diff options
Diffstat (limited to 'security/keys/trusted-keys/trusted_tpm1.c')
| -rw-r--r-- | security/keys/trusted-keys/trusted_tpm1.c | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trusted-keys/trusted_tpm1.c index aa108bea6739..89c9798d1800 100644 --- a/security/keys/trusted-keys/trusted_tpm1.c +++ b/security/keys/trusted-keys/trusted_tpm1.c @@ -356,17 +356,28 @@ out: */ int trusted_tpm_send(unsigned char *cmd, size_t buflen) { + struct tpm_buf buf; int rc; if (!chip) return -ENODEV; + rc = tpm_try_get_ops(chip); + if (rc) + return rc; + + buf.flags = 0; + buf.length = buflen; + buf.data = cmd; dump_tpm_buf(cmd); - rc = tpm_send(chip, cmd, buflen); + rc = tpm_transmit_cmd(chip, &buf, 4, "sending data"); dump_tpm_buf(cmd); + if (rc > 0) - /* Can't return positive return codes values to keyctl */ + /* TPM error */ rc = -EPERM; + + tpm_put_ops(chip); return rc; } EXPORT_SYMBOL_GPL(trusted_tpm_send); @@ -407,7 +418,7 @@ static int osap(struct tpm_buf *tb, struct osapsess *s, tpm_buf_append_u32(tb, handle); tpm_buf_append(tb, ononce, TPM_NONCE_SIZE); - ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE); + ret = trusted_tpm_send(tb->data, tb->length); if (ret < 0) return ret; @@ -431,7 +442,7 @@ int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce) return -ENODEV; tpm_buf_reset(tb, TPM_TAG_RQU_COMMAND, TPM_ORD_OIAP); - ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE); + ret = trusted_tpm_send(tb->data, tb->length); if (ret < 0) return ret; @@ -543,7 +554,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, tpm_buf_append_u8(tb, cont); tpm_buf_append(tb, td->pubauth, SHA1_DIGEST_SIZE); - ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE); + ret = trusted_tpm_send(tb->data, tb->length); if (ret < 0) goto out; @@ -634,7 +645,7 @@ static int tpm_unseal(struct tpm_buf *tb, tpm_buf_append_u8(tb, cont); tpm_buf_append(tb, authdata2, SHA1_DIGEST_SIZE); - ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE); + ret = trusted_tpm_send(tb->data, tb->length); if (ret < 0) { pr_info("authhmac failed (%d)\n", ret); return ret; |