Received: by 2002:a05:7412:3784:b0:e2:908c:2ebd with SMTP id jk4csp1829788rdb; Tue, 3 Oct 2023 02:11:13 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEBEBCQc3n0GL9RgC0+rHmC6KF57vqfQvH9gUwxPmE4TCne0nEDd0Oer6V3UTDvttNh3YwT X-Received: by 2002:a17:903:1c2:b0:1c7:432f:b0be with SMTP id e2-20020a17090301c200b001c7432fb0bemr15036709plh.18.1696324273477; Tue, 03 Oct 2023 02:11:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696324273; cv=none; d=google.com; s=arc-20160816; b=jv2nlBU4Rj9BdCF8eXUf3wIG+N2Qq+L4v4ONCWq7buY1nAz4cGDSIxkkamvvRtx7c+ ZY/SW/U9vVlNKROzwq9n1f5VPzptfY/ydHy8mMdBLCiFoi2lh0eBwQlg8FP+9vNLbBkl xylltkSB1XrLGzUCA5Tng2sJDEvJdbNLxZI0OccTf9DVmN/8W9gQAjAuAxxVXY7zSpEy aEieQHv9T/nZjCF0bzZDV9CHbrNVsGb1Bfh+idT291zJX1ipbE0HXCaQwnad+Yj1puUM y5cdjo1GKmw7xB5UkliLDXElTviNwl/AMtP4An9djKqb4iqRUeVV5jjcmLPaRqVN69Mv 319Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date; bh=preT72ACU/uJc165vqjVrtX1fUfQttbEBSkuVWw9Eu0=; fh=VytaWnrtIe6rQzSTidyaXKVP21CYVB05Erb1vcNmZ/4=; b=tkOzXu/IrSn4M+FcR6p7P8XWcoDU3oVUkcwOr2oSb8JXeWOQ59/qLDKBo0ORM2XqXh RLg6NOQFj3gBVQrJT+gSdezPacUr8v9Z8vbffDoDY8ji4USvaj2HJ6zjlWnCuXWqnCca amd5PSyWZt1UJh+AMMc3aH0+FOGtW4XoshcTbwSSmUmUxKGvhuxGsQvxj3/t3x2g7oA7 O4JgbemTrmq204mkXTqPxMkASaef+7fsBbhbmA3KkE+pGsXAlWZ+8T0i7OYb6Q7m3r62 qN64h4YcEr83fkxAbGuh3OVfXOtMXn8AigQnrMw51OR4uzrR3SoRqOAQhO8ZsfygaWUy pKFQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id jx16-20020a170903139000b001bbcddd6e82si1014071plb.91.2023.10.03.02.11.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Oct 2023 02:11:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 785A58032141; Tue, 3 Oct 2023 02:11:01 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231509AbjJCJKv (ORCPT + 99 others); Tue, 3 Oct 2023 05:10:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58488 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230283AbjJCJKv (ORCPT ); Tue, 3 Oct 2023 05:10:51 -0400 Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 28B0AAC; Tue, 3 Oct 2023 02:10:45 -0700 (PDT) Received: from lhrpeml500005.china.huawei.com (unknown [172.18.147.200]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4S0BpC1Mm1z6K60k; Tue, 3 Oct 2023 17:09:07 +0800 (CST) Received: from localhost (10.202.227.76) by lhrpeml500005.china.huawei.com (7.191.163.240) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.31; Tue, 3 Oct 2023 10:10:42 +0100 Date: Tue, 3 Oct 2023 10:10:41 +0100 From: Jonathan Cameron To: Lukas Wunner CC: Bjorn Helgaas , David Howells , David Woodhouse , Herbert Xu , "David S. Miller" , Alex Williamson , , , , , , , , David Box , Dan Williams , Dave Jiang , "Li, Ming" , Zhi Wang , Alistair Francis , Wilfred Mallawa , Alexey Kardashevskiy , Tom Lendacky , Sean Christopherson , Alexander Graf Subject: Re: [PATCH 04/12] certs: Create blacklist keyring earlier Message-ID: <20231003101041.00006511@Huawei.com> In-Reply-To: <3db7a8856833dfcbc4b122301f233828379d67db.1695921657.git.lukas@wunner.de> References: <3db7a8856833dfcbc4b122301f233828379d67db.1695921657.git.lukas@wunner.de> Organization: Huawei Technologies Research and Development (UK) Ltd. X-Mailer: Claws Mail 4.1.0 (GTK 3.24.33; x86_64-w64-mingw32) MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Originating-IP: [10.202.227.76] X-ClientProxiedBy: lhrpeml500005.china.huawei.com (7.191.163.240) To lhrpeml500005.china.huawei.com (7.191.163.240) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Tue, 03 Oct 2023 02:11:01 -0700 (PDT) On Thu, 28 Sep 2023 19:32:32 +0200 Lukas Wunner wrote: > The upcoming support for PCI device authentication with CMA-SPDM > (PCIe r6.1 sec 6.31) requires parsing X.509 certificates upon > device enumeration, which happens in a subsys_initcall(). > > Parsing X.509 certificates accesses the blacklist keyring: > x509_cert_parse() > x509_get_sig_params() > is_hash_blacklisted() > keyring_search() > > So far the keyring is created much later in a device_initcall(). Avoid > a NULL pointer dereference on access to the keyring by creating it one > initcall level earlier than PCI device enumeration, i.e. in an > arch_initcall(). > > Signed-off-by: Lukas Wunner Indeed seems like it needs to be before subsys_initcall so whilst it feels a bit weird to do it in one named arch, I guess that's the best choice available. Reviewed-by: Jonathan Cameron > --- > certs/blacklist.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/certs/blacklist.c b/certs/blacklist.c > index 675dd7a8f07a..34185415d451 100644 > --- a/certs/blacklist.c > +++ b/certs/blacklist.c > @@ -311,7 +311,7 @@ static int restrict_link_for_blacklist(struct key *dest_keyring, > * Initialise the blacklist > * > * The blacklist_init() function is registered as an initcall via > - * device_initcall(). As a result if the blacklist_init() function fails for > + * arch_initcall(). As a result if the blacklist_init() function fails for > * any reason the kernel continues to execute. While cleanly returning -ENODEV > * could be acceptable for some non-critical kernel parts, if the blacklist > * keyring fails to load it defeats the certificate/key based deny list for > @@ -356,7 +356,7 @@ static int __init blacklist_init(void) > /* > * Must be initialised before we try and load the keys into the keyring. > */ > -device_initcall(blacklist_init); > +arch_initcall(blacklist_init); > > #ifdef CONFIG_SYSTEM_REVOCATION_LIST > /*