From: Russell Currey <ruscur@russell.cc>
To: Nicholas Piggin <npiggin@gmail.com>,
Andrew Donnellan <ajd@linux.ibm.com>,
linuxppc-dev@lists.ozlabs.org, linux-integrity@vger.kernel.org
Cc: sudhakar@linux.ibm.com, erichte@linux.ibm.com,
gregkh@linuxfoundation.org, nayna@linux.ibm.com,
linux-kernel@vger.kernel.org, zohar@linux.ibm.com,
gjoyce@linux.ibm.com, bgray@linux.ibm.com,
gcwilson@linux.ibm.com
Subject: Re: [PATCH v3 04/24] powerpc/secvar: Handle format string in the consumer
Date: Fri, 20 Jan 2023 11:51:24 +1100 [thread overview]
Message-ID: <26945a8372ddde0c2bea9f2382ea9f1e74b9fe63.camel@russell.cc> (raw)
In-Reply-To: <CPVRR82TD4YN.2330YD9C5FHMQ@bobo>
On Thu, 2023-01-19 at 11:17 +1000, Nicholas Piggin wrote:
> On Wed Jan 18, 2023 at 4:10 PM AEST, Andrew Donnellan wrote:
> > From: Russell Currey <ruscur@russell.cc>
> >
> > The code that handles the format string in secvar-sysfs.c is
> > entirely
> > OPAL specific, so create a new "format" op in secvar_operations to
> > make
> > the secvar code more generic. No functional change.
> >
> > Signed-off-by: Russell Currey <ruscur@russell.cc>
> > Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
> >
> > ---
> >
> > v2: Use sysfs_emit() instead of sprintf() (gregkh)
> >
> > v3: Enforce format string size limit (ruscur)
> > ---
> > arch/powerpc/include/asm/secvar.h | 3 +++
> > arch/powerpc/kernel/secvar-sysfs.c | 23 ++++------------
> > --
> > arch/powerpc/platforms/powernv/opal-secvar.c | 25
> > ++++++++++++++++++++
> > 3 files changed, 33 insertions(+), 18 deletions(-)
> >
> > diff --git a/arch/powerpc/include/asm/secvar.h
> > b/arch/powerpc/include/asm/secvar.h
> > index 07ba36f868a7..8b6475589120 100644
> > --- a/arch/powerpc/include/asm/secvar.h
> > +++ b/arch/powerpc/include/asm/secvar.h
> > @@ -11,12 +11,15 @@
> > #include <linux/types.h>
> > #include <linux/errno.h>
> >
> > +#define SECVAR_MAX_FORMAT_LEN 30 // max length of string returned
> > by ->format()
> > +
> > extern const struct secvar_operations *secvar_ops;
> >
> > struct secvar_operations {
> > int (*get)(const char *key, u64 key_len, u8 *data, u64
> > *data_size);
> > int (*get_next)(const char *key, u64 *key_len, u64
> > keybufsize);
> > int (*set)(const char *key, u64 key_len, u8 *data, u64
> > data_size);
> > + ssize_t (*format)(char *buf);
> > };
> >
> > #ifdef CONFIG_PPC_SECURE_BOOT
> > diff --git a/arch/powerpc/kernel/secvar-sysfs.c
> > b/arch/powerpc/kernel/secvar-sysfs.c
> > index 462cacc0ca60..d3858eedd72c 100644
> > --- a/arch/powerpc/kernel/secvar-sysfs.c
> > +++ b/arch/powerpc/kernel/secvar-sysfs.c
> > @@ -21,26 +21,13 @@ static struct kset *secvar_kset;
> > static ssize_t format_show(struct kobject *kobj, struct
> > kobj_attribute *attr,
> > char *buf)
> > {
> > - ssize_t rc = 0;
> > - struct device_node *node;
> > - const char *format;
> > -
> > - node = of_find_compatible_node(NULL, NULL, "ibm,secvar-
> > backend");
> > - if (!of_device_is_available(node)) {
> > - rc = -ENODEV;
> > - goto out;
> > - }
> > + char tmp[SECVAR_MAX_FORMAT_LEN];
> > + ssize_t len = secvar_ops->format(tmp);
> >
> > - rc = of_property_read_string(node, "format", &format);
> > - if (rc)
> > - goto out;
> > + if (len <= 0)
> > + return -EIO;
>
> AFAIKS this does have a functional change, it loses the return value.
> Why not return len if it is < 0, and -EIO if len == 0?
In v2 mpe suggested the following:
I'm not sure you should pass that raw error back to sysfs. Some of
the
values could be confusing, eg. if you return -EINVAL it looks like a
parameter to the read() syscall was invalid. Might be better to just
return -EIO.
Following that advice, I don't think we should return something other
than -EIO, but we should at least pr_err() to document the error - this
isn't something that should ever fail.
>
> Thanks,
> Nick
next prev parent reply other threads:[~2023-01-20 0:52 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-18 6:10 [PATCH v3 00/24] pSeries dynamic secure boot secvar interface + platform keyring loading Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 01/24] powerpc/secvar: Use u64 in secvar_operations Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 02/24] powerpc/secvar: WARN_ON_ONCE() if multiple secvar ops are set Andrew Donnellan
2023-01-19 0:59 ` Nicholas Piggin
2023-01-18 6:10 ` [PATCH v3 03/24] powerpc/secvar: Use sysfs_emit() instead of sprintf() Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 04/24] powerpc/secvar: Handle format string in the consumer Andrew Donnellan
2023-01-19 1:02 ` Nicholas Piggin
2023-01-19 1:17 ` Nicholas Piggin
2023-01-20 0:51 ` Russell Currey [this message]
2023-01-18 6:10 ` [PATCH v3 05/24] powerpc/secvar: Handle max object size " Andrew Donnellan
2023-01-19 21:18 ` Greg Joyce
2023-01-18 6:10 ` [PATCH v3 06/24] powerpc/secvar: Clean up init error messages Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 07/24] powerpc/secvar: Extend sysfs to include config vars Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 08/24] powerpc/secvar: Allow backend to populate static list of variable names Andrew Donnellan
2023-01-19 1:10 ` Nicholas Piggin
2023-01-20 6:20 ` Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 09/24] powerpc/secvar: Warn when PAGE_SIZE is smaller than max object size Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 10/24] powerpc/secvar: Don't print error on ENOENT when reading variables Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 11/24] powerpc/pseries: Move plpks.h to include directory Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 12/24] powerpc/pseries: Move PLPKS constants to header file Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 13/24] powerpc/pseries: Fix handling of PLPKS object flushing timeout Andrew Donnellan
2023-01-19 1:15 ` Nicholas Piggin
2023-01-18 6:10 ` [PATCH v3 14/24] powerpc/pseries: Fix alignment of PLPKS structures and buffers Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 15/24] powerpc/pseries: Expose PLPKS config values, support additional fields Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 16/24] powerpc/pseries: Implement signed update for PLPKS objects Andrew Donnellan
2023-01-19 1:12 ` Nicholas Piggin
2023-01-18 6:10 ` [PATCH v3 17/24] powerpc/pseries: Log hcall return codes for PLPKS debug Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 18/24] powerpc/pseries: Make caller pass buffer to plpks_read_var() Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 19/24] powerpc/pseries: Turn PSERIES_PLPKS into a hidden option Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 20/24] powerpc/pseries: Add helpers to get PLPKS password Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 21/24] powerpc/pseries: Pass PLPKS password on kexec Andrew Donnellan
2023-01-18 11:52 ` Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 22/24] powerpc/pseries: Implement secvars for dynamic secure boot Andrew Donnellan
2023-01-18 13:06 ` Stefan Berger
2023-01-18 6:10 ` [PATCH v3 23/24] integrity/powerpc: Improve error handling & reporting when loading certs Andrew Donnellan
2023-01-18 6:10 ` [PATCH v3 24/24] integrity/powerpc: Support loading keys from pseries secvar Andrew Donnellan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=26945a8372ddde0c2bea9f2382ea9f1e74b9fe63.camel@russell.cc \
--to=ruscur@russell.cc \
--cc=ajd@linux.ibm.com \
--cc=bgray@linux.ibm.com \
--cc=erichte@linux.ibm.com \
--cc=gcwilson@linux.ibm.com \
--cc=gjoyce@linux.ibm.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=nayna@linux.ibm.com \
--cc=npiggin@gmail.com \
--cc=sudhakar@linux.ibm.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).