lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <0e5f3dcd-ac0a-902e-f9fb-b2178cd17a99@linux.ibm.com>
Date:   Fri, 10 Feb 2023 15:47:55 -0500
From:   Stefan Berger <stefanb@...ux.ibm.com>
To:     Andrew Donnellan <ajd@...ux.ibm.com>,
        linuxppc-dev@...ts.ozlabs.org, linux-integrity@...r.kernel.org
Cc:     ruscur@...sell.cc, bgray@...ux.ibm.com, nayna@...ux.ibm.com,
        gcwilson@...ux.ibm.com, gjoyce@...ux.ibm.com, brking@...ux.ibm.com,
        sudhakar@...ux.ibm.com, erichte@...ux.ibm.com,
        gregkh@...uxfoundation.org, linux-kernel@...r.kernel.org,
        zohar@...ux.ibm.com, joel@....id.au, npiggin@...il.com
Subject: Re: [PATCH v6 21/26] powerpc/pseries: Clarify warning when PLPKS
 password already set



On 2/10/23 03:03, Andrew Donnellan wrote:
> When the H_PKS_GEN_PASSWORD hcall returns H_IN_USE, operations that require
> authentication (i.e. anything other than reading a world-readable variable)
> will not work.
> 
> The current error message doesn't explain this clearly enough. Reword it
> to emphasise that authenticated operations will fail.

typo: -> emphasize

> 
> Signed-off-by: Andrew Donnellan <ajd@...ux.ibm.com>
> 
> ---
> 
> v6: New patch
> ---
>   arch/powerpc/platforms/pseries/plpks.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/powerpc/platforms/pseries/plpks.c b/arch/powerpc/platforms/pseries/plpks.c
> index 926b6a927326..01ae919b4497 100644
> --- a/arch/powerpc/platforms/pseries/plpks.c
> +++ b/arch/powerpc/platforms/pseries/plpks.c
> @@ -146,7 +146,7 @@ static int plpks_gen_password(void)
>   		memcpy(ospassword, password, ospasswordlength);
>   	} else {
>   		if (rc == H_IN_USE) {
> -			pr_warn("Password is already set for POWER LPAR Platform KeyStore\n");
> +			pr_warn("Password already set - authenticated operations will fail\n");
>   			rc = 0;
>   		} else {
>   			goto out;

Reviewed-by: Stefan Berger <stefanb@...ux.ibm.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ