Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/security/keys
History
Srish Srinivasan 6342969daf keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal 
TPM2_Unseal[1] expects the handle of a loaded data object, and not the
handle of the parent key. But the tpm2_unseal_cmd provides the parent
keyhandle instead of blob_handle for the session HMAC calculation. This
causes unseal to fail.

Fix this by passing blob_handle to tpm_buf_append_name().

References:

[1] trustedcomputinggroup.org/wp-content/uploads/
    Trusted-Platform-Module-2.0-Library-Part-3-Version-184_pub.pdf

Fixes: 6e9722e9a7 ("tpm2-sessions: Fix out of range indexing in name_size")
Signed-off-by: Srish Srinivasan <ssrish@linux.ibm.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
 		2026-01-25 19:03:45 +02:00
..
encrypted-keys keys: Replace deprecated strncpy in ecryptfs_fill_auth_tok 2025-11-27 23:50:20 +02:00
trusted-keys keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal 2026-01-25 19:03:45 +02:00
Kconfig security: keys: use menuconfig for KEYS symbol 2025-10-04 17:25:35 +03:00
Makefile
big_key.c keys: Remove redundant less-than-zero checks 2025-11-27 23:50:20 +02:00
compat.c
compat_dh.c
dh.c
gc.c
internal.h
key.c
keyctl.c
keyctl_pkey.c
keyring.c
permission.c
persistent.c
proc.c
process_keys.c cred: make init_cred static 2025-11-04 12:36:02 +01:00
request_key.c
request_key_auth.c
sysctl.c
user_defined.c keys: Remove redundant less-than-zero checks 2025-11-27 23:50:20 +02:00