From: Stefan Berger <stefanb@linux.ibm.com> To: Andrew Donnellan <ajd@linux.ibm.com>, linuxppc-dev@lists.ozlabs.org, linux-integrity@vger.kernel.org Cc: ruscur@russell.cc, bgray@linux.ibm.com, nayna@linux.ibm.com, gcwilson@linux.ibm.com, gjoyce@linux.ibm.com, brking@linux.ibm.com, sudhakar@linux.ibm.com, erichte@linux.ibm.com, gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, zohar@linux.ibm.com, joel@jms.id.au, npiggin@gmail.com Subject: Re: [PATCH v6 21/26] powerpc/pseries: Clarify warning when PLPKS password already set Date: Fri, 10 Feb 2023 15:47:55 -0500 [thread overview] Message-ID: <0e5f3dcd-ac0a-902e-f9fb-b2178cd17a99@linux.ibm.com> (raw) In-Reply-To: <20230210080401.345462-22-ajd@linux.ibm.com> On 2/10/23 03:03, Andrew Donnellan wrote: > When the H_PKS_GEN_PASSWORD hcall returns H_IN_USE, operations that require > authentication (i.e. anything other than reading a world-readable variable) > will not work. > > The current error message doesn't explain this clearly enough. Reword it > to emphasise that authenticated operations will fail. typo: -> emphasize > > Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com> > > --- > > v6: New patch > --- > arch/powerpc/platforms/pseries/plpks.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/powerpc/platforms/pseries/plpks.c b/arch/powerpc/platforms/pseries/plpks.c > index 926b6a927326..01ae919b4497 100644 > --- a/arch/powerpc/platforms/pseries/plpks.c > +++ b/arch/powerpc/platforms/pseries/plpks.c > @@ -146,7 +146,7 @@ static int plpks_gen_password(void) > memcpy(ospassword, password, ospasswordlength); > } else { > if (rc == H_IN_USE) { > - pr_warn("Password is already set for POWER LPAR Platform KeyStore\n"); > + pr_warn("Password already set - authenticated operations will fail\n"); > rc = 0; > } else { > goto out; Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
WARNING: multiple messages have this Message-ID (diff)
From: Stefan Berger <stefanb@linux.ibm.com> To: Andrew Donnellan <ajd@linux.ibm.com>, linuxppc-dev@lists.ozlabs.org, linux-integrity@vger.kernel.org Cc: sudhakar@linux.ibm.com, erichte@linux.ibm.com, gregkh@linuxfoundation.org, nayna@linux.ibm.com, npiggin@gmail.com, linux-kernel@vger.kernel.org, zohar@linux.ibm.com, gjoyce@linux.ibm.com, ruscur@russell.cc, joel@jms.id.au, bgray@linux.ibm.com, brking@linux.ibm.com, gcwilson@linux.ibm.com Subject: Re: [PATCH v6 21/26] powerpc/pseries: Clarify warning when PLPKS password already set Date: Fri, 10 Feb 2023 15:47:55 -0500 [thread overview] Message-ID: <0e5f3dcd-ac0a-902e-f9fb-b2178cd17a99@linux.ibm.com> (raw) In-Reply-To: <20230210080401.345462-22-ajd@linux.ibm.com> On 2/10/23 03:03, Andrew Donnellan wrote: > When the H_PKS_GEN_PASSWORD hcall returns H_IN_USE, operations that require > authentication (i.e. anything other than reading a world-readable variable) > will not work. > > The current error message doesn't explain this clearly enough. Reword it > to emphasise that authenticated operations will fail. typo: -> emphasize > > Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com> > > --- > > v6: New patch > --- > arch/powerpc/platforms/pseries/plpks.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/powerpc/platforms/pseries/plpks.c b/arch/powerpc/platforms/pseries/plpks.c > index 926b6a927326..01ae919b4497 100644 > --- a/arch/powerpc/platforms/pseries/plpks.c > +++ b/arch/powerpc/platforms/pseries/plpks.c > @@ -146,7 +146,7 @@ static int plpks_gen_password(void) > memcpy(ospassword, password, ospasswordlength); > } else { > if (rc == H_IN_USE) { > - pr_warn("Password is already set for POWER LPAR Platform KeyStore\n"); > + pr_warn("Password already set - authenticated operations will fail\n"); > rc = 0; > } else { > goto out; Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
next prev parent reply other threads:[~2023-02-10 20:48 UTC|newest] Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top 2023-02-10 8:03 [PATCH v6 00/26] pSeries dynamic secure boot secvar interface + platform keyring loading Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 01/26] powerpc/pseries: Fix handling of PLPKS object flushing timeout Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 02/26] powerpc/pseries: Fix alignment of PLPKS structures and buffers Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 03/26] powerpc/secvar: Fix incorrect return in secvar_sysfs_load() Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 04/26] powerpc/secvar: Use u64 in secvar_operations Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 05/26] powerpc/secvar: Warn and error if multiple secvar ops are set Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 20:51 ` Stefan Berger 2023-02-10 20:51 ` Stefan Berger 2023-02-10 8:03 ` [PATCH v6 06/26] powerpc/secvar: Use sysfs_emit() instead of sprintf() Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 07/26] powerpc/secvar: Handle format string in the consumer Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 08/26] powerpc/secvar: Handle max object size " Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 09/26] powerpc/secvar: Clean up init error messages Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 10/26] powerpc/secvar: Extend sysfs to include config vars Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 11/26] powerpc/secvar: Allow backend to populate static list of variable names Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 12/26] powerpc/secvar: Warn when PAGE_SIZE is smaller than max object size Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 13/26] powerpc/secvar: Don't print error on ENOENT when reading variables Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 14/26] powerpc/pseries: Move plpks.h to include directory Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 15/26] powerpc/pseries: Move PLPKS constants to header file Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 16/26] powerpc/pseries: Expose PLPKS config values, support additional fields Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 17/26] powerpc/pseries: Implement signed update for PLPKS objects Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 18/26] powerpc/pseries: Log hcall return codes for PLPKS debug Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 19/26] powerpc/pseries: Make caller pass buffer to plpks_read_var() Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 20/26] powerpc/pseries: Turn PSERIES_PLPKS into a hidden option Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 21/26] powerpc/pseries: Clarify warning when PLPKS password already set Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 20:47 ` Stefan Berger [this message] 2023-02-10 20:47 ` Stefan Berger 2023-02-12 13:26 ` Andrew Donnellan 2023-02-12 13:26 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 22/26] powerpc/pseries: Add helper to get PLPKS password length Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 8:03 ` [PATCH v6 23/26] powerpc/pseries: Pass PLPKS password on kexec Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 20:59 ` Stefan Berger 2023-02-10 20:59 ` Stefan Berger 2023-02-10 8:03 ` [PATCH v6 24/26] powerpc/pseries: Implement secvars for dynamic secure boot Andrew Donnellan 2023-02-10 8:03 ` Andrew Donnellan 2023-02-10 21:23 ` Stefan Berger 2023-02-10 21:23 ` Stefan Berger 2023-02-10 21:28 ` Stefan Berger 2023-02-10 21:28 ` Stefan Berger 2023-02-12 13:33 ` Andrew Donnellan 2023-02-12 13:33 ` Andrew Donnellan 2023-02-13 5:26 ` Michael Ellerman 2023-02-13 5:26 ` Michael Ellerman 2023-02-13 7:07 ` Andrew Donnellan 2023-02-13 7:07 ` Andrew Donnellan 2023-02-13 7:06 ` Andrew Donnellan 2023-02-13 7:06 ` Andrew Donnellan 2023-02-13 11:32 ` Michael Ellerman 2023-02-13 11:32 ` Michael Ellerman 2023-02-13 13:52 ` Stefan Berger 2023-02-13 13:52 ` Stefan Berger 2023-02-14 6:07 ` Andrew Donnellan 2023-02-14 6:07 ` Andrew Donnellan 2023-02-15 11:46 ` Michael Ellerman 2023-02-15 11:46 ` Michael Ellerman 2023-02-10 8:04 ` [PATCH v6 25/26] integrity/powerpc: Improve error handling & reporting when loading certs Andrew Donnellan 2023-02-10 8:04 ` Andrew Donnellan 2023-02-10 8:04 ` [PATCH v6 26/26] integrity/powerpc: Support loading keys from PLPKS Andrew Donnellan 2023-02-10 8:04 ` Andrew Donnellan 2023-02-15 12:41 ` [PATCH v6 00/26] pSeries dynamic secure boot secvar interface + platform keyring loading Michael Ellerman 2023-02-15 12:41 ` Michael Ellerman
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=0e5f3dcd-ac0a-902e-f9fb-b2178cd17a99@linux.ibm.com \ --to=stefanb@linux.ibm.com \ --cc=ajd@linux.ibm.com \ --cc=bgray@linux.ibm.com \ --cc=brking@linux.ibm.com \ --cc=erichte@linux.ibm.com \ --cc=gcwilson@linux.ibm.com \ --cc=gjoyce@linux.ibm.com \ --cc=gregkh@linuxfoundation.org \ --cc=joel@jms.id.au \ --cc=linux-integrity@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linuxppc-dev@lists.ozlabs.org \ --cc=nayna@linux.ibm.com \ --cc=npiggin@gmail.com \ --cc=ruscur@russell.cc \ --cc=sudhakar@linux.ibm.com \ --cc=zohar@linux.ibm.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.