lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 9 Mar 2021 11:45:46 +0000
From:   Satya Tangirala <satyat@...gle.com>
To:     Jia-Ju Bai <baijiaju1990@...il.com>
Cc:     axboe@...nel.dk, linux-block@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] block: keyslot-manager: fix error return code of
 blk_ksm_evict_key()

On Tue, Mar 09, 2021 at 01:18:12AM -0800, Jia-Ju Bai wrote:
> When blk_ksm_find_keyslot() returns NULL to slot, no error return code
> of blk_ksm_evict_key() is assigned.
> To fix this bug, err is assigned with -ENOENT in this case.
> 
> Fixes: 1b2628397058 ("block: Keyslot Manager for Inline Encryption")
> Reported-by: TOTE Robot <oslab@...nghua.edu.cn>
> Signed-off-by: Jia-Ju Bai <baijiaju1990@...il.com>
> ---
>  block/keyslot-manager.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/block/keyslot-manager.c b/block/keyslot-manager.c
> index 2c4a55bea6ca..4dd5da0645bc 100644
> --- a/block/keyslot-manager.c
> +++ b/block/keyslot-manager.c
> @@ -375,8 +375,10 @@ int blk_ksm_evict_key(struct blk_keyslot_manager *ksm,
>  
>  	blk_ksm_hw_enter(ksm);
>  	slot = blk_ksm_find_keyslot(ksm, key);
> -	if (!slot)
> +	if (!slot) {
> +		err = -ENOENT;
>  		goto out_unlock;
> +	}
>  
>  	if (WARN_ON_ONCE(atomic_read(&slot->slot_refs) != 0)) {
>  		err = -EBUSY;
> -- 
> 2.17.1
> 
This function was deliberately designed to return 0 on success *and also*
if there's no keyslot found with the specified key - i.e. it returns 0 if
the key is no longer programmed into the keyslot manager, which is what the
callers care about, so I don't think there's a bug here.

Also if we were to apply this patch, we'd also need to change the callers
to handle this new -ENOENT case (and not treat it as an error/not propogate
-ENOENT in e.g. dm_keyslot_evict_callback()).

Is there a reason we want to change the behaviour of this function?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ