mirror of
https://github.com/torvalds/linux.git
synced 2024-11-27 14:41:39 +00:00
KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Allow trusted.ko to initialize w/o a TPM. This commit also adds checks
to the exported functions to fail when a TPM is not available.
Fixes: 240730437d
("KEYS: trusted: explicitly use tpm_chip structure...")
Cc: James Morris <jmorris@namei.org>
Reported-by: Dan Williams <dan.j.williams@intel.com>
Tested-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
This commit is contained in:
parent
7110629263
commit
c78719203f
@ -135,6 +135,9 @@ int TSS_authhmac(unsigned char *digest, const unsigned char *key,
|
|||||||
int ret;
|
int ret;
|
||||||
va_list argp;
|
va_list argp;
|
||||||
|
|
||||||
|
if (!chip)
|
||||||
|
return -ENODEV;
|
||||||
|
|
||||||
sdesc = init_sdesc(hashalg);
|
sdesc = init_sdesc(hashalg);
|
||||||
if (IS_ERR(sdesc)) {
|
if (IS_ERR(sdesc)) {
|
||||||
pr_info("trusted_key: can't alloc %s\n", hash_alg);
|
pr_info("trusted_key: can't alloc %s\n", hash_alg);
|
||||||
@ -196,6 +199,9 @@ int TSS_checkhmac1(unsigned char *buffer,
|
|||||||
va_list argp;
|
va_list argp;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
if (!chip)
|
||||||
|
return -ENODEV;
|
||||||
|
|
||||||
bufsize = LOAD32(buffer, TPM_SIZE_OFFSET);
|
bufsize = LOAD32(buffer, TPM_SIZE_OFFSET);
|
||||||
tag = LOAD16(buffer, 0);
|
tag = LOAD16(buffer, 0);
|
||||||
ordinal = command;
|
ordinal = command;
|
||||||
@ -363,6 +369,9 @@ int trusted_tpm_send(unsigned char *cmd, size_t buflen)
|
|||||||
{
|
{
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
|
if (!chip)
|
||||||
|
return -ENODEV;
|
||||||
|
|
||||||
dump_tpm_buf(cmd);
|
dump_tpm_buf(cmd);
|
||||||
rc = tpm_send(chip, cmd, buflen);
|
rc = tpm_send(chip, cmd, buflen);
|
||||||
dump_tpm_buf(cmd);
|
dump_tpm_buf(cmd);
|
||||||
@ -429,6 +438,9 @@ int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce)
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
if (!chip)
|
||||||
|
return -ENODEV;
|
||||||
|
|
||||||
INIT_BUF(tb);
|
INIT_BUF(tb);
|
||||||
store16(tb, TPM_TAG_RQU_COMMAND);
|
store16(tb, TPM_TAG_RQU_COMMAND);
|
||||||
store32(tb, TPM_OIAP_SIZE);
|
store32(tb, TPM_OIAP_SIZE);
|
||||||
@ -1245,9 +1257,13 @@ static int __init init_trusted(void)
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
/* encrypted_keys.ko depends on successful load of this module even if
|
||||||
|
* TPM is not used.
|
||||||
|
*/
|
||||||
chip = tpm_default_chip();
|
chip = tpm_default_chip();
|
||||||
if (!chip)
|
if (!chip)
|
||||||
return -ENOENT;
|
return 0;
|
||||||
|
|
||||||
ret = init_digests();
|
ret = init_digests();
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
goto err_put;
|
goto err_put;
|
||||||
@ -1269,10 +1285,12 @@ err_put:
|
|||||||
|
|
||||||
static void __exit cleanup_trusted(void)
|
static void __exit cleanup_trusted(void)
|
||||||
{
|
{
|
||||||
put_device(&chip->dev);
|
if (chip) {
|
||||||
kfree(digests);
|
put_device(&chip->dev);
|
||||||
trusted_shash_release();
|
kfree(digests);
|
||||||
unregister_key_type(&key_type_trusted);
|
trusted_shash_release();
|
||||||
|
unregister_key_type(&key_type_trusted);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
late_initcall(init_trusted);
|
late_initcall(init_trusted);
|
||||||
|
Loading…
Reference in New Issue
Block a user