summaryrefslogtreecommitdiff
path: root/security/integrity/digsig_asymmetric.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2020-10-15 15:58:18 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2020-10-15 15:58:18 -0700
commit840e5bb326bbcb16ce82dd2416d2769de4839aea (patch)
tree0db7a077c3ae35dd99a89f0128b760951d95db72 /security/integrity/digsig_asymmetric.c
parentfefa636d815975b34afc45f50852a2810fb23ba9 (diff)
parentaa662fc04f5b290b3979332588bf8d812b189962 (diff)
Merge tag 'integrity-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull integrity updates from Mimi Zohar: "Continuing IMA policy rule cleanup and validation in particular for measuring keys, adding/removing/updating informational and error messages (e.g. "ima_appraise" boot command line option), and other bug fixes (e.g. minimal data size validation before use, return code and NULL pointer checking)" * tag 'integrity-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: ima: Fix NULL pointer dereference in ima_file_hash evm: Check size of security.evm before using it ima: Remove semicolon at the end of ima_get_binary_runtime_size() ima: Don't ignore errors from crypto_shash_update() ima: Use kmemdup rather than kmalloc+memcpy integrity: include keyring name for unknown key request ima: limit secure boot feedback scope for appraise integrity: invalid kernel parameters feedback ima: add check for enforced appraise option integrity: Use current_uid() in integrity_audit_message() ima: Fail rule parsing when asymmetric key measurement isn't supportable ima: Pre-parse the list of keyrings in a KEY_CHECK rule
Diffstat (limited to 'security/integrity/digsig_asymmetric.c')
-rw-r--r--security/integrity/digsig_asymmetric.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c
index b86a4a8f61ab..a662024b4c70 100644
--- a/security/integrity/digsig_asymmetric.c
+++ b/security/integrity/digsig_asymmetric.c
@@ -55,8 +55,14 @@ static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
}
if (IS_ERR(key)) {
- pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
- name, PTR_ERR(key));
+ if (keyring)
+ pr_err_ratelimited("Request for unknown key '%s' in '%s' keyring. err %ld\n",
+ name, keyring->description,
+ PTR_ERR(key));
+ else
+ pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
+ name, PTR_ERR(key));
+
switch (PTR_ERR(key)) {
/* Hide some search errors */
case -EACCES: