Received: by 2002:a05:7412:3b8b:b0:fc:a2b0:25d7 with SMTP id nd11csp2268369rdb; Sun, 11 Feb 2024 21:12:22 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCW5UzS+XDpS2u2CTYs42sZhirFXcxOtAex4W9o9zuglN5eznv4kO/DQ2sE4PVz+0FP7Z/zy2++9edhsVkjmsFF/IA+pSJvlJS+5sVFSkQ== X-Google-Smtp-Source: AGHT+IFyKDhfc1k1a0neRJPDcVsmmuIoCrUgqpdrH4Oh61T9rLg/uBe2wIwziScc0CafrHKqnZ2f X-Received: by 2002:a05:6a21:3a81:b0:19e:cf31:69fe with SMTP id zv1-20020a056a213a8100b0019ecf3169femr1327208pzb.34.1707714741967; Sun, 11 Feb 2024 21:12:21 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707714741; cv=pass; d=google.com; s=arc-20160816; b=w+KrT5tndmiQbzMebfIULgYlJgrRZz5FFTWAkSaBAJFT6+PoxMuBB0Aw6gK8X21wjh HMU579FWdPAca137p3D2OgY9d3MBYEv630dlkHouBxuzlttSQ1vD2Br31LiLPSNddKL3 /bqJd9okMeahhg3IycmVJ0sjIKJ1MK3If3Ip2sDW95tAOFDIG2WmrbcFRHWHliyJxcAq dDfDSHYKbrWAX3J+MgFi24A4Uz/3yxocaPMTk3nWxo0501gxmGhDvX27wxWLKvUKNN0+ pmoBMnLvQwT93TBjwv6XzCvyG+zefJLbwKT7Tdn/QN8VpImuIC4aCIsLnvkWCkEvt9ON vLug== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=thPbawXBsILXxlFHJViSWm/CZkef5ocOxtfELmNAEbc=; fh=Z/SsUtcoexCjtDjQ2LxHC7Uxu3O8rTh9V3nbdyTwjB4=; b=Bl66KwLIarAsp8rS2RgGWXJxpiS1OB9ynzi1T7XykvQit4brLmb/2DU9ZGVUHKIXCv /xdJufF4mWnOgsf1HxeVhNe2xz93dzWRRrUJpeMYgUId5aB2VTGZxXEdxW9IXkivS45r vAKEWUpJf96oqxUwjo2FE7dDuM1zENYcxs6uHjOA/nosRJhBdZpAQb5APclt4npR9+eO MgVSDYiTwPrJ5UMe+yjTdM0SgRmNjoEW2g+PyMOjjWvc/woMv7cFqQM/FYREKI5kQQRw u9rzobhFNaqAM6UBITvU1EEvGORVpTH/OivsdkDWCnW965SL4i/T66stwehMI4fa6T5N mTkQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bPH8JGEm; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-61103-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-61103-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org X-Forwarded-Encrypted: i=2; AJvYcCVvKrCUU1p30ev9s2eyZOz12JM78coFGaeEWWTVqJOWyXUNpYkx8RgQl1LDF6yhWgUJrRSWs4R8mDXGdO7ERowgWJFCFvRjy6T3SdGONw== Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id y14-20020a17090aca8e00b0029683caf298si5708340pjt.84.2024.02.11.21.12.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 11 Feb 2024 21:12:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-61103-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bPH8JGEm; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-61103-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-61103-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 2BAE4B23243 for ; Mon, 12 Feb 2024 05:12:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1D0426D39; Mon, 12 Feb 2024 05:12:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="bPH8JGEm" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2068B2F55; Mon, 12 Feb 2024 05:12:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707714725; cv=none; b=LsouEeBWJhTZv+CAnC2SWXLa1mLTYsyK5pzR5kExViNZhmfQN3Fmnu1DFBigtZiZFoQwv/M7dzzl4tyfF6JdjVwRBsGNpFXXjgfUAxA2P6LA37jZuk9tY2LrVVc1oqdrBmxMrgLCLZr4RqM/mMHhwDKrU6VcLjua0u27+2M+3BM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707714725; c=relaxed/simple; bh=Inesfow/+o5xS1pMzhZ/lezVf1fXzsERlilchZkTN6E=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=StrILRXzTLXh4fkTSyv3S35Cx+f9SBK+TSq5Hph4ZT8ijt1WD5A0dwp9M+DIxrAN+vCXnwj+V8p7pHZgxXX9IkPvILyDisHY2uCgss6yNiug5l+RMhgXAM+DZWQ7wXIxkisjO/6RboBpVrWC1YYC+6bivmbOuOX0Rv49GOZX/ko= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=bPH8JGEm; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 232E2C433C7; Mon, 12 Feb 2024 05:11:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1707714724; bh=Inesfow/+o5xS1pMzhZ/lezVf1fXzsERlilchZkTN6E=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=bPH8JGEmOQUUJH8kCoM0AXr8VrwJ1nDOlPP3I3GF0e1ANYesf6SzSYI2AgIQLnkaF KNrv5iI560dWFuyoTiLoeVVlYma+fgFfYY6QHCYej3KUzFPP8UCQe34xeslf2V6DIK hWmYMfXjsassBvEaZN4Tv0129KMtyRvqanlHpy/tkS7xeNA2JJQIcMiXQ07wBb66W0 g/BnedkJyc40AAog97Wokaqhw+jfw7ukGZmlS6Dqi/EJ2Q8QP01nMHhGEAQiFfMFzd XFhWDaXNf+ySOK1PEsAivM0Ce6eM84MgzGLNbPM5dROAb7VHNuU7MnJgotURudWXFO vGo6Jit3yWYKg== Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Mon, 12 Feb 2024 05:11:57 +0000 Message-Id: Cc: "Jiang, Dave" , "linux-integrity@vger.kernel.org" , "linux-cxl@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "keyrings@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "nvdimm@lists.linux.dev" Subject: Re: [PATCH] KEYS: encrypted: Add check for strsep From: "Jarkko Sakkinen" To: "Mimi Zohar" , "Dan Williams" , "Verma, Vishal L" , "paul@paul-moore.com" , "dhowells@redhat.com" , "yaelt@google.com" , "serge@hallyn.com" , "nichen@iscas.ac.cn" , "sumit.garg@linaro.org" , "jmorris@namei.org" X-Mailer: aerc 0.15.2 References: <20231108073627.1063464-1-nichen@iscas.ac.cn> <4d3465b48b9c5a87deb385b15bf5125fc1704019.camel@intel.com> <49c48e3e96bf0f5ebef14e7328cc8a6ca6380e08.camel@linux.ibm.com> <50c2fa781e3266ee8151afdef5a8659d63ca952e.camel@intel.com> <65b93f2b3099b_5cc6f29453@dwillia2-mobl3.amr.corp.intel.com.notmuch> In-Reply-To: On Fri Feb 2, 2024 at 12:05 AM UTC, Mimi Zohar wrote: > On Thu, 2024-02-01 at 23:43 +0200, Jarkko Sakkinen wrote: > > On Tue Jan 30, 2024 at 8:25 PM EET, Dan Williams wrote: > > > Jarkko Sakkinen wrote: > > > > On Tue Jan 30, 2024 at 7:22 PM EET, Jarkko Sakkinen wrote: > > > > > On Wed Jan 24, 2024 at 11:10 PM EET, Verma, Vishal L wrote: > > > > > > On Wed, 2024-01-24 at 15:40 -0500, Mimi Zohar wrote: > > > > > > > On Wed, 2024-01-24 at 20:10 +0000, Verma, Vishal L wrote: > > > > > > > > Ah, thanks for confirming! Would you like me to send a > > > > > > > > revert patch or > > > > > > > > will you do it? > > > > > > >=20 > > > > > > > Revert "KEYS: encrypted: Add check for strsep" > > > > > > > =20 > > > > > > > This reverts commit > > > > > > > b4af096b5df5dd131ab796c79cedc7069d8f4882. > > > > > > > =20 > > > > > > > New encrypted keys are created either from kernel-generated= =20 > > > > > > > random > > > > > > > numbers or user-provided decrypted data. Revert the change > > > > > > > requiring > > > > > > > user-provided decrypted data. > > > > > > >=20 > > > > > > >=20 > > > > > > > Can I add your Reported-by? > > > > > >=20 > > > > > > Yes that works, Thank you. > > > > >=20 > > > > > This went totally wrong IMHO. > > > > >=20 > > > > > Priority should be to locate and fix the bug not revert useful > > > > > stuff > > > > > when a bug is found that has limited scope. > > > >=20 > > > > By guidelines here the commit is also a bug fix and reverting > > > > such commit means seeding a bug to the mainline. Also the klog > > > > message alone is a bug fix here. So also by book it really has > > > > to come back as it was already commit because we cannot > > > > knowingly mount bugs to the mainline, right? > > >=20 > > > No, the commit broke userspace. The rule is do not cause > > > regressions > > > even if userspace is abusing the ABI in an undesirable way. Even > > > the > > > new pr_info() is a log spamming behavior change, a pr_debug() might > > > be > > > suitable, but otherwise a logic change here needs a clear > > > description > > > about what is broken about the old userspace behavior and why the > > > kernel > > > can not possibly safely handle it. > >=20 > > The rationale literally gives empirical proof that the log message > > is useful by measure. It would be useless if log level is decreased > > to debug, as then sysadmin's won't take notice. I don't really know > > what is the definition of "spam" here but at least for me actually > > useful log message are not in that category. > >=20 > > Issue was legit but git revert is objectively an incorrect way to > > address the bug. > > No, I made a mistake in upstreaming the patch in the first place. It > broke the original "encrypted" keys usage. Reverting it was the > correct solution. > > Mimi The way I see it the semantic change caused the bug because it was not backwards compatible. That does not make the log message less useful. BR, Jarkko