|
40 | 40 | *
|
41 | 41 | * These are the usage functions:
|
42 | 42 | *
|
43 |
| - * tpm2_start_auth_session() which allocates the opaque auth structure |
44 |
| - * and gets a session from the TPM. This must be called before |
45 |
| - * any of the following functions. The session is protected by a |
46 |
| - * session_key which is derived from a random salt value |
47 |
| - * encrypted to the NULL seed. |
48 | 43 | * tpm2_end_auth_session() kills the session and frees the resources.
|
49 | 44 | * Under normal operation this function is done by
|
50 | 45 | * tpm_buf_check_hmac_response(), so this is only to be used on
|
@@ -963,16 +958,13 @@ static int tpm2_load_null(struct tpm_chip *chip, u32 *null_key)
|
963 | 958 | }
|
964 | 959 |
|
965 | 960 | /**
|
966 |
| - * tpm2_start_auth_session() - create a HMAC authentication session with the TPM |
967 |
| - * @chip: the TPM chip structure to create the session with |
| 961 | + * tpm2_start_auth_session() - Create an a HMAC authentication session |
| 962 | + * @chip: A TPM chip |
968 | 963 | *
|
969 |
| - * This function loads the NULL seed from its saved context and starts |
970 |
| - * an authentication session on the null seed, fills in the |
971 |
| - * @chip->auth structure to contain all the session details necessary |
972 |
| - * for performing the HMAC, encrypt and decrypt operations and |
973 |
| - * returns. The NULL seed is flushed before this function returns. |
| 964 | + * Loads the ephemeral key (null seed), and starts an HMAC authenticated |
| 965 | + * session. The null seed is flushed before the return. |
974 | 966 | *
|
975 |
| - * Return: zero on success or actual error encountered. |
| 967 | + * Returns zero on success, or a POSIX error code. |
976 | 968 | */
|
977 | 969 | int tpm2_start_auth_session(struct tpm_chip *chip)
|
978 | 970 | {
|
@@ -1024,7 +1016,7 @@ int tpm2_start_auth_session(struct tpm_chip *chip)
|
1024 | 1016 | /* hash algorithm for session */
|
1025 | 1017 | tpm_buf_append_u16(&buf, TPM_ALG_SHA256);
|
1026 | 1018 |
|
1027 |
| - rc = tpm_transmit_cmd(chip, &buf, 0, "start auth session"); |
| 1019 | + rc = tpm_ret_to_err(tpm_transmit_cmd(chip, &buf, 0, "StartAuthSession")); |
1028 | 1020 | tpm2_flush_context(chip, null_key);
|
1029 | 1021 |
|
1030 | 1022 | if (rc == TPM2_RC_SUCCESS)
|
|
0 commit comments