| Message ID | 159297332630.1304143.237026690015653759.stgit@dwillia2-desk3.amr.corp.intel.com (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 813357fead4adee73f7eca6bbe0e69dfcf514dc6 |
| Headers | show |
| Series | libnvdimm/security: Fix key lookup permissions | expand |
On Tue, Jun 23, 2020 at 09:35:26PM -0700, Dan Williams wrote: > As of commit 8c0637e950d6 ("keys: Make the KEY_NEED_* perms an enum rather > than a mask") lookup_user_key() needs an explicit declaration of what it > wants to do with the key. Add KEY_NEED_SEARCH to fix a warning with the > below signature, and fixes the inability to retrieve a key. > > WARNING: CPU: 15 PID: 6276 at security/keys/permission.c:35 key_task_permission+0xd3/0x140 > [..] > RIP: 0010:key_task_permission+0xd3/0x140 > [..] > Call Trace: > lookup_user_key+0xeb/0x6b0 > ? vsscanf+0x3df/0x840 > ? key_validate+0x50/0x50 > ? key_default_cmp+0x20/0x20 > nvdimm_get_user_key_payload.part.0+0x21/0x110 [libnvdimm] > nvdimm_security_store+0x67d/0xb20 [libnvdimm] > security_store+0x67/0x1a0 [libnvdimm] > kernfs_fop_write+0xcf/0x1c0 > vfs_write+0xde/0x1d0 > ksys_write+0x68/0xe0 > do_syscall_64+0x5c/0xa0 > entry_SYSCALL_64_after_hwframe+0x49/0xb3 > > Cc: Dan Williams <dan.j.williams@intel.com> > Cc: Vishal Verma <vishal.l.verma@intel.com> > Cc: Dave Jiang <dave.jiang@intel.com> > Cc: Ira Weiny <ira.weiny@intel.com> Reviewed-by: Ira Weiny <ira.weiny@intel.com> > Suggested-by: David Howells <dhowells@redhat.com> > Fixes: 8c0637e950d6 ("keys: Make the KEY_NEED_* perms an enum rather than a mask") > Signed-off-by: Dan Williams <dan.j.williams@intel.com> > --- > drivers/nvdimm/security.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c > index 89b85970912d..4cef69bd3c1b 100644 > --- a/drivers/nvdimm/security.c > +++ b/drivers/nvdimm/security.c > @@ -95,7 +95,7 @@ static struct key *nvdimm_lookup_user_key(struct nvdimm *nvdimm, > struct encrypted_key_payload *epayload; > struct device *dev = &nvdimm->dev; > > - keyref = lookup_user_key(id, 0, 0); > + keyref = lookup_user_key(id, 0, KEY_NEED_SEARCH); > if (IS_ERR(keyref)) > return NULL; > >
On 6/23/2020 9:35 PM, Dan Williams wrote: > As of commit 8c0637e950d6 ("keys: Make the KEY_NEED_* perms an enum rather > than a mask") lookup_user_key() needs an explicit declaration of what it > wants to do with the key. Add KEY_NEED_SEARCH to fix a warning with the > below signature, and fixes the inability to retrieve a key. > > WARNING: CPU: 15 PID: 6276 at security/keys/permission.c:35 key_task_permission+0xd3/0x140 > [..] > RIP: 0010:key_task_permission+0xd3/0x140 > [..] > Call Trace: > lookup_user_key+0xeb/0x6b0 > ? vsscanf+0x3df/0x840 > ? key_validate+0x50/0x50 > ? key_default_cmp+0x20/0x20 > nvdimm_get_user_key_payload.part.0+0x21/0x110 [libnvdimm] > nvdimm_security_store+0x67d/0xb20 [libnvdimm] > security_store+0x67/0x1a0 [libnvdimm] > kernfs_fop_write+0xcf/0x1c0 > vfs_write+0xde/0x1d0 > ksys_write+0x68/0xe0 > do_syscall_64+0x5c/0xa0 > entry_SYSCALL_64_after_hwframe+0x49/0xb3 > > Cc: Dan Williams <dan.j.williams@intel.com> > Cc: Vishal Verma <vishal.l.verma@intel.com> > Cc: Dave Jiang <dave.jiang@intel.com> > Cc: Ira Weiny <ira.weiny@intel.com> > Suggested-by: David Howells <dhowells@redhat.com> > Fixes: 8c0637e950d6 ("keys: Make the KEY_NEED_* perms an enum rather than a mask") > Signed-off-by: Dan Williams <dan.j.williams@intel.com> Reviewed-by: Dave Jiang <dave.jiang@intel.com> > --- > drivers/nvdimm/security.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c > index 89b85970912d..4cef69bd3c1b 100644 > --- a/drivers/nvdimm/security.c > +++ b/drivers/nvdimm/security.c > @@ -95,7 +95,7 @@ static struct key *nvdimm_lookup_user_key(struct nvdimm *nvdimm, > struct encrypted_key_payload *epayload; > struct device *dev = &nvdimm->dev; > > - keyref = lookup_user_key(id, 0, 0); > + keyref = lookup_user_key(id, 0, KEY_NEED_SEARCH); > if (IS_ERR(keyref)) > return NULL; > >
diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c index 89b85970912d..4cef69bd3c1b 100644 --- a/drivers/nvdimm/security.c +++ b/drivers/nvdimm/security.c @@ -95,7 +95,7 @@ static struct key *nvdimm_lookup_user_key(struct nvdimm *nvdimm, struct encrypted_key_payload *epayload; struct device *dev = &nvdimm->dev; - keyref = lookup_user_key(id, 0, 0); + keyref = lookup_user_key(id, 0, KEY_NEED_SEARCH); if (IS_ERR(keyref)) return NULL;
As of commit 8c0637e950d6 ("keys: Make the KEY_NEED_* perms an enum rather than a mask") lookup_user_key() needs an explicit declaration of what it wants to do with the key. Add KEY_NEED_SEARCH to fix a warning with the below signature, and fixes the inability to retrieve a key. WARNING: CPU: 15 PID: 6276 at security/keys/permission.c:35 key_task_permission+0xd3/0x140 [..] RIP: 0010:key_task_permission+0xd3/0x140 [..] Call Trace: lookup_user_key+0xeb/0x6b0 ? vsscanf+0x3df/0x840 ? key_validate+0x50/0x50 ? key_default_cmp+0x20/0x20 nvdimm_get_user_key_payload.part.0+0x21/0x110 [libnvdimm] nvdimm_security_store+0x67d/0xb20 [libnvdimm] security_store+0x67/0x1a0 [libnvdimm] kernfs_fop_write+0xcf/0x1c0 vfs_write+0xde/0x1d0 ksys_write+0x68/0xe0 do_syscall_64+0x5c/0xa0 entry_SYSCALL_64_after_hwframe+0x49/0xb3 Cc: Dan Williams <dan.j.williams@intel.com> Cc: Vishal Verma <vishal.l.verma@intel.com> Cc: Dave Jiang <dave.jiang@intel.com> Cc: Ira Weiny <ira.weiny@intel.com> Suggested-by: David Howells <dhowells@redhat.com> Fixes: 8c0637e950d6 ("keys: Make the KEY_NEED_* perms an enum rather than a mask") Signed-off-by: Dan Williams <dan.j.williams@intel.com> --- drivers/nvdimm/security.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)