KEYS: trusted: Fix TPM reservation for seal/unseal

stable inclusion
from stable-5.10.33
commit bf84ef2dd2ccdcd8f2658476d34b51455f970ce4
bugzilla: 51834
CVE: NA

--------------------------------

[ Upstream commit 9d5171ea ]

The original patch 8c657a05 ("KEYS: trusted: Reserve TPM for seal
and unseal operations") was correct on the mailing list:

https://lore.kernel.org/linux-integrity/20210128235621.127925-4-jarkko@kernel.org/

But somehow got rebased so that the tpm_try_get_ops() in
tpm2_seal_trusted() got lost.  This causes an imbalanced put of the
TPM ops and causes oopses on TIS based hardware.

This fix puts back the lost tpm_try_get_ops()

Fixes: 8c657a05 ("KEYS: trusted: Reserve TPM for seal and unseal operations")
Reported-by: NMimi Zohar <zohar@linux.ibm.com>
Acked-by: NMimi Zohar <zohar@linux.ibm.com>
Signed-off-by: NJames Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: NSasha Levin <sashal@kernel.org>
Signed-off-by: NChen Jun <chenjun102@huawei.com>
Acked-by: NWeilong Chen <chenweilong@huawei.com>
Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>

security/keys/trusted-keys/trusted_tpm2.c

@@ -79,7 +79,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
 	if (i == ARRAY_SIZE(tpm2_hash_map))
 		return -EINVAL;
 
-	rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
+	rc = tpm_try_get_ops(chip);
 	if (rc)
 		return rc;