tpm2-sessions: Open code tpm_buf_append_hmac_session()

Open code 'tpm_buf_append_hmac_session_opt' to the call site, as it only
masks a call sequence and does otherwise nothing particularly useful.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@opinsys.com>
Reviewed-by: Jonathan McDowell <noodles@meta.com>

diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index ce0a1c6b05968297cbb44e73c3ff32613e8a7add..3a77be7ebf4aa1a3aee88d7f53d3909f75f07175 100644 (file)
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -282,9 +282,17 @@ int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
 
        do {
                tpm_buf_reset(&buf, TPM2_ST_SESSIONS, TPM2_CC_GET_RANDOM);
-               tpm_buf_append_hmac_session_opt(chip, &buf, TPM2_SA_ENCRYPT
-                                               | TPM2_SA_CONTINUE_SESSION,
-                                               NULL, 0);
+               if (tpm2_chip_auth(chip)) {
+                       tpm_buf_append_hmac_session(chip, &buf,
+                                                   TPM2_SA_ENCRYPT |
+                                                   TPM2_SA_CONTINUE_SESSION,
+                                                   NULL, 0);
+               } else  {
+                       offset = buf.handles * 4 + TPM_HEADER_SIZE;
+                       head = (struct tpm_header *)buf.data;
+                       if (tpm_buf_length(&buf) == offset)
+                               head->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
+               }
                tpm_buf_append_u16(&buf, num_bytes);
                err = tpm_buf_fill_hmac_session(chip, &buf);
                if (err) {

diff --git a/include/linux/tpm.h b/include/linux/tpm.h
index afa51723296a71100e07ad7665b102cf172f60b5..202da079d500f53092ab8eb7b941a5c63b4a30d3 100644 (file)
--- a/include/linux/tpm.h
+++ b/include/linux/tpm.h
@@ -536,29 +536,6 @@ void tpm_buf_append_hmac_session(struct tpm_chip *chip, struct tpm_buf *buf,
                                 int passphraselen);
 void tpm_buf_append_auth(struct tpm_chip *chip, struct tpm_buf *buf,
                         u8 *passphrase, int passphraselen);
-static inline void tpm_buf_append_hmac_session_opt(struct tpm_chip *chip,
-                                                  struct tpm_buf *buf,
-                                                  u8 attributes,
-                                                  u8 *passphrase,
-                                                  int passphraselen)
-{
-       struct tpm_header *head;
-       int offset;
-
-       if (tpm2_chip_auth(chip)) {
-               tpm_buf_append_hmac_session(chip, buf, attributes, passphrase, passphraselen);
-       } else  {
-               offset = buf->handles * 4 + TPM_HEADER_SIZE;
-               head = (struct tpm_header *)buf->data;
-
-               /*
-                * If the only sessions are optional, the command tag must change to
-                * TPM2_ST_NO_SESSIONS.
-                */
-               if (tpm_buf_length(buf) == offset)
-                       head->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
-       }
-}
 
 #ifdef CONFIG_TCG_TPM2_HMAC
 

diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index 5b205279584b6e1e603878f3fc4d6719b95ce481..a7ea4a1c3bed28a424bbee4e452e31f94923f45c 100644 (file)
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -481,8 +481,10 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip,
                           struct trusted_key_options *options,
                           u32 blob_handle)
 {
+       struct tpm_header *head;
        struct tpm_buf buf;
        u16 data_len;
+       int offset;
        u8 *data;
        int rc;
 
@@ -519,8 +521,14 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip,
                tpm2_buf_append_auth(&buf, options->policyhandle,
                                     NULL /* nonce */, 0, 0,
                                     options->blobauth, options->blobauth_len);
-               tpm_buf_append_hmac_session_opt(chip, &buf, TPM2_SA_ENCRYPT,
-                                               NULL, 0);
+               if (tpm2_chip_auth(chip)) {
+                       tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_ENCRYPT, NULL, 0);
+               } else  {
+                       offset = buf.handles * 4 + TPM_HEADER_SIZE;
+                       head = (struct tpm_header *)buf.data;
+                       if (tpm_buf_length(&buf) == offset)
+                               head->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
+               }
        }
 
        rc = tpm_buf_fill_hmac_session(chip, &buf);