KEYS: trusted: Fix migratable=1 failing

commit 8da7520c80468c48f981f0b81fc1be6599e3b0ad upstream. Consider the following transcript: $ keyctl add trusted kmk "new 32 blobauth=helloworld keyhandle=80000000 migratable=1" @u add_key: Invalid argument The documentation has the following description: migratable= 0|1 indicating permission to reseal to new PCR values, default 1 (resealing allowed) The consequence is that "migratable=1" should succeed. Fix this by allowing this condition to pass instead of return -EINVAL. [*] Documentation/security/keys/trusted-encrypted.rst Cc: stable@vger.kernel.org Cc: "James E.J. Bottomley" <jejb@linux.ibm.com> Cc: Mimi Zohar <zohar@linux.ibm.com> Cc: David Howells <dhowells@redhat.com> Fixes: d00a1c72f7f4 ("keys: add new trusted key-type") Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Jarkko Sakkinen <jarkko@kernel.org> 2021-01-29 01:56:20 +0200
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2021-03-04 10:26:44 +0100
commit: 2910038c09f4c8d839f663df1e09233c4e40a739 (patch)
tree: 28b736d8d7dfa9f7db586809310c5260eb1bc995 /security
parent: 2c21eac499f8674abb5e7b30e3d8e4f734792f9e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 36afc29aecc3..92a14ab82f72 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -805,7 +805,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
 		case Opt_migratable:
 			if (*args[0].from == '0')
 				pay->migratable = 0;
-			else
+			else if (*args[0].from != '1')
 				return -EINVAL;
 			break;
 		case Opt_pcrlock:
author	Jarkko Sakkinen <jarkko@kernel.org>	2021-01-29 01:56:20 +0200
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2021-03-04 10:26:44 +0100
commit	2910038c09f4c8d839f663df1e09233c4e40a739 (patch)
tree	28b736d8d7dfa9f7db586809310c5260eb1bc995 /security
parent	2c21eac499f8674abb5e7b30e3d8e4f734792f9e (diff)