summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorJarkko Sakkinen <jarkko@kernel.org>2024-05-13 20:19:04 +0200
committerJarkko Sakkinen <jarkko@kernel.org>2024-05-21 01:35:10 +0200
commit050bf3c793a07f96bd1e2fd62e1447f731ed733b (patch)
tree0d4f3a065e62e35213a5e257ec10d1f656a7bb78 /security
parentKEYS: trusted: Fix memory leak in tpm2_key_encode() (diff)
downloadlinux-050bf3c793a07f96bd1e2fd62e1447f731ed733b.tar.xz
linux-050bf3c793a07f96bd1e2fd62e1447f731ed733b.zip
KEYS: trusted: Do not use WARN when encode fails
When asn1_encode_sequence() fails, WARN is not the correct solution. 1. asn1_encode_sequence() is not an internal function (located in lib/asn1_encode.c). 2. Location is known, which makes the stack trace useless. 3. Results a crash if panic_on_warn is set. It is also noteworthy that the use of WARN is undocumented, and it should be avoided unless there is a carefully considered rationale to use it. Replace WARN with pr_err, and print the return value instead, which is only useful piece of information. Cc: stable@vger.kernel.org # v5.13+ Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs") Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Diffstat (limited to 'security')
-rw-r--r--security/keys/trusted-keys/trusted_tpm2.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index c6882f5d094f..8b7dd73d94c1 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -84,8 +84,9 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
work1 = payload->blob;
work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob),
scratch, work - scratch);
- if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) {
+ if (IS_ERR(work1)) {
ret = PTR_ERR(work1);
+ pr_err("BUG: ASN.1 encoder failed with %d\n", ret);
goto err;
}