On Sat, 2019-12-07 at 21:07 -0800, James Bottomley wrote: > The trusted keys code currently loads a blob into the TPM and unseals > on the handle. However, it never flushes the handle meaning that > volatile contexts build up until the TPM becomes unusable. Fix this > by flushing the handle after the unseal. > > Signed-off-by: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> > --- > drivers/char/tpm/tpm.h | 1 - > drivers/char/tpm/tpm2-cmd.c | 1 + > include/linux/tpm.h | 1 + > security/keys/trusted-keys/trusted_tpm2.c | 1 + > 4 files changed, 3 insertions(+), 1 deletion(-) > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h > index b9e1547be6b5..5620747da0cf 100644 > --- a/drivers/char/tpm/tpm.h > +++ b/drivers/char/tpm/tpm.h > @@ -218,7 +218,6 @@ int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx, > int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, > struct tpm_digest *digests); > int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max); > -void tpm2_flush_context(struct tpm_chip *chip, u32 handle); > ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, > u32 *value, const char *desc); > > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c > index fdb457704aa7..b87592f4a6c7 100644 > --- a/drivers/char/tpm/tpm2-cmd.c > +++ b/drivers/char/tpm/tpm2-cmd.c > @@ -362,6 +362,7 @@ void tpm2_flush_context(struct tpm_chip *chip, u32 handle) > tpm_transmit_cmd(chip, &buf, 0, "flushing context"); > tpm_buf_destroy(&buf); > } > +EXPORT_SYMBOL(tpm2_flush_context); Everything else is EXPORT_SYMBOL_GPL(). Why EXPORT_SYMBOL() here?
Attachment:
smime.p7s
Description: S/MIME cryptographic signature