From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: David Howells <dhowells@redhat.com>,
Jarkko Sakkinen <jarkko@kernel.org>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@redhat.com>,
dm-devel@redhat.com, Song Liu <song@kernel.org>,
Richard Weinberger <richard@nod.at>
Cc: kernel@pengutronix.de, Ahmad Fatoum <a.fatoum@pengutronix.de>,
linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org,
keyrings@vger.kernel.org, linux-mtd@lists.infradead.org,
linux-security-module@vger.kernel.org,
linux-integrity@vger.kernel.org
Subject: [RFC PATCH v1 3/4] ubifs: auth: remove never hit key type error check
Date: Thu, 22 Jul 2021 11:18:01 +0200 [thread overview]
Message-ID: <a7d493c678d5836577b0dc703e5f0adaa457a7f0.1626945419.git-series.a.fatoum@pengutronix.de> (raw)
In-Reply-To: <cover.b2fdd70b830d12853b12a12e32ceb0c8162c1346.1626945419.git-series.a.fatoum@pengutronix.de>
key_request accepts a key type as its first argument. If it returns a
valid pointer, it should always have this same requested key type.
Indeed other request_key users surveyed such as dm-crypt, ecryptfs
and fscrypt v1 also don't check the key type. Therefore drop the
apparently unneeded check.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
To: David Howells <dhowells@redhat.com>
To: Jarkko Sakkinen <jarkko@kernel.org>
To: James Morris <jmorris@namei.org>
To: "Serge E. Hallyn" <serge@hallyn.com>
To: Alasdair Kergon <agk@redhat.com>
To: Mike Snitzer <snitzer@redhat.com>
To: dm-devel@redhat.com
To: Song Liu <song@kernel.org>
To: Richard Weinberger <richard@nod.at>
Cc: linux-kernel@vger.kernel.org
Cc: linux-raid@vger.kernel.org
Cc: keyrings@vger.kernel.org
Cc: linux-mtd@lists.infradead.org
Cc: linux-security-module@vger.kernel.org
Cc: linux-integrity@vger.kernel.org
---
fs/ubifs/auth.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/fs/ubifs/auth.c b/fs/ubifs/auth.c
index e564d5ff8781..6a0b8d858d81 100644
--- a/fs/ubifs/auth.c
+++ b/fs/ubifs/auth.c
@@ -286,12 +286,6 @@ int ubifs_init_authentication(struct ubifs_info *c)
down_read(&keyring_key->sem);
- if (keyring_key->type != &key_type_logon) {
- ubifs_err(c, "key type must be logon");
- err = -ENOKEY;
- goto out;
- }
-
ukp = user_key_payload_locked(keyring_key);
if (!ukp) {
/* key was revoked before we acquired its semaphore */
--
git-series 0.9.1
WARNING: multiple messages have this Message-ID (diff)
From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: David Howells <dhowells@redhat.com>,
Jarkko Sakkinen <jarkko@kernel.org>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@redhat.com>,
dm-devel@redhat.com, Song Liu <song@kernel.org>,
Richard Weinberger <richard@nod.at>
Cc: kernel@pengutronix.de, Ahmad Fatoum <a.fatoum@pengutronix.de>,
linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org,
keyrings@vger.kernel.org, linux-mtd@lists.infradead.org,
linux-security-module@vger.kernel.org,
linux-integrity@vger.kernel.org
Subject: [RFC PATCH v1 3/4] ubifs: auth: remove never hit key type error check
Date: Thu, 22 Jul 2021 11:18:01 +0200 [thread overview]
Message-ID: <a7d493c678d5836577b0dc703e5f0adaa457a7f0.1626945419.git-series.a.fatoum@pengutronix.de> (raw)
In-Reply-To: <cover.b2fdd70b830d12853b12a12e32ceb0c8162c1346.1626945419.git-series.a.fatoum@pengutronix.de>
key_request accepts a key type as its first argument. If it returns a
valid pointer, it should always have this same requested key type.
Indeed other request_key users surveyed such as dm-crypt, ecryptfs
and fscrypt v1 also don't check the key type. Therefore drop the
apparently unneeded check.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
To: David Howells <dhowells@redhat.com>
To: Jarkko Sakkinen <jarkko@kernel.org>
To: James Morris <jmorris@namei.org>
To: "Serge E. Hallyn" <serge@hallyn.com>
To: Alasdair Kergon <agk@redhat.com>
To: Mike Snitzer <snitzer@redhat.com>
To: dm-devel@redhat.com
To: Song Liu <song@kernel.org>
To: Richard Weinberger <richard@nod.at>
Cc: linux-kernel@vger.kernel.org
Cc: linux-raid@vger.kernel.org
Cc: keyrings@vger.kernel.org
Cc: linux-mtd@lists.infradead.org
Cc: linux-security-module@vger.kernel.org
Cc: linux-integrity@vger.kernel.org
---
fs/ubifs/auth.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/fs/ubifs/auth.c b/fs/ubifs/auth.c
index e564d5ff8781..6a0b8d858d81 100644
--- a/fs/ubifs/auth.c
+++ b/fs/ubifs/auth.c
@@ -286,12 +286,6 @@ int ubifs_init_authentication(struct ubifs_info *c)
down_read(&keyring_key->sem);
- if (keyring_key->type != &key_type_logon) {
- ubifs_err(c, "key type must be logon");
- err = -ENOKEY;
- goto out;
- }
-
ukp = user_key_payload_locked(keyring_key);
if (!ukp) {
/* key was revoked before we acquired its semaphore */
--
git-series 0.9.1
______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/
WARNING: multiple messages have this Message-ID (diff)
From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: David Howells <dhowells@redhat.com>,
Jarkko Sakkinen <jarkko@kernel.org>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@redhat.com>,
dm-devel@redhat.com, Song Liu <song@kernel.org>,
Richard Weinberger <richard@nod.at>
Cc: Ahmad Fatoum <a.fatoum@pengutronix.de>,
linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org,
linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
linux-mtd@lists.infradead.org, kernel@pengutronix.de,
linux-integrity@vger.kernel.org
Subject: [dm-devel] [RFC PATCH v1 3/4] ubifs: auth: remove never hit key type error check
Date: Thu, 22 Jul 2021 11:18:01 +0200 [thread overview]
Message-ID: <a7d493c678d5836577b0dc703e5f0adaa457a7f0.1626945419.git-series.a.fatoum@pengutronix.de> (raw)
In-Reply-To: <cover.b2fdd70b830d12853b12a12e32ceb0c8162c1346.1626945419.git-series.a.fatoum@pengutronix.de>
key_request accepts a key type as its first argument. If it returns a
valid pointer, it should always have this same requested key type.
Indeed other request_key users surveyed such as dm-crypt, ecryptfs
and fscrypt v1 also don't check the key type. Therefore drop the
apparently unneeded check.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
To: David Howells <dhowells@redhat.com>
To: Jarkko Sakkinen <jarkko@kernel.org>
To: James Morris <jmorris@namei.org>
To: "Serge E. Hallyn" <serge@hallyn.com>
To: Alasdair Kergon <agk@redhat.com>
To: Mike Snitzer <snitzer@redhat.com>
To: dm-devel@redhat.com
To: Song Liu <song@kernel.org>
To: Richard Weinberger <richard@nod.at>
Cc: linux-kernel@vger.kernel.org
Cc: linux-raid@vger.kernel.org
Cc: keyrings@vger.kernel.org
Cc: linux-mtd@lists.infradead.org
Cc: linux-security-module@vger.kernel.org
Cc: linux-integrity@vger.kernel.org
---
fs/ubifs/auth.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/fs/ubifs/auth.c b/fs/ubifs/auth.c
index e564d5ff8781..6a0b8d858d81 100644
--- a/fs/ubifs/auth.c
+++ b/fs/ubifs/auth.c
@@ -286,12 +286,6 @@ int ubifs_init_authentication(struct ubifs_info *c)
down_read(&keyring_key->sem);
- if (keyring_key->type != &key_type_logon) {
- ubifs_err(c, "key type must be logon");
- err = -ENOKEY;
- goto out;
- }
-
ukp = user_key_payload_locked(keyring_key);
if (!ukp) {
/* key was revoked before we acquired its semaphore */
--
git-series 0.9.1
--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2021-07-22 9:18 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-22 9:17 [RFC PATCH v1 0/4] keys: introduce key_extract_material helper Ahmad Fatoum
2021-07-22 9:17 ` [dm-devel] " Ahmad Fatoum
2021-07-22 9:17 ` Ahmad Fatoum
2021-07-22 9:17 ` [RFC PATCH v1 1/4] " Ahmad Fatoum
2021-07-22 9:17 ` [dm-devel] " Ahmad Fatoum
2021-07-22 9:17 ` Ahmad Fatoum
2021-07-22 9:18 ` [RFC PATCH v1 2/4] dm: crypt: use new " Ahmad Fatoum
2021-07-22 9:18 ` [dm-devel] " Ahmad Fatoum
2021-07-22 9:18 ` Ahmad Fatoum
2021-07-22 9:18 ` Ahmad Fatoum [this message]
2021-07-22 9:18 ` [dm-devel] [RFC PATCH v1 3/4] ubifs: auth: remove never hit key type error check Ahmad Fatoum
2021-07-22 9:18 ` Ahmad Fatoum
2021-07-22 9:18 ` [RFC PATCH v1 4/4] ubifs: auth: consult encrypted and trusted keys if no logon key was found Ahmad Fatoum
2021-07-22 9:18 ` [dm-devel] " Ahmad Fatoum
2021-07-22 9:18 ` Ahmad Fatoum
2021-07-22 14:45 ` kernel test robot
2021-08-06 10:53 ` [RFC PATCH v1 0/4] keys: introduce key_extract_material helper Ahmad Fatoum
2021-08-06 10:53 ` [dm-devel] " Ahmad Fatoum
2021-08-06 10:53 ` Ahmad Fatoum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a7d493c678d5836577b0dc703e5f0adaa457a7f0.1626945419.git-series.a.fatoum@pengutronix.de \
--to=a.fatoum@pengutronix.de \
--cc=agk@redhat.com \
--cc=dhowells@redhat.com \
--cc=dm-devel@redhat.com \
--cc=jarkko@kernel.org \
--cc=jmorris@namei.org \
--cc=kernel@pengutronix.de \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=linux-raid@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=richard@nod.at \
--cc=serge@hallyn.com \
--cc=snitzer@redhat.com \
--cc=song@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.