On Mon, 2019-12-09 at 08:31 +0000, David Woodhouse wrote: > On Sat, 2019-12-07 at 21:07 -0800, James Bottomley wrote: > > The trusted keys code currently loads a blob into the TPM and > > unseals > > on the handle. However, it never flushes the handle meaning that > > volatile contexts build up until the TPM becomes unusable. Fix > > this > > by flushing the handle after the unseal. > > > > Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.c > > om> > > --- > > drivers/char/tpm/tpm.h | 1 - > > drivers/char/tpm/tpm2-cmd.c | 1 + > > include/linux/tpm.h | 1 + > > security/keys/trusted-keys/trusted_tpm2.c | 1 + > > 4 files changed, 3 insertions(+), 1 deletion(-) > > > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h > > index b9e1547be6b5..5620747da0cf 100644 > > --- a/drivers/char/tpm/tpm.h > > +++ b/drivers/char/tpm/tpm.h > > @@ -218,7 +218,6 @@ int tpm2_pcr_read(struct tpm_chip *chip, u32 > > pcr_idx, > > int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, > > struct tpm_digest *digests); > > int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max); > > -void tpm2_flush_context(struct tpm_chip *chip, u32 handle); > > ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, > > u32 *value, const char *desc); > > > > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2- > > cmd.c > > index fdb457704aa7..b87592f4a6c7 100644 > > --- a/drivers/char/tpm/tpm2-cmd.c > > +++ b/drivers/char/tpm/tpm2-cmd.c > > @@ -362,6 +362,7 @@ void tpm2_flush_context(struct tpm_chip *chip, > > u32 handle) > > tpm_transmit_cmd(chip, &buf, 0, "flushing context"); > > tpm_buf_destroy(&buf); > > } > > +EXPORT_SYMBOL(tpm2_flush_context); > > > Everything else is EXPORT_SYMBOL_GPL(). Why EXPORT_SYMBOL() here? No reason ... well, except I'm not sure the difference has any utility, but since I don't really care either way, I'll change all the exports. James
