Error on asn1_encode_sequence() is handled with a WARN incorrectly
because:
1. asn1_encode_sequence() is not an internal function (located
in lib/asn1_encode.c).
2. Location on known, which makes the stack trace useless.
3. Results a crash if panic_on_warn is set.
It is also noteworthy that the use of WARN is undocumented, and it
should be avoided unless there is carefully considered rationale to use
it, which is now non-existent.
Replace WARN with pr_err, and print the return value instead, which is
only useful piece of information (and was not printed).
Cc: stable@xxxxxxxxxxxxxxx # v5.13+
Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs")
Signed-off-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
---
security/keys/trusted-keys/trusted_tpm2.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index c8d8fdefbd8d..e31fe53822a1 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -39,6 +39,7 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
u8 *end_work = scratch + SCRATCH_SIZE;
u8 *priv, *pub;
u16 priv_len, pub_len;
+ int ret;
priv_len = get_unaligned_be16(src) + 2;
priv = src;
@@ -80,8 +81,11 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
work1 = payload->blob;
work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob),
scratch, work - scratch);
- if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed"))
- return PTR_ERR(work1);
+ if (IS_ERR(work1)) {
+ ret = PTR_ERR(work1);
+ pr_err("ASN.1 encode error %d\n", ret);
+ return ret;
+ }
return work1 - payload->blob;
}
--
2.45.0
