Merge tag 'integrity-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity

Pull integrity updates from Mimi Zohar: "Continuing IMA policy rule cleanup and validation in particular for measuring keys, adding/removing/updating informational and error messages (e.g. "ima_appraise" boot command line option), and other bug fixes (e.g. minimal data size validation before use, return code and NULL pointer checking)" * tag 'integrity-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: ima: Fix NULL pointer dereference in ima_file_hash evm: Check size of security.evm before using it ima: Remove semicolon at the end of ima_get_binary_runtime_size() ima: Don't ignore errors from crypto_shash_update() ima: Use kmemdup rather than kmalloc+memcpy integrity: include keyring name for unknown key request ima: limit secure boot feedback scope for appraise integrity: invalid kernel parameters feedback ima: add check for enforced appraise option integrity: Use current_uid() in integrity_audit_message() ima: Fail rule parsing when asymmetric key measurement isn't supportable ima: Pre-parse the list of keyrings in a KEY_CHECK rule
2026-04-18 06:44:00 -04:00 · 2020-10-15 15:58:18 -07:00
parent fefa636d81 aa662fc04f
commit 840e5bb326
8 changed files with 161 additions and 67 deletions
--- a/security/integrity/digsig_asymmetric.c
+++ b/security/integrity/digsig_asymmetric.c
@@ -55,8 +55,14 @@ static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
 	}

 	if (IS_ERR(key)) {
-		pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
-				   name, PTR_ERR(key));
+		if (keyring)
+			pr_err_ratelimited("Request for unknown key '%s' in '%s' keyring. err %ld\n",
+					   name, keyring->description,
+					   PTR_ERR(key));
+		else
+			pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
+					   name, PTR_ERR(key));
+
 		switch (PTR_ERR(key)) {
 			/* Hide some search errors */
 		case -EACCES: