Skip to main content

Browse the archive

Revision 91194e9b046e18ed813d4632e1c72683aac944ad authored by Alexander A. Klimov on 12 July 2020, 11:11:18 UTC, committed by Rich Felker on 15 August 2020, 02:05:12 UTC 
sh: Replace HTTP links with HTTPS ones
 
Rationale:
Reduces attack surface on kernel devs opening the links for MITM
as HTTPS traffic is much harder to manipulate.

Deterministic algorithm:
For each file:
  If not .svg:
    For each line:
      If doesn't contain `\bxmlns\b`:
        For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
	  If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`:
            If both the HTTP and HTTPS versions
            return 200 OK and serve the same content:
              Replace HTTP with HTTPS.

Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>
Signed-off-by: Rich Felker <dalias@libc.org>
1 parent e1a8d38
Raw File
netdev-notifier-error-inject.c 
// SPDX-License-Identifier: GPL-2.0-only
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/netdevice.h>

#include "notifier-error-inject.h"

static int priority;
module_param(priority, int, 0);
MODULE_PARM_DESC(priority, "specify netdevice notifier priority");

static struct notifier_err_inject netdev_notifier_err_inject = {
	.actions = {
		{ NOTIFIER_ERR_INJECT_ACTION(NETDEV_REGISTER) },
		{ NOTIFIER_ERR_INJECT_ACTION(NETDEV_CHANGEMTU) },
		{ NOTIFIER_ERR_INJECT_ACTION(NETDEV_CHANGENAME) },
		{ NOTIFIER_ERR_INJECT_ACTION(NETDEV_PRE_UP) },
		{ NOTIFIER_ERR_INJECT_ACTION(NETDEV_PRE_TYPE_CHANGE) },
		{ NOTIFIER_ERR_INJECT_ACTION(NETDEV_POST_INIT) },
		{ NOTIFIER_ERR_INJECT_ACTION(NETDEV_PRECHANGEMTU) },
		{ NOTIFIER_ERR_INJECT_ACTION(NETDEV_PRECHANGEUPPER) },
		{ NOTIFIER_ERR_INJECT_ACTION(NETDEV_CHANGEUPPER) },
		{}
	}
};

static struct dentry *dir;

static int netdev_err_inject_init(void)
{
	int err;

	dir = notifier_err_inject_init("netdev", notifier_err_inject_dir,
				       &netdev_notifier_err_inject, priority);
	if (IS_ERR(dir))
		return PTR_ERR(dir);

	err = register_netdevice_notifier(&netdev_notifier_err_inject.nb);
	if (err)
		debugfs_remove_recursive(dir);

	return err;
}

static void netdev_err_inject_exit(void)
{
	unregister_netdevice_notifier(&netdev_notifier_err_inject.nb);
	debugfs_remove_recursive(dir);
}

module_init(netdev_err_inject_init);
module_exit(netdev_err_inject_exit);

MODULE_DESCRIPTION("Netdevice notifier error injection module");
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Nikolay Aleksandrov <razor@blackwall.org>");
back to top