
> > +                     /*
> > +                      * It is expected for the element size value
> > +                      * to be 1 and not to represent the actual
> > +                      * number of elements stored in comma
> > +                      * separated format. element size value is
> > +                      * recalculated to report the correct number
> > +                      * of data elements found.
> > +                      */
> > +
> >                       part_tmp = tmpstr;
> >                       part = strsep(&part_tmp, COMMA_SEP);
> >                       if (!part)
> > @@ -273,11 +282,14 @@ static int hp_populate_ordered_list_elements_from_package(union acpi_object *ord
> >                                       tmpstr,
> >                                       sizeof(ordered_list_data->elements[0]));
> >
> > -                     for (olist_elem = 1; olist_elem < MAX_ELEMENTS_SIZE && part; olist_elem++) {
> > +                     for (olist_elem = 0; olist_elem < MAX_ELEMENTS_SIZE && part; olist_elem++) {
> >                               strscpy(ordered_list_data->elements[olist_elem],
> >                                       part,
> >                                       sizeof(ordered_list_data->elements[olist_elem]));
> > +
> >                               part = strsep(&part_tmp, COMMA_SEP);
> > +                             if (part && ordered_list_data->elements_size < MAX_ELEMENTS_SIZE)
> > +                                     ordered_list_data->elements_size++;
> >                       }
>
> I believe that you can replace the:
>
>                                 if (part && ordered_list_data->elements_size < MAX_ELEMENTS_SIZE)
>                                         ordered_list_data->elements_size++;
>                         }
>
> Lines with simply (after the loop has finished) doing:
>
>                         }
>                         ordered_list_data->elements_size = olist_elem'
>
> Or am I missing something ?

The lines cannot be replaced with a single line for several reasons,
1. elements_size is initially set to 1 and it is only incremented when
a COMMA_SEP is found.  (See part variable)
2. Limit the number of element_size to  MAX_ELEMENTS_SIZE.  The user
requires entering all items in the new order when a change is needed.
For instance, updating boot order.
3. Limiting  elements_size and not just olist_elem to to
MAX_ELEMENTS_SIZE removes the possibility of  array overflow
(ordered_list_data->elements[..]).   olist_elem value is 0 (zero)
based while elements_size is 1 based
>
> Regards,
>
> Hans
>
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ