encrypted-keys: added additional debug messages

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Some debug messages have been added in the function datablob_parse() in
order to better identify errors returned when dealing with 'encrypted'
keys.

Changelog from version v4:
- made the debug messages more understandable

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

authored by

Roberto Sassu and committed by

Mimi Zohar 14 years ago 7103dff0 08fa2aa5

+34 -11

1 changed file

expand all

security

keys

encrypted.c

+34 -11

security/keys/encrypted.c

··· 133 133 substring_t args[MAX_OPT_ARGS]; 134 134 int ret = -EINVAL; 135 135 int key_cmd; 136 - char *p; 136 + char *keyword; 137 137 138 - p = strsep(&datablob, " \t"); 139 - if (!p) 138 + keyword = strsep(&datablob, " \t"); 139 + if (!keyword) { 140 + pr_info("encrypted_key: insufficient parameters specified\n"); 140 141 return ret; 141 - key_cmd = match_token(p, key_tokens, args); 142 + } 143 + key_cmd = match_token(keyword, key_tokens, args); 142 144 143 145 *master_desc = strsep(&datablob, " \t"); 144 - if (!*master_desc) 146 + if (!*master_desc) { 147 + pr_info("encrypted_key: master key parameter is missing\n"); 145 148 goto out; 149 + } 146 150 147 - if (valid_master_desc(*master_desc, NULL) < 0) 151 + if (valid_master_desc(*master_desc, NULL) < 0) { 152 + pr_info("encrypted_key: master key parameter \'%s\' " 153 + "is invalid\n", *master_desc); 148 154 goto out; 155 + } 149 156 150 157 if (decrypted_datalen) { 151 158 *decrypted_datalen = strsep(&datablob, " \t"); 152 - if (!*decrypted_datalen) 159 + if (!*decrypted_datalen) { 160 + pr_info("encrypted_key: keylen parameter is missing\n"); 153 161 goto out; 162 + } 154 163 } 155 164 156 165 switch (key_cmd) { 157 166 case Opt_new: 158 - if (!decrypted_datalen) 167 + if (!decrypted_datalen) { 168 + pr_info("encrypted_key: keyword \'%s\' not allowed " 169 + "when called from .update method\n", keyword); 159 170 break; 171 + } 160 172 ret = 0; 161 173 break; 162 174 case Opt_load: 163 - if (!decrypted_datalen) 175 + if (!decrypted_datalen) { 176 + pr_info("encrypted_key: keyword \'%s\' not allowed " 177 + "when called from .update method\n", keyword); 164 178 break; 179 + } 165 180 *hex_encoded_iv = strsep(&datablob, " \t"); 166 - if (!*hex_encoded_iv) 181 + if (!*hex_encoded_iv) { 182 + pr_info("encrypted_key: hex blob is missing\n"); 167 183 break; 184 + } 168 185 ret = 0; 169 186 break; 170 187 case Opt_update: 171 - if (decrypted_datalen) 188 + if (decrypted_datalen) { 189 + pr_info("encrypted_key: keyword \'%s\' not allowed " 190 + "when called from .instantiate method\n", 191 + keyword); 172 192 break; 193 + } 173 194 ret = 0; 174 195 break; 175 196 case Opt_err: 197 + pr_info("encrypted_key: keyword \'%s\' not recognized\n", 198 + keyword); 176 199 break; 177 200 } 178 201 out: