block: Fix regression in sed-opal for a saved key.

The commit 3bfeb61256643281ac4be5b8a57e9d9da3db4335
introduced the use of keyring for sed-opal.

Unfortunately, there is also a possibility to save
the Opal key used in opal_lock_unlock().

This patch switches the order of operation, so the cached
key is used instead of failure for opal_get_key.

The problem was found by the cryptsetup Opal test recently
added to the cryptsetup tree.

Fixes: 3bfeb6125664 ("block: sed-opal: keyring support for SED keys")
Tested-by: Ondrej Kozina <okozina@redhat.com>
Signed-off-by: Milan Broz <gmazyland@gmail.com>
Link: https://lore.kernel.org/r/20231003100209.380037-1-gmazyland@gmail.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>

diff --git a/block/sed-opal.c b/block/sed-opal.c
index 6d7f25d1711ba7be464f8cf444426f9337181d52..04f38a3f5d9597927534e15d4dc3432fe12f9e3a 100644 (file)
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -2888,12 +2888,11 @@ static int opal_lock_unlock(struct opal_dev *dev,
        if (lk_unlk->session.who > OPAL_USER9)
                return -EINVAL;
 
-       ret = opal_get_key(dev, &lk_unlk->session.opal_key);
-       if (ret)
-               return ret;
        mutex_lock(&dev->dev_lock);
        opal_lock_check_for_saved_key(dev, lk_unlk);
-       ret = __opal_lock_unlock(dev, lk_unlk);
+       ret = opal_get_key(dev, &lk_unlk->session.opal_key);
+       if (!ret)
+               ret = __opal_lock_unlock(dev, lk_unlk);
        mutex_unlock(&dev->dev_lock);
 
        return ret;