encrypted-keys: added additional debug messages
Roberto Sassu [Mon, 27 Jun 2011 11:45:41 +0000 (13:45 +0200)]
Some debug messages have been added in the function datablob_parse() in
order to better identify errors returned when dealing with 'encrypted'
keys.

Changelog from version v4:
- made the debug messages more understandable

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

security/keys/encrypted.c

index 3ff2f72..f36a105 100644 (file)
@@ -133,46 +133,69 @@ static int datablob_parse(char *datablob, char **master_desc,
        substring_t args[MAX_OPT_ARGS];
        int ret = -EINVAL;
        int key_cmd;
-       char *p;
+       char *keyword;
 
-       p = strsep(&datablob, " \t");
-       if (!p)
+       keyword = strsep(&datablob, " \t");
+       if (!keyword) {
+               pr_info("encrypted_key: insufficient parameters specified\n");
                return ret;
-       key_cmd = match_token(p, key_tokens, args);
+       }
+       key_cmd = match_token(keyword, key_tokens, args);
 
        *master_desc = strsep(&datablob, " \t");
-       if (!*master_desc)
+       if (!*master_desc) {
+               pr_info("encrypted_key: master key parameter is missing\n");
                goto out;
+       }
 
-       if (valid_master_desc(*master_desc, NULL) < 0)
+       if (valid_master_desc(*master_desc, NULL) < 0) {
+               pr_info("encrypted_key: master key parameter \'%s\' "
+                       "is invalid\n", *master_desc);
                goto out;
+       }
 
        if (decrypted_datalen) {
                *decrypted_datalen = strsep(&datablob, " \t");
-               if (!*decrypted_datalen)
+               if (!*decrypted_datalen) {
+                       pr_info("encrypted_key: keylen parameter is missing\n");
                        goto out;
+               }
        }
 
        switch (key_cmd) {
        case Opt_new:
-               if (!decrypted_datalen)
+               if (!decrypted_datalen) {
+                       pr_info("encrypted_key: keyword \'%s\' not allowed "
+                               "when called from .update method\n", keyword);
                        break;
+               }
                ret = 0;
                break;
        case Opt_load:
-               if (!decrypted_datalen)
+               if (!decrypted_datalen) {
+                       pr_info("encrypted_key: keyword \'%s\' not allowed "
+                               "when called from .update method\n", keyword);
                        break;
+               }
                *hex_encoded_iv = strsep(&datablob, " \t");
-               if (!*hex_encoded_iv)
+               if (!*hex_encoded_iv) {
+                       pr_info("encrypted_key: hex blob is missing\n");
                        break;
+               }
                ret = 0;
                break;
        case Opt_update:
-               if (decrypted_datalen)
+               if (decrypted_datalen) {
+                       pr_info("encrypted_key: keyword \'%s\' not allowed "
+                               "when called from .instantiate method\n",
+                               keyword);
                        break;
+               }
                ret = 0;
                break;
        case Opt_err:
+               pr_info("encrypted_key: keyword \'%s\' not recognized\n",
+                       keyword);
                break;
        }
 out: