diff options
author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2021-04-22 01:52:37 +0300 |
---|---|---|
committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2021-04-22 02:30:06 +0300 |
commit | 60dc5f1bcfaa9cae9f99637e347d068cad7f8c9f (patch) | |
tree | 95839381b3dd85b564d5c6183c128e0eec93001a /security/keys/trusted-keys/trusted_tpm1.c | |
parent | aec00aa04b1131e17e6744681b380779f89d77b3 (diff) | |
download | linux-60dc5f1bcfaa9cae9f99637e347d068cad7f8c9f.tar.xz |
KEYS: trusted: fix TPM trusted keys for generic framework
The generic framework patch broke the current TPM trusted keys because
it doesn't correctly remove the values consumed by the generic parser
before passing them on to the implementation specific parser. Fix
this by having the generic parser return the string minus the consumed
tokens.
Additionally, there may be no tokens left for the implementation
specific parser, so make it handle the NULL case correctly and finally
fix a TPM 1.2 specific check for no keyhandle.
Fixes: 5d0682be3189 ("KEYS: trusted: Add generic trusted keys framework")
Tested-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Diffstat (limited to 'security/keys/trusted-keys/trusted_tpm1.c')
-rw-r--r-- | security/keys/trusted-keys/trusted_tpm1.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trusted-keys/trusted_tpm1.c index 798dc7820084..469394550801 100644 --- a/security/keys/trusted-keys/trusted_tpm1.c +++ b/security/keys/trusted-keys/trusted_tpm1.c @@ -747,6 +747,9 @@ static int getoptions(char *c, struct trusted_key_payload *pay, opt->hash = tpm2 ? HASH_ALGO_SHA256 : HASH_ALGO_SHA1; + if (!c) + return 0; + while ((p = strsep(&c, " \t"))) { if (*p == '\0' || *p == ' ' || *p == '\t') continue; @@ -944,7 +947,7 @@ static int trusted_tpm_unseal(struct trusted_key_payload *p, char *datablob) goto out; dump_options(options); - if (!options->keyhandle) { + if (!options->keyhandle && !tpm2) { ret = -EINVAL; goto out; } |