Re: [RESEND][PATCH 1/2] keys: crypto: Replace BUG_ON() with WARN() in find_asymmetric_key()

[Andrew Zaborowski <andrew.zaborowski@intel.com>]

Hi Greg,

On Tue, 25 May 2021 at 13:53, Greg KH <greg@kroah.com> wrote:
> On Tue, May 25, 2021 at 01:36:27PM +0200, Andrew Zaborowski wrote:
> > From: Jarkko Sakkinen <jarkko@kernel.org>
> >
> > BUG_ON() should not be used in the kernel code, unless there are
> > exceptional reasons to do so. Replace BUG_ON() with WARN() and
> > return.
> >
> > Cc: stable@vger.kernel.org
> > Fixes: b3811d36a3e7 ("KEYS: checking the input id parameters before finding asymmetric key")
> > Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
> > ---
> > No changes from original submission by Jarkko.
> >
> >  crypto/asymmetric_keys/asymmetric_type.c | 5 ++++-
> >  1 file changed, 4 insertions(+), 1 deletion(-)
> >
> > diff --git a/crypto/asymmetric_keys/asymmetric_type.c b/crypto/asymmetric_keys/asymmetric_type.c
> > index ad8af3d70ac..a00bed3e04d 100644
> > --- a/crypto/asymmetric_keys/asymmetric_type.c
> > +++ b/crypto/asymmetric_keys/asymmetric_type.c
> > @@ -54,7 +54,10 @@ struct key *find_asymmetric_key(struct key *keyring,
> >       char *req, *p;
> >       int len;
> >
> > -     BUG_ON(!id_0 && !id_1);
> > +     if (!id_0 && !id_1) {
> > +             WARN(1, "All ID's are NULL\n");
>
> You still just rebooted a machine (panic-on-warn is commonly set).
>
> Please just handle this properly, print an error message with dev_err()
> or pr_err() and move on, don't crash things.

Like Eric Biggers said, a panic is probably what you want here since
this would be a basic bug, if you even want to check this.  You can't
be looking for a key if you don't have any of the identifiers.  There
a 4 current callers, 2 that have checks right before the call and 2
where this could be triggered by a bug in an ASN.1 parser or
corruption.

What's the right way to get this change merged?  There's clearly no
need to coordinate with whoever would merge 2/2 of the series.

Best regards