Skip to content

Commit

Permalink
KEYS: trusted: Do not use WARN when encode fails
Browse files Browse the repository at this point in the history
When asn1_encode_sequence() fails, WARN is not the correct solution.

1. asn1_encode_sequence() is not an internal function (located
   in lib/asn1_encode.c).
2. Location is known, which makes the stack trace useless.
3. Results a crash if panic_on_warn is set.

It is also noteworthy that the use of WARN is undocumented, and it
should be avoided unless there is a carefully considered rationale to
use it.

Replace WARN with pr_err, and print the return value instead, which is
only useful piece of information.

Cc: [email protected] # v5.13+
Fixes: f221974 ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs")
Signed-off-by: Jarkko Sakkinen <[email protected]>
  • Loading branch information
jarkkojs committed May 20, 2024
1 parent ffcaa21 commit 050bf3c
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion security/keys/trusted-keys/trusted_tpm2.c
Original file line number Diff line number Diff line change
Expand Up @@ -84,8 +84,9 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
work1 = payload->blob;
work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob),
scratch, work - scratch);
if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) {
if (IS_ERR(work1)) {
ret = PTR_ERR(work1);
pr_err("BUG: ASN.1 encoder failed with %d\n", ret);
goto err;
}

Expand Down

0 comments on commit 050bf3c

Please sign in to comment.