tls key lookup matches too eagerly?
Hannes Reinecke
hare at suse.de
Tue Oct 29 07:20:12 PDT 2024
On 10/24/24 10:20, Daniel Wagner wrote:
> Hi Hannes,
>
> While testing my TLS handling changes in nvme-cli/libnvme, I found out
> that it is possible to insert a key with a identity of "NVMe1R01" only
> and the kernel was happy to use this key.
>
> nvme_tls_psk_lookup
> keyring_search
> struct keyring_search_context ctx = {
> .index_key.description = description,
> .index_key.desc_len = strlen(description),
> .match_data.cmp = key_default_cmp,
> [...]
> }
>
> /*
> * By default, we keys found by getting an exact match on their descriptions.
> */
> bool key_default_cmp(const struct key *key,
> const struct key_match_data *match_data)
> {
> return strcmp(key->description, match_data->raw_data) == 0;
> }
>
> I think we should at least enforce that the identity set by user space
> fullfills the required format. Does this make sense?
>
That is actually correct; we need to extend the match to ensure that
there is _something_ after the NVMe1R01 prefix.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
More information about the Linux-nvme
mailing list