Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7103dff0 authored by Roberto Sassu's avatar Roberto Sassu Committed by Mimi Zohar
Browse files

encrypted-keys: added additional debug messages 



Some debug messages have been added in the function datablob_parse() in
order to better identify errors returned when dealing with 'encrypted'
keys.

Changelog from version v4:
- made the debug messages more understandable 

Signed-off-by: default avatarRoberto Sassu <roberto.sassu@polito.it>
Acked-by: default avatarGianluca Ramunno <ramunno@polito.it>
Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
parent 08fa2aa5

security/keys/encrypted.c

+34 −11
Original line number Diff line number Diff line
@@ -133,46 +133,69 @@ static int datablob_parse(char *datablob, char **master_desc, 
	substring_t args[MAX_OPT_ARGS];

	int ret = -EINVAL;

	int key_cmd;

	char *p;

	char *keyword;



	p = strsep(&datablob, " \t");

	if (!p)

	keyword = strsep(&datablob, " \t");

	if (!keyword) {

		pr_info("encrypted_key: insufficient parameters specified\n");

		return ret;

	key_cmd = match_token(p, key_tokens, args);

	}

	key_cmd = match_token(keyword, key_tokens, args);



	*master_desc = strsep(&datablob, " \t");

	if (!*master_desc)

	if (!*master_desc) {

		pr_info("encrypted_key: master key parameter is missing\n");

		goto out;

	}



	if (valid_master_desc(*master_desc, NULL) < 0)

	if (valid_master_desc(*master_desc, NULL) < 0) {

		pr_info("encrypted_key: master key parameter \'%s\' "

			"is invalid\n", *master_desc);

		goto out;

	}



	if (decrypted_datalen) {

		*decrypted_datalen = strsep(&datablob, " \t");

		if (!*decrypted_datalen)

		if (!*decrypted_datalen) {

			pr_info("encrypted_key: keylen parameter is missing\n");

			goto out;

		}

	}



	switch (key_cmd) {

	case Opt_new:

		if (!decrypted_datalen)

		if (!decrypted_datalen) {

			pr_info("encrypted_key: keyword \'%s\' not allowed "

				"when called from .update method\n", keyword);

			break;

		}

		ret = 0;

		break;

	case Opt_load:

		if (!decrypted_datalen)

		if (!decrypted_datalen) {

			pr_info("encrypted_key: keyword \'%s\' not allowed "

				"when called from .update method\n", keyword);

			break;

		}

		*hex_encoded_iv = strsep(&datablob, " \t");

		if (!*hex_encoded_iv)

		if (!*hex_encoded_iv) {

			pr_info("encrypted_key: hex blob is missing\n");

			break;

		}

		ret = 0;

		break;

	case Opt_update:

		if (decrypted_datalen)

		if (decrypted_datalen) {

			pr_info("encrypted_key: keyword \'%s\' not allowed "

				"when called from .instantiate method\n",

				keyword);

			break;

		}

		ret = 0;

		break;

	case Opt_err:

		pr_info("encrypted_key: keyword \'%s\' not recognized\n",

			keyword);

		break;

	}

out: