On Mon, 2019-03-18 at 23:06 -0700, Dan Williams wrote: < snip >
> +/* > + * request_trusted_key - request the trusted key > + * > + * Trusted keys are sealed to PCRs and other metadata. Although userspace > + * manages both trusted/encrypted key-types, like the encrypted key type > + * data, trusted key type data is not visible decrypted from userspace. > + */ > +static struct key *request_trusted_key(const char *trusted_desc, > + const u8 **master_key, size_t *master_keylen) > +{ > + struct trusted_key_payload *tpayload; > + struct key_type *type; > + struct key *tkey; > + > + type = key_type_lookup("trusted"); The associated key_type_put() will need to be called. > + if (IS_ERR(type)) { > + tkey = (struct key *)type; > + goto error; > + } > + tkey = request_key(type, trusted_desc, NULL); > + if (IS_ERR(tkey)) > + goto error; > + > + down_read(&tkey->sem); > + tpayload = tkey->payload.data[0]; > + *master_key = tpayload->key; > + *master_keylen = tpayload->key_len; > +error: > + return tkey; > +} > + > diff --git a/security/keys/key.c b/security/keys/key.c > index 696f1c092c50..9045b62afb04 100644 > --- a/security/keys/key.c > +++ b/security/keys/key.c > @@ -706,6 +706,7 @@ struct key_type *key_type_lookup(const char *type) > found_kernel_type: > return ktype; > } > +EXPORT_SYMBOL_GPL(key_type_lookup); Only the kernel is calling key_type_lookup(). Why does key_type_lookup() need to be exported? Mimi > > void key_set_timeout(struct key *key, unsigned timeout) > { > _______________________________________________ Linux-nvdimm mailing list Linux-nvdimm@lists.01.org https://lists.01.org/mailman/listinfo/linux-nvdimm