Message ID | 20211201095900.3009225-1-a.fatoum@pengutronix.de (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | [v4] KEYS: trusted: Fix trusted key backends when building as module | expand |
On Wed, Dec 01, 2021 at 10:59:00AM +0100, Ahmad Fatoum wrote: > From: Andreas Rammhold <andreas@rammhold.de> > > Before this commit the kernel could end up with no trusted key sources > even though both of the currently supported backends (TPM and TEE) were > compiled as modules. This manifested in the trusted key type not being > registered at all. > > When checking if a CONFIG_… preprocessor variable is defined we only > test for the builtin (=y) case and not the module (=m) case. By using > the IS_REACHABLE() macro we do test for both cases. > > Fixes: 5d0682be3189 ("KEYS: trusted: Add generic trusted keys framework") > Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> > Reviewed-by: Ahmad Fatoum <a.fatoum@pengutronix.de> > Reviewed-by: Sumit Garg <sumit.garg@linaro.org> > Signed-off-by: Andreas Rammhold <andreas@rammhold.de> > Tested-by: Ahmad Fatoum <a.fatoum@pengutronix.de> > Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Thank you, I picked this. /Jarkko
On 01.12.21 11:40, Jarkko Sakkinen wrote: > On Wed, Dec 01, 2021 at 10:59:00AM +0100, Ahmad Fatoum wrote: >> From: Andreas Rammhold <andreas@rammhold.de> >> >> Before this commit the kernel could end up with no trusted key sources >> even though both of the currently supported backends (TPM and TEE) were >> compiled as modules. This manifested in the trusted key type not being >> registered at all. >> >> When checking if a CONFIG_… preprocessor variable is defined we only >> test for the builtin (=y) case and not the module (=m) case. By using >> the IS_REACHABLE() macro we do test for both cases. >> >> Fixes: 5d0682be3189 ("KEYS: trusted: Add generic trusted keys framework") >> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> >> Reviewed-by: Ahmad Fatoum <a.fatoum@pengutronix.de> >> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> >> Signed-off-by: Andreas Rammhold <andreas@rammhold.de> >> Tested-by: Ahmad Fatoum <a.fatoum@pengutronix.de> >> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> > > Thank you, I picked this. Excellent. Could I know your opinion on my CAAM Trusted Keys series as well? :-) Thanks, Ahmad > > /Jarkko >
diff --git a/security/keys/trusted-keys/trusted_core.c b/security/keys/trusted-keys/trusted_core.c index d5c891d8d353..5b35f1b87644 100644 --- a/security/keys/trusted-keys/trusted_core.c +++ b/security/keys/trusted-keys/trusted_core.c @@ -27,10 +27,10 @@ module_param_named(source, trusted_key_source, charp, 0); MODULE_PARM_DESC(source, "Select trusted keys source (tpm or tee)"); static const struct trusted_key_source trusted_key_sources[] = { -#if defined(CONFIG_TCG_TPM) +#if IS_REACHABLE(CONFIG_TCG_TPM) { "tpm", &trusted_key_tpm_ops }, #endif -#if defined(CONFIG_TEE) +#if IS_REACHABLE(CONFIG_TEE) { "tee", &trusted_key_tee_ops }, #endif };