* [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available
@ 2020-10-05 22:52 Anatol Pomozov
2020-10-06 15:56 ` Jarkko Sakkinen
` (6 more replies)
0 siblings, 7 replies; 8+ messages in thread
From: Anatol Pomozov @ 2020-10-05 22:52 UTC (permalink / raw)
To: keyrings; +Cc: zohar, Anatol Pomozov
It helps to improve a cryptic message "encrypted_key failed to alloc_cipher (-2)".
Adding algo name makes it easier to understand what cipher has failed.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
---
security/keys/encrypted-keys/encrypted.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index 192e531c146f..c09d48f53682 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -84,8 +84,8 @@ static int aes_get_sizes(void)
tfm = crypto_alloc_skcipher(blkcipher_alg, 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(tfm)) {
- pr_err("encrypted_key: failed to alloc_cipher (%ld)\n",
- PTR_ERR(tfm));
+ pr_err("encrypted_key: failed to alloc_cipher for %s (%ld)\n",
+ blkcipher_alg, PTR_ERR(tfm));
return PTR_ERR(tfm);
}
ivsize = crypto_skcipher_ivsize(tfm);
--
2.28.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available
2020-10-05 22:52 [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available Anatol Pomozov
@ 2020-10-06 15:56 ` Jarkko Sakkinen
2020-10-06 15:56 ` Jarkko Sakkinen
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Jarkko Sakkinen @ 2020-10-06 15:56 UTC (permalink / raw)
To: keyrings
On Mon, Oct 05, 2020 at 03:52:58PM -0700, Anatol Pomozov wrote:
> It helps to improve a cryptic message "encrypted_key failed to alloc_cipher (-2)".
> Adding algo name makes it easier to understand what cipher has failed.
>
> Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
NAK, because you are missing David Howells from the CC list.
/Jarkko
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available
2020-10-05 22:52 [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available Anatol Pomozov
2020-10-06 15:56 ` Jarkko Sakkinen
@ 2020-10-06 15:56 ` Jarkko Sakkinen
2020-10-06 17:18 ` Anatol Pomozov
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Jarkko Sakkinen @ 2020-10-06 15:56 UTC (permalink / raw)
To: keyrings
On Tue, Oct 06, 2020 at 06:56:28PM +0300, Jarkko Sakkinen wrote:
> On Mon, Oct 05, 2020 at 03:52:58PM -0700, Anatol Pomozov wrote:
> > It helps to improve a cryptic message "encrypted_key failed to alloc_cipher (-2)".
> > Adding algo name makes it easier to understand what cipher has failed.
> >
> > Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
>
> NAK, because you are missing David Howells from the CC list.
Oh and also me. You are essentially missing all the keyring maintainers.
/Jarkko
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available
2020-10-05 22:52 [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available Anatol Pomozov
2020-10-06 15:56 ` Jarkko Sakkinen
2020-10-06 15:56 ` Jarkko Sakkinen
@ 2020-10-06 17:18 ` Anatol Pomozov
2020-10-06 23:39 ` Jarkko Sakkinen
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Anatol Pomozov @ 2020-10-06 17:18 UTC (permalink / raw)
To: keyrings
Hi
On Tue, Oct 6, 2020 at 8:59 AM Jarkko Sakkinen
<jarkko.sakkinen@linux.intel.com> wrote:
>
> On Tue, Oct 06, 2020 at 06:56:28PM +0300, Jarkko Sakkinen wrote:
> > On Mon, Oct 05, 2020 at 03:52:58PM -0700, Anatol Pomozov wrote:
> > > It helps to improve a cryptic message "encrypted_key failed to alloc_cipher (-2)".
> > > Adding algo name makes it easier to understand what cipher has failed.
> > >
> > > Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
> >
> > NAK, because you are missing David Howells from the CC list.
>
> Oh and also me. You are essentially missing all the keyring maintainers.
The MAINTAINERS file states following:
KEYS-ENCRYPTED
M: Mimi Zohar <zohar@linux.ibm.com>
L: linux-integrity@vger.kernel.org
L: keyrings@vger.kernel.org
S: Supported
F: Documentation/security/keys/trusted-encrypted.rst
F: include/keys/encrypted-type.h
F: security/keys/encrypted-keys/
Everything seems fine as I included the official maintainer and the
project maillist.
If David is not subscribed to the project maillist I'll be glad to CC
him as well.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available
2020-10-05 22:52 [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available Anatol Pomozov
` (2 preceding siblings ...)
2020-10-06 17:18 ` Anatol Pomozov
@ 2020-10-06 23:39 ` Jarkko Sakkinen
2020-10-07 0:33 ` Mimi Zohar
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Jarkko Sakkinen @ 2020-10-06 23:39 UTC (permalink / raw)
To: keyrings
On Tue, Oct 06, 2020 at 10:18:43AM -0700, Anatol Pomozov wrote:
> Hi
>
> On Tue, Oct 6, 2020 at 8:59 AM Jarkko Sakkinen
> <jarkko.sakkinen@linux.intel.com> wrote:
> >
> > On Tue, Oct 06, 2020 at 06:56:28PM +0300, Jarkko Sakkinen wrote:
> > > On Mon, Oct 05, 2020 at 03:52:58PM -0700, Anatol Pomozov wrote:
> > > > It helps to improve a cryptic message "encrypted_key failed to alloc_cipher (-2)".
> > > > Adding algo name makes it easier to understand what cipher has failed.
> > > >
> > > > Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
> > >
> > > NAK, because you are missing David Howells from the CC list.
> >
> > Oh and also me. You are essentially missing all the keyring maintainers.
>
> The MAINTAINERS file states following:
>
> KEYS-ENCRYPTED
> M: Mimi Zohar <zohar@linux.ibm.com>
> L: linux-integrity@vger.kernel.org
> L: keyrings@vger.kernel.org
> S: Supported
> F: Documentation/security/keys/trusted-encrypted.rst
> F: include/keys/encrypted-type.h
> F: security/keys/encrypted-keys/
>
> Everything seems fine as I included the official maintainer and the
> project maillist.
>
> If David is not subscribed to the project maillist I'll be glad to CC
> him as well.
Ugh, you are right then. Those two lists still confuse me thought
but that is not your fault.
Based on that I can give my ack because the change looks right
still.
Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Thanks for explaining the situation.
/Jarkko
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available
2020-10-05 22:52 [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available Anatol Pomozov
` (3 preceding siblings ...)
2020-10-06 23:39 ` Jarkko Sakkinen
@ 2020-10-07 0:33 ` Mimi Zohar
2020-10-07 3:15 ` Jarkko Sakkinen
2020-10-12 20:18 ` Mimi Zohar
6 siblings, 0 replies; 8+ messages in thread
From: Mimi Zohar @ 2020-10-07 0:33 UTC (permalink / raw)
To: keyrings
On Wed, 2020-10-07 at 02:39 +0300, Jarkko Sakkinen wrote:
> On Tue, Oct 06, 2020 at 10:18:43AM -0700, Anatol Pomozov wrote:
> > Hi
> >
> > On Tue, Oct 6, 2020 at 8:59 AM Jarkko Sakkinen
> > <jarkko.sakkinen@linux.intel.com> wrote:
> > >
> > > On Tue, Oct 06, 2020 at 06:56:28PM +0300, Jarkko Sakkinen wrote:
> > > > On Mon, Oct 05, 2020 at 03:52:58PM -0700, Anatol Pomozov wrote:
> > > > > It helps to improve a cryptic message "encrypted_key failed to alloc_cipher (-2)".
> > > > > Adding algo name makes it easier to understand what cipher has failed.
> > > > >
> > > > > Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
> > > >
> > > > NAK, because you are missing David Howells from the CC list.
> > >
> > > Oh and also me. You are essentially missing all the keyring maintainers.
> >
> > The MAINTAINERS file states following:
> >
> > KEYS-ENCRYPTED
> > M: Mimi Zohar <zohar@linux.ibm.com>
> > L: linux-integrity@vger.kernel.org
> > L: keyrings@vger.kernel.org
> > S: Supported
> > F: Documentation/security/keys/trusted-encrypted.rst
> > F: include/keys/encrypted-type.h
> > F: security/keys/encrypted-keys/
> >
> > Everything seems fine as I included the official maintainer and the
> > project maillist.
> >
> > If David is not subscribed to the project maillist I'll be glad to CC
> > him as well.
>
> Ugh, you are right then. Those two lists still confuse me thought
> but that is not your fault.
Please refer to Documentation/security/keys/trusted-encrypted.rst for
an explanation.
>
> Based on that I can give my ack because the change looks right
> still.
>
> Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>
> Thanks for explaining the situation.
Thanks, Jarrko. I'm on vacation, returning next week.
Mimi
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available
2020-10-05 22:52 [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available Anatol Pomozov
` (4 preceding siblings ...)
2020-10-07 0:33 ` Mimi Zohar
@ 2020-10-07 3:15 ` Jarkko Sakkinen
2020-10-12 20:18 ` Mimi Zohar
6 siblings, 0 replies; 8+ messages in thread
From: Jarkko Sakkinen @ 2020-10-07 3:15 UTC (permalink / raw)
To: keyrings
On Tue, Oct 06, 2020 at 08:33:24PM -0400, Mimi Zohar wrote:
> On Wed, 2020-10-07 at 02:39 +0300, Jarkko Sakkinen wrote:
> > On Tue, Oct 06, 2020 at 10:18:43AM -0700, Anatol Pomozov wrote:
> > > Hi
> > >
> > > On Tue, Oct 6, 2020 at 8:59 AM Jarkko Sakkinen
> > > <jarkko.sakkinen@linux.intel.com> wrote:
> > > >
> > > > On Tue, Oct 06, 2020 at 06:56:28PM +0300, Jarkko Sakkinen wrote:
> > > > > On Mon, Oct 05, 2020 at 03:52:58PM -0700, Anatol Pomozov wrote:
> > > > > > It helps to improve a cryptic message "encrypted_key failed to alloc_cipher (-2)".
> > > > > > Adding algo name makes it easier to understand what cipher has failed.
> > > > > >
> > > > > > Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
> > > > >
> > > > > NAK, because you are missing David Howells from the CC list.
> > > >
> > > > Oh and also me. You are essentially missing all the keyring maintainers.
> > >
> > > The MAINTAINERS file states following:
> > >
> > > KEYS-ENCRYPTED
> > > M: Mimi Zohar <zohar@linux.ibm.com>
> > > L: linux-integrity@vger.kernel.org
> > > L: keyrings@vger.kernel.org
> > > S: Supported
> > > F: Documentation/security/keys/trusted-encrypted.rst
> > > F: include/keys/encrypted-type.h
> > > F: security/keys/encrypted-keys/
> > >
> > > Everything seems fine as I included the official maintainer and the
> > > project maillist.
> > >
> > > If David is not subscribed to the project maillist I'll be glad to CC
> > > him as well.
> >
> > Ugh, you are right then. Those two lists still confuse me thought
> > but that is not your fault.
>
> Please refer to Documentation/security/keys/trusted-encrypted.rst for
> an explanation.
Yeah, I was not sure about the organization and just spotted keyrings
in the CC list :-)
>
> >
> > Based on that I can give my ack because the change looks right
> > still.
> >
> > Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> >
> > Thanks for explaining the situation.
>
> Thanks, Jarrko. I'm on vacation, returning next week.
Have a good one!
> Mimi
/Jarkko
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available
2020-10-05 22:52 [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available Anatol Pomozov
` (5 preceding siblings ...)
2020-10-07 3:15 ` Jarkko Sakkinen
@ 2020-10-12 20:18 ` Mimi Zohar
6 siblings, 0 replies; 8+ messages in thread
From: Mimi Zohar @ 2020-10-12 20:18 UTC (permalink / raw)
To: keyrings
Hi Anatol,
On Mon, 2020-10-05 at 15:52 -0700, Anatol Pomozov wrote:
> It helps to improve a cryptic message "encrypted_key failed to alloc_cipher (-2)".
> Adding algo name makes it easier to understand what cipher has failed.
>
> Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
The "if" clause in the Subject line doesn't belong there, but in the
patch description. I would start the patch description with "Improve
the cryptic message ... by adding ..."
> ---
> security/keys/encrypted-keys/encrypted.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
> index 192e531c146f..c09d48f53682 100644
> --- a/security/keys/encrypted-keys/encrypted.c
> +++ b/security/keys/encrypted-keys/encrypted.c
> @@ -84,8 +84,8 @@ static int aes_get_sizes(void)
>
> tfm = crypto_alloc_skcipher(blkcipher_alg, 0, CRYPTO_ALG_ASYNC);
> if (IS_ERR(tfm)) {
> - pr_err("encrypted_key: failed to alloc_cipher (%ld)\n",
> - PTR_ERR(tfm));
> + pr_err("encrypted_key: failed to alloc_cipher for %s (%ld)\n",
> + blkcipher_alg, PTR_ERR(tfm));
I don't have a problem with including the blkcipher_alg in the error
message. It is currently defined as "cbc(aes)". Is it ever anything
else?
thanks,
Mimi
> return PTR_ERR(tfm);
> }
> ivsize = crypto_skcipher_ivsize(tfm);
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2020-10-12 20:18 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-05 22:52 [PATCH v2] encrypted-keys: Print more useful debug info if encryption algo is not available Anatol Pomozov
2020-10-06 15:56 ` Jarkko Sakkinen
2020-10-06 15:56 ` Jarkko Sakkinen
2020-10-06 17:18 ` Anatol Pomozov
2020-10-06 23:39 ` Jarkko Sakkinen
2020-10-07 0:33 ` Mimi Zohar
2020-10-07 3:15 ` Jarkko Sakkinen
2020-10-12 20:18 ` Mimi Zohar
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).