[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <D1RL9GZKU6Y3.2HFU56T053FQB@kernel.org>
Date: Wed, 05 Jun 2024 01:33:32 +0300
From: "Jarkko Sakkinen" <jarkko@...nel.org>
To: "Stefan Berger" <stefanb@...ux.ibm.com>, "Herbert Xu"
<herbert@...dor.apana.org.au>
Cc: <linux-integrity@...r.kernel.org>, <keyrings@...r.kernel.org>,
<Andreas.Fuchs@...ineon.com>, "James Prestwood" <prestwoj@...il.com>,
"David Woodhouse" <dwmw2@...radead.org>, "Eric Biggers"
<ebiggers@...nel.org>, "James Bottomley"
<James.Bottomley@...senpartnership.com>, <linux-crypto@...r.kernel.org>,
"Lennart Poettering" <lennart@...ttering.net>, "David S. Miller"
<davem@...emloft.net>, "open list" <linux-kernel@...r.kernel.org>, "Mimi
Zohar" <zohar@...ux.ibm.com>, "David Howells" <dhowells@...hat.com>, "Paul
Moore" <paul@...l-moore.com>, "James Morris" <jmorris@...ei.org>, "Serge E.
Hallyn" <serge@...lyn.com>, "open list:SECURITY SUBSYSTEM"
<linux-security-module@...r.kernel.org>
Subject: Re: [PATCH v7 3/5] crypto: tpm2_key: Introduce a TPM2 key type
On Tue Jun 4, 2024 at 9:41 PM EEST, Stefan Berger wrote:
>
>
> On 6/4/24 13:23, Jarkko Sakkinen wrote:
> > On Fri May 31, 2024 at 3:35 AM EEST, Stefan Berger wrote:
> >>
>
> >>>
> >>> - rc = tpm2_key_decode(payload, options, &blob);
> >>> - if (rc) {
> >>> - /* old form */
> >>> + key = tpm2_key_decode(payload->blob, payload->blob_len);
> >>> + if (IS_ERR(key)) {
> >>> + /* Get the error code and reset the pointer to the key: */
> >>> + rc = PTR_ERR(key);
> >>> + key = NULL;
> >>> +
> >>> + if (rc == -ENOMEM)
> >>> + return -ENOMEM;
> >>> +
> >>> + /* A sanity check, as only -EBADMSG or -ENOMEM are expected: */
> >>> + if (rc != -EBADMSG)
> >>> + pr_err("tpm2_key_decode(): spurious error code %d\n", rc);
> >>
> >> tpm2_key_decode seems simple enough that it only returns key, -ENOMEM or
> >> EBADMSG.
> >
> > So what is your suggestion here?
>
> You can remove the check resuling in pr_err().
OK, I think so too. Just had to (sanity) check.
>
> >
> > The reasoning here is that asymmetric keys use -EBADMSG not only as
> > error but also iterator, when probing which can load a specific key.
> >
BR, Jarkko
Powered by blists - more mailing lists