2024-05-29 15:03:33

by Jarkko Sakkinen

[permalink] [raw]
Subject: [PATCH] KEYS: trusted: Change -EINVAL to -E2BIG

Report -E2BIG instead of -EINVAL when too large size for the key blob is
requested. By filtering these errors from other invalid data, this will
help distinguish the overflows.

Link: https://lore.kernel.org/keyrings/[email protected]/
Reviewed-by: Stefan Berger <[email protected]>
Signed-off-by: Jarkko Sakkinen <[email protected]>
---
I don't think this is a fix and neither needs to be backported but makes
sense for upcoming versions. Sending as a separate patch from the TPM2
asymmetric keys series.
security/keys/trusted-keys/trusted_tpm2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index 8b7dd73d94c1..06c8fa7b21ae 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -122,7 +122,7 @@ static int tpm2_key_decode(struct trusted_key_payload *payload,
return ret;

if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE)
- return -EINVAL;
+ return -E2BIG;

blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL);
if (!blob)
--
2.45.1