diff mbox series

[v7,2/5] KEYS: trusted: Change -EINVAL to -E2BIG

Message ID 20240528210823.28798-3-jarkko@kernel.org (mailing list archive)
State New, archived
Headers show
Series KEYS: asymmetric: tpm2_key_{rsa,ecdsa} | expand

Commit Message

Jarkko Sakkinen May 28, 2024, 9:08 p.m. UTC
Report -E2BIG instead of -EINVAL when too large size for the key blob is
requested.

Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
---
 security/keys/trusted-keys/trusted_tpm2.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Stefan Berger May 29, 2024, 1:50 a.m. UTC | #1
On 5/28/24 17:08, Jarkko Sakkinen wrote:
> Report -E2BIG instead of -EINVAL when too large size for the key blob is
> requested.
> 
> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>

> ---
>   security/keys/trusted-keys/trusted_tpm2.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
> index 8b7dd73d94c1..06c8fa7b21ae 100644
> --- a/security/keys/trusted-keys/trusted_tpm2.c
> +++ b/security/keys/trusted-keys/trusted_tpm2.c
> @@ -122,7 +122,7 @@ static int tpm2_key_decode(struct trusted_key_payload *payload,
>   		return ret;
>   
>   	if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE)
> -		return -EINVAL;
> +		return -E2BIG;
>   
>   	blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL);
>   	if (!blob)
Jarkko Sakkinen May 29, 2024, 12:20 p.m. UTC | #2
On Wed May 29, 2024 at 4:50 AM EEST, Stefan Berger wrote:
>
>
> On 5/28/24 17:08, Jarkko Sakkinen wrote:
> > Report -E2BIG instead of -EINVAL when too large size for the key blob is
> > requested.
> > 
> > Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
>
> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>

Thank you.

Hmm... I'd like to add even:

Cc: stable@vger.kernel.org # v5.13+
Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs")

It turned out to be useful error message and would be useful also for
stable kernels. So if no decent counter-arguments, I'll just pick it
to my master branch.

BR, Jarkko
diff mbox series

Patch

diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index 8b7dd73d94c1..06c8fa7b21ae 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -122,7 +122,7 @@  static int tpm2_key_decode(struct trusted_key_payload *payload,
 		return ret;
 
 	if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE)
-		return -EINVAL;
+		return -E2BIG;
 
 	blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL);
 	if (!blob)