| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Jan 2024 10:25:47 -0800 From: Dan Williams <dan.j.williams@...el.com> To: Jarkko Sakkinen <jarkko@...nel.org>, "Verma, Vishal L" <vishal.l.verma@...el.com>, "zohar@...ux.ibm.com" <zohar@...ux.ibm.com>, "paul@...l-moore.com" <paul@...l-moore.com>, "dhowells@...hat.com" <dhowells@...hat.com>, "yaelt@...gle.com" <yaelt@...gle.com>, "serge@...lyn.com" <serge@...lyn.com>, "nichen@...as.ac.cn" <nichen@...as.ac.cn>, "sumit.garg@...aro.org" <sumit.garg@...aro.org>, "jmorris@...ei.org" <jmorris@...ei.org> CC: "Jiang, Dave" <dave.jiang@...el.com>, "linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>, "linux-cxl@...r.kernel.org" <linux-cxl@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "Williams, Dan J" <dan.j.williams@...el.com>, "keyrings@...r.kernel.org" <keyrings@...r.kernel.org>, "linux-security-module@...r.kernel.org" <linux-security-module@...r.kernel.org>, "nvdimm@...ts.linux.dev" <nvdimm@...ts.linux.dev> Subject: Re: [PATCH] KEYS: encrypted: Add check for strsep Jarkko Sakkinen wrote: > On Tue Jan 30, 2024 at 7:22 PM EET, Jarkko Sakkinen wrote: > > On Wed Jan 24, 2024 at 11:10 PM EET, Verma, Vishal L wrote: > > > On Wed, 2024-01-24 at 15:40 -0500, Mimi Zohar wrote: > > > > On Wed, 2024-01-24 at 20:10 +0000, Verma, Vishal L wrote: > > > > > > > > > > > Ah, thanks for confirming! Would you like me to send a revert patch or > > > > > will you do it? > > > > > > > > Revert "KEYS: encrypted: Add check for strsep" > > > > > > > > This reverts commit b4af096b5df5dd131ab796c79cedc7069d8f4882. > > > > > > > > New encrypted keys are created either from kernel-generated random > > > > numbers or user-provided decrypted data. Revert the change requiring > > > > user-provided decrypted data. > > > > > > > > > > > > Can I add your Reported-by? > > > > > > Yes that works, Thank you. > > > > This went totally wrong IMHO. > > > > Priority should be to locate and fix the bug not revert useful stuff > > when a bug is found that has limited scope. > > By guidelines here the commit is also a bug fix and reverting > such commit means seeding a bug to the mainline. Also the klog > message alone is a bug fix here. So also by book it really has > to come back as it was already commit because we cannot > knowingly mount bugs to the mainline, right? No, the commit broke userspace. The rule is do not cause regressions even if userspace is abusing the ABI in an undesirable way. Even the new pr_info() is a log spamming behavior change, a pr_debug() might be suitable, but otherwise a logic change here needs a clear description about what is broken about the old userspace behavior and why the kernel can not possibly safely handle it.
Powered by blists - more mailing lists