From: ", Jarkko Sakkinen" <jarkko@kernel.org>
To: "Thomas Weißschuh" <linux@weissschuh.net>
Cc: "David Howells" <dhowells@redhat.com>,
"David Woodhouse" <dwmw2@infradead.org>,
"Paul Moore" <paul@paul-moore.com>,
"James Morris" <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
"Mickaël Salaün" <mic@digikod.net>,
keyrings@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org,
"Paul Menzel" <pmenzel@molgen.mpg.de>,
"Mark Pearson" <markpearson@lenovo.com>
Subject: Re: [PATCH v4 1/3] certs: make blacklisted hash available in klog
Date: Wed, 4 Jan 2023 12:31:12 +0000 [thread overview]
Message-ID: <Y7VxkG0ZsfJEyuFP@kernel.org> (raw)
In-Reply-To: <20221212-keys-blacklist-v4-1-00afeb3137fb@weissschuh.net>
On Wed, Dec 21, 2022 at 02:08:22AM +0000, Thomas Weißschuh wrote:
> One common situation triggering this log statement are duplicate hashes
> reported by the system firmware.
>
> These duplicates should be removed from the firmware.
>
> Without logging the blacklisted hash triggering the issue however the users
> can not report it properly to the firmware vendors and the firmware vendors
> can not easily see which specific hash is duplicated.
>
> While changing the log message also use the dedicated ERR_PTR format
> placeholder for the returned error value.
>
> Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
> ---
> certs/blacklist.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/certs/blacklist.c b/certs/blacklist.c
> index 41f10601cc72..6e260c4b6a19 100644
> --- a/certs/blacklist.c
> +++ b/certs/blacklist.c
> @@ -192,7 +192,7 @@ static int mark_raw_hash_blacklisted(const char *hash)
> KEY_ALLOC_NOT_IN_QUOTA |
> KEY_ALLOC_BUILT_IN);
> if (IS_ERR(key)) {
> - pr_err("Problem blacklisting hash (%ld)\n", PTR_ERR(key));
> + pr_err("Problem blacklisting hash %s: %pe\n", hash, key);
> return PTR_ERR(key);
> }
> return 0;
>
> --
> 2.39.0
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
BR, Jarkko
next parent reply other threads:[~2023-01-04 12:32 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20221212-keys-blacklist-v4-0-00afeb3137fb@weissschuh.net>
[not found] ` <20221212-keys-blacklist-v4-1-00afeb3137fb@weissschuh.net>
2023-01-04 12:31 ` , Jarkko Sakkinen [this message]
[not found] ` <20221212-keys-blacklist-v4-2-00afeb3137fb@weissschuh.net>
2023-01-04 12:34 ` [PATCH v4 2/3] KEYS: Add new function key_create() , Jarkko Sakkinen
[not found] ` <20221212-keys-blacklist-v4-3-00afeb3137fb@weissschuh.net>
2023-01-04 12:35 ` [PATCH v4 3/3] certs: don't try to update blacklist keys , Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y7VxkG0ZsfJEyuFP@kernel.org \
--to=jarkko@kernel.org \
--cc=dhowells@redhat.com \
--cc=dwmw2@infradead.org \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux@weissschuh.net \
--cc=markpearson@lenovo.com \
--cc=mic@digikod.net \
--cc=paul@paul-moore.com \
--cc=pmenzel@molgen.mpg.de \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).