On 2021-05-25 12:29 p.m., Hans de Goede wrote:
> Hi,
>
> On 5/25/21 5:14 PM, Mark Pearson wrote:
>> Hi Andy,
>>
>>>> +static ssize_t current_password_store(struct kobject *kobj,
>>>> + struct kobj_attribute *attr,
>>>> + const char *buf, size_t count)
>>>> +{
>>>> + struct tlmi_pwd_setting *setting = container_of(kobj, struct tlmi_pwd_setting, kobj);
>>>> + int length;
>>>
>>>> + length = strlen(buf);
>>>> + if (buf[length-1] == '\n')
>>>> + length--;
>>>
>>> This will prevent you from using \n in the password. Why?
>> The BIOS doesn't like it - so we strip it out :)
>
> Erm, I don't believe that that is the whole story, there are 2
> separate things at play here:
>
> 1. When entering the BIOS password at system power-on pressing
> enter means you're done and the BIOS should check what you've
> just entered as password before pressing the enter key, so the
> password can never contain '\n' since the enter key is the
> terminator for entering the password at boot
>
> 2. People often use sysfs files by doing things like this:
>
> echo mysecretpassword > /sys/.../current_password
>
> And the "echo" shell command will then add an extra '\n' this
> is why you will see code like this to strip the '\n' in functions
> which use the input string as is (instead of doing strtol,
> sysfs_match_string or something else which does not care about a
> terminating '\n' already, note that functions like sysfs_str_equals
> and sysfs_match_string are special helpers for not caring about
> the '\n' without needing to strip it (because stripping it
> requires a strdup).
>
> So what is happening here is simply stripping the '\n' which may
> have been added by echo (if it was added).
>
> Regards,
>
> Hans
>
Agreed on all, I guess I was giving the story summary :)
I've been using this method in testing and if the \n gets passed on then
you'll get an error returned - the BIOS doesn't like it.
I've no idea if this is Lenovo specific or not. I'll document it as a
Lenovo specific case unless there are objections.
Mark
