Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp3417699rdh;
        Thu, 28 Sep 2023 10:58:38 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFfDV0b/yuqBw4id6RhmM9KOPi1GDc10jAljLanIQuSl0+cvH3HgDuX+gK8+BZBOMvrag1B
X-Received: by 2002:a17:90a:6c25:b0:274:6ab9:9d38 with SMTP id x34-20020a17090a6c2500b002746ab99d38mr1803688pjj.36.1695923918335;
        Thu, 28 Sep 2023 10:58:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1695923918; cv=none;
        d=google.com; s=arc-20160816;
        b=fxkmLzVr+2WUSKCfJO0TDpuILelwcmLzon2zlv5EiOykIfoTczFdwkRhWL+QnpaARj
         HPBWJoVyZsGzDD4sQIStWY/c4cKe38SLWC91uAhHTDKkwA02x9iomWk1jfbZh2t0Iosf
         cAluJiEt4NHKijWRCCpwSMuznqs5kP/ikLf44sJalMrZ5cKarbDCrcZagxrWz7Vf+9fz
         OZadLy/1SeU625o1KIjNVkT0gWC7Im29hupFVL/zFCoFdhZxmaN5G+IndPnTA0RUg247
         G2qaWcd4rldjABCzman2RatJRvaukig4onio+GOsgxtfhzKvMTe72KuOrKLDGvYnhpbn
         qmxg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:date:from:references:in-reply-to
         :message-id;
        bh=wfxDPTW8uHuRHj7PLy9fhetN/nv9EUHiylnEWub3UEQ=;
        fh=j94gzfSAT+8kF46ZvOkY3DNYs/HkghetT1vgREBUW1M=;
        b=ZQC7evx7XOh4Sowy0b/nSqs0AMhvCeFKdMCtllvuxHJVFslIytsMvbfXu9lLMcUQp/
         y972vjHNBeUTar5n1FJ8kxZmN+o6l/eYOoSe/ABIMez0Wq119Qr3gtYc3uULTg2ap16V
         wqsTMTkQov3GzgkBgpP757iExFsn3442l4KiRfnQypxpuIPjRK3bjpyCq+tUni81VUV2
         m6MTqEsX4daK05eVt9YLUWJE9RmOyYaxIIiiZbmWrRgqHR+faA+VEH57n9JEcA5lmbes
         Ze1Pp8u+dZW5K8hGySpU1x+jwiswNKtUXh6DZeQScNDpB6GKnXlLt0GhZyckTsUpdg9g
         rglg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from morse.vger.email (morse.vger.email. [2620:137:e000::3:1])
        by mx.google.com with ESMTPS id fr3-20020a17090ae2c300b002777d51e89dsi7803215pjb.128.2023.09.28.10.58.38
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 28 Sep 2023 10:58:38 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) client-ip=2620:137:e000::3:1;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by morse.vger.email (Postfix) with ESMTP id 1EC18836C002;
	Thu, 28 Sep 2023 10:48:47 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232106AbjI1Rsn (ORCPT <rfc822;sbozturk97@gmail.com> + 99 others);
        Thu, 28 Sep 2023 13:48:43 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35822 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232107AbjI1Rsm (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Thu, 28 Sep 2023 13:48:42 -0400
Received: from mailout2.hostsharing.net (mailout2.hostsharing.net [83.223.78.233])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 816371BE;
        Thu, 28 Sep 2023 10:48:39 -0700 (PDT)
Received: from h08.hostsharing.net (h08.hostsharing.net [IPv6:2a01:37:1000::53df:5f1c:0])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
         client-signature RSA-PSS (4096 bits) client-digest SHA256)
        (Client CN "*.hostsharing.net", Issuer "RapidSSL Global TLS RSA4096 SHA256 2022 CA1" (verified OK))
        by mailout2.hostsharing.net (Postfix) with ESMTPS id E7CA51018978B;
        Thu, 28 Sep 2023 19:48:34 +0200 (CEST)
Received: from localhost (unknown [89.246.108.87])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
        (No client certificate requested)
        by h08.hostsharing.net (Postfix) with ESMTPSA id C05E860E0037;
        Thu, 28 Sep 2023 19:48:34 +0200 (CEST)
X-Mailbox-Line: From 3db7a8856833dfcbc4b122301f233828379d67db Mon Sep 17 00:00:00 2001
Message-Id: <3db7a8856833dfcbc4b122301f233828379d67db.1695921657.git.lukas@wunner.de>
In-Reply-To: <cover.1695921656.git.lukas@wunner.de>
References: <cover.1695921656.git.lukas@wunner.de>
From:   Lukas Wunner <lukas@wunner.de>
Date:   Thu, 28 Sep 2023 19:32:32 +0200
Subject: [PATCH 04/12] certs: Create blacklist keyring earlier
To:     Bjorn Helgaas <helgaas@kernel.org>,
        David Howells <dhowells@redhat.com>,
        David Woodhouse <dwmw2@infradead.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>,
        Alex Williamson <alex.williamson@redhat.com>,
        <linux-pci@vger.kernel.org>, <linux-cxl@vger.kernel.org>,
        <linux-coco@lists.linux.dev>, <keyrings@vger.kernel.org>,
        <linux-crypto@vger.kernel.org>, <kvm@vger.kernel.org>
Cc:     Jonathan Cameron <Jonathan.Cameron@huawei.com>,
        <linuxarm@huawei.com>, David Box <david.e.box@intel.com>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Jiang <dave.jiang@intel.com>,
        "Li, Ming" <ming4.li@intel.com>, Zhi Wang <zhi.a.wang@intel.com>,
        Alistair Francis <alistair.francis@wdc.com>,
        Wilfred Mallawa <wilfred.mallawa@wdc.com>,
        Alexey Kardashevskiy <aik@amd.com>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Sean Christopherson <seanjc@google.com>,
        Alexander Graf <graf@amazon.com>
X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Thu, 28 Sep 2023 10:48:47 -0700 (PDT)

The upcoming support for PCI device authentication with CMA-SPDM
(PCIe r6.1 sec 6.31) requires parsing X.509 certificates upon
device enumeration, which happens in a subsys_initcall().

Parsing X.509 certificates accesses the blacklist keyring:
x509_cert_parse()
  x509_get_sig_params()
    is_hash_blacklisted()
      keyring_search()

So far the keyring is created much later in a device_initcall().  Avoid
a NULL pointer dereference on access to the keyring by creating it one
initcall level earlier than PCI device enumeration, i.e. in an
arch_initcall().

Signed-off-by: Lukas Wunner <lukas@wunner.de>
---
 certs/blacklist.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/certs/blacklist.c b/certs/blacklist.c
index 675dd7a8f07a..34185415d451 100644
--- a/certs/blacklist.c
+++ b/certs/blacklist.c
@@ -311,7 +311,7 @@ static int restrict_link_for_blacklist(struct key *dest_keyring,
  * Initialise the blacklist
  *
  * The blacklist_init() function is registered as an initcall via
- * device_initcall().  As a result if the blacklist_init() function fails for
+ * arch_initcall().  As a result if the blacklist_init() function fails for
  * any reason the kernel continues to execute.  While cleanly returning -ENODEV
  * could be acceptable for some non-critical kernel parts, if the blacklist
  * keyring fails to load it defeats the certificate/key based deny list for
@@ -356,7 +356,7 @@ static int __init blacklist_init(void)
 /*
  * Must be initialised before we try and load the keys into the keyring.
  */
-device_initcall(blacklist_init);
+arch_initcall(blacklist_init);
 
 #ifdef CONFIG_SYSTEM_REVOCATION_LIST
 /*
-- 
2.40.1