Received: by 2002:a05:7412:bbc7:b0:fc:a2b0:25d7 with SMTP id kh7csp459423rdb; Thu, 1 Feb 2024 13:44:10 -0800 (PST) X-Google-Smtp-Source: AGHT+IEOfKQO9eX+NayFDHqhSDcAU83pTjaMXH/59pHnAx3H/ShGymmh7f9J90UeTIGODMCgtJwy X-Received: by 2002:a05:6214:3289:b0:685:1ece:98e5 with SMTP id mu9-20020a056214328900b006851ece98e5mr679387qvb.4.1706823850069; Thu, 01 Feb 2024 13:44:10 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706823850; cv=pass; d=google.com; s=arc-20160816; b=k1msVjpeWzPXtYAOXYi+Pk4JO9vVgSWtveTzkQQzloariDchOee0QKN4OUeyluDpQi 7QA7FZNGEqtf6cs4wKaBunT1+2hIGjvOkxYsy12MoCQ5EW2EVBnnvUmcoGX890OvqFaG l5YPiEhELO/6PEFplanxjMIA0efRKwu/wn6jc7keQnpcTP5selx9hJ1JoVPucQbi8Al6 wKP3ZjYVXtoW6wcjwEw6cJDoQqLxgvDzW8LPSiOQmJwDFhKM1oPJOdUGscoTyM/Z1tJQ Q+ry3of9p97E/+0mrbbZ7QmV8QqJ5lwQxjvRuO5LdjcmUzeJuj8ZLBW5c9fDITPKuzB2 NCdw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=GT8n6a2f4TX/O/sQ4NGGpwa4SOMqPEMREuy8nUejw3c=; fh=DAuVRxytMzNQeIlNyCZJK0mnr0AvPDN+EZzMMkXTKS4=; b=tWUosGbLVEd1E7p11VVZHq8iq5CQl7MgCrxodDQ8F/vC5P8eXUa61X/bmyOTN/dyOk 6oxTWyXh8gnsZ5fSKIwa8SRGNqM0KhSEEEceQpLPNQG1OGatAobRWsTQShItPF0wdvut QyfGrg3rp6wUTuYQdMv9L9PEnw18WgFppQTHdLrdNfDZQvv5j9bd4XAI5zdipC8Bq9zb t81E5H2tsplYxvTdT6Vx4EgkuMYamP8x+U8zFW4qtQ3fytxoTFhiC08BHz1W9kFTDuWz QrntXGwgp57Fxv76bjUlFQd0X32R36Go/dMENFnWn7KNiZeiPsMp2WTwvQ2g+Zh/id5m D1SQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=XhtMoYbN; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-48886-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-48886-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org X-Forwarded-Encrypted: i=1; AJvYcCU1IX29VkQUrFn3TTOiX0/Wb/lKPKMKAgEDoyWdhf4xQ2W420aZYrjsvlYjBS73i2hhm35PwBhJPc7l9wD0JOvT1QXXHX5eH9PC0dBcvA== Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id c10-20020a0cfb0a000000b0068c5f662405si438983qvp.166.2024.02.01.13.44.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Feb 2024 13:44:10 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-48886-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=XhtMoYbN; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-48886-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-48886-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id AE7B61C230EA for ; Thu, 1 Feb 2024 21:44:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 486253F8C8; Thu, 1 Feb 2024 21:43:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="XhtMoYbN" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5ECEC39AE1; Thu, 1 Feb 2024 21:43:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706823836; cv=none; b=WCYJJGOB6I6BOkmoszg43TNb0w20gYig+NAQxI+dtWSwPqQ9j9yuwS9Xo1dDLWO/MJhQWEaPpGAhL12aayflAS9iZ+TbjrkZQ9EXkXjCMFZk+lYJLulRQSn2AkJEHYrBOkMeFzeTxOYvZO/iEyM7bvmT2f2ywyp63cfJqbdYgvA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706823836; c=relaxed/simple; bh=GT8n6a2f4TX/O/sQ4NGGpwa4SOMqPEMREuy8nUejw3c=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=F/yXFhFNF75YnK4+4FmnyCEYYJKSkWiWPvXam4yh0c/1DEYOZiI/K4rGYSASZeDnU6ltiJ3KZdmx8p33pW8Bcplkhn5fDmv2buyYkVf7FnJFSvKJAR8KVHBO1u4hTLJcBL0Ywi9skJ9BV7GT2rKD3ER42Y8QucJ0iw+di1H2KUs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=XhtMoYbN; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 86B2AC433C7; Thu, 1 Feb 2024 21:43:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1706823835; bh=GT8n6a2f4TX/O/sQ4NGGpwa4SOMqPEMREuy8nUejw3c=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=XhtMoYbNwDCzRUCqrtK+w7v8BEbqeYGjmEXsEbnqvihKmxLVgklML6CPzmqrRwXUy 3L1RfVauMzWWwh2GGz/TSUmH1n3UfiUTCQ2qIWQorkYyh08iCSKdKWOB0vOF2IyMos o3fA3gU5yoQrJ8pbqk3wsaOum4okHy/Ia8SvdDhFCV1EBXy5sUGUMx4reQp6L9oHES iLDBLEfwAKFOvrPxfrLkhyaICfRArVmvKwfxaFVRF/sLjRUB6XMrIxlMm5nZ+tZk64 4A/MWNkX2Hf9aWob7U1JXz4IvR56NM4w3r30F78OOMWH6XKn22DOZ4MFJ5aldKw8Me OQtiBwvO35Rxg== Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Thu, 01 Feb 2024 23:43:50 +0200 Message-Id: Cc: "Jiang, Dave" , "linux-integrity@vger.kernel.org" , "linux-cxl@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "keyrings@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "nvdimm@lists.linux.dev" Subject: Re: [PATCH] KEYS: encrypted: Add check for strsep From: "Jarkko Sakkinen" To: "Dan Williams" , "Verma, Vishal L" , "zohar@linux.ibm.com" , "paul@paul-moore.com" , "dhowells@redhat.com" , "yaelt@google.com" , "serge@hallyn.com" , "nichen@iscas.ac.cn" , "sumit.garg@linaro.org" , "jmorris@namei.org" X-Mailer: aerc 0.15.2 References: <20231108073627.1063464-1-nichen@iscas.ac.cn> <4d3465b48b9c5a87deb385b15bf5125fc1704019.camel@intel.com> <49c48e3e96bf0f5ebef14e7328cc8a6ca6380e08.camel@linux.ibm.com> <50c2fa781e3266ee8151afdef5a8659d63ca952e.camel@intel.com> <65b93f2b3099b_5cc6f29453@dwillia2-mobl3.amr.corp.intel.com.notmuch> In-Reply-To: <65b93f2b3099b_5cc6f29453@dwillia2-mobl3.amr.corp.intel.com.notmuch> On Tue Jan 30, 2024 at 8:25 PM EET, Dan Williams wrote: > Jarkko Sakkinen wrote: > > On Tue Jan 30, 2024 at 7:22 PM EET, Jarkko Sakkinen wrote: > > > On Wed Jan 24, 2024 at 11:10 PM EET, Verma, Vishal L wrote: > > > > On Wed, 2024-01-24 at 15:40 -0500, Mimi Zohar wrote: > > > > > On Wed, 2024-01-24 at 20:10 +0000, Verma, Vishal L wrote: > > > > > > >=20 > > > > > > Ah, thanks for confirming! Would you like me to send a revert p= atch or > > > > > > will you do it? > > > > >=20 > > > > > Revert "KEYS: encrypted: Add check for strsep" > > > > > =C2=A0=C2=A0=C2=A0=20 > > > > > This reverts commit b4af096b5df5dd131ab796c79cedc7069d8f4882. > > > > > =C2=A0=C2=A0=C2=A0=20 > > > > > New encrypted keys are created either from kernel-generated rando= m > > > > > numbers or user-provided decrypted data.=C2=A0 Revert the change = requiring > > > > > user-provided decrypted data. > > > > >=20 > > > > >=20 > > > > > Can I add your Reported-by? > > > > > > > > Yes that works, Thank you. > > > > > > This went totally wrong IMHO. > > > > > > Priority should be to locate and fix the bug not revert useful stuff > > > when a bug is found that has limited scope. > >=20 > > By guidelines here the commit is also a bug fix and reverting > > such commit means seeding a bug to the mainline. Also the klog > > message alone is a bug fix here. So also by book it really has > > to come back as it was already commit because we cannot > > knowingly mount bugs to the mainline, right? > > No, the commit broke userspace. The rule is do not cause regressions > even if userspace is abusing the ABI in an undesirable way. Even the > new pr_info() is a log spamming behavior change, a pr_debug() might be > suitable, but otherwise a logic change here needs a clear description > about what is broken about the old userspace behavior and why the kernel > can not possibly safely handle it. The rationale literally gives empirical proof that the log message is useful by measure. It would be useless if log level is decreased to debug, as then sysadmin's won't take notice. I don't really know what is the definition of "spam" here but at least for me actually useful log message are not in that category. Issue was legit but git revert is objectively an incorrect way to address the bug. BR, Jarkko