aboutsummaryrefslogtreecommitdiff
path: root/security/integrity/ima/ima_init.c
diff options
context:
space:
mode:
authorStefan Berger <stefanb@linux.vnet.ibm.com>2018-06-26 15:09:32 -0400
committerJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>2018-07-28 17:03:11 +0300
commit5c2a640aff73914e11ac0db310b32d3b7a1b87ad (patch)
tree26ab375331cfdd09aabc85709bd3c23c7afa04d3 /security/integrity/ima/ima_init.c
parent58bac8cc3010ccb845572a3512fc16c9aaa5e50e (diff)
downloadlinux-5c2a640aff73914e11ac0db310b32d3b7a1b87ad.tar.gz
ima: Use tpm_default_chip() and call TPM functions with a tpm_chip
Rather than accessing the TPM functions by passing a NULL pointer for the tpm_chip, which causes a lookup for a suitable chip every time, get a hold of a tpm_chip and access the TPM functions using it. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Diffstat (limited to 'security/integrity/ima/ima_init.c')
-rw-r--r--security/integrity/ima/ima_init.c11
1 files changed, 4 insertions, 7 deletions
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c
index 29b72cd2502e..1437ed3dbccc 100644
--- a/security/integrity/ima/ima_init.c
+++ b/security/integrity/ima/ima_init.c
@@ -27,6 +27,7 @@
/* name for boot aggregate entry */
static const char *boot_aggregate_name = "boot_aggregate";
int ima_used_chip;
+struct tpm_chip *ima_tpm_chip;
/* Add the boot aggregate to the IMA measurement list and extend
* the PCR register.
@@ -106,17 +107,13 @@ void __init ima_load_x509(void)
int __init ima_init(void)
{
- u8 pcr_i[TPM_DIGEST_SIZE];
int rc;
- ima_used_chip = 0;
- rc = tpm_pcr_read(NULL, 0, pcr_i);
- if (rc == 0)
- ima_used_chip = 1;
+ ima_tpm_chip = tpm_default_chip();
+ ima_used_chip = ima_tpm_chip != NULL;
if (!ima_used_chip)
- pr_info("No TPM chip found, activating TPM-bypass! (rc=%d)\n",
- rc);
+ pr_info("No TPM chip found, activating TPM-bypass!\n");
rc = integrity_init_keyring(INTEGRITY_KEYRING_IMA);
if (rc)