Linux-NVDIMM Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] libnvdimm: prevent nvdimm from requesting key when security is disabled
@ 2019-09-19 23:46 Dave Jiang
  2019-09-20 18:48 ` Dan Williams
  2019-09-23  9:30 ` Johannes Thumshirn
  0 siblings, 2 replies; 3+ messages in thread
From: Dave Jiang @ 2019-09-19 23:46 UTC (permalink / raw)
  To: dan.j.williams; +Cc: jthumshirn, peter.stark, linux-nvdimm

Current implementation attempts to request keys from the keyring even when
security is not enabled. Change behavior so when security is disabled it
will skip key request.

Signed-off-by: Dave Jiang <dave.jiang@intel.com>
---
 drivers/nvdimm/security.c |    4 ++++
 1 file changed, 4 insertions(+)

diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c
index 9e45b207ff01..89b85970912d 100644
--- a/drivers/nvdimm/security.c
+++ b/drivers/nvdimm/security.c
@@ -177,6 +177,10 @@ static int __nvdimm_security_unlock(struct nvdimm *nvdimm)
 			|| !nvdimm->sec.flags)
 		return -EIO;
 
+	/* No need to go further if security is disabled */
+	if (test_bit(NVDIMM_SECURITY_DISABLED, &nvdimm->sec.flags))
+		return 0;
+
 	if (test_bit(NDD_SECURITY_OVERWRITE, &nvdimm->flags)) {
 		dev_dbg(dev, "Security operation in progress.\n");
 		return -EBUSY;

_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] libnvdimm: prevent nvdimm from requesting key when security is disabled
  2019-09-19 23:46 [PATCH] libnvdimm: prevent nvdimm from requesting key when security is disabled Dave Jiang
@ 2019-09-20 18:48 ` Dan Williams
  2019-09-23  9:30 ` Johannes Thumshirn
  1 sibling, 0 replies; 3+ messages in thread
From: Dan Williams @ 2019-09-20 18:48 UTC (permalink / raw)
  To: Dave Jiang; +Cc: jthumshirn, peter.stark, linux-nvdimm

On Thu, Sep 19, 2019 at 4:46 PM Dave Jiang <dave.jiang@intel.com> wrote:
>
> Current implementation attempts to request keys from the keyring even when
> security is not enabled. Change behavior so when security is disabled it
> will skip key request.
>
> Signed-off-by: Dave Jiang <dave.jiang@intel.com>

Patch looks good, but lets also include some details of the failure
mode this causes so others can track if this issue is impacting them.
A "Fixes:" and "Cc: <stable@...>" tag also seem appropriate.
_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] libnvdimm: prevent nvdimm from requesting key when security is disabled
  2019-09-19 23:46 [PATCH] libnvdimm: prevent nvdimm from requesting key when security is disabled Dave Jiang
  2019-09-20 18:48 ` Dan Williams
@ 2019-09-23  9:30 ` Johannes Thumshirn
  1 sibling, 0 replies; 3+ messages in thread
From: Johannes Thumshirn @ 2019-09-23  9:30 UTC (permalink / raw)
  To: Dave Jiang; +Cc: jthumshirn, linux-nvdimm, peter.stark

Thanks,
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
-- 
Johannes Thumshirn                            SUSE Labs Filesystems
jthumshirn@suse.de                                +49 911 74053 689
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Felix Imendörffer, Mary Higgins, Sri Rasiah
HRB 21284 (AG Nürnberg)
Key fingerprint = EC38 9CAB C2C4 F25D 8600 D0D0 0393 969D 2D76 0850
_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, back to index

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-19 23:46 [PATCH] libnvdimm: prevent nvdimm from requesting key when security is disabled Dave Jiang
2019-09-20 18:48 ` Dan Williams
2019-09-23  9:30 ` Johannes Thumshirn

Linux-NVDIMM Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-nvdimm/0 linux-nvdimm/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-nvdimm linux-nvdimm/ https://lore.kernel.org/linux-nvdimm \
		linux-nvdimm@lists.01.org
	public-inbox-index linux-nvdimm

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.01.lists.linux-nvdimm


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git