dm-crypt: fix incorrect use of strcmp when telling if there is no key

Message ID 20221107122233.261096-1-coxu@redhat.com
State New
Headers
Series dm-crypt: fix incorrect use of strcmp when telling if there is no key |

Commit Message

Coiby Xu Nov. 7, 2022, 12:22 p.m. UTC
  strcmp returns 0 when two strings are equal.

Fixes: 69a8cfcda210 ("dm crypt: set key size early")
Signed-off-by: Coiby Xu <coxu@redhat.com>
---
 drivers/md/dm-crypt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
  

Comments

Milan Broz Nov. 8, 2022, 2:51 p.m. UTC | #1
On 11/7/22 13:22, Coiby Xu wrote:
> strcmp returns 0 when two strings are equal.
> 
> Fixes: 69a8cfcda210 ("dm crypt: set key size early")
> Signed-off-by: Coiby Xu <coxu@redhat.com>
> ---
>   drivers/md/dm-crypt.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
> index 159c6806c19b..cfefe0f18150 100644
> --- a/drivers/md/dm-crypt.c
> +++ b/drivers/md/dm-crypt.c
> @@ -2590,7 +2590,7 @@ static int crypt_set_key(struct crypt_config *cc, char *key)
>   	int key_string_len = strlen(key);
>   
>   	/* Hyphen (which gives a key_size of zero) means there is no key. */
> -	if (!cc->key_size && strcmp(key, "-"))
> +	if (!cc->key_size && !strcmp(key, "-"))
>   		goto out;

NACK. The code is correct.

The comment is a little bit misleading - it actually says that "-" is valid here.

If key_size is 0 (see above: key_size = strlen(key) >> 1;)  and key
is NOT "-" (empty key) return error.

Key "-" is a valid key, means no key used (used for null cipher).

Try this with and without your patch (it uses null cipher that takes no key):

dmsetup create test --table "0 8 crypt cipher_null-ecb - 0 /dev/sdb 0"

With your patch it no longer works.

Please, run cryptsetup testsuite before sending patches, tests/mode-tests fails
immediately with your patch!

Thanks,
Milan
  

Patch

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 159c6806c19b..cfefe0f18150 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -2590,7 +2590,7 @@  static int crypt_set_key(struct crypt_config *cc, char *key)
 	int key_string_len = strlen(key);
 
 	/* Hyphen (which gives a key_size of zero) means there is no key. */
-	if (!cc->key_size && strcmp(key, "-"))
+	if (!cc->key_size && !strcmp(key, "-"))
 		goto out;
 
 	/* ':' means the key is in kernel keyring, short-circuit normal key processing */