tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'keys-trusted-next-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd

Pull trusted key updates from Jarkko Sakkinen:

- Remove duplicate 'tpm2_hash_map' in favor of 'tpm2_find_hash_alg()'

- Fix a memory leak on failure paths of 'tpm2_load_cmd'

* tag 'keys-trusted-next-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd:
KEYS: trusted: Fix a memory leak in tpm2_load_cmd
KEYS: trusted: Replace a redundant instance of tpm2_hash_map

Linus Torvalds 7fc2cd2e b082c4b0

+22 -22
+13 -1
drivers/char/tpm/tpm2-cmd.c
··· 18 18 module_param(disable_pcr_integrity, bool, 0444); 19 19 MODULE_PARM_DESC(disable_pcr_integrity, "Disable integrity protection of TPM2_PCR_Extend"); 20 20 21 - static struct tpm2_hash tpm2_hash_map[] = { 21 + struct tpm2_hash tpm2_hash_map[] = { 22 22 {HASH_ALGO_SHA1, TPM_ALG_SHA1}, 23 23 {HASH_ALGO_SHA256, TPM_ALG_SHA256}, 24 24 {HASH_ALGO_SHA384, TPM_ALG_SHA384}, 25 25 {HASH_ALGO_SHA512, TPM_ALG_SHA512}, 26 26 {HASH_ALGO_SM3_256, TPM_ALG_SM3_256}, 27 27 }; 28 + 29 + int tpm2_find_hash_alg(unsigned int crypto_id) 30 + { 31 + int i; 32 + 33 + for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) 34 + if (crypto_id == tpm2_hash_map[i].crypto_id) 35 + return tpm2_hash_map[i].tpm_id; 36 + 37 + return -EINVAL; 38 + } 39 + EXPORT_SYMBOL_GPL(tpm2_find_hash_alg); 28 40 29 41 int tpm2_get_timeouts(struct tpm_chip *chip) 30 42 {
+1
include/linux/tpm.h
··· 473 473 extern int tpm_get_random(struct tpm_chip *chip, u8 *data, size_t max); 474 474 extern struct tpm_chip *tpm_default_chip(void); 475 475 void tpm2_flush_context(struct tpm_chip *chip, u32 handle); 476 + int tpm2_find_hash_alg(unsigned int crypto_id); 476 477 477 478 static inline void tpm_buf_append_empty_auth(struct tpm_buf *buf, u32 handle) 478 479 {
+8 -21
security/keys/trusted-keys/trusted_tpm2.c
··· 18 18 19 19 #include "tpm2key.asn1.h" 20 20 21 - static struct tpm2_hash tpm2_hash_map[] = { 22 - {HASH_ALGO_SHA1, TPM_ALG_SHA1}, 23 - {HASH_ALGO_SHA256, TPM_ALG_SHA256}, 24 - {HASH_ALGO_SHA384, TPM_ALG_SHA384}, 25 - {HASH_ALGO_SHA512, TPM_ALG_SHA512}, 26 - {HASH_ALGO_SM3_256, TPM_ALG_SM3_256}, 27 - }; 28 - 29 21 static u32 tpm2key_oid[] = { 2, 23, 133, 10, 1, 5 }; 30 22 31 23 static int tpm2_key_encode(struct trusted_key_payload *payload, ··· 236 244 off_t offset = TPM_HEADER_SIZE; 237 245 struct tpm_buf buf, sized; 238 246 int blob_len = 0; 239 - u32 hash; 247 + int hash; 240 248 u32 flags; 241 - int i; 242 249 int rc; 243 250 244 - for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 245 - if (options->hash == tpm2_hash_map[i].crypto_id) { 246 - hash = tpm2_hash_map[i].tpm_id; 247 - break; 248 - } 249 - } 250 - 251 - if (i == ARRAY_SIZE(tpm2_hash_map)) 252 - return -EINVAL; 251 + hash = tpm2_find_hash_alg(options->hash); 252 + if (hash < 0) 253 + return hash; 253 254 254 255 if (!options->keyhandle) 255 256 return -EINVAL; ··· 372 387 struct trusted_key_options *options, 373 388 u32 *blob_handle) 374 389 { 390 + u8 *blob_ref __free(kfree) = NULL; 375 391 struct tpm_buf buf; 376 392 unsigned int private_len; 377 393 unsigned int public_len; ··· 386 400 /* old form */ 387 401 blob = payload->blob; 388 402 payload->old_format = 1; 403 + } else { 404 + /* Bind for cleanup: */ 405 + blob_ref = blob; 389 406 } 390 407 391 408 /* new format carries keyhandle but old format doesn't */ ··· 453 464 (__be32 *) &buf.data[TPM_HEADER_SIZE]); 454 465 455 466 out: 456 - if (blob != payload->blob) 457 - kfree(blob); 458 467 tpm_buf_destroy(&buf); 459 468 460 469 if (rc > 0)