mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2025-01-11 00:08:50 +00:00
KEYS: trusted: allow trusted.ko to initialize w/o a TPM
Allow trusted.ko to initialize w/o a TPM. This commit also adds checks to the exported functions to fail when a TPM is not available. Fixes: 240730437deb ("KEYS: trusted: explicitly use tpm_chip structure...") Cc: James Morris <jmorris@namei.org> Reported-by: Dan Williams <dan.j.williams@intel.com> Tested-by: Dan Williams <dan.j.williams@intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: James Morris <james.morris@microsoft.com>
This commit is contained in:
parent
7110629263
commit
c78719203f
@ -135,6 +135,9 @@ int TSS_authhmac(unsigned char *digest, const unsigned char *key,
|
||||
int ret;
|
||||
va_list argp;
|
||||
|
||||
if (!chip)
|
||||
return -ENODEV;
|
||||
|
||||
sdesc = init_sdesc(hashalg);
|
||||
if (IS_ERR(sdesc)) {
|
||||
pr_info("trusted_key: can't alloc %s\n", hash_alg);
|
||||
@ -196,6 +199,9 @@ int TSS_checkhmac1(unsigned char *buffer,
|
||||
va_list argp;
|
||||
int ret;
|
||||
|
||||
if (!chip)
|
||||
return -ENODEV;
|
||||
|
||||
bufsize = LOAD32(buffer, TPM_SIZE_OFFSET);
|
||||
tag = LOAD16(buffer, 0);
|
||||
ordinal = command;
|
||||
@ -363,6 +369,9 @@ int trusted_tpm_send(unsigned char *cmd, size_t buflen)
|
||||
{
|
||||
int rc;
|
||||
|
||||
if (!chip)
|
||||
return -ENODEV;
|
||||
|
||||
dump_tpm_buf(cmd);
|
||||
rc = tpm_send(chip, cmd, buflen);
|
||||
dump_tpm_buf(cmd);
|
||||
@ -429,6 +438,9 @@ int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (!chip)
|
||||
return -ENODEV;
|
||||
|
||||
INIT_BUF(tb);
|
||||
store16(tb, TPM_TAG_RQU_COMMAND);
|
||||
store32(tb, TPM_OIAP_SIZE);
|
||||
@ -1245,9 +1257,13 @@ static int __init init_trusted(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
/* encrypted_keys.ko depends on successful load of this module even if
|
||||
* TPM is not used.
|
||||
*/
|
||||
chip = tpm_default_chip();
|
||||
if (!chip)
|
||||
return -ENOENT;
|
||||
return 0;
|
||||
|
||||
ret = init_digests();
|
||||
if (ret < 0)
|
||||
goto err_put;
|
||||
@ -1269,10 +1285,12 @@ err_put:
|
||||
|
||||
static void __exit cleanup_trusted(void)
|
||||
{
|
||||
put_device(&chip->dev);
|
||||
kfree(digests);
|
||||
trusted_shash_release();
|
||||
unregister_key_type(&key_type_trusted);
|
||||
if (chip) {
|
||||
put_device(&chip->dev);
|
||||
kfree(digests);
|
||||
trusted_shash_release();
|
||||
unregister_key_type(&key_type_trusted);
|
||||
}
|
||||
}
|
||||
|
||||
late_initcall(init_trusted);
|
||||
|
Loading…
x
Reference in New Issue
Block a user