From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: kernel test robot <lkp@intel.com>, linux-integrity@vger.kernel.org
Cc: kbuild-all@lists.01.org, Mimi Zohar <zohar@linux.ibm.com>,
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
David Woodhouse <dwmw2@infradead.org>,
keyrings@vger.kernel.org, David Howells <dhowells@redhat.com>
Subject: Re: [PATCH v14 4/5] security: keys: trusted: use ASN.1 TPM2 key format for the blobs
Date: Mon, 30 Nov 2020 11:58:43 -0800 [thread overview]
Message-ID: <5e94c7199c675bbfa7112f8b79fcb91f8d2d4fe7.camel@HansenPartnership.com> (raw)
In-Reply-To: <202011301002.yYRCOdq5-lkp@intel.com>
On Mon, 2020-11-30 at 10:10 +0800, kernel test robot wrote:
[...]
> > 331 if (payload->blob_len < 0)
> 332 return payload->blob_len;
OK, I can rework this to use the signed version of blob len as below.
James
---
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index e50563f58900..0d4c6f138b94 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -242,7 +242,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
struct trusted_key_payload *payload,
struct trusted_key_options *options)
{
- unsigned int blob_len;
+ int blob_len = 0;
struct tpm_buf buf;
u32 hash;
u32 flags;
@@ -400,10 +400,9 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
goto out;
}
- payload->blob_len =
- tpm2_key_encode(payload, options,
- &buf.data[TPM_HEADER_SIZE + 4],
- blob_len);
+ blob_len = tpm2_key_encode(payload, options,
+ &buf.data[TPM_HEADER_SIZE + 4],
+ blob_len);
out:
tpm_buf_destroy(&buf);
@@ -414,8 +413,10 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
else
rc = -EPERM;
}
- if (payload->blob_len < 0)
- return payload->blob_len;
+ if (blob_len < 0)
+ return blob_len;
+
+ payload->blob_len = blob_len;
return rc;
}
next prev parent reply other threads:[~2020-11-30 19:59 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-29 22:19 [PATCH v14 0/5] TPM 2.0 trusted key rework James Bottomley
2020-11-29 22:20 ` [PATCH v14 1/5] lib: add ASN.1 encoder James Bottomley
2020-12-04 4:43 ` Jarkko Sakkinen
2020-12-04 4:44 ` Jarkko Sakkinen
2020-11-29 22:20 ` [PATCH v14 2/5] oid_registry: Add TCG defined OIDS for TPM keys James Bottomley
2020-11-29 22:20 ` [PATCH v14 3/5] security: keys: trusted: fix TPM2 authorizations James Bottomley
2020-12-22 23:01 ` Ken Goldman
2020-12-23 19:58 ` James Bottomley
2021-01-04 21:56 ` Jarkko Sakkinen
2020-11-29 22:20 ` [PATCH v14 4/5] security: keys: trusted: use ASN.1 TPM2 key format for the blobs James Bottomley
2020-11-30 2:10 ` kernel test robot
2020-11-30 19:58 ` James Bottomley [this message]
2020-12-04 4:49 ` Jarkko Sakkinen
2020-12-04 4:50 ` Jarkko Sakkinen
2020-12-07 16:23 ` James Bottomley
2020-12-08 11:02 ` Jarkko Sakkinen
2020-11-29 22:20 ` [PATCH v14 5/5] security: keys: trusted: Make sealed key properly interoperable James Bottomley
2020-12-04 13:40 ` [PATCH v14 1/5] lib: add ASN.1 encoder David Howells
2020-12-04 13:44 ` [PATCH v14 2/5] oid_registry: Add TCG defined OIDS for TPM keys David Howells
2020-12-04 16:01 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5e94c7199c675bbfa7112f8b79fcb91f8d2d4fe7.camel@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=dhowells@redhat.com \
--cc=dwmw2@infradead.org \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=kbuild-all@lists.01.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=lkp@intel.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).