forked from Minki/linux
KEYS: trusted: correctly initialize digests and fix locking issue
Commit0b6cf6b97b
("tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()") modifies tpm_pcr_extend() to accept a digest for each PCR bank. After modification, tpm_pcr_extend() expects that digests are passed in the same order as the algorithms set in chip->allocated_banks. This patch fixes two issues introduced in the last iterations of the patch set: missing initialization of the TPM algorithm ID in the tpm_digest structures passed to tpm_pcr_extend() by the trusted key module, and unreleased locks in the TPM driver due to returning from tpm_pcr_extend() without calling tpm_put_ops(). Cc: stable@vger.kernel.org Fixes:0b6cf6b97b
("tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()") Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
This commit is contained in:
parent
34cd83bb8a
commit
9f75c82246
@ -320,18 +320,22 @@ int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
|
|||||||
if (!chip)
|
if (!chip)
|
||||||
return -ENODEV;
|
return -ENODEV;
|
||||||
|
|
||||||
for (i = 0; i < chip->nr_allocated_banks; i++)
|
for (i = 0; i < chip->nr_allocated_banks; i++) {
|
||||||
if (digests[i].alg_id != chip->allocated_banks[i].alg_id)
|
if (digests[i].alg_id != chip->allocated_banks[i].alg_id) {
|
||||||
return -EINVAL;
|
rc = EINVAL;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (chip->flags & TPM_CHIP_FLAG_TPM2) {
|
if (chip->flags & TPM_CHIP_FLAG_TPM2) {
|
||||||
rc = tpm2_pcr_extend(chip, pcr_idx, digests);
|
rc = tpm2_pcr_extend(chip, pcr_idx, digests);
|
||||||
tpm_put_ops(chip);
|
goto out;
|
||||||
return rc;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest,
|
rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest,
|
||||||
"attempting extend a PCR value");
|
"attempting extend a PCR value");
|
||||||
|
|
||||||
|
out:
|
||||||
tpm_put_ops(chip);
|
tpm_put_ops(chip);
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
@ -1228,11 +1228,16 @@ hashalg_fail:
|
|||||||
|
|
||||||
static int __init init_digests(void)
|
static int __init init_digests(void)
|
||||||
{
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
digests = kcalloc(chip->nr_allocated_banks, sizeof(*digests),
|
digests = kcalloc(chip->nr_allocated_banks, sizeof(*digests),
|
||||||
GFP_KERNEL);
|
GFP_KERNEL);
|
||||||
if (!digests)
|
if (!digests)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
|
for (i = 0; i < chip->nr_allocated_banks; i++)
|
||||||
|
digests[i].alg_id = chip->allocated_banks[i].alg_id;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user