lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Jul 2020 11:43:42 -0700 From: Dave Jiang <dave.jiang@...el.com> To: Dan Williams <dan.j.williams@...el.com>, linux-nvdimm@...ts.01.org Cc: Vishal Verma <vishal.l.verma@...el.com>, Ira Weiny <ira.weiny@...el.com>, David Howells <dhowells@...hat.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] libnvdimm/security: Fix key lookup permissions On 6/23/2020 9:35 PM, Dan Williams wrote: > As of commit 8c0637e950d6 ("keys: Make the KEY_NEED_* perms an enum rather > than a mask") lookup_user_key() needs an explicit declaration of what it > wants to do with the key. Add KEY_NEED_SEARCH to fix a warning with the > below signature, and fixes the inability to retrieve a key. > > WARNING: CPU: 15 PID: 6276 at security/keys/permission.c:35 key_task_permission+0xd3/0x140 > [..] > RIP: 0010:key_task_permission+0xd3/0x140 > [..] > Call Trace: > lookup_user_key+0xeb/0x6b0 > ? vsscanf+0x3df/0x840 > ? key_validate+0x50/0x50 > ? key_default_cmp+0x20/0x20 > nvdimm_get_user_key_payload.part.0+0x21/0x110 [libnvdimm] > nvdimm_security_store+0x67d/0xb20 [libnvdimm] > security_store+0x67/0x1a0 [libnvdimm] > kernfs_fop_write+0xcf/0x1c0 > vfs_write+0xde/0x1d0 > ksys_write+0x68/0xe0 > do_syscall_64+0x5c/0xa0 > entry_SYSCALL_64_after_hwframe+0x49/0xb3 > > Cc: Dan Williams <dan.j.williams@...el.com> > Cc: Vishal Verma <vishal.l.verma@...el.com> > Cc: Dave Jiang <dave.jiang@...el.com> > Cc: Ira Weiny <ira.weiny@...el.com> > Suggested-by: David Howells <dhowells@...hat.com> > Fixes: 8c0637e950d6 ("keys: Make the KEY_NEED_* perms an enum rather than a mask") > Signed-off-by: Dan Williams <dan.j.williams@...el.com> Reviewed-by: Dave Jiang <dave.jiang@...el.com> > --- > drivers/nvdimm/security.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c > index 89b85970912d..4cef69bd3c1b 100644 > --- a/drivers/nvdimm/security.c > +++ b/drivers/nvdimm/security.c > @@ -95,7 +95,7 @@ static struct key *nvdimm_lookup_user_key(struct nvdimm *nvdimm, > struct encrypted_key_payload *epayload; > struct device *dev = &nvdimm->dev; > > - keyref = lookup_user_key(id, 0, 0); > + keyref = lookup_user_key(id, 0, KEY_NEED_SEARCH); > if (IS_ERR(keyref)) > return NULL; > >
Powered by blists - more mailing lists