On 5/5/2023 4:09 PM, Eric Biggers wrote:
On Mon, Apr 10, 2023 at 03:59:32PM -0700, Chang S. Bae wrote:
+/*
+ * This flag is set with IWKey load. When the key restore fails, it is
+ * reset. This restore state is exported to the crypto library, then AES-KL
+ * will not be used there. So, the feature is soft-disabled with this flag.
+ */
+static bool valid_kl;
+
+bool valid_keylocker(void)
+{
+ return valid_kl;
+}
+EXPORT_SYMBOL_GPL(valid_keylocker);
It would be simpler to export this bool directly.
Yeah, but this wrapper is for code encapsulation. The code outside of
the core code is not allowed to overwrite the value.
Perhaps, it is better to export it only with the AES-KL module:
#if IS_MODULE(CONFIG_CRYPTO_AES_KL)
EXPORT_SYMBOL_GPL(valid_keylocker);
#endif
+ if (status & BIT(0))
+ return 0;
+ else
+ return -EBUSY;
[...]
+ pr_info("x86/keylocker: Enabled.\n");
+ return;
+ } else {
+ int rc;
The kernel coding style usually doesn't use 'else' after a return.
Yeah, right. Will fix up.
Thanks,
Chang