fix integrity driver build issue with CentOS 7.6 3.10.0-957.1.3 kernel
Porting upstream patch to fix the build failure with the new kernel Depends-On: https://review.openstack.org/625785 Depends-On: https://review.openstack.org/625786 Story: 2004521 Task: 28584 Change-Id: I261d2d9534d90064d250ffabc11221caadcc2a04 Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
This commit is contained in:
parent
a186c686c0
commit
93d224c64c
@ -2,4 +2,4 @@ COPY_LIST=" \
|
||||
$FILES_BASE/* \
|
||||
$PATCHES_BASE/* \
|
||||
$STX_BASE/downloads/integrity-kmod-e6aef069.tar.gz"
|
||||
TIS_PATCH_VER=5
|
||||
TIS_PATCH_VER=6
|
||||
|
@ -36,6 +36,7 @@ Patch02: 0002-integrity-expose-module-params.patch
|
||||
Patch03: 0003-integrity-restrict-by-iversion.patch
|
||||
Patch04: 0004-integrity-disable-set-xattr-on-imasig.patch
|
||||
Patch05: Changes-for-CentOS-7.4-support.patch
|
||||
Patch06: Changes-for-CentOS-7.6-support.patch
|
||||
|
||||
%define kversion %(rpm -q kernel%{?bt_ext}-devel | sort --version-sort | tail -1 | sed 's/kernel%{?bt_ext}-devel-//')
|
||||
|
||||
|
@ -0,0 +1,120 @@
|
||||
From 5b60e1a889246a5a0d131e74ceaf240fc0637c9f Mon Sep 17 00:00:00 2001
|
||||
From: Shuicheng Lin <shuicheng.lin@intel.com>
|
||||
Date: Sat, 29 Dec 2018 02:51:39 +0800
|
||||
Subject: [PATCH] pick upstream patch to fix build failure with CentOS 7.6
|
||||
3.10.0-957.1.3 kernel
|
||||
|
||||
Pick upstream patch from "git://git.infradead.org/users/jjs/linux-tpmdd.git"
|
||||
|
||||
"
|
||||
From aad887f6641145fec2a801da2ce4ed36cf99c6a5 Mon Sep 17 00:00:00 2001
|
||||
From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Date: Sun, 5 Nov 2017 13:16:26 +0200
|
||||
Subject: [PATCH] tpm: use struct tpm_chip for tpm_chip_find_get()
|
||||
|
||||
Device number (the character device index) is not a stable identifier
|
||||
for a TPM chip. That is the reason why every call site passes
|
||||
TPM_ANY_NUM to tpm_chip_find_get().
|
||||
|
||||
This commit changes the API in a way that instead a struct tpm_chip
|
||||
instance is given and NULL means the default chip. In addition, this
|
||||
commit refines the documentation to be up to date with the
|
||||
implementation.
|
||||
|
||||
Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> (@chip_num -> @chip part)
|
||||
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
|
||||
Reviewed-by: Jason Gunthorpe <jgg@ziepe.ca>
|
||||
Tested-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
|
||||
"
|
||||
|
||||
Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
|
||||
---
|
||||
ima/ima_crypto.c | 2 +-
|
||||
ima/ima_init.c | 2 +-
|
||||
ima/ima_queue.c | 2 +-
|
||||
integrity/ima/ima_crypto.c | 2 +-
|
||||
integrity/ima/ima_init.c | 2 +-
|
||||
integrity/ima/ima_queue.c | 2 +-
|
||||
6 files changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/ima/ima_crypto.c b/ima/ima_crypto.c
|
||||
index 802d5d2..3371d13 100644
|
||||
--- a/ima/ima_crypto.c
|
||||
+++ b/ima/ima_crypto.c
|
||||
@@ -644,7 +644,7 @@ static void __init ima_pcrread(int idx, u8 *pcr)
|
||||
if (!ima_used_chip)
|
||||
return;
|
||||
|
||||
- if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0)
|
||||
+ if (tpm_pcr_read(NULL, idx, pcr) != 0)
|
||||
pr_err("Error Communicating to TPM chip\n");
|
||||
}
|
||||
|
||||
diff --git a/ima/ima_init.c b/ima/ima_init.c
|
||||
index a7362e8..577c7b7 100644
|
||||
--- a/ima/ima_init.c
|
||||
+++ b/ima/ima_init.c
|
||||
@@ -115,7 +115,7 @@ int __init ima_init(void)
|
||||
|
||||
if (ima_used_chip != 0) {
|
||||
ima_used_chip = 0;
|
||||
- rc = tpm_pcr_read(TPM_ANY_NUM, 0, pcr_i);
|
||||
+ rc = tpm_pcr_read(NULL, 0, pcr_i);
|
||||
if (rc == 0)
|
||||
ima_used_chip = 1;
|
||||
}
|
||||
diff --git a/ima/ima_queue.c b/ima/ima_queue.c
|
||||
index d9aa5ab..9946363 100644
|
||||
--- a/ima/ima_queue.c
|
||||
+++ b/ima/ima_queue.c
|
||||
@@ -145,7 +145,7 @@ static int ima_pcr_extend(const u8 *hash, int pcr)
|
||||
if (!ima_used_chip)
|
||||
return result;
|
||||
|
||||
- result = tpm_pcr_extend(TPM_ANY_NUM, pcr, hash);
|
||||
+ result = tpm_pcr_extend(NULL, pcr, hash);
|
||||
if (result != 0)
|
||||
pr_err("Error Communicating to TPM chip, result: %d\n", result);
|
||||
return result;
|
||||
diff --git a/integrity/ima/ima_crypto.c b/integrity/ima/ima_crypto.c
|
||||
index 802d5d2..3371d13 100644
|
||||
--- a/integrity/ima/ima_crypto.c
|
||||
+++ b/integrity/ima/ima_crypto.c
|
||||
@@ -644,7 +644,7 @@ static void __init ima_pcrread(int idx, u8 *pcr)
|
||||
if (!ima_used_chip)
|
||||
return;
|
||||
|
||||
- if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0)
|
||||
+ if (tpm_pcr_read(NULL, idx, pcr) != 0)
|
||||
pr_err("Error Communicating to TPM chip\n");
|
||||
}
|
||||
|
||||
diff --git a/integrity/ima/ima_init.c b/integrity/ima/ima_init.c
|
||||
index 2967d49..29b72cd 100644
|
||||
--- a/integrity/ima/ima_init.c
|
||||
+++ b/integrity/ima/ima_init.c
|
||||
@@ -110,7 +110,7 @@ int __init ima_init(void)
|
||||
int rc;
|
||||
|
||||
ima_used_chip = 0;
|
||||
- rc = tpm_pcr_read(TPM_ANY_NUM, 0, pcr_i);
|
||||
+ rc = tpm_pcr_read(NULL, 0, pcr_i);
|
||||
if (rc == 0)
|
||||
ima_used_chip = 1;
|
||||
|
||||
diff --git a/integrity/ima/ima_queue.c b/integrity/ima/ima_queue.c
|
||||
index d9aa5ab..9946363 100644
|
||||
--- a/integrity/ima/ima_queue.c
|
||||
+++ b/integrity/ima/ima_queue.c
|
||||
@@ -145,7 +145,7 @@ static int ima_pcr_extend(const u8 *hash, int pcr)
|
||||
if (!ima_used_chip)
|
||||
return result;
|
||||
|
||||
- result = tpm_pcr_extend(TPM_ANY_NUM, pcr, hash);
|
||||
+ result = tpm_pcr_extend(NULL, pcr, hash);
|
||||
if (result != 0)
|
||||
pr_err("Error Communicating to TPM chip, result: %d\n", result);
|
||||
return result;
|
||||
--
|
||||
2.7.4
|
||||
|
Loading…
Reference in New Issue
Block a user