On 6/4/24 13:23, Jarkko Sakkinen wrote:

On Fri May 31, 2024 at 3:35 AM EEST, Stefan Berger wrote:

quoted

quoted

quoted

   
-	rc = tpm2_key_decode(payload, options, &blob);
-	if (rc) {
-		/* old form */
+	key = tpm2_key_decode(payload->blob, payload->blob_len);
+	if (IS_ERR(key)) {
+		/* Get the error code and reset the pointer to the key: */
+		rc = PTR_ERR(key);
+		key = NULL;
+
+		if (rc == -ENOMEM)
+			return -ENOMEM;
+
+		/* A sanity check, as only -EBADMSG or -ENOMEM are expected: */
+		if (rc != -EBADMSG)
+			pr_err("tpm2_key_decode(): spurious error code %d\n", rc);

tpm2_key_decode seems simple enough that it only returns key, -ENOMEM or
EBADMSG.

So what is your suggestion here?

You can remove the check resuling in pr_err().

The reasoning here is that asymmetric keys use -EBADMSG not only as
error but also iterator, when probing which can load a specific key.