Thread (14 messages) 14 messages, 5 authors, 2024-02-12

Re: [PATCH] KEYS: encrypted: Add check for strsep

From: Mimi Zohar <zohar@linux.ibm.com>
Date: 2024-02-02 00:06:15
Also in: keyrings, linux-cxl, linux-integrity, lkml, nvdimm 

On Thu, 2024-02-01 at 23:43 +0200, Jarkko Sakkinen wrote:
On Tue Jan 30, 2024 at 8:25 PM EET, Dan Williams wrote:
quoted
Jarkko Sakkinen wrote:
quoted
On Tue Jan 30, 2024 at 7:22 PM EET, Jarkko Sakkinen wrote:
quoted
On Wed Jan 24, 2024 at 11:10 PM EET, Verma, Vishal L wrote:
quoted
On Wed, 2024-01-24 at 15:40 -0500, Mimi Zohar wrote:
quoted
On Wed, 2024-01-24 at 20:10 +0000, Verma, Vishal L wrote:
quoted
Ah, thanks for confirming! Would you like me to send a
revert patch or
will you do it?
Revert "KEYS: encrypted: Add check for strsep"
    
This reverts commit
b4af096b5df5dd131ab796c79cedc7069d8f4882.
    
New encrypted keys are created either from kernel-generated 
random
numbers or user-provided decrypted data.  Revert the change
requiring
user-provided decrypted data.


Can I add your Reported-by?
Yes that works, Thank you.
This went totally wrong IMHO.

Priority should be to locate and fix the bug not revert useful
stuff
when a bug is found that has limited scope.
By guidelines here the commit is also a bug fix and reverting
such commit means seeding a bug to the mainline. Also the klog
message alone is a bug fix here. So also by book it really has
to come back as it was already commit because we cannot
knowingly mount bugs to the mainline, right?
No, the commit broke userspace. The rule is do not cause
regressions
even if userspace is abusing the ABI in an undesirable way. Even
the
new pr_info() is a log spamming behavior change, a pr_debug() might
be
suitable, but otherwise a logic change here needs a clear
description
about what is broken about the old userspace behavior and why the
kernel
can not possibly safely handle it.
The rationale literally gives empirical proof that the log message
is useful by measure. It would be useless if log level is decreased
to debug, as then sysadmin's won't take notice. I don't really know
what is the definition of "spam" here but at least for me actually
useful log message are not in that category.

Issue was legit but git revert is objectively an incorrect way to
address the bug.
No, I made a mistake in upstreaming the patch in the first place.  It
broke the original "encrypted" keys usage.  Reverting it was the
correct solution.

Mimi
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help