Re: [PATCH] crash_dump: Don't log dm-crypt key bytes in read_key_from_user_keying

[Coiby Xu]

On Mon, Mar 02, 2026 at 11:48:22AM +0800, Baoquan He wrote:
> On 02/28/26 at 12:00am, Thorsten Blum wrote:
> > When debug logging is enabled, read_key_from_user_keying() logs the
> > first 8 bytes of the key payload and partially exposes the dm-crypt key.
> > Stop logging any key bytes.
> >
> > Fixes: 479e58549b0f ("crash_dump: store dm crypt keys in kdump reserved memory")
> > Cc: stable@xxxxxxxxxxxxxxx
> > Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxx>
> > ---
> >  kernel/crash_dump_dm_crypt.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/kernel/crash_dump_dm_crypt.c b/kernel/crash_dump_dm_crypt.c
> > index 27a144920562..5ce958d069dd 100644
> > --- a/kernel/crash_dump_dm_crypt.c
> > +++ b/kernel/crash_dump_dm_crypt.c
> > @@ -168,8 +168,8 @@ static int read_key_from_user_keying(struct dm_crypt_key *dm_key)
> >
> >  	memcpy(dm_key->data, ukp->data, ukp->datalen);
> >  	dm_key->key_size = ukp->datalen;
> > -	kexec_dprintk("Get dm crypt key (size=%u) %s: %8ph\n", dm_key->key_size,
> > -		      dm_key->key_desc, dm_key->data);
> > +	kexec_dprintk("Get dm crypt key (size=%u) %s\n", dm_key->key_size,
>
> Make sense to me.
>
> The kexec_dprintk() is only for debug printing. We can remove above line
> or change it to pr_debug() if security is worried.
>
> Coiby, what do you think?

I think we can assume a key can be reliably read thus no need to print
the first 8 bytes to check it. So this patch looks good to me. And
thanks to Thorsten for suggesting multiple improvements on
kernel/crash_dump_dm_crypt.c!

> Thanks
> Baoquan

--
Best regards,
Coiby