diff mbox series

KEYS: trusted: allow trusted.ko to initialize w/o a TPM

Message ID 20190325144735.30443-1-jarkko.sakkinen@linux.intel.com (mailing list archive)
State New, archived
Headers show
Series KEYS: trusted: allow trusted.ko to initialize w/o a TPM | expand

Commit Message

Jarkko Sakkinen March 25, 2019, 2:47 p.m. UTC
Allow trusted.ko to initialize w/o a TPM. This commit adds checks to the
key type callbacks and exported functions to fail when a TPM is not
available.

Cc: Dan Williams <dan.j.williams@intel.com>
Cc: stable@vger.kernel.org
Fixes: 240730437deb ("KEYS: trusted: explicitly use tpm_chip structure...")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 security/keys/trusted.c | 46 +++++++++++++++++++++++++++++++++++------
 1 file changed, 40 insertions(+), 6 deletions(-)

Comments

Dan Williams March 25, 2019, 9:33 p.m. UTC | #1
On Mon, Mar 25, 2019 at 7:48 AM Jarkko Sakkinen
<jarkko.sakkinen@linux.intel.com> wrote:
>
> Allow trusted.ko to initialize w/o a TPM. This commit adds checks to the
> key type callbacks and exported functions to fail when a TPM is not
> available.
>
> Cc: Dan Williams <dan.j.williams@intel.com>

Reported-and-tested-by: Dan Williams <dan.j.williams@intel.com>

Thanks Jarkko!
Jarkko Sakkinen March 26, 2019, 11:50 a.m. UTC | #2
On Mon, Mar 25, 2019 at 02:33:38PM -0700, Dan Williams wrote:
> On Mon, Mar 25, 2019 at 7:48 AM Jarkko Sakkinen
> <jarkko.sakkinen@linux.intel.com> wrote:
> >
> > Allow trusted.ko to initialize w/o a TPM. This commit adds checks to the
> > key type callbacks and exported functions to fail when a TPM is not
> > available.
> >
> > Cc: Dan Williams <dan.j.williams@intel.com>
> 
> Reported-and-tested-by: Dan Williams <dan.j.williams@intel.com>

Thanks Dan!

/Jarkko
Jarkko Sakkinen March 26, 2019, 11:52 a.m. UTC | #3
On Mon, Mar 25, 2019 at 04:47:35PM +0200, Jarkko Sakkinen wrote:
> Allow trusted.ko to initialize w/o a TPM. This commit adds checks to the
> key type callbacks and exported functions to fail when a TPM is not
> available.
> 
> Cc: Dan Williams <dan.j.williams@intel.com>
> Cc: stable@vger.kernel.org
> Fixes: 240730437deb ("KEYS: trusted: explicitly use tpm_chip structure...")
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Will send a revised version: since now the key type is not registered,
none of the callbacks needs the check for the chip instance. Only the
exported functions should have it.

/Jarkko
diff mbox series

Patch

diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index ecec672d3a77..13fb1068e371 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -135,6 +135,9 @@  int TSS_authhmac(unsigned char *digest, const unsigned char *key,
 	int ret;
 	va_list argp;
 
+	if (!chip)
+		return -ENODEV;
+
 	sdesc = init_sdesc(hashalg);
 	if (IS_ERR(sdesc)) {
 		pr_info("trusted_key: can't alloc %s\n", hash_alg);
@@ -196,6 +199,9 @@  int TSS_checkhmac1(unsigned char *buffer,
 	va_list argp;
 	int ret;
 
+	if (!chip)
+		return -ENODEV;
+
 	bufsize = LOAD32(buffer, TPM_SIZE_OFFSET);
 	tag = LOAD16(buffer, 0);
 	ordinal = command;
@@ -363,6 +369,9 @@  int trusted_tpm_send(unsigned char *cmd, size_t buflen)
 {
 	int rc;
 
+	if (!chip)
+		return -ENODEV;
+
 	dump_tpm_buf(cmd);
 	rc = tpm_send(chip, cmd, buflen);
 	dump_tpm_buf(cmd);
@@ -429,6 +438,9 @@  int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce)
 {
 	int ret;
 
+	if (!chip)
+		return -ENODEV;
+
 	INIT_BUF(tb);
 	store16(tb, TPM_TAG_RQU_COMMAND);
 	store32(tb, TPM_OIAP_SIZE);
@@ -967,6 +979,9 @@  static int trusted_instantiate(struct key *key,
 	size_t key_len;
 	int tpm2;
 
+	if (!chip)
+		return -ENODEV;
+
 	tpm2 = tpm_is_tpm2(chip);
 	if (tpm2 < 0)
 		return tpm2;
@@ -1050,6 +1065,9 @@  static void trusted_rcu_free(struct rcu_head *rcu)
 {
 	struct trusted_key_payload *p;
 
+	if (!chip)
+		return;
+
 	p = container_of(rcu, struct trusted_key_payload, rcu);
 	kzfree(p);
 }
@@ -1066,6 +1084,9 @@  static int trusted_update(struct key *key, struct key_preparsed_payload *prep)
 	char *datablob;
 	int ret = 0;
 
+	if (!chip)
+		return -ENODEV;
+
 	if (key_is_negative(key))
 		return -ENOKEY;
 	p = key->payload.data[0];
@@ -1144,6 +1165,9 @@  static long trusted_read(const struct key *key, char __user *buffer,
 	char *bufp;
 	int i;
 
+	if (!chip)
+		return -ENODEV;
+
 	p = dereference_key_locked(key);
 	if (!p)
 		return -EINVAL;
@@ -1170,6 +1194,9 @@  static long trusted_read(const struct key *key, char __user *buffer,
  */
 static void trusted_destroy(struct key *key)
 {
+	if (!chip)
+		return;
+
 	kzfree(key->payload.data[0]);
 }
 
@@ -1245,9 +1272,13 @@  static int __init init_trusted(void)
 {
 	int ret;
 
+	/* encrypted_keys.ko depends on successful load of this module even if
+	 * TPM is not used.
+	 */
 	chip = tpm_default_chip();
 	if (!chip)
-		return -ENOENT;
+		return 0;
+
 	ret = init_digests();
 	if (ret < 0)
 		goto err_put;
@@ -1263,16 +1294,19 @@  static int __init init_trusted(void)
 err_free:
 	kfree(digests);
 err_put:
-	put_device(&chip->dev);
+	if (chip)
+		put_device(&chip->dev);
 	return ret;
 }
 
 static void __exit cleanup_trusted(void)
 {
-	put_device(&chip->dev);
-	kfree(digests);
-	trusted_shash_release();
-	unregister_key_type(&key_type_trusted);
+	if (chip) {
+		put_device(&chip->dev);
+		kfree(digests);
+		trusted_shash_release();
+		unregister_key_type(&key_type_trusted);
+	}
 }
 
 late_initcall(init_trusted);