| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5gj3rxxf7tgolj72mxwnbjirxrlx3pezvqcegyiuenwr55njoo@6dg2toxu6vah>
Date: Fri, 7 Jun 2024 20:27:15 +0800
From: Coiby Xu <coxu@...hat.com>
To: Baoquan He <bhe@...hat.com>
Cc: kexec@...ts.infradead.org, Ondrej Kozina <okozina@...hat.com>,
Milan Broz <gmazyland@...il.com>, Thomas Staudt <tstaudt@...ibm.com>,
Daniel P . Berrangé <berrange@...hat.com>, Kairui Song <ryncsn@...il.com>,
Jan Pazdziora <jpazdziora@...hat.com>, Pingfan Liu <kernelfans@...il.com>,
Dave Young <dyoung@...hat.com>, linux-kernel@...r.kernel.org, x86@...nel.org,
Dave Hansen <dave.hansen@...el.com>, Vitaly Kuznetsov <vkuznets@...hat.com>,
Vivek Goyal <vgoyal@...hat.com>, Kees Cook <keescook@...omium.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
"open list:KERNEL HARDENING (not covered by other areas):Keyword:b__counted_byb" <linux-hardening@...r.kernel.org>
Subject: Re: [PATCH v4 2/7] crash_dump: make dm crypt keys persist for the
kdump kernel
On Wed, Jun 05, 2024 at 04:22:12PM +0800, Baoquan He wrote:
>On 05/23/24 at 01:04pm, Coiby Xu wrote:
>.....
>> diff --git a/kernel/crash_dump_dm_crypt.c b/kernel/crash_dump_dm_crypt.c
>> new file mode 100644
>> index 000000000000..78809189084a
>> --- /dev/null
>> +++ b/kernel/crash_dump_dm_crypt.c
>> @@ -0,0 +1,113 @@
>> +// SPDX-License-Identifier: GPL-2.0-only
[...]
>> +
>> +static unsigned int key_count;
>> +static size_t keys_header_size;
>
>These two global variables seems not so necessary. Please see comment at
>below.
Thanks for the comment! But I think it's better to keep these two static
variables for reasons as will be explained later.
>
>> +
>> +struct dm_crypt_key {
>> + unsigned int key_size;
>> + char key_desc[KEY_DESC_LEN];
>> + u8 data[KEY_SIZE_MAX];
>> +};
>> +
>> +static struct keys_header {
>> + unsigned int key_count;
> ~~~~~~~~
> This is the max number a system have from init();
>You can add one field member to record how many key slots have been
>used.
>> + struct dm_crypt_key keys[] __counted_by(key_count);
>> +} *keys_header;
>
>Maybe we can rearrange the keys_header like below, the name may not be
>very appropriate though.
>
>static struct keys_header {
> unsigned int max_key_slots;
> unsigned int used_key_slots;
> struct dm_crypt_key keys[] __counted_by(key_count);
>} *keys_header;
Thanks for the suggestion! Since 1) KEY_NUM_MAX already defines the
maximum number of dm crypt keys 2) we only need to let the kdump kernel
now how many keys are saved, so I simply use total_keys instead of
key_count in struct keys_header in v5,
static struct keys_header {
unsigned int total_keys;
struct dm_crypt_key keys[] __counted_by(total_keys);
} *keys_header;
Hopefully this renaming will improve code readability.
>
>>
>
>> +
>> +static size_t get_keys_header_size(struct keys_header *keys_header,
>> + size_t key_count)
>> +{
>> + return struct_size(keys_header, keys, key_count);
>> +}
>
>I personally don't think get_keys_header_size is so necessary. If we
>have to keep it, may be we can remove the global variable
>keys_header_size, we can call get_keys_header_size() and use local
>variable to record the value instead.
Thanks for the suggestion! But the kdump kernel also need to call
get_keys_header_size in later patches.
--
Best regards,
Coiby
Powered by blists - more mailing lists