lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4285b8ed-585c-2290-044b-8b6a3c6c0640@gmail.com>
Date:   Tue, 9 Mar 2021 21:36:55 +0800
From:   Jia-Ju Bai <baijiaju1990@...il.com>
To:     Satya Tangirala <satyat@...gle.com>
Cc:     axboe@...nel.dk, linux-block@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] block: keyslot-manager: fix error return code of
 blk_ksm_evict_key()



On 2021/3/9 19:45, Satya Tangirala wrote:
> On Tue, Mar 09, 2021 at 01:18:12AM -0800, Jia-Ju Bai wrote:
>> When blk_ksm_find_keyslot() returns NULL to slot, no error return code
>> of blk_ksm_evict_key() is assigned.
>> To fix this bug, err is assigned with -ENOENT in this case.
>>
>> Fixes: 1b2628397058 ("block: Keyslot Manager for Inline Encryption")
>> Reported-by: TOTE Robot <oslab@...nghua.edu.cn>
>> Signed-off-by: Jia-Ju Bai <baijiaju1990@...il.com>
>> ---
>>   block/keyslot-manager.c | 4 +++-
>>   1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/block/keyslot-manager.c b/block/keyslot-manager.c
>> index 2c4a55bea6ca..4dd5da0645bc 100644
>> --- a/block/keyslot-manager.c
>> +++ b/block/keyslot-manager.c
>> @@ -375,8 +375,10 @@ int blk_ksm_evict_key(struct blk_keyslot_manager *ksm,
>>   
>>   	blk_ksm_hw_enter(ksm);
>>   	slot = blk_ksm_find_keyslot(ksm, key);
>> -	if (!slot)
>> +	if (!slot) {
>> +		err = -ENOENT;
>>   		goto out_unlock;
>> +	}
>>   
>>   	if (WARN_ON_ONCE(atomic_read(&slot->slot_refs) != 0)) {
>>   		err = -EBUSY;
>> -- 
>> 2.17.1
>>
> This function was deliberately designed to return 0 on success *and also*
> if there's no keyslot found with the specified key - i.e. it returns 0 if
> the key is no longer programmed into the keyslot manager, which is what the
> callers care about, so I don't think there's a bug here.

Thanks for the reply and explanation!
It seems like a false positive here, and I am sorry for this false report.


Best wishes,
Jia-Ju Bai

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ