lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 10 Feb 2021 19:00:46 +0200
From:   Jarkko Sakkinen <jarkko@...nel.org>
To:     Sumit Garg <sumit.garg@...aro.org>
Cc:     jarkko.sakkinen@...ux.intel.com, zohar@...ux.ibm.com,
        jejb@...ux.ibm.com, dhowells@...hat.com, jens.wiklander@...aro.org,
        corbet@....net, jmorris@...ei.org, serge@...lyn.com,
        casey@...aufler-ca.com, janne.karhunen@...il.com,
        daniel.thompson@...aro.org, Markus.Wamser@...ed-mode.de,
        lhinds@...hat.com, keyrings@...r.kernel.org,
        linux-integrity@...r.kernel.org,
        linux-security-module@...r.kernel.org, linux-doc@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        op-tee@...ts.trustedfirmware.org
Subject: Re: [PATCH v8 1/4] KEYS: trusted: Add generic trusted keys framework

On Tue, Nov 03, 2020 at 09:31:43PM +0530, Sumit Garg wrote:
> +	case Opt_new:
> +		key_len = payload->key_len;
> +		ret = static_call(trusted_key_get_random)(payload->key,
> +							  key_len);
> +		if (ret != key_len) {
> +			pr_info("trusted_key: key_create failed (%d)\n", ret);
> +			goto out;
> +		}

This repeats a regression in existing code, i.e. does not check
"ret < 0" condition. I noticed this now when I rebased the code
on top of my fixes.

I.e. it's fixed in my master branch, which caused a merge conflict,
and I found this.

/Jarkko

Powered by blists - more mailing lists