Received: by 2002:ac0:8c8e:0:0:0:0:0 with SMTP id r14csp798205ima; Wed, 6 Feb 2019 08:31:12 -0800 (PST) X-Google-Smtp-Source: AHgI3IbGG/sCath7U2gGZWyC52GK4zmk0uec7nMtjFt8YZjaJcr1drscSs6ad+d/mqv7h2wk8FSF X-Received: by 2002:a17:902:8f98:: with SMTP id z24mr11368605plo.40.1549470672247; Wed, 06 Feb 2019 08:31:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549470672; cv=none; d=google.com; s=arc-20160816; b=yQQqJFjj0h84F0KBktAeIr3w2wLWpmV1P1qFPWvNb2LlQIBjjbGVXMLG7uWRVVoPq4 Z+FOP/bh6KM/5lTzw17vczmLJkVMWyV0Uum0H5HIuf/Y7bDFLMxKkW0W/DcXFG+qd+Q/ 72iaWtASeSvClCrNj8eZNTGNnonJ8R9z9bNG6gw58IC+tRyTD2tJvY/9Pq5fB/9bjPwM v/WW+jY3Z32XuD5JHrVB29Rk1Ih81X+f4SksEtWLWSp6kkfN5AWQMfLTzm+cBISYP9Xd To7/1bu4SdIrZaliyE2OfKtt9mdZDpxVA/ezmtDnh/HG34mLoSOtCYNt0kcgvp3tHBj7 6p0w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=ns1OkF6HhER9VRPZmO1z1P9PVNlftfUxNjgdw6QWvQ4=; b=FQwYqwOn7KQVhc54WT50YncapyOrZLlsMt/xVhufmyHGg4j5wLQp7zCIwP7ytVR0Gs Y7Iq+7o+oMjHcajF+kgsfULOY2gQb6lE1HIeKrz+Qs6YQ5CwZh4AZoO6eJ30eNLUbRwV xManCQBHrOZ4uwk0vdX6kpJilm0hcH8bO2lkTKQUOTy4k0CWnB3LtI28cIba8ablpXyx tfjE7DqLexNMYQmOlOjimkeCFC42RPBl6Hvu7OtZy+1TP/o66PHOrHSRGoxGUQTf9ByE 5JMQDEg5DVp5b7K0MdO0as968IATKLN/x0C9RkJKbQQTfHBFG7FzfihDIR2W+S/f6INY u9oA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x24si5268715pln.322.2019.02.06.08.30.55; Wed, 06 Feb 2019 08:31:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731082AbfBFQaO (ORCPT + 99 others); Wed, 6 Feb 2019 11:30:14 -0500 Received: from lhrrgout.huawei.com ([185.176.76.210]:32882 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726306AbfBFQaN (ORCPT ); Wed, 6 Feb 2019 11:30:13 -0500 Received: from LHREML710-CAH.china.huawei.com (unknown [172.18.7.107]) by Forcepoint Email with ESMTP id 299E416B5D142C42546D; Wed, 6 Feb 2019 16:30:12 +0000 (GMT) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.154) by smtpsuk.huawei.com (10.201.108.33) with Microsoft SMTP Server (TLS) id 14.3.408.0; Wed, 6 Feb 2019 16:30:01 +0000 From: Roberto Sassu To: , , , , CC: , , , , , Roberto Sassu Subject: [PATCH v10, RESEND 5/6] KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip() Date: Wed, 6 Feb 2019 17:24:51 +0100 Message-ID: <20190206162452.7749-6-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190206162452.7749-1-roberto.sassu@huawei.com> References: <20190206162452.7749-1-roberto.sassu@huawei.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.204.65.154] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org When crypto agility support will be added to the TPM driver, users of the driver have to retrieve the allocated banks from chip->allocated_banks and use this information to prepare the array of tpm_digest structures to be passed to tpm_pcr_extend(). This patch retrieves a tpm_chip pointer from tpm_default_chip() so that the pointer can be used to prepare the array of tpm_digest structures. Signed-off-by: Roberto Sassu Reviewed-by: Jarkko Sakkinen Tested-by: Jarkko Sakkinen --- security/keys/trusted.c | 38 ++++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/security/keys/trusted.c b/security/keys/trusted.c index 4d98f4f87236..5b852263eae1 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c @@ -34,6 +34,7 @@ static const char hmac_alg[] = "hmac(sha1)"; static const char hash_alg[] = "sha1"; +static struct tpm_chip *chip; struct sdesc { struct shash_desc shash; @@ -362,7 +363,7 @@ int trusted_tpm_send(unsigned char *cmd, size_t buflen) int rc; dump_tpm_buf(cmd); - rc = tpm_send(NULL, cmd, buflen); + rc = tpm_send(chip, cmd, buflen); dump_tpm_buf(cmd); if (rc > 0) /* Can't return positive return codes values to keyctl */ @@ -384,10 +385,10 @@ static int pcrlock(const int pcrnum) if (!capable(CAP_SYS_ADMIN)) return -EPERM; - ret = tpm_get_random(NULL, hash, SHA1_DIGEST_SIZE); + ret = tpm_get_random(chip, hash, SHA1_DIGEST_SIZE); if (ret != SHA1_DIGEST_SIZE) return ret; - return tpm_pcr_extend(NULL, pcrnum, hash) ? -EINVAL : 0; + return tpm_pcr_extend(chip, pcrnum, hash) ? -EINVAL : 0; } /* @@ -400,7 +401,7 @@ static int osap(struct tpm_buf *tb, struct osapsess *s, unsigned char ononce[TPM_NONCE_SIZE]; int ret; - ret = tpm_get_random(NULL, ononce, TPM_NONCE_SIZE); + ret = tpm_get_random(chip, ononce, TPM_NONCE_SIZE); if (ret != TPM_NONCE_SIZE) return ret; @@ -496,7 +497,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, if (ret < 0) goto out; - ret = tpm_get_random(NULL, td->nonceodd, TPM_NONCE_SIZE); + ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE); if (ret != TPM_NONCE_SIZE) goto out; ordinal = htonl(TPM_ORD_SEAL); @@ -606,7 +607,7 @@ static int tpm_unseal(struct tpm_buf *tb, ordinal = htonl(TPM_ORD_UNSEAL); keyhndl = htonl(SRKHANDLE); - ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE); + ret = tpm_get_random(chip, nonceodd, TPM_NONCE_SIZE); if (ret != TPM_NONCE_SIZE) { pr_info("trusted_key: tpm_get_random failed (%d)\n", ret); return ret; @@ -751,7 +752,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay, int i; int tpm2; - tpm2 = tpm_is_tpm2(NULL); + tpm2 = tpm_is_tpm2(chip); if (tpm2 < 0) return tpm2; @@ -920,7 +921,7 @@ static struct trusted_key_options *trusted_options_alloc(void) struct trusted_key_options *options; int tpm2; - tpm2 = tpm_is_tpm2(NULL); + tpm2 = tpm_is_tpm2(chip); if (tpm2 < 0) return NULL; @@ -970,7 +971,7 @@ static int trusted_instantiate(struct key *key, size_t key_len; int tpm2; - tpm2 = tpm_is_tpm2(NULL); + tpm2 = tpm_is_tpm2(chip); if (tpm2 < 0) return tpm2; @@ -1011,7 +1012,7 @@ static int trusted_instantiate(struct key *key, switch (key_cmd) { case Opt_load: if (tpm2) - ret = tpm_unseal_trusted(NULL, payload, options); + ret = tpm_unseal_trusted(chip, payload, options); else ret = key_unseal(payload, options); dump_payload(payload); @@ -1021,13 +1022,13 @@ static int trusted_instantiate(struct key *key, break; case Opt_new: key_len = payload->key_len; - ret = tpm_get_random(NULL, payload->key, key_len); + ret = tpm_get_random(chip, payload->key, key_len); if (ret != key_len) { pr_info("trusted_key: key_create failed (%d)\n", ret); goto out; } if (tpm2) - ret = tpm_seal_trusted(NULL, payload, options); + ret = tpm_seal_trusted(chip, payload, options); else ret = key_seal(payload, options); if (ret < 0) @@ -1225,17 +1226,26 @@ static int __init init_trusted(void) { int ret; + chip = tpm_default_chip(); + if (!chip) + return -ENOENT; ret = trusted_shash_alloc(); if (ret < 0) - return ret; + goto err_put; ret = register_key_type(&key_type_trusted); if (ret < 0) - trusted_shash_release(); + goto err_release; + return 0; +err_release: + trusted_shash_release(); +err_put: + put_device(&chip->dev); return ret; } static void __exit cleanup_trusted(void) { + put_device(&chip->dev); trusted_shash_release(); unregister_key_type(&key_type_trusted); } -- 2.17.1