Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp878971img;
        Mon, 18 Mar 2019 17:00:13 -0700 (PDT)
X-Google-Smtp-Source: APXvYqytMjOzW77EQiUDyC6lzw5CG/Dwc9ydIKvdnZtWKxKpZPwSVowvMCGaYG/c+R0O4NNbrPay
X-Received: by 2002:a63:5817:: with SMTP id m23mr20459952pgb.166.1552953613449;
        Mon, 18 Mar 2019 17:00:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1552953613; cv=none;
        d=google.com; s=arc-20160816;
        b=JMOGC9ZlPSDISoCqgZl+rUikhCt/m18eDZajHj2Mjf7PWb+oMxxuo6vAWcyT6z8SW3
         DFgh0rPoOZu5TP9OJF9ZbME4q4BSZUqmYMHLQQNRCRLBK06L8+Z4PM7liUR5TpdQ5tch
         u9mUOi78I1Gw1biWL+ALLc1/XRYGVpSWFeGGLUblqHf9JX87hr+chNVUia1beqTnGe9q
         QjEUmZCXVSepoDYls2A1EN4xWWvdZ24+yCktou7X01RsI1jO1CRI/uBfh1sDvrHYinzc
         qA36KnXt3dLsVkFctuF6jUfEtrT5XPHINQYJW6eQBnn6h2FZN0ClfNe+t+anM9DfVVG4
         ZJDA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:message-id:date:cc:to:from:subject;
        bh=FO6j+eNBtxiayAVIDlOnnc+7KR59opUaWqs0AtwjISs=;
        b=s7yN1DxHSDmly7gEjV3YnaShdMzol82lPL+uQf9cJmkLnRUB93I8GbCZoPx1Fu+spz
         SkHpMdGCBMmg6wS9pESEX/EMrmiyZZOUWxn2mmVO6qdJ5WPbg4Aji4Mr7LruBdQYSCBx
         tEjGLmBf7W5Lt1ODeXTWN4BIXXKuDX2N1qzBRbAhCQic6WcltEK0u6wkdyJaSVX9wC2l
         jRIHQiD8IOBuMfHEuvi/FKhSC+RGBZoUgd42WRLiIjuTxmr9pWmfUzMNOsZx2eJDD8Pr
         44xSot6ydlLkXKBnuUqulfwe3elw5/4kCvKiWVBx2DDG+QsWiix+opCH9xYtxc9qH4CM
         neew==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m15si10387718pls.433.2019.03.18.16.59.58;
        Mon, 18 Mar 2019 17:00:13 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727205AbfCRX5x (ORCPT <rfc822;kernelgary@gmail.com>
        + 99 others); Mon, 18 Mar 2019 19:57:53 -0400
Received: from mga09.intel.com ([134.134.136.24]:22304 "EHLO mga09.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726578AbfCRX5x (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 18 Mar 2019 19:57:53 -0400
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga002.fm.intel.com ([10.253.24.26])
  by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Mar 2019 16:57:52 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.58,495,1544515200"; 
   d="scan'208";a="152911954"
Received: from dwillia2-desk3.jf.intel.com (HELO dwillia2-desk3.amr.corp.intel.com) ([10.54.39.16])
  by fmsmga002.fm.intel.com with ESMTP; 18 Mar 2019 16:57:52 -0700
Subject: [PATCH] security/keys/trusted: Allow operation without hardware TPM
From:   Dan Williams <dan.j.williams@intel.com>
To:     jarkko.sakkinen@linux.intel.com
Cc:     Roberto Sassu <roberto.sassu@huawei.com>,
        James Bottomley <jejb@linux.ibm.com>,
        Mimi Zohar <zohar@linux.ibm.com>,
        David Howells <dhowells@redhat.com>, keyrings@vger.kernel.org,
        linux-nvdimm@lists.01.org, linux-kernel@vger.kernel.org
Date:   Mon, 18 Mar 2019 16:45:13 -0700
Message-ID: <155295271345.1945351.6465460744078693578.stgit@dwillia2-desk3.amr.corp.intel.com>
User-Agent: StGit/0.18-2-gc94f
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Rather than fail initialization of the trusted.ko module, arrange for
the module to load, but rely on trusted_instantiate() to fail
trusted-key operations.

Fixes: 240730437deb ("KEYS: trusted: explicitly use tpm_chip structure...")
Cc: Roberto Sassu <roberto.sassu@huawei.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Mimi Zohar <zohar@linux.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
---
 security/keys/trusted.c |   21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index bcc9c6ead7fd..d959597a688e 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -45,6 +45,13 @@ struct sdesc {
 static struct crypto_shash *hashalg;
 static struct crypto_shash *hmacalg;
 
+static struct device *chip_dev(struct tpm_chip *chip)
+{
+	if (chip)
+		return &chip->dev;
+	return NULL;
+}
+
 static struct sdesc *init_sdesc(struct crypto_shash *alg)
 {
 	struct sdesc *sdesc;
@@ -1224,6 +1231,14 @@ static int __init init_digests(void)
 	int ret;
 	int i;
 
+	/*
+	 * Hardware tpm operations are disabled, but allow the software
+	 * module to initialize, and depend on trusted_instantiate() to
+	 * fail any attempts to access the missing hardware.
+	 */
+	if (!chip)
+		return 0;
+
 	ret = tpm_get_random(chip, digest, TPM_MAX_DIGEST_SIZE);
 	if (ret < 0)
 		return ret;
@@ -1246,8 +1261,6 @@ static int __init init_trusted(void)
 	int ret;
 
 	chip = tpm_default_chip();
-	if (!chip)
-		return -ENOENT;
 	ret = init_digests();
 	if (ret < 0)
 		goto err_put;
@@ -1263,13 +1276,13 @@ static int __init init_trusted(void)
 err_free:
 	kfree(digests);
 err_put:
-	put_device(&chip->dev);
+	put_device(chip_dev(chip));
 	return ret;
 }
 
 static void __exit cleanup_trusted(void)
 {
-	put_device(&chip->dev);
+	put_device(chip_dev(chip));
 	kfree(digests);
 	trusted_shash_release();
 	unregister_key_type(&key_type_trusted);