diff options
| author | Jarkko Sakkinen <[email protected]> | 2021-01-29 01:56:21 +0200 |
|---|---|---|
| committer | Jarkko Sakkinen <[email protected]> | 2021-02-16 10:40:28 +0200 |
| commit | 8c657a0590de585b1115847c17b34a58025f2f4b (patch) | |
| tree | 2ab5fb0d0bb465e620b4b023080899efaab928eb /tools/perf/scripts/python/export-to-sqlite.py | |
| parent | 8da7520c80468c48f981f0b81fc1be6599e3b0ad (diff) | |
KEYS: trusted: Reserve TPM for seal and unseal operations
When TPM 2.0 trusted keys code was moved to the trusted keys subsystem,
the operations were unwrapped from tpm_try_get_ops() and tpm_put_ops(),
which are used to take temporarily the ownership of the TPM chip. The
ownership is only taken inside tpm_send(), but this is not sufficient,
as in the key load TPM2_CC_LOAD, TPM2_CC_UNSEAL and TPM2_FLUSH_CONTEXT
need to be done as a one single atom.
Take the TPM chip ownership before sending anything with
tpm_try_get_ops() and tpm_put_ops(), and use tpm_transmit_cmd() to send
TPM commands instead of tpm_send(), reverting back to the old behaviour.
Fixes: 2e19e10131a0 ("KEYS: trusted: Move TPM2 trusted keys code")
Reported-by: "James E.J. Bottomley" <[email protected]>
Cc: [email protected]
Cc: David Howells <[email protected]>
Cc: Mimi Zohar <[email protected]>
Cc: Sumit Garg <[email protected]>
Acked-by Sumit Garg <[email protected]>
Tested-by: Mimi Zohar <[email protected]>
Signed-off-by: Jarkko Sakkinen <[email protected]>
Diffstat (limited to 'tools/perf/scripts/python/export-to-sqlite.py')
0 files changed, 0 insertions, 0 deletions