Re: [PATCH 2/6] security/keys/encrypted: Clean up request_trusted_key()

On Tue, 2019-03-19 at 17:20 -0700, Dan Williams wrote: > On Tue, Mar 19, 2019 at 5:07 PM Mimi Zohar <zohar(a)linux.ibm.com&gt; wrote: > > > > On Mon, 2019-03-18 at 23:06 -0700, Dan Williams wrote: > > > > < snip > > > > > > +/* > > > + * request_trusted_key - request the trusted key > > > + * > > > + * Trusted keys are sealed to PCRs and other metadata. Although userspace > > > + * manages both trusted/encrypted key-types, like the encrypted key type > > > + * data, trusted key type data is not visible decrypted from userspace. > > > + */ > > > +static struct key *request_trusted_key(const char *trusted_desc, > > > + const u8 **master_key, size_t *master_keylen) > > > +{ > > > + struct trusted_key_payload *tpayload; > > > + struct key_type *type; > > > + struct key *tkey; > > > + > > > + type = key_type_lookup("trusted"); > > > > The associated key_type_put() will need to be called. > > Yes. I don't know if defining a key_type_lookup() wrapper, perhaps named is_key_type_available(), would help. Both key_type_lookup() and key_type_put() would be called. The existing code could then remain the same.