On Fri, Mar 22, 2019 at 11:04 AM Roberto Sassu <roberto.sassu@xxxxxxxxxx> wrote: > > Commit 240730437deb ("KEYS: trusted: explicitly use tpm_chip structure from > tpm_default_chip()") changed the tpm_chip argument of every TPM function > from NULL to a pointer that is retrieved at module initialization time. > > Unlike before this patch, the trusted module cannot be loaded if no TPM is > available. Unfortunately, this causes a dependency problem because the > encrypted key type requires the 'key_type_trusted' symbol when > CONFIG_TRUSTED_KEYS is defined. > > This patch fixes the issue by deferring the execution of TPM-specific code > until a new trusted key is instantiated: init_tpm(), to obtain a tpm_chip > pointer; init_digests(), introduced by commit 0b6cf6b97b7e ("tpm: pass an > array of tpm_extend_digest structures to tpm_pcr_extend()"), to get random > bytes from the TPM to lock a PCR. > > Cc: stable@xxxxxxxxxxxxxxx > Fixes: 240730437deb ("KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()") > Reported-by: Dan Williams <dan.j.williams@xxxxxxxxx> Tested-by: Dan Williams <dan.j.williams@xxxxxxxxx> Thanks Robert!