Report -E2BIG instead of -EINVAL when too large size for the key blob is requested. By filtering these errors from other invalid data, this will help distinguish the overflows.
Link: https://lore.kernel.org/keyrings/d1m4grf0rl2w.3qhtbxzwnw...@kernel.org/ Reviewed-by: Stefan Berger <stef...@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jar...@kernel.org> --- I don't think this is a fix and neither needs to be backported but makes sense for upcoming versions. Sending as a separate patch from the TPM2 asymmetric keys series. security/keys/trusted-keys/trusted_tpm2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c index 8b7dd73d94c1..06c8fa7b21ae 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -122,7 +122,7 @@ static int tpm2_key_decode(struct trusted_key_payload *payload, return ret; if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE) - return -EINVAL; + return -E2BIG; blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL); if (!blob) -- 2.45.1
