From e396140204f7cd2ee0c6f0eff1102a4ce86b9636 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Mon, 13 Nov 2017 20:43:01 -0500
Subject: [PATCH] swtpm: log when the decryption of a state blob fails

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
---
 src/swtpm/swtpm_nvfile.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/swtpm/swtpm_nvfile.c b/src/swtpm/swtpm_nvfile.c
index 48982f8..f02f300 100644
--- a/src/swtpm/swtpm_nvfile.c
+++ b/src/swtpm/swtpm_nvfile.c
@@ -912,6 +912,10 @@ TPM_RESULT SWTPM_NVRAM_SetStateBlob(unsigned char *data,
          res = SWTPM_NVRAM_DecryptData(&migrationkey,
                                        &plain, &plain_len,
                                        &data[dataoffset], length - dataoffset);
+         if (res != 0)
+            logprintf(STDERR_FILENO,
+                      "SWTPM_NVRAM_LoadData: Decrypting the state blob "
+                      "failed res = %d\n", res);
          if (res == TPM_SUCCESS) {
              res = SWTPM_NVRAM_StoreData_Intern(plain, plain_len,
                                                 tpm_number,