Commit 7103dff0e598cd634767f17a2958302c515700ca
Committed by
Mimi Zohar
Mimi Zohar
1 parent
08fa2aa54e
Exists in
master
and in
6 other branches
encrypted-keys: added additional debug messages
Some debug messages have been added in the function datablob_parse() in order to better identify errors returned when dealing with 'encrypted' keys. Changelog from version v4: - made the debug messages more understandable Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Acked-by: Gianluca Ramunno <ramunno@polito.it> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Showing 1 changed file with 34 additions and 11 deletions Side-by-side Diff
security/keys/encrypted.c
| ... | ... | @@ -133,46 +133,69 @@ |
| 133 | 133 | substring_t args[MAX_OPT_ARGS]; |
| 134 | 134 | int ret = -EINVAL; |
| 135 | 135 | int key_cmd; |
| 136 | - char *p; | |
| 136 | + char *keyword; | |
| 137 | 137 | |
| 138 | - p = strsep(&datablob, " \t"); | |
| 139 | - if (!p) | |
| 138 | + keyword = strsep(&datablob, " \t"); | |
| 139 | + if (!keyword) { | |
| 140 | + pr_info("encrypted_key: insufficient parameters specified\n"); | |
| 140 | 141 | return ret; |
| 141 | - key_cmd = match_token(p, key_tokens, args); | |
| 142 | + } | |
| 143 | + key_cmd = match_token(keyword, key_tokens, args); | |
| 142 | 144 | |
| 143 | 145 | *master_desc = strsep(&datablob, " \t"); |
| 144 | - if (!*master_desc) | |
| 146 | + if (!*master_desc) { | |
| 147 | + pr_info("encrypted_key: master key parameter is missing\n"); | |
| 145 | 148 | goto out; |
| 149 | + } | |
| 146 | 150 | |
| 147 | - if (valid_master_desc(*master_desc, NULL) < 0) | |
| 151 | + if (valid_master_desc(*master_desc, NULL) < 0) { | |
| 152 | + pr_info("encrypted_key: master key parameter \'%s\' " | |
| 153 | + "is invalid\n", *master_desc); | |
| 148 | 154 | goto out; |
| 155 | + } | |
| 149 | 156 | |
| 150 | 157 | if (decrypted_datalen) { |
| 151 | 158 | *decrypted_datalen = strsep(&datablob, " \t"); |
| 152 | - if (!*decrypted_datalen) | |
| 159 | + if (!*decrypted_datalen) { | |
| 160 | + pr_info("encrypted_key: keylen parameter is missing\n"); | |
| 153 | 161 | goto out; |
| 162 | + } | |
| 154 | 163 | } |
| 155 | 164 | |
| 156 | 165 | switch (key_cmd) { |
| 157 | 166 | case Opt_new: |
| 158 | - if (!decrypted_datalen) | |
| 167 | + if (!decrypted_datalen) { | |
| 168 | + pr_info("encrypted_key: keyword \'%s\' not allowed " | |
| 169 | + "when called from .update method\n", keyword); | |
| 159 | 170 | break; |
| 171 | + } | |
| 160 | 172 | ret = 0; |
| 161 | 173 | break; |
| 162 | 174 | case Opt_load: |
| 163 | - if (!decrypted_datalen) | |
| 175 | + if (!decrypted_datalen) { | |
| 176 | + pr_info("encrypted_key: keyword \'%s\' not allowed " | |
| 177 | + "when called from .update method\n", keyword); | |
| 164 | 178 | break; |
| 179 | + } | |
| 165 | 180 | *hex_encoded_iv = strsep(&datablob, " \t"); |
| 166 | - if (!*hex_encoded_iv) | |
| 181 | + if (!*hex_encoded_iv) { | |
| 182 | + pr_info("encrypted_key: hex blob is missing\n"); | |
| 167 | 183 | break; |
| 184 | + } | |
| 168 | 185 | ret = 0; |
| 169 | 186 | break; |
| 170 | 187 | case Opt_update: |
| 171 | - if (decrypted_datalen) | |
| 188 | + if (decrypted_datalen) { | |
| 189 | + pr_info("encrypted_key: keyword \'%s\' not allowed " | |
| 190 | + "when called from .instantiate method\n", | |
| 191 | + keyword); | |
| 172 | 192 | break; |
| 193 | + } | |
| 173 | 194 | ret = 0; |
| 174 | 195 | break; |
| 175 | 196 | case Opt_err: |
| 197 | + pr_info("encrypted_key: keyword \'%s\' not recognized\n", | |
| 198 | + keyword); | |
| 176 | 199 | break; |
| 177 | 200 | } |
| 178 | 201 | out: |