Skip to content

Commit 2407304

Browse files
robertosassuJarkko Sakkinen
robertosassu
authored and
Jarkko Sakkinen
committed
KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()
When crypto agility support will be added to the TPM driver, users of the driver have to retrieve the allocated banks from chip->allocated_banks and use this information to prepare the array of tpm_digest structures to be passed to tpm_pcr_extend(). This patch retrieves a tpm_chip pointer from tpm_default_chip() so that the pointer can be used to prepare the array of tpm_digest structures. Signed-off-by: Roberto Sassu <[email protected]> Reviewed-by: Jarkko Sakkinen <[email protected]> Tested-by: Jarkko Sakkinen <[email protected]> Signed-off-by: Jarkko Sakkinen <[email protected]>
1 parent 901615c commit 2407304

File tree

1 file changed

+24
-14
lines changed

1 file changed

+24
-14
lines changed

security/keys/trusted.c

Lines changed: 24 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@
3434

3535
static const char hmac_alg[] = "hmac(sha1)";
3636
static const char hash_alg[] = "sha1";
37+
static struct tpm_chip *chip;
3738

3839
struct sdesc {
3940
struct shash_desc shash;
@@ -362,7 +363,7 @@ int trusted_tpm_send(unsigned char *cmd, size_t buflen)
362363
int rc;
363364

364365
dump_tpm_buf(cmd);
365-
rc = tpm_send(NULL, cmd, buflen);
366+
rc = tpm_send(chip, cmd, buflen);
366367
dump_tpm_buf(cmd);
367368
if (rc > 0)
368369
/* Can't return positive return codes values to keyctl */
@@ -384,10 +385,10 @@ static int pcrlock(const int pcrnum)
384385

385386
if (!capable(CAP_SYS_ADMIN))
386387
return -EPERM;
387-
ret = tpm_get_random(NULL, hash, SHA1_DIGEST_SIZE);
388+
ret = tpm_get_random(chip, hash, SHA1_DIGEST_SIZE);
388389
if (ret != SHA1_DIGEST_SIZE)
389390
return ret;
390-
return tpm_pcr_extend(NULL, pcrnum, hash) ? -EINVAL : 0;
391+
return tpm_pcr_extend(chip, pcrnum, hash) ? -EINVAL : 0;
391392
}
392393

393394
/*
@@ -400,7 +401,7 @@ static int osap(struct tpm_buf *tb, struct osapsess *s,
400401
unsigned char ononce[TPM_NONCE_SIZE];
401402
int ret;
402403

403-
ret = tpm_get_random(NULL, ononce, TPM_NONCE_SIZE);
404+
ret = tpm_get_random(chip, ononce, TPM_NONCE_SIZE);
404405
if (ret != TPM_NONCE_SIZE)
405406
return ret;
406407

@@ -496,7 +497,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
496497
if (ret < 0)
497498
goto out;
498499

499-
ret = tpm_get_random(NULL, td->nonceodd, TPM_NONCE_SIZE);
500+
ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE);
500501
if (ret != TPM_NONCE_SIZE)
501502
goto out;
502503
ordinal = htonl(TPM_ORD_SEAL);
@@ -606,7 +607,7 @@ static int tpm_unseal(struct tpm_buf *tb,
606607

607608
ordinal = htonl(TPM_ORD_UNSEAL);
608609
keyhndl = htonl(SRKHANDLE);
609-
ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
610+
ret = tpm_get_random(chip, nonceodd, TPM_NONCE_SIZE);
610611
if (ret != TPM_NONCE_SIZE) {
611612
pr_info("trusted_key: tpm_get_random failed (%d)\n", ret);
612613
return ret;
@@ -751,7 +752,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
751752
int i;
752753
int tpm2;
753754

754-
tpm2 = tpm_is_tpm2(NULL);
755+
tpm2 = tpm_is_tpm2(chip);
755756
if (tpm2 < 0)
756757
return tpm2;
757758

@@ -920,7 +921,7 @@ static struct trusted_key_options *trusted_options_alloc(void)
920921
struct trusted_key_options *options;
921922
int tpm2;
922923

923-
tpm2 = tpm_is_tpm2(NULL);
924+
tpm2 = tpm_is_tpm2(chip);
924925
if (tpm2 < 0)
925926
return NULL;
926927

@@ -970,7 +971,7 @@ static int trusted_instantiate(struct key *key,
970971
size_t key_len;
971972
int tpm2;
972973

973-
tpm2 = tpm_is_tpm2(NULL);
974+
tpm2 = tpm_is_tpm2(chip);
974975
if (tpm2 < 0)
975976
return tpm2;
976977

@@ -1011,7 +1012,7 @@ static int trusted_instantiate(struct key *key,
10111012
switch (key_cmd) {
10121013
case Opt_load:
10131014
if (tpm2)
1014-
ret = tpm_unseal_trusted(NULL, payload, options);
1015+
ret = tpm_unseal_trusted(chip, payload, options);
10151016
else
10161017
ret = key_unseal(payload, options);
10171018
dump_payload(payload);
@@ -1021,13 +1022,13 @@ static int trusted_instantiate(struct key *key,
10211022
break;
10221023
case Opt_new:
10231024
key_len = payload->key_len;
1024-
ret = tpm_get_random(NULL, payload->key, key_len);
1025+
ret = tpm_get_random(chip, payload->key, key_len);
10251026
if (ret != key_len) {
10261027
pr_info("trusted_key: key_create failed (%d)\n", ret);
10271028
goto out;
10281029
}
10291030
if (tpm2)
1030-
ret = tpm_seal_trusted(NULL, payload, options);
1031+
ret = tpm_seal_trusted(chip, payload, options);
10311032
else
10321033
ret = key_seal(payload, options);
10331034
if (ret < 0)
@@ -1225,17 +1226,26 @@ static int __init init_trusted(void)
12251226
{
12261227
int ret;
12271228

1229+
chip = tpm_default_chip();
1230+
if (!chip)
1231+
return -ENOENT;
12281232
ret = trusted_shash_alloc();
12291233
if (ret < 0)
1230-
return ret;
1234+
goto err_put;
12311235
ret = register_key_type(&key_type_trusted);
12321236
if (ret < 0)
1233-
trusted_shash_release();
1237+
goto err_release;
1238+
return 0;
1239+
err_release:
1240+
trusted_shash_release();
1241+
err_put:
1242+
put_device(&chip->dev);
12341243
return ret;
12351244
}
12361245

12371246
static void __exit cleanup_trusted(void)
12381247
{
1248+
put_device(&chip->dev);
12391249
trusted_shash_release();
12401250
unregister_key_type(&key_type_trusted);
12411251
}

0 commit comments

Comments
 (0)