[Intel-gfx] [PATCH maintainer-tools] dim: Replace git commit --amend from dim_apply with dimrc option

Lukas Wunner lukas at wunner.de
Fri Nov 13 07:34:07 PST 2015


Hi Ander,

On Fri, Nov 13, 2015 at 05:05:09PM +0200, Ander Conselvan de Oliveira wrote:
> Introduce DIM_POST_APPLY_ACTION to dimrc that allows the user to specify
> a command to be run after a patch is applied. Use eval so enviroment
> variables can be overriden with the option. For example:
> 
> DIM_POST_APPLY_ACTION="EDITOR=\"gedit -w\" git commit --amend"

So an attacker wishing to smuggle a backdoor into the Linux kernel
only needs to find a way to modify that environment variable on
an Intel developers' machine.

If dim is invoked with $EDITOR set, this should be inherited to
child processes anyway, so it seems unnecessary to call eval.

Just my 2 cents,

Lukas

> 
> Signed-off-by: Ander Conselvan de Oliveira <ander.conselvan.de.oliveira at intel.com>
> ---
>  dim          | 2 +-
>  dimrc.sample | 3 +++
>  2 files changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/dim b/dim
> index db92c57..b7c7ef7 100755
> --- a/dim
> +++ b/dim
> @@ -383,7 +383,7 @@ function dim_apply
>  		commit_add_tag "Link" "http://patchwork.freedesktop.org/patch/msgid/$message_id"
>  	fi
>  
> -	git commit --amend &
> +	eval $DRY $DIM_POST_APPLY_ACTION
>  }
>  
>  function magic_patch
> diff --git a/dimrc.sample b/dimrc.sample
> index 5687eaf..9f30cb2 100644
> --- a/dimrc.sample
> +++ b/dimrc.sample
> @@ -21,3 +21,6 @@
>  # Mail User Agent supporting a subset of mutt(1) command line options:
>  # [-s subject] [-i file] [-c cc-addr] to-addr [...]
>  #DIM_MUA=mutt
> +
> +# Command to run after dim apply
> +#DIM_POST_APPLY_ACTION=git commit --amend
> -- 
> 2.4.3
> 
> _______________________________________________
> Intel-gfx mailing list
> Intel-gfx at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/intel-gfx


More information about the Intel-gfx mailing list