diff mbox series

KEYS: trusted: return -EEXIST when refusing to update existing key

Message ID d73a29f9ab66daa9e4f3bbb385baab5cc6df34bb.camel@HansenPartnership.com (mailing list archive)
State New
Headers show
Series KEYS: trusted: return -EEXIST when refusing to update existing key | expand

Commit Message

James Bottomley Dec. 21, 2022, 2:18 p.m. UTC
All other key types return -EEXIST when refusing to update an existing
key, but trusted keys return -EINVAL, which is confusing to users who
can't figure out what the invalid argument is.  Fix by returning
-EEXIST if the key exists and we can't update it.

Fixes: d00a1c72f7f4 ("keys: add new trusted key-type")
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Cc: stable@vger.kernel.org
 security/keys/trusted-keys/trusted_core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox series


diff --git a/security/keys/trusted-keys/trusted_core.c b/security/keys/trusted-keys/trusted_core.c
index c6fc50d67214..8dcd84137035 100644
--- a/security/keys/trusted-keys/trusted_core.c
+++ b/security/keys/trusted-keys/trusted_core.c
@@ -254,7 +254,7 @@  static int trusted_update(struct key *key, struct key_preparsed_payload *prep)
 	datablob[datalen] = '\0';
 	ret = datablob_parse(&datablob, new_p);
 	if (ret != Opt_update) {
-		ret = -EINVAL;
+		ret = -EEXIST;
 		goto out;