lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aFLbgkhB5Q4ZbAZl@agluck-desk3>
Date: Wed, 18 Jun 2025 08:30:10 -0700
From: "Luck, Tony" <tony.luck@...el.com>
To: Dan Carpenter <dan.carpenter@...aro.org>
Cc: Zaid Alali <zaidal@...amperecomputing.com>, rafael@...nel.org,
	lenb@...nel.org, james.morse@....com, bp@...en8.de, kees@...nel.org,
	gustavoars@...nel.org, Jonathan.Cameron@...wei.com,
	sudeep.holla@....com, jonathanh@...dia.com,
	u.kleine-koenig@...libre.com, viro@...iv.linux.org.uk,
	ira.weiny@...el.com, alison.schofield@...el.com,
	dan.j.williams@...el.com, gregkh@...uxfoundation.org,
	peterz@...radead.org, dave.jiang@...el.com,
	Benjamin.Cheatham@....com, linux-acpi@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH v9 5/7] ACPI: APEI: EINJ: Create debugfs files to enter
 device id and syndrome

On Wed, Jun 18, 2025 at 06:21:39PM +0300, Dan Carpenter wrote:
> On Thu, Jun 12, 2025 at 04:13:25PM -0700, Zaid Alali wrote:
> > +static ssize_t u128_read(struct file *f, char __user *buf, size_t count, loff_t *off)
> > +{
> > +	char output[2 * COMPONENT_LEN + 1];
> > +	u8 *data = f->f_inode->i_private;
> > +	int i;
> > +
> > +	if (*off >= sizeof(output))
> > +		return 0;
> 
> No need for this check.  simple_read_from_buffer() will do the
> right thing.

True. But why waste cycles populating the output buffer
when it will be ignored? The normal flow here is that
a user will likely try to read a <stdio.h> sized buffer
and get back 33 bytes. Then read again to find EOF. That
second read doesn't need to do all the "sprintf()"s.

> regards,
> dan carpenter
> 
> > +
> > +	for (i = 0; i < COMPONENT_LEN; i++)
> > +		sprintf(output + 2 * i, "%.02x", data[COMPONENT_LEN - i - 1]);
> > +	output[2 * COMPONENT_LEN] = '\n';
> > +
> > +	return simple_read_from_buffer(buf, count, off, output, sizeof(output));
> > +}

-Tony

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ