KEYS: trusted: Fix trusted key backends when building as module

Before this commit the kernel could end up with no trusted key sources even though both of the currently supported backends (TPM and TEE) were compiled as modules. This manifested in the trusted key type not being registered at all. When checking if a CONFIG_… preprocessor variable is defined we only test for the builtin (=y) case and not the module (=m) case. By using the IS_REACHABLE() macro we do test for both cases. Fixes: 5d0682b ("KEYS: trusted: Add generic trusted keys framework") Reviewed-by: Jarkko Sakkinen <[email protected]> Reviewed-by: Ahmad Fatoum <[email protected]> Reviewed-by: Sumit Garg <[email protected]> Signed-off-by: Andreas Rammhold <[email protected]> Tested-by: Ahmad Fatoum <[email protected]> Signed-off-by: Ahmad Fatoum <[email protected]> Signed-off-by: Jarkko Sakkinen <[email protected]>
majek · Mar 8, 2022 · 969a264 · 969a264
1 parent 2dd6346
commit 969a264
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/security/keys/trusted-keys/trusted_core.c b/security/keys/trusted-keys/trusted_core.c
@@ -27,10 +27,10 @@ module_param_named(source, trusted_key_source, charp, 0);
 MODULE_PARM_DESC(source, "Select trusted keys source (tpm or tee)");
 
 static const struct trusted_key_source trusted_key_sources[] = {
-#if defined(CONFIG_TCG_TPM)
+#if IS_REACHABLE(CONFIG_TCG_TPM)
 	{ "tpm", &trusted_key_tpm_ops },
 #endif
-#if defined(CONFIG_TEE)
+#if IS_REACHABLE(CONFIG_TEE)
 	{ "tee", &trusted_key_tee_ops },
 #endif
 };