Re: [PATCH] security/keys/trusted: Allow operation without hardware TPM

From: Jarkko Sakkinen
Date: Thu Mar 21 2019 - 09:55:01 EST

Next message: Steven Rostedt: "Re: [RFC][PATCH] tracing/x86: Save CR2 before tracing irqsoff on error_entry"
Previous message: Auger Eric: "Re: [PATCH v6 05/22] iommu: Introduce cache_invalidate API"
In reply to: Dan Williams: "Re: [PATCH] security/keys/trusted: Allow operation without hardware TPM"
Next in thread: Roberto Sassu: "Re: [PATCH] security/keys/trusted: Allow operation without hardware TPM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 18, 2019 at 04:45:13PM -0700, Dan Williams wrote:
> Rather than fail initialization of the trusted.ko module, arrange for
> the module to load, but rely on trusted_instantiate() to fail
> trusted-key operations.
>
> Fixes: 240730437deb ("KEYS: trusted: explicitly use tpm_chip structure...")
> Cc: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
> Cc: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
> Cc: James Bottomley <jejb@xxxxxxxxxxxxx>
> Cc: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
> Cc: Mimi Zohar <zohar@xxxxxxxxxxxxx>
> Cc: David Howells <dhowells@xxxxxxxxxx>
> Signed-off-by: Dan Williams <dan.j.williams@xxxxxxxxx>

It should check for chip in each function that uses TPM now that
the code does not rely on default chip. Otherwise, the semantics
are kind of inconsistent.

/Jarkko

Next message: Steven Rostedt: "Re: [RFC][PATCH] tracing/x86: Save CR2 before tracing irqsoff on error_entry"
Previous message: Auger Eric: "Re: [PATCH v6 05/22] iommu: Introduce cache_invalidate API"
In reply to: Dan Williams: "Re: [PATCH] security/keys/trusted: Allow operation without hardware TPM"
Next in thread: Roberto Sassu: "Re: [PATCH] security/keys/trusted: Allow operation without hardware TPM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]