On Mon, Aug 05, 2019 at 07:58:19AM -0400, Ben Boeckel wrote:
> On Wed, Jul 31, 2019 at 18:07:39 +0300, Kirill A. Shutemov wrote:
> > From: Alison Schofield <[email protected]>
> > +/* Make sure arguments are correct for the TYPE of key requested */
> > +static int mktme_check_options(u32 *payload, unsigned long token_mask,
> > + enum mktme_type type, enum mktme_alg alg)
> > +{
> > + if (!token_mask)
> > + return -EINVAL;
> > +
> > + switch (type) {
> > + case MKTME_TYPE_CPU:
> > + if (test_bit(OPT_ALGORITHM, &token_mask))
> > + *payload |= (1 << alg) << 8;
> > + else
> > + return -EINVAL;
> > +
> > + *payload |= MKTME_KEYID_SET_KEY_RANDOM;
> > + break;
> > +
> > + case MKTME_TYPE_NO_ENCRYPT:
if (test_bit(OPT_ALGORITHM, &token_mask))
return -EINVAL;
> > + *payload |= MKTME_KEYID_NO_ENCRYPT;
> > + break;
>
> The documentation states that for `type=no-encrypt`, algorithm must not
> be specified at all. Where is that checked?
>
> --Ben
It's not currently checked, but should be.
I'll add it as shown above.
Thanks for the review,
Alison
