Hi,
On 5/25/21 5:14 PM, Mark Pearson wrote:
> Hi Andy,
>
>>> +static ssize_t current_password_store(struct kobject *kobj,
>>> + struct kobj_attribute *attr,
>>> + const char *buf, size_t count)
>>> +{
>>> + struct tlmi_pwd_setting *setting = container_of(kobj, struct tlmi_pwd_setting, kobj);
>>> + int length;
>>
>>> + length = strlen(buf);
>>> + if (buf[length-1] == '\n')
>>> + length--;
>>
>> This will prevent you from using \n in the password. Why?
> The BIOS doesn't like it - so we strip it out :)
Erm, I don't believe that that is the whole story, there are 2
separate things at play here:
1. When entering the BIOS password at system power-on pressing
enter means you're done and the BIOS should check what you've
just entered as password before pressing the enter key, so the
password can never contain '\n' since the enter key is the
terminator for entering the password at boot
2. People often use sysfs files by doing things like this:
echo mysecretpassword > /sys/.../current_password
And the "echo" shell command will then add an extra '\n' this
is why you will see code like this to strip the '\n' in functions
which use the input string as is (instead of doing strtol,
sysfs_match_string or something else which does not care about a
terminating '\n' already, note that functions like sysfs_str_equals
and sysfs_match_string are special helpers for not caring about
the '\n' without needing to strip it (because stripping it
requires a strdup).
So what is happening here is simply stripping the '\n' which may
have been added by echo (if it was added).
Regards,
Hans
