KEYS: trusted: Do not use WARN when encode fails
authorJarkko Sakkinen <jarkko@kernel.org>
Mon, 13 May 2024 18:19:04 +0000 (21:19 +0300)
committerJarkko Sakkinen <jarkko@kernel.org>
Mon, 20 May 2024 23:35:10 +0000 (02:35 +0300)
When asn1_encode_sequence() fails, WARN is not the correct solution.

1. asn1_encode_sequence() is not an internal function (located
   in lib/asn1_encode.c).
2. Location is known, which makes the stack trace useless.
3. Results a crash if panic_on_warn is set.

It is also noteworthy that the use of WARN is undocumented, and it
should be avoided unless there is a carefully considered rationale to
use it.

Replace WARN with pr_err, and print the return value instead, which is
only useful piece of information.

Cc: stable@vger.kernel.org # v5.13+
Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs")
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
security/keys/trusted-keys/trusted_tpm2.c

index c6882f5..8b7dd73 100644 (file)
@@ -84,8 +84,9 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
        work1 = payload->blob;
        work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob),
                                     scratch, work - scratch);
-       if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) {
+       if (IS_ERR(work1)) {
                ret = PTR_ERR(work1);
+               pr_err("BUG: ASN.1 encoder failed with %d\n", ret);
                goto err;
        }