Received: by 2002:ab2:620c:0:b0:1ef:ffd0:ce49 with SMTP id o12csp1117728lqt; Tue, 19 Mar 2024 13:14:31 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWv8rkIPP5+uDH2rQtfaWvkzghmLeydy132hHObLDaINbXo9A+Thv+nLPaUYumBCBS99dQFFUVXxSAbyzxL7oRx0UV/y11EDH5Jax1cjg== X-Google-Smtp-Source: AGHT+IEBPsp3B10bIx/IsIiQwPmQsYBFjRMH8H7lvo/fknDpc24vFTKNOocFmQpc/Ojp+ZHJ2Bbd X-Received: by 2002:a05:6902:160d:b0:dd0:471:712 with SMTP id bw13-20020a056902160d00b00dd004710712mr12865115ybb.33.1710879271571; Tue, 19 Mar 2024 13:14:31 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710879271; cv=pass; d=google.com; s=arc-20160816; b=ElCdJrWtiZ/qDUMLWbitM8KrQu23+Yn7fPk92MlOViMAAFhuwI0bMMxQ8R56MvWk4W p4Jsvsi7ACntcSeaTN8YObCQ9/c+YvyoZaHnlJ044eWiY7SqFLbBWwky4rtau2r2L0PF TKjqZ7VMAQ8Aj2yc5422Pxw28uDxLZidrWhQCb4BJTreNXAvxFkmJ23K5e9lR7SWXDmk iP1XH3VbghZVnHJHiSTdFvpHSj4MlRCqDZVktStynhpVEWWMlSbNQwXljW5Cj6lEQBCy oj/9BRDD4q4DZ1dk8GdAm2yI2IanrHrME7qR3pNdDooeAhpygE+92l79DVBj7O7fr6+I I2aw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=WkuIBiaaVc6viyS0QofsPt0/lvonIhhdL+XX2CGWItg=; fh=ZlUJgtuP/1oB6y8LuLmJLityYIuyUQ1UiE9NkMkHLus=; b=VkslyAondvEthbked0TBYRxBb+tSSNH0RYuck+GaLtHQHAi5LZQlOUyOX9LtADQwD+ jw9uf7Y0OkxmmmDKLkeveVc+J/CpOfdDz8eHdRWacU7z5IRwFnT64CaqPzog7X5mvCKt P06WIrPE7G4WfuWtGVwCLAEMZM3ybOIZUNxPP9KuahZvsJ8psat6zbcgTt97vhjV8WZt Y5jSTgWBLZ20Hl+0JBXeAWVUqJBJHjPJz9GAPFSw33w+tj8G6hL51PxKp8sr2bk+IkvC XTGQ1KdqUN5nBDN4XAlXh5U25RoyL81oeBlWBIGmM6y9NBPocw/76efaBeExDbvLcnD7 lSVA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="W/9TEUv5"; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-2756-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2756-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id bp13-20020a05622a1b8d00b00430ea02b3c3si1853793qtb.193.2024.03.19.13.14.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Mar 2024 13:14:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-2756-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="W/9TEUv5"; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-2756-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2756-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 2B4361C22B5B for ; Tue, 19 Mar 2024 20:14:31 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AD7915A0F4; Tue, 19 Mar 2024 20:14:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="W/9TEUv5" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 663CB59B76; Tue, 19 Mar 2024 20:14:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710879266; cv=none; b=V0n1qSW33E7Ay6L+H6XTsRh1rtCt3Yfs+j8PMcxb+lEnGFdwlU1IHkV6ksGlZrzFD/xxqjJaqVy4n3GLJzLPqxn9MV0q2upF59C31ZqUiuvEGi+zwr8YUPhY0HdPfUDvSd1j7dRwd5G84ctw4hLoNZolK6NbYGan0QZpTe6zhlw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710879266; c=relaxed/simple; bh=ebwK4AewbvdYrlguygz1sCJD50ZNfG7LlT4UwBmSljg=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=WIgQ7+0oi9TWbrShXSmnuC0tdhNmKo3kWPuWEfse7WgJ7wnC0bBPEzC0M0PyQ5AxbkvmmH5VXmOpou1PTGFJVm8arys5LzbEpsoM8G+aTcpKIISJepMCueVYJZB+9l6ZtXCat5SdY5jRSFhAt6BVxJQ2Df6ieEkZyNty72H2WO8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=W/9TEUv5; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id E9564C433F1; Tue, 19 Mar 2024 20:14:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1710879265; bh=ebwK4AewbvdYrlguygz1sCJD50ZNfG7LlT4UwBmSljg=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=W/9TEUv5ynQeNhTOcfb5QoEObpcmBWvia6XYBn0FLbNSN3hZv63Qpb76WuNoxliWu APAX8cfWjuIvY/SXyvxtMV2Jabbfy6oxq7Kbv5Na95o4QEZYAANhu94OUfwsVRm33q 8Y+aMTZSYeRXnDPFMz0RXPxHQ8hWgALaTRknAIo32VfpVxdbGy9OIE6Tv+s9vPXBaN TcusYv4E4tuHh7P6CM3EPeMN10G86kGWqSQ0eBtTzu1ztpqVbDoaBmQsrTlT3HNzcc G82rAYsI8jkHMnOp1IZaQHEGMn5oIP79MibfDT7NlNg9jonJPf5QS8kTy3L5dzf8Lg 81PaAeOqG5ckQ== Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Tue, 19 Mar 2024 22:14:22 +0200 Message-Id: Cc: "keyrings@vger.kernel.org" , "linux-crypto@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "lvc-project@linuxtesting.org" , "Sergey Shtylyov" Subject: Re: [PATCH] KEYS: prevent NULL pointer dereference in find_asymmetric_key() From: "Jarkko Sakkinen" To: "Roman Smirnov" , "David Howells" , "Herbert Xu" , "David S. Miller" , "Andrew Zaborowski" X-Mailer: aerc 0.15.2 References: <20240315103320.18754-1-r.smirnov@omp.ru> In-Reply-To: On Tue Mar 19, 2024 at 4:44 PM EET, Roman Smirnov wrote: > On Tue, 19 Mar 2024 01:39:00 +0200 Jarkko Sakkinen wrote: > > On Fri Mar 15, 2024 at 12:33 PM EET, Roman Smirnov wrote: > > > With the current code, in case all NULLs are passed in id_{0,1,2}, > >=20 > > "current code" is not unambigious reference of any part of the kernel > > tree. Please just write down the function name instead. > >=20 > > > the kernel will first print out a WARNING and then have an oops > > > because id_2 gets dereferenced anyway. > >=20 > > Would be more exact": > >=20 > > s/print out a WARNING/emit WARN/ > > Okay, I'll prepare a second version of the patch. > > > > Note that WARN_ON() is also considered harmful by Greg Kroah- > > > Hartman since it causes the Android kernels to panic as they > > > get booted with the panic_on_warn option. > >=20 > > Despite full respect to Greg, and agreeing what he had said about > > the topic (which you are lacking lore link meaning that in all > > cases the current description is incomplete), the only thing that > > should be documented should be that since WARN_ON() can emit > > panic when panic_on_warn is set in the *kernel command-line* > > (not "option") this condition should be relaxed. > > Here's a link to the discussion: > https://lore.kernel.org/all/2024011213-situated-augmented-64a4@gregkh/ > From the context, I thought WARN_ON() would be better removed. Not sure what you are trying to claim here that goes against what I just said. > > > > > > > Found by Linux Verification Center (linuxtesting.org) with Svace. > >=20 > > I'm not sure if this should be part of the commit message. > > I have already submitted patches with this line, some have been > accepted. It is important for the Linux Verification Center to mark > patches as closing issues found with Svace. > > > > > > > Fixes: 7d30198ee24f ("keys: X.509 public key issuer lookup without AK= ID") > > > Suggested-by: Sergey Shtylyov > >=20 > > Should be reported-by. > > The suggested-by tag belongs to Sergey because he suggested the fix, > subject/description of the patch. The tag reported-by belongs to > Svace tool. 1. I did not see any reported-by tags in this which is requirement. 2. Who did find the issue using that tool? I don't put reported-by to GDB even if I use that find the bug. > > Thank you for the reply. BR, Jarkko