Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp1155592rdb; Tue, 30 Jan 2024 09:23:27 -0800 (PST) X-Google-Smtp-Source: AGHT+IEpyBxhWzkNWjr7r2O47yy9mYKTpe3q5j18kO5ScZihZXc/FwjZnf3FlRX7421m+j2TYGDz X-Received: by 2002:aa7:8641:0:b0:6db:be6f:664f with SMTP id a1-20020aa78641000000b006dbbe6f664fmr5122206pfo.5.1706635406871; Tue, 30 Jan 2024 09:23:26 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706635406; cv=pass; d=google.com; s=arc-20160816; b=o+FnKk5BOqXiHE797L8t8NsJNEMry3cuSkmkBb3l0NWCyIu/6YMbT2bB2BWZNUbKP+ d0B/4dAY24xmR3lUVk7y8mP7uvkP7EXAml5e1Fl7hnn8OK/73HrRdoIRENbav6yt2ptB niXNfMXnS7KT1h18Qb9TTTfAniay6T//O+I8j8QqqBrTCGBlxr3GUvROH0wnSjRQcAVI Th3/obtCJiiLEi/ak8jQtUZm8bIDfZ+vy2rylMpBtJBFl8kKxkm/gvnt7lwTikshBVtC bxBnyAGNNdiH2y0s1H/N/XNhu115NJtpVQOoT6dQ7Salq4crxIYrieLMXZDGm05Up/VS gUWw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:subject:cc:to:from:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=ju5+fIhGys1s4Yvih8zTw/mrpn562bGGj18DsSWfWaU=; fh=/8OXKBDTaaxxZgfDmqbDuxjjqsy1DUcdR7/fbAycIQ8=; b=eKvkQ95k9G0e3KvntEgIN8uly3dZEC8ti2vA4+kxIhoM2Ceezy/vvuyM7PIk1Hef8P VxPv+AJFPGA8TEenCVaIKHCfhygF64jhcDtvIJmrRm80xaZACYZ49BwA0UXp/9rCRx9o LE6QEjr8y7YLsMYGQ+38tosrvr26M7RwZUviFluZHG9lvR+p1T7xg5kgpzPF9dpi0Sov MeZZo8jFgYTdZGcwnlxjtVLcEB5J6HqIY5021eDQhxHB68Q2ZVz5zpdgwmuKFr2TuMz+ VmlwvJ+UyNUsOCZyBP+VzM3pza3W9xBLgaON+E3JIvqw8x23yg/u6k7ldLYBDmfmiRcz F2aA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=J2FB7jMS; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-45034-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-45034-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id s14-20020a056a00178e00b006ddd0d3b53asi7665391pfg.158.2024.01.30.09.23.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jan 2024 09:23:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-45034-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=J2FB7jMS; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-45034-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-45034-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 4FB2F2895B3 for ; Tue, 30 Jan 2024 17:22:48 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BCEDD129A8C; Tue, 30 Jan 2024 17:22:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="J2FB7jMS" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D3D89364AC; Tue, 30 Jan 2024 17:22:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706635358; cv=none; b=HlVks0kry9iDrVwgbWf6evkZuRo7dOnBxbpaoTIn0ik9iBIHwZRTzseqSqgq3lvEiLUpFNRPGe1ofPEiMqPPKrJpHORo/b4QMGipavcAiQ5feoCkkDvYS2EyMKdZ7XuBGxl7n6q8Jen7FAxW0ns8Q/1uwG2brXS1LRfv+G2A8Lg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706635358; c=relaxed/simple; bh=ju5+fIhGys1s4Yvih8zTw/mrpn562bGGj18DsSWfWaU=; h=Mime-Version:Content-Type:Date:Message-Id:From:To:Cc:Subject: References:In-Reply-To; b=ItDvxAYSU49qK+n9mIxUhR1znlj6l41jEZCn94Gum8zClbORdE/wdM/HsbkgFmDHvi2vIpyC03EDGOIqw4HtPzo6F1vkAk4wBDMerZR7oi5HD0720NKjiD/82rGCDxkopCXSpSiN7iQMsNI777ooASfne8k4GKOI8T/HprSc8TA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=J2FB7jMS; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 02FE1C433F1; Tue, 30 Jan 2024 17:22:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1706635357; bh=ju5+fIhGys1s4Yvih8zTw/mrpn562bGGj18DsSWfWaU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=J2FB7jMSpiTHPf9zT8UDkEUEbTxVUXY4bqp+SnrEP9Mg5tFTNVYpj6AAQUYtTmvqh liMbd6GxHdNZCYCSRQuXVNjtAkR3fBobldlAxmCRLI291N4VOYBMF89jY+cZMRd+jZ ErO5ej0tWjIHm/mjlsTcYJPovj8mpYs/alCqog4N466/PfXacPv9SGHHyvBJraygrQ UFfEMwElSeFBzdv8cBruc1eTlPfreBUJ3Fz0XDystOjLT30O/MG9yUx6azNHRKjEg5 H9QOc1pK0L6gYQjkeXjzPKUrDqFG+694TW7qcSvfgje127A6sIWT7x5/6gtM1EYCIN sgKB/HH1qX4EA== Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Tue, 30 Jan 2024 19:22:27 +0200 Message-Id: From: "Jarkko Sakkinen" To: "Verma, Vishal L" , "zohar@linux.ibm.com" , "paul@paul-moore.com" , "dhowells@redhat.com" , "yaelt@google.com" , "serge@hallyn.com" , "nichen@iscas.ac.cn" , "sumit.garg@linaro.org" , "jmorris@namei.org" Cc: "Jiang, Dave" , "linux-integrity@vger.kernel.org" , "linux-cxl@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "Williams, Dan J" , "keyrings@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "nvdimm@lists.linux.dev" Subject: Re: [PATCH] KEYS: encrypted: Add check for strsep X-Mailer: aerc 0.15.2 References: <20231108073627.1063464-1-nichen@iscas.ac.cn> <4d3465b48b9c5a87deb385b15bf5125fc1704019.camel@intel.com> <49c48e3e96bf0f5ebef14e7328cc8a6ca6380e08.camel@linux.ibm.com> <50c2fa781e3266ee8151afdef5a8659d63ca952e.camel@intel.com> In-Reply-To: <50c2fa781e3266ee8151afdef5a8659d63ca952e.camel@intel.com> On Wed Jan 24, 2024 at 11:10 PM EET, Verma, Vishal L wrote: > On Wed, 2024-01-24 at 15:40 -0500, Mimi Zohar wrote: > > On Wed, 2024-01-24 at 20:10 +0000, Verma, Vishal L wrote: > > > >=20 > > > Ah, thanks for confirming! Would you like me to send a revert patch o= r > > > will you do it? > >=20 > > Revert "KEYS: encrypted: Add check for strsep" > > =C2=A0=C2=A0=C2=A0=20 > > This reverts commit b4af096b5df5dd131ab796c79cedc7069d8f4882. > > =C2=A0=C2=A0=C2=A0=20 > > New encrypted keys are created either from kernel-generated random > > numbers or user-provided decrypted data.=C2=A0 Revert the change requir= ing > > user-provided decrypted data. > >=20 > >=20 > > Can I add your Reported-by? > > Yes that works, Thank you. This went totally wrong IMHO. Priority should be to locate and fix the bug not revert useful stuff when a bug is found that has limited scope. BR, Jarkko