| Message ID | 153936864924.55836.10713157239316653961.stgit@djiang5-desk3.ch.intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [1/5] libnvdimm: fix updating of kernel key during nvdimm key update | expand |
On Fri, Oct 12, 2018 at 11:24 AM Dave Jiang <dave.jiang@intel.com> wrote: > > Remove extraneous code that used to expect nvdimm_get_and_verify_key() to > return NULL when there's no kernel key. We want to enforce the behavior > that when there is no kernel key we should fail security ops. > > Signed-off-by: Dave Jiang <dave.jiang@intel.com> > --- > drivers/nvdimm/security.c | 35 ++++------------------------------- > 1 file changed, 4 insertions(+), 31 deletions(-) > > diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c > index f9ca1575012e..7b5d7c77514d 100644 > --- a/drivers/nvdimm/security.c > +++ b/drivers/nvdimm/security.c > @@ -135,7 +135,6 @@ int nvdimm_security_erase(struct nvdimm *nvdimm, unsigned int keyid) > struct key *key; > struct user_key_payload *payload; > struct device *dev = &nvdimm->dev; > - bool is_userkey = false; > > if (!nvdimm->security_ops) > return -EOPNOTSUPP; > @@ -161,18 +160,6 @@ int nvdimm_security_erase(struct nvdimm *nvdimm, unsigned int keyid) > rc = PTR_ERR(key); > goto out; > } > - if (!key) { > - dev_dbg(dev, "No cached key found\n"); > - /* get old user key */ > - key = nvdimm_lookup_user_key(dev, keyid); > - if (!key) { > - dev_dbg(dev, "Unable to retrieve user key: %#x\n", > - keyid); > - rc = -ENOKEY; > - goto out; > - } > - is_userkey = true; > - } > > down_read(&key->sem); > payload = key->payload.data[0]; > @@ -181,10 +168,8 @@ int nvdimm_security_erase(struct nvdimm *nvdimm, unsigned int keyid) > up_read(&key->sem); > > /* remove key since secure erase kills the passphrase */ > - if (!is_userkey) { > - key_invalidate(key); > - nvdimm->key = NULL; > - } > + key_invalidate(key); > + nvdimm->key = NULL; > key_put(key); > > out: > @@ -218,7 +203,6 @@ int nvdimm_security_disable(struct nvdimm *nvdimm, unsigned int keyid) > struct key *key; > struct user_key_payload *payload; > struct device *dev = &nvdimm->dev; > - bool is_userkey = false; > > if (!nvdimm->security_ops) > return -EOPNOTSUPP; > @@ -233,15 +217,6 @@ int nvdimm_security_disable(struct nvdimm *nvdimm, unsigned int keyid) > mutex_unlock(&nvdimm->key_mutex); > return PTR_ERR(key); > } > - if (!key) { > - /* get old user key */ > - key = nvdimm_lookup_user_key(dev, keyid); > - if (!key) { > - mutex_unlock(&nvdimm->key_mutex); > - return -ENOKEY; > - } > - is_userkey = true; > - } > > down_read(&key->sem); > payload = key->payload.data[0]; > @@ -255,10 +230,8 @@ int nvdimm_security_disable(struct nvdimm *nvdimm, unsigned int keyid) > } > > /* If we succeed then remove the key */ > - if (!is_userkey) { > - key_invalidate(key); > - nvdimm->key = NULL; > - } > + key_invalidate(key); > + nvdimm->key = NULL; > key_put(key); Looks good, perhaps just use the key_destroy() helper here?
diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c index f9ca1575012e..7b5d7c77514d 100644 --- a/drivers/nvdimm/security.c +++ b/drivers/nvdimm/security.c @@ -135,7 +135,6 @@ int nvdimm_security_erase(struct nvdimm *nvdimm, unsigned int keyid) struct key *key; struct user_key_payload *payload; struct device *dev = &nvdimm->dev; - bool is_userkey = false; if (!nvdimm->security_ops) return -EOPNOTSUPP; @@ -161,18 +160,6 @@ int nvdimm_security_erase(struct nvdimm *nvdimm, unsigned int keyid) rc = PTR_ERR(key); goto out; } - if (!key) { - dev_dbg(dev, "No cached key found\n"); - /* get old user key */ - key = nvdimm_lookup_user_key(dev, keyid); - if (!key) { - dev_dbg(dev, "Unable to retrieve user key: %#x\n", - keyid); - rc = -ENOKEY; - goto out; - } - is_userkey = true; - } down_read(&key->sem); payload = key->payload.data[0]; @@ -181,10 +168,8 @@ int nvdimm_security_erase(struct nvdimm *nvdimm, unsigned int keyid) up_read(&key->sem); /* remove key since secure erase kills the passphrase */ - if (!is_userkey) { - key_invalidate(key); - nvdimm->key = NULL; - } + key_invalidate(key); + nvdimm->key = NULL; key_put(key); out: @@ -218,7 +203,6 @@ int nvdimm_security_disable(struct nvdimm *nvdimm, unsigned int keyid) struct key *key; struct user_key_payload *payload; struct device *dev = &nvdimm->dev; - bool is_userkey = false; if (!nvdimm->security_ops) return -EOPNOTSUPP; @@ -233,15 +217,6 @@ int nvdimm_security_disable(struct nvdimm *nvdimm, unsigned int keyid) mutex_unlock(&nvdimm->key_mutex); return PTR_ERR(key); } - if (!key) { - /* get old user key */ - key = nvdimm_lookup_user_key(dev, keyid); - if (!key) { - mutex_unlock(&nvdimm->key_mutex); - return -ENOKEY; - } - is_userkey = true; - } down_read(&key->sem); payload = key->payload.data[0]; @@ -255,10 +230,8 @@ int nvdimm_security_disable(struct nvdimm *nvdimm, unsigned int keyid) } /* If we succeed then remove the key */ - if (!is_userkey) { - key_invalidate(key); - nvdimm->key = NULL; - } + key_invalidate(key); + nvdimm->key = NULL; key_put(key); out:
Remove extraneous code that used to expect nvdimm_get_and_verify_key() to return NULL when there's no kernel key. We want to enforce the behavior that when there is no kernel key we should fail security ops. Signed-off-by: Dave Jiang <dave.jiang@intel.com> --- drivers/nvdimm/security.c | 35 ++++------------------------------- 1 file changed, 4 insertions(+), 31 deletions(-)