[PATCH] KEYS: trusted: Change -EINVAL to -E2BIG
Jarkko Sakkinen
jarkko at kernel.org
Wed May 29 15:02:53 UTC 2024
Report -E2BIG instead of -EINVAL when too large size for the key blob is
requested. By filtering these errors from other invalid data, this will
help distinguish the overflows.
Link: https://lore.kernel.org/keyrings/D1M4GRF0RL2W.3QHTBXZWNW9RW@kernel.org/
Reviewed-by: Stefan Berger <stefanb at linux.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko at kernel.org>
---
I don't think this is a fix and neither needs to be backported but makes
sense for upcoming versions. Sending as a separate patch from the TPM2
asymmetric keys series.
security/keys/trusted-keys/trusted_tpm2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index 8b7dd73d94c1..06c8fa7b21ae 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -122,7 +122,7 @@ static int tpm2_key_decode(struct trusted_key_payload *payload,
return ret;
if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE)
- return -EINVAL;
+ return -E2BIG;
blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL);
if (!blob)
--
2.45.1
More information about the Linux-security-module-archive
mailing list