Re: [PATCH] Replace HTTP links with HTTPS ones: BPF (Safe dynamic programs and tools)

From: Alexei Starovoitov
Date: Thu Jul 02 2020 - 18:08:30 EST

Next message: Wolfram Sang: "[PATCH v2] firmware: improve description of firmware_request_nowarn"
Previous message: Randy Dunlap: "[RFC] many-files Documentation patch"
In reply to: Alexander A. Klimov: "[PATCH] Replace HTTP links with HTTPS ones: BPF (Safe dynamic programs and tools)"
Next in thread: Alexander A. Klimov: "Re: [PATCH] Replace HTTP links with HTTPS ones: BPF (Safe dynamic programs and tools)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 2, 2020 at 1:05 PM Alexander A. Klimov
<grandmaster@xxxxxxxxxxxx> wrote:
>
> Rationale:
> Reduces attack surface on kernel devs opening the links for MITM
> as HTTPS traffic is much harder to manipulate.
>
> Deterministic algorithm:
> For each file:
> If not .svg:
> For each line:
> If doesn't contain `\bxmlns\b`:
> For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
> If both the HTTP and HTTPS versions
> return 200 OK and serve the same content:
> Replace HTTP with HTTPS.
>
> Signed-off-by: Alexander A. Klimov <grandmaster@xxxxxxxxxxxx>
> ---
> Continuing my work started at 93431e0607e5.
>
> If there are any URLs to be removed completely or at least not HTTPSified:
> Just clearly say so and I'll *undo my change*.
> See also https://lkml.org/lkml/2020/6/27/64
>
> If there are any valid, but yet not changed URLs:
> See https://lkml.org/lkml/2020/6/26/837
>
> Documentation/bpf/bpf_devel_QA.rst | 4 ++--
> Documentation/bpf/index.rst | 2 +-
> Documentation/networking/af_xdp.rst | 2 +-
> Documentation/networking/filter.rst | 2 +-
> arch/x86/net/bpf_jit_comp.c | 2 +-
> include/linux/bpf.h | 2 +-
> include/linux/bpf_verifier.h | 2 +-
> include/uapi/linux/bpf.h | 2 +-
> kernel/bpf/arraymap.c | 2 +-
> kernel/bpf/core.c | 2 +-
> kernel/bpf/disasm.c | 2 +-
> kernel/bpf/disasm.h | 2 +-
> kernel/bpf/hashtab.c | 2 +-
> kernel/bpf/helpers.c | 2 +-
> kernel/bpf/syscall.c | 2 +-
> kernel/bpf/verifier.c | 2 +-
> kernel/trace/bpf_trace.c | 2 +-
> lib/test_bpf.c | 2 +-
> net/core/filter.c | 2 +-
> samples/bpf/lathist_kern.c | 2 +-
> samples/bpf/lathist_user.c | 2 +-
> samples/bpf/sockex3_kern.c | 2 +-
> samples/bpf/tracex1_kern.c | 2 +-
> samples/bpf/tracex2_kern.c | 2 +-
> samples/bpf/tracex3_kern.c | 2 +-
> samples/bpf/tracex3_user.c | 2 +-
> samples/bpf/tracex4_kern.c | 2 +-
> samples/bpf/tracex4_user.c | 2 +-
> samples/bpf/tracex5_kern.c | 2 +-
> tools/include/uapi/linux/bpf.h | 2 +-
> tools/lib/bpf/bpf.c | 2 +-
> tools/lib/bpf/bpf.h | 2 +-
> tools/testing/selftests/bpf/test_maps.c | 2 +-
> tools/testing/selftests/bpf/test_verifier.c | 2 +-
> 34 files changed, 35 insertions(+), 35 deletions(-)

Nacked-by: Alexei Starovoitov <ast@xxxxxxxxxx>

Pls don't touch anything bpf related with such changes.

Next message: Wolfram Sang: "[PATCH v2] firmware: improve description of firmware_request_nowarn"
Previous message: Randy Dunlap: "[RFC] many-files Documentation patch"
In reply to: Alexander A. Klimov: "[PATCH] Replace HTTP links with HTTPS ones: BPF (Safe dynamic programs and tools)"
Next in thread: Alexander A. Klimov: "Re: [PATCH] Replace HTTP links with HTTPS ones: BPF (Safe dynamic programs and tools)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]