trusted_instantiate

Name:rusted_instantiate - create a new trusted key* Unseal an existing trusted blob or, for a new key, get a* random key, then seal and create a trusted key-type key,* adding it to the specified keyring.* On success, return 0. Otherwise return errno.

Proto:static int trusted_instantiate(struct key *key, struct key_preparsed_payload *prep)

Type:int

Parameter:

Type	Parameter	Name
struct key *	key
struct key_preparsed_payload *	prep

955

struct trusted_key_payload * payload = NULL

956

struct trusted_key_options * options = NULL

957

datalen = Raw datalen

959

ret = 0

964

tpm2 = tpm_is_tpm2(chip)

965

If tpm2 < 0 Then Return tpm2

968

If datalen <= 0 || datalen > 32767 || Not Raw data Then Return -EINVAL

971

datablob = Allocation memory

972

If Not datablob Then Return -ENOMEM

974

memcpy(datablob, Raw data , datalen)

975

datablob[datalen] = '\0'

977

options = trusted_options_alloc()

978

If Not options Then

979

980

Go to out

982

payload = trusted_payload_alloc(key)

983

If Not payload Then

984

985

Go to out

988

key_cmd = datablob_parse - parse the keyctl data and fill in the* payload and options structures* On success returns 0, otherwise -EINVAL.

989

If key_cmd < 0 Then

990

991

Go to out

994

If Not keyhandle Then

995

996

Go to out

999

dump_payload(payload)

1000

dump_options(options)

1003

Case key_cmd == Opt_load

1004

If tpm2 Then ret = tpm2_unseal_trusted(chip, payload, options)

1006

Else ret = Have the TPM unseal(decrypt) the symmetric key

1008

dump_payload(payload)

1009

dump_options(options)

1010

If ret < 0 Then pr_info("trusted_key: key_unseal failed (%d)\n", ret)

1012

Break

1013

Case key_cmd == Opt_new

1014

key_len = key_len

1015

ret = tpm_get_random(chip, key, key_len)

1016

If ret != key_len Then

1017

pr_info("trusted_key: key_create failed (%d)\n", ret)

1018

Go to out

1020

If tpm2 Then ret = pm2_seal_trusted() - seal the payload of a trusted key*@chip: TPM chip to use*@payload: the key data in clear and encrypted form*@options: authentication values and other options* Return: < 0 on error and 0 on success.

1022

Else ret = Have the TPM seal(encrypt) the symmetric key

1024

If ret < 0 Then pr_info("trusted_key: key_seal failed (%d)\n", ret)

1026

Break

1027

Default

1028

1029

Go to out

1031

If Not ret && pcrlock Then ret = Lock a trusted key, by extending a selected PCR.* Prevents a trusted key that is sealed to PCRs from being accessed.* This uses the tpm driver's extend function.

1033

out :

1034

kzfree - like kfree but zero memory*@p: object to free memory of* The memory of the object @p points to is zeroed before freed.* If @p is %NULL, kzfree() does nothing.* Note: this function zeroes the whole allocated buffer which can be a good

1035

kzfree - like kfree but zero memory*@p: object to free memory of* The memory of the object @p points to is zeroed before freed.* If @p is %NULL, kzfree() does nothing.* Note: this function zeroes the whole allocated buffer which can be a good

1036

If Not ret Then rcu_assign_keypointer(key, payload)

1038

Else kzfree - like kfree but zero memory*@p: object to free memory of* The memory of the object @p points to is zeroed before freed.* If @p is %NULL, kzfree() does nothing.* Note: this function zeroes the whole allocated buffer which can be a good

1040

Return ret

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion