Re: [RFC][PATCH 2/6] encrypted-keys: added additional debug messages

public inbox for linux-fsdevel@vger.kernel.org
 help / color / mirror / Atom feed

From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Roberto Sassu <roberto.sassu@polito.it>
Cc: linux-security-module@vger.kernel.org, keyrings@linux-nfs.org,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
	David Howells <dhowells@redhat.com>,
	James Morris <jmorris@namei.org>,
	David Safford <safford@watson.ibm.com>,
	Gianluca Ramunno <ramunno@polito.it>,
	Tyler Hicks <tyhicks@linux.vnet.ibm.com>,
	kirkland@canonical.com
Subject: Re: [RFC][PATCH 2/6] encrypted-keys: added additional debug messages
Date: Fri, 24 Dec 2010 11:20:42 -0500	[thread overview]
Message-ID: <1293207642.3196.35.camel@localhost.localdomain> (raw)
In-Reply-To: <201012231834.30497.roberto.sassu@polito.it>

On Thu, 2010-12-23 at 18:34 +0100, Roberto Sassu wrote:
> Some debug messages have been added in the function datablob_parse() in
> order to better identify errors returned when dealing with 'encrypted'
> keys.
> 
> Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>

Other than the patches being mangled by the mailer, nice. Please
re-post.

Acked-by: Mimi Zohar <zohar@us.ibm.com>

> ---
>  security/keys/encrypted_defined.c |   44 +++++++++++++++++++++++++++---------
>  1 files changed, 33 insertions(+), 11 deletions(-)
> 
> diff --git a/security/keys/encrypted_defined.c b/security/keys/encrypted_defined.c
> index c1c5e27..2bb2c47 100644
> --- a/security/keys/encrypted_defined.c
> +++ b/security/keys/encrypted_defined.c
> @@ -133,46 +133,68 @@ static int datablob_parse(char *datablob, char **master_desc,
>  	substring_t args[MAX_OPT_ARGS];
>  	int ret = -EINVAL;
>  	int key_cmd;
> -	char *p;
> +	char *p, *keyword;
>  
> -	p = strsep(&datablob, " \t");
> -	if (!p)
> +	keyword = strsep(&datablob, " \t");
> +	if (!keyword) {
> +		pr_err("encrypted_key: insufficient parameters specified\n");
>  		return ret;
> -	key_cmd = match_token(p, key_tokens, args);
> +	}
> +	key_cmd = match_token(keyword, key_tokens, args);
>  
>  	*master_desc = strsep(&datablob, " \t");
> -	if (!*master_desc)
> +	if (!*master_desc) {
> +		pr_err("encrypted_key: master key parameter is missing\n");
>  		goto out;
> +	}
>  
> -	if (valid_master_desc(*master_desc, NULL) < 0)
> +	if (valid_master_desc(*master_desc, NULL) < 0) {
> +		pr_err("encrypted_key: master key parameter \'%s\' "
> +		       "is invalid\n", *master_desc);
>  		goto out;
> +	}
>  
>  	if (decrypted_datalen) {
>  		*decrypted_datalen = strsep(&datablob, " \t");
> -		if (!*decrypted_datalen)
> +		if (!*decrypted_datalen) {
> +			pr_err("encrypted_key: keylen parameter is missing\n");
>  			goto out;
> +		}
>  	}
>  
>  	switch (key_cmd) {
>  	case Opt_new:
> -		if (!decrypted_datalen)
> +		if (!decrypted_datalen) {
> +			pr_err("encrypted_key: keyword \'%s\' not allowed when "
> +			       "updating an existent key\n", keyword);
>  			break;
> +		}
>  		ret = 0;
>  		break;
>  	case Opt_load:
> -		if (!decrypted_datalen)
> +		if (!decrypted_datalen) {
> +			pr_err("encrypted_key: keyword \'%s\' not allowed when "
> +			       "updating an existent key\n", keyword);
>  			break;
> +		}
>  		*hex_encoded_iv = strsep(&datablob, " \t");
> -		if (!*hex_encoded_iv)
> +		if (!*hex_encoded_iv) {
> +			pr_err("encrypted_key: hex blob is missing\n");
>  			break;
> +		}
>  		ret = 0;
>  		break;
>  	case Opt_update:
> -		if (decrypted_datalen)
> +		if (decrypted_datalen) {
> +			pr_err("encrypted_key: keyword \'%s\' not allowed when "
> +			       "instantiating a new key\n", keyword);
>  			break;
> +		}
>  		ret = 0;
>  		break;
>  	case Opt_err:
> +		pr_err("encrypted_key: keyword \'%s\' not recognized\n",
> +		       keyword);
>  		break;
>  	}
>  out:

next prev parent reply	other threads:[~2010-12-24 16:20 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-12-23 17:34 [RFC][PATCH 2/6] encrypted-keys: added additional debug messages Roberto Sassu
2010-12-24 16:20 ` Mimi Zohar [this message]
  -- strict thread matches above, loose matches on Subject: below --
2010-12-23 17:15 Roberto Sassu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1293207642.3196.35.camel@localhost.localdomain \
    --to=zohar@linux.vnet.ibm.com \
    --cc=dhowells@redhat.com \
    --cc=jmorris@namei.org \
    --cc=keyrings@linux-nfs.org \
    --cc=kirkland@canonical.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=ramunno@polito.it \
    --cc=roberto.sassu@polito.it \
    --cc=safford@watson.ibm.com \
    --cc=tyhicks@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox