[PATCH v7 3/5] crypto: tpm2_key: Introduce a TPM2 key type

Jarkko Sakkinen jarkko at kernel.org
Tue Jun 4 22:33:32 UTC 2024


On Tue Jun 4, 2024 at 9:41 PM EEST, Stefan Berger wrote:
>
>
> On 6/4/24 13:23, Jarkko Sakkinen wrote:
> > On Fri May 31, 2024 at 3:35 AM EEST, Stefan Berger wrote:
> >>
>
> >>>    
> >>> -	rc = tpm2_key_decode(payload, options, &blob);
> >>> -	if (rc) {
> >>> -		/* old form */
> >>> +	key = tpm2_key_decode(payload->blob, payload->blob_len);
> >>> +	if (IS_ERR(key)) {
> >>> +		/* Get the error code and reset the pointer to the key: */
> >>> +		rc = PTR_ERR(key);
> >>> +		key = NULL;
> >>> +
> >>> +		if (rc == -ENOMEM)
> >>> +			return -ENOMEM;
> >>> +
> >>> +		/* A sanity check, as only -EBADMSG or -ENOMEM are expected: */
> >>> +		if (rc != -EBADMSG)
> >>> +			pr_err("tpm2_key_decode(): spurious error code %d\n", rc);
> >>
> >> tpm2_key_decode seems simple enough that it only returns key, -ENOMEM or
> >> EBADMSG.
> > 
> > So what is your suggestion here?
>
> You can remove the check resuling in pr_err().

OK, I think so too. Just had to (sanity) check.

>
> > 
> > The reasoning here is that asymmetric keys use -EBADMSG not only as
> > error but also iterator, when probing which can load a specific key.
> > 

BR, Jarkko



More information about the Linux-security-module-archive mailing list