From: Eric Biggers <[email protected]>
tpm_key_create() doesn't actually load the key into the TPM. Fix the
comment to describe what the function does.
Signed-off-by: Eric Biggers <[email protected]>
---
crypto/asymmetric_keys/asym_tpm.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/crypto/asymmetric_keys/asym_tpm.c b/crypto/asymmetric_keys/asym_tpm.c
index 60d20d44c885..2e365a221fbe 100644
--- a/crypto/asymmetric_keys/asym_tpm.c
+++ b/crypto/asymmetric_keys/asym_tpm.c
@@ -900,7 +900,11 @@ static int extract_key_parameters(struct tpm_key *tk)
return 0;
}
-/* Given the blob, parse it and load it into the TPM */
+/*
+ * Verify that a supported TPM is present, then parse the key blob. We don't
+ * actually load the key into the TPM here; that happens only for the actual
+ * sign and decrypt operations.
+ */
struct tpm_key *tpm_key_create(const void *blob, uint32_t blob_len)
{
int r;
--
2.34.1
On Thu, Jan 13, 2022 at 03:54:39PM -0800, Eric Biggers wrote:
> From: Eric Biggers <[email protected]>
>
> tpm_key_create() doesn't actually load the key into the TPM. Fix the
> comment to describe what the function does.
>
> Signed-off-by: Eric Biggers <[email protected]>
Acked-by: Jarkko Sakkinen <[email protected]>
This asym_tpm has not been properly reviewed as far as I can tell.
For starters, I do not get who needed new TPM 1.x features in 2018...
It's long after SHA1 was declared as insecure and world was mostly
settled with TPM2.
BR, Jarkko