Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp156959ybt; Tue, 23 Jun 2020 18:06:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw9ikUiRATol5VI1yNaRbFKPuX9nsErMY6lo2dVLpeUN3h/Q/1TnTXaA0G98/k5s5Ck75l5 X-Received: by 2002:a17:907:aad:: with SMTP id bz13mr13535335ejc.276.1592960805101; Tue, 23 Jun 2020 18:06:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592960805; cv=none; d=google.com; s=arc-20160816; b=x/g6u2yAXMqSL8sAgts2qJ1GSNcjssgrkG+zUIa4VofukSsDLTF+WIRP8+p7YzWFc0 lmP9byrdE7jxxpfV6DWFPNZFBvAIAxMl6AT9coUiF9dFd5Q028ROgenigT8R/O8LLIlH JwSbyDrLRqxtxZZMy8a3cReRw8DWY5ItGu0zi9m8HSI27gibB8uN5kUtyW9iEHMEXmeu WfT9Rnj9BQI4KOmnxlN4kO9G5myGePpX+2RzPYAIVnl/ZA8ARMJbtP59/G6LTsm6Y1bl H5MyLBZ1iWjw2UZ3LxcjPXsPxnH62hgFp9z15fKkSVIoGRk0obmpqXPaNSFlUbdhgRH7 pScQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=Eo5cTIL37FpYiHosBDpvR4kZAwB7mWQXF34HqE6NXHo=; b=TC/kWKe7WisXZKVAjMD6kw59z3+g83FvOTIMAFTQmi/83rv528jrM/6VDv2+8RpcEd Qc2M1i8fUHHIQvWHNpnjdT9EuaxExbFxvGeW1Vg6fyambdWKi9tvkS8DSiutZml3IOsU 8IbrycEmzZo73NTqMeHSX8ns3ItkZIp+EjO++LBuJrDhVUTu4jaAclrpGnQ7nLJ7hn+D aM2iJx8GSYbu91zFqIoSLHxYjkyHs6eoc3LrqjzsJ0cy42QuggUAC+Wss+QqYtKUxC66 MUlupisvEdr1Y7WIYIwe9qNSQmbuqLjFCHvVSsvkIMasG9IQ3hj+K4n84tcBpMoBLUJK eK7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=KYVTXVXk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v6si2354851ejr.238.2020.06.23.18.06.21; Tue, 23 Jun 2020 18:06:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=KYVTXVXk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387677AbgFXBDu (ORCPT + 99 others); Tue, 23 Jun 2020 21:03:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39650 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388117AbgFXBDt (ORCPT ); Tue, 23 Jun 2020 21:03:49 -0400 Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 962B6C061755 for ; Tue, 23 Jun 2020 18:03:48 -0700 (PDT) Received: by mail-ed1-x535.google.com with SMTP id cy7so220448edb.5 for ; Tue, 23 Jun 2020 18:03:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Eo5cTIL37FpYiHosBDpvR4kZAwB7mWQXF34HqE6NXHo=; b=KYVTXVXkCqMbcVuFTDEDKDF/vl50d6y6AVcDR3VWHAdVtg0rVF+rufFQ1wEqaxVJxh SIb5YPrtFiiuP3U/USOvpvsCngwFcKcauttqEoZunWAugH4tljXQUnJSNiIjDNlSZE/Y 8vINYeh9lbMfW+YemTuHtIAKi4Sl9PXz4gZiOGRJUuGUwoyGoQmUiLV5cCSbIz4EaasJ 92s42xO9NEEqZm68/Q83e/Ak5uUYC6GXyyuUfu/VrtqYiplckhU03c0Vgvov8YbQnCav /XiD58yFRrnMH13HCsgJrnDk0K6+OaiL+fWCrT5lEA0dPZE6YPGCpL2dE8+4ZxvV249D 1a5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Eo5cTIL37FpYiHosBDpvR4kZAwB7mWQXF34HqE6NXHo=; b=OTSNUrO5s9pg+DAmlhD+m/Tn9BiuTfT7khH9+8fGxePBu9aj/RvffN4KiOyMa7QXhW S65VRBwfxVSKSnmiyj48tS9ANRcpRRymT/4682FWF+5U5dP7kONHGSU6k4mqBuCJGcw9 1sBcBu4wGMP+A1axQSCexG8vNc1fTnobGOnvoj4lTy78Zv7Zmk4m84YwdCYGrHL170lS YmyRNjlgt0p8hB2+aMRJfOZsZVE5lFy3UQNv4a3AiLZlgS1hlL1+CRRjHwxKKNfDImRv 7HSobFE79oUUAFu+eDnyFuHZum2Kru/fG3+8YHRDdyoWaC4XpROYRIiIMpeGMEhANGQ0 zMsA== X-Gm-Message-State: AOAM530FFlh2QD5bp3LWxblv7NdJEOnpovuOok/ETR3PGYQQCijnJwE0 Lf8aimrNWV2eEUOsvWhgBw6q0cLzqcempoFAd2KHGA== X-Received: by 2002:a50:d9cb:: with SMTP id x11mr9688647edj.93.1592960627165; Tue, 23 Jun 2020 18:03:47 -0700 (PDT) MIME-Version: 1.0 References: <1503686.1591113304@warthog.procyon.org.uk> <23219b787ed1c20a63017ab53839a0d1c794ec53.camel@intel.com> <3015561.1592960116@warthog.procyon.org.uk> In-Reply-To: <3015561.1592960116@warthog.procyon.org.uk> From: Dan Williams Date: Tue, 23 Jun 2020 18:03:36 -0700 Message-ID: Subject: Re: [GIT PULL] General notification queue and key notifications To: David Howells Cc: "torvalds@linux-foundation.org" , "raven@themaw.net" , "kzak@redhat.com" , "jarkko.sakkinen@linux.intel.com" , "linux-nvdimm@lists.01.org" , "dray@redhat.com" , "swhiteho@redhat.com" , "linux-kernel@vger.kernel.org" , "linux-fsdevel@vger.kernel.org" , "mszeredi@redhat.com" , "jlayton@redhat.com" , "viro@zeniv.linux.org.uk" , "andres@anarazel.de" , "keyrings@vger.kernel.org" , "christian.brauner@ubuntu.com" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 23, 2020 at 5:55 PM David Howells wrote: > > Dan Williams wrote: > > > > This commit: > > > > > > > keys: Make the KEY_NEED_* perms an enum rather than a mask > > > > > > ...upstream as: > > > > > > 8c0637e950d6 keys: Make the KEY_NEED_* perms an enum rather than a mask > > > > > > ...triggers a regression in the libnvdimm unit test that exercises the > > > encrypted keys used to store nvdimm passphrases. It results in the > > > below warning. > > > > This regression is still present in tip of tree. David, have you had a > > chance to take a look? > > nvdimm_lookup_user_key() needs to indicate to lookup_user_key() what it wants > the key for so that the appropriate security checks can take place in SELinux > and Smack. Note that I have a patch in the works that changes this still > further. > > Does setting the third argument of lookup_user_key() to KEY_NEED_SEARCH work > for you? It does, thanks. Shall I wait for your further reworks to fix this for v5.8, or is that v5.9 material?