From patchwork Fri Mar 11 17:47:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= X-Patchwork-Id: 12778485 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A797EC4332F for ; Fri, 11 Mar 2022 17:47:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346741AbiCKRst (ORCPT ); Fri, 11 Mar 2022 12:48:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59874 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234563AbiCKRst (ORCPT ); Fri, 11 Mar 2022 12:48:49 -0500 Received: from smtp-42ad.mail.infomaniak.ch (smtp-42ad.mail.infomaniak.ch [IPv6:2001:1600:3:17::42ad]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3FBAB4754E; Fri, 11 Mar 2022 09:47:37 -0800 (PST) Received: from smtp-3-0000.mail.infomaniak.ch (unknown [10.4.36.107]) by smtp-2-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4KFYKz2khTzMqKrZ; Fri, 11 Mar 2022 18:47:35 +0100 (CET) Received: from localhost (unknown [23.97.221.149]) by smtp-3-0000.mail.infomaniak.ch (Postfix) with ESMTPA id 4KFYKz1CGvzlhRVr; Fri, 11 Mar 2022 18:47:35 +0100 (CET) From: =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= To: David Howells , David Woodhouse , Jarkko Sakkinen Cc: =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , "David S . Miller" , Eric Snowberg , =?utf-8?q?Micka=C3=ABl_Sala=C3=BC?= =?utf-8?q?n?= , Paul Moore , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v1 1/2] certs: Remove panic() calls from blacklist_init() Date: Fri, 11 Mar 2022 18:47:40 +0100 Message-Id: <20220311174741.250424-2-mic@digikod.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220311174741.250424-1-mic@digikod.net> References: <20220311174741.250424-1-mic@digikod.net> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Mickaël Salaün Replace panic() calls from device_initcall(blacklist_init) with proper error handling using -ENODEV. Suggested-by: Jarkko Sakkinen [1] Link: https://lore.kernel.org/r/Yik0C2t7G272YZ73@iki.fi [1] Signed-off-by: Mickaël Salaün Link: https://lore.kernel.org/r/20220311174741.250424-2-mic@digikod.net --- certs/blacklist.c | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/certs/blacklist.c b/certs/blacklist.c index 486ce0dd8e9c..ea7a77f156da 100644 --- a/certs/blacklist.c +++ b/certs/blacklist.c @@ -313,12 +313,16 @@ static int __init blacklist_init(void) const char *const *bl; struct key_restriction *restriction; - if (register_key_type(&key_type_blacklist) < 0) - panic("Can't allocate system blacklist key type\n"); + if (register_key_type(&key_type_blacklist) < 0) { + pr_err("Can't allocate system blacklist key type\n"); + return -ENODEV; + } restriction = kzalloc(sizeof(*restriction), GFP_KERNEL); - if (!restriction) - panic("Can't allocate blacklist keyring restriction\n"); + if (!restriction) { + pr_err("Can't allocate blacklist keyring restriction\n"); + goto err_restriction; + } restriction->check = restrict_link_for_blacklist; blacklist_keyring = @@ -333,13 +337,24 @@ static int __init blacklist_init(void) , KEY_ALLOC_NOT_IN_QUOTA | KEY_ALLOC_SET_KEEP, restriction, NULL); - if (IS_ERR(blacklist_keyring)) - panic("Can't allocate system blacklist keyring\n"); + if (IS_ERR(blacklist_keyring)) { + pr_err("Can't allocate system blacklist keyring\n"); + goto err_keyring; + } for (bl = blacklist_hashes; *bl; bl++) if (mark_raw_hash_blacklisted(*bl) < 0) pr_err("- blacklisting failed\n"); return 0; + + +err_keyring: + kfree(restriction); + +err_restriction: + unregister_key_type(&key_type_blacklist); + + return -ENODEV; } /* From patchwork Fri Mar 11 17:47:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= X-Patchwork-Id: 12778486 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BCEF9C4332F for ; Fri, 11 Mar 2022 17:47:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1350073AbiCKRsz (ORCPT ); Fri, 11 Mar 2022 12:48:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59934 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1349272AbiCKRsu (ORCPT ); Fri, 11 Mar 2022 12:48:50 -0500 Received: from smtp-8fa9.mail.infomaniak.ch (smtp-8fa9.mail.infomaniak.ch [IPv6:2001:1600:3:17::8fa9]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A4A774D612 for ; Fri, 11 Mar 2022 09:47:46 -0800 (PST) Received: from smtp-3-0000.mail.infomaniak.ch (unknown [10.4.36.107]) by smtp-2-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4KFYKz6xSbzMqC3M; Fri, 11 Mar 2022 18:47:35 +0100 (CET) Received: from localhost (unknown [23.97.221.149]) by smtp-3-0000.mail.infomaniak.ch (Postfix) with ESMTPA id 4KFYKz5L1xzlj4bl; Fri, 11 Mar 2022 18:47:35 +0100 (CET) From: =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= To: David Howells , David Woodhouse , Jarkko Sakkinen Cc: =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , "David S . Miller" , Eric Snowberg , =?utf-8?q?Micka=C3=ABl_Sala=C3=BC?= =?utf-8?q?n?= , Paul Moore , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v1 2/2] certs: Remove panic() calls from system_trusted_keyring_init() Date: Fri, 11 Mar 2022 18:47:41 +0100 Message-Id: <20220311174741.250424-3-mic@digikod.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220311174741.250424-1-mic@digikod.net> References: <20220311174741.250424-1-mic@digikod.net> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Mickaël Salaün Replace panic() calls from device_initcall(system_trusted_keyring_init) with proper error handling using -ENODEV. Suggested-by: Jarkko Sakkinen [1] Link: https://lore.kernel.org/r/Yik0C2t7G272YZ73@iki.fi [1] Signed-off-by: Mickaël Salaün Link: https://lore.kernel.org/r/20220311174741.250424-3-mic@digikod.net --- certs/system_keyring.c | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/certs/system_keyring.c b/certs/system_keyring.c index 05b66ce9d1c9..428046a7aa7f 100644 --- a/certs/system_keyring.c +++ b/certs/system_keyring.c @@ -148,8 +148,10 @@ static __init int system_trusted_keyring_init(void) KEY_USR_VIEW | KEY_USR_READ | KEY_USR_SEARCH), KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); - if (IS_ERR(builtin_trusted_keys)) - panic("Can't allocate builtin trusted keyring\n"); + if (IS_ERR(builtin_trusted_keys)) { + pr_err("Can't allocate builtin trusted keyring\n"); + return -ENODEV; + } #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING secondary_trusted_keys = @@ -161,14 +163,26 @@ static __init int system_trusted_keyring_init(void) KEY_ALLOC_NOT_IN_QUOTA, get_builtin_and_secondary_restriction(), NULL); - if (IS_ERR(secondary_trusted_keys)) - panic("Can't allocate secondary trusted keyring\n"); + if (IS_ERR(secondary_trusted_keys)) { + pr_err("Can't allocate secondary trusted keyring\n"); + goto err_secondary; + } - if (key_link(secondary_trusted_keys, builtin_trusted_keys) < 0) - panic("Can't link trusted keyrings\n"); + if (key_link(secondary_trusted_keys, builtin_trusted_keys) < 0) { + pr_err("Can't link trusted keyrings\n"); + goto err_link; + } #endif return 0; + +err_link: + key_put(secondary_trusted_keys); + +err_secondary: + key_put(builtin_trusted_keys); + + return -ENODEV; } /*