eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2026-01-07 16:05:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Do not return -errno codes from keyring utilities.

Browse Source 
Fixes: #838.
This commit is contained in:
Ondrej Kozina
2023-09-27 14:31:26 +02:00
committed by Milan Broz
parent d011ba710c
commit fde3e881fc
4 changed files with 16 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/setup.c
View File

@@ -7275,7 +7275,7 @@ int crypt_volume_key_keyring(struct crypt_device *cd __attribute__((unused)), in
/* internal only */
int crypt_volume_key_load_in_keyring(struct crypt_device *cd, struct volume_key *vk)
{
int r;
key_serial_t kid;
if (!vk || !cd)
return -EINVAL;
@@ -7287,14 +7287,14 @@ int crypt_volume_key_load_in_keyring(struct crypt_device *cd, struct volume_key
log_dbg(cd, "Loading key (type logon, name %s) in thread keyring.", vk->key_description);
r = keyring_add_key_in_thread_keyring(LOGON_KEY, vk->key_description, vk->key, vk->keylength);
if (r) {
log_dbg(cd, "keyring_add_key_in_thread_keyring failed (error %d)", r);
kid = keyring_add_key_in_thread_keyring(LOGON_KEY, vk->key_description, vk->key, vk->keylength);
if (kid < 0) {
log_dbg(cd, "keyring_add_key_in_thread_keyring failed (error %d)", errno);
log_err(cd, _("Failed to load key in kernel keyring."));
} else
crypt_set_key_in_keyring(cd, 1);
return r;
return kid < 0 ? -EINVAL : 0;
}
/* internal only */

13
lib/utils_keyring.c
View File

@@ -200,26 +200,21 @@ int keyring_check(void)
return syscall(__NR_request_key, "logon", "dummy", NULL, 0) == -1l && errno != ENOSYS;
}
static int keyring_add_key_in_keyring(key_type_t ktype,
static key_serial_t keyring_add_key_in_keyring(key_type_t ktype,
const char *key_desc,
const void *key,
size_t key_size,
key_serial_t keyring)
{
key_serial_t kid;
const char *type_name = key_type_name(ktype);
if (!type_name || !key_desc)
return -EINVAL;
kid = add_key(type_name, key_desc, key, key_size, keyring);
if (kid < 0)
return -errno;
return 0;
return add_key(type_name, key_desc, key, key_size, keyring);
}
int keyring_add_key_in_thread_keyring(key_type_t ktype, const char *key_desc, const void *key, size_t key_size)
key_serial_t keyring_add_key_in_thread_keyring(key_type_t ktype, const char *key_desc, const void *key, size_t key_size)
{
return keyring_add_key_in_keyring(ktype, key_desc, key, key_size, KEY_SPEC_THREAD_KEYRING);
}
@@ -411,7 +406,7 @@ int keyring_check(void)
return 0;
}
int keyring_add_key_in_thread_keyring(key_type_t ktype, const char *key_desc, const void *key, size_t key_size)
key_serial_t keyring_add_key_in_thread_keyring(key_type_t ktype, const char *key_desc, const void *key, size_t key_size)
{
return -ENOTSUP;
}

2
lib/utils_keyring.h
View File

@@ -46,7 +46,7 @@ int keyring_read_key(key_serial_t kid,
char **key,
size_t *key_size);
int keyring_add_key_in_thread_keyring(
key_serial_t keyring_add_key_in_thread_keyring(
key_type_t ktype,
const char *key_desc,
const void *key,

10
lib/verity/verity.c
View File

@@ -315,6 +315,7 @@ int VERITY_activate(struct crypt_device *cd,
{
uint32_t dmv_flags;
int r;
key_serial_t kid;
char *description = NULL;
struct crypt_dm_active_device dmd = { 0 };
@@ -335,12 +336,13 @@ int VERITY_activate(struct crypt_device *cd,
if (r < 0)
return -EINVAL;
log_dbg(cd, "Adding signature into keyring %s", description);
r = keyring_add_key_in_thread_keyring(USER_KEY, description, signature->key, signature->keylength);
if (r) {
log_dbg(cd, "Adding signature %s (type user) into thread keyring.", description);
kid = keyring_add_key_in_thread_keyring(USER_KEY, description, signature->key, signature->keylength);
if (kid < 0) {
log_dbg(cd, "keyring_add_key_in_thread_keyring failed with errno %d.", errno);
log_err(cd, _("Failed to load key in kernel keyring."));
free(description);
return r;
return -EINVAL;
}
}