Function report |
Source Code:security\keys\trusted-keys\trusted_tpm1.c |
Create Date:2022-07-28 18:31:25 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
home page | Tree |
Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:rusted_instantiate - create a new trusted key* Unseal an existing trusted blob or, for a new key, get a* random key, then seal and create a trusted key-type key,* adding it to the specified keyring.* On success, return 0. Otherwise return errno.
Proto:static int trusted_instantiate(struct key *key, struct key_preparsed_payload *prep)
Type:int
Parameter:
Type | Parameter | Name |
---|---|---|
struct key * | key | |
struct key_preparsed_payload * | prep |
955 | struct trusted_key_payload * payload = NULL |
956 | struct trusted_key_options * options = NULL |
957 | datalen = Raw datalen |
959 | ret = 0 |
964 | tpm2 = tpm_is_tpm2(chip) |
971 | datablob = Allocation memory |
977 | options = trusted_options_alloc() |
978 | If Not options Then |
982 | payload = trusted_payload_alloc(key) |
983 | If Not payload Then |
988 | key_cmd = datablob_parse - parse the keyctl data and fill in the* payload and options structures* On success returns 0, otherwise -EINVAL. |
989 | If key_cmd < 0 Then |
994 | If Not keyhandle Then |
999 | dump_payload(payload) |
1000 | dump_options(options) |
1006 | Else ret = Have the TPM unseal(decrypt) the symmetric key |
1008 | dump_payload(payload) |
1009 | dump_options(options) |
1012 | Break |
1015 | ret = tpm_get_random(chip, key, key_len) |
1022 | Else ret = Have the TPM seal(encrypt) the symmetric key |
1026 | Break |
1027 | Default |
1031 | If Not ret && pcrlock Then ret = Lock a trusted key, by extending a selected PCR.* Prevents a trusted key that is sealed to PCRs from being accessed.* This uses the tpm driver's extend function. |
1033 | out : |
1036 | If Not ret Then rcu_assign_keypointer(key, payload) |
1040 | Return ret |
Source code conversion tool public plug-in interface | X |
---|---|
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |