Message ID | 20220113235440.90439-3-ebiggers@kernel.org |
---|---|
State | New |
Headers | show |
Series | KEYS: fixes for asym_tpm keys | expand |
On Thu, Jan 13, 2022 at 03:54:39PM -0800, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > tpm_key_create() doesn't actually load the key into the TPM. Fix the > comment to describe what the function does. > > Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> This asym_tpm has not been properly reviewed as far as I can tell. For starters, I do not get who needed new TPM 1.x features in 2018... It's long after SHA1 was declared as insecure and world was mostly settled with TPM2. BR, Jarkko
diff --git a/crypto/asymmetric_keys/asym_tpm.c b/crypto/asymmetric_keys/asym_tpm.c index 60d20d44c885..2e365a221fbe 100644 --- a/crypto/asymmetric_keys/asym_tpm.c +++ b/crypto/asymmetric_keys/asym_tpm.c @@ -900,7 +900,11 @@ static int extract_key_parameters(struct tpm_key *tk) return 0; } -/* Given the blob, parse it and load it into the TPM */ +/* + * Verify that a supported TPM is present, then parse the key blob. We don't + * actually load the key into the TPM here; that happens only for the actual + * sign and decrypt operations. + */ struct tpm_key *tpm_key_create(const void *blob, uint32_t blob_len) { int r;