Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3201728imu;
        Fri, 18 Jan 2019 06:33:10 -0800 (PST)
X-Google-Smtp-Source: ALg8bN5sEvN+sKczNDWkm4Zmy471KepbiHoo2wAJbvTvLOoGhLLb93u/b6S5DXQANU48pZrUfFaL
X-Received: by 2002:a63:a91a:: with SMTP id u26mr17685474pge.349.1547821990093;
        Fri, 18 Jan 2019 06:33:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1547821990; cv=none;
        d=google.com; s=arc-20160816;
        b=KgUcpJ58hDVdjor1fS53/Jdpw9iljaDmsP8tOjhCg9AA+3HM/3YkD9f+lKP39aNnn+
         vvTc9EtFs5BZ4+ZRJiQ0t9/MjPAc6/Xrko1OeTP5ZJt0dIxZSgNVzEL+pFEt5V3hJSJC
         bIhQu5dP7FI99zBWFyxLL5Heyo8yYb+120wHZYSGAz6asZzZpmVwqscuNneGcaSD5C8x
         8xwCff9tl7f2CMOERVg/FCTKlEyVp+h8ns0xFHv4aNqlBZbMwTK8WY8Gvk4y2dlBY1oH
         xQzu6cF66Nrq2LShPEBCOS0UcI+2CW1SErng7xZH/WgmcbNxMMo/GnA8HOpkCrCl4XDE
         tk+A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version;
        bh=MvFgysJBzGiczWPWcdKT/RXNvz0YrddNRHBzAmB0qEQ=;
        b=L/MZkbiaZlVGDRbGF8u4SJlFAV9VVed2Q/huPC72itTmCpiSd1A6s47TR+I1GKtaW+
         P50A8EA05nf7TvWNSdqEmoZXOF8MPxsQDBbYUWoUxAZf3KVglnyVAnKsb2oRGCGFv0pi
         FiXehneAx0lnQwbd0gtZ5TKUc8lzdK0PHcTZVaaF6B6lU2Yjo8NUGvmpoFRf1lpoLy6H
         QGGq/k+E89Hho8mdP5otlspcU0zpuqiXTbetChyiKmM9MhZ02TbtXoy1Cwl9K0SucoKJ
         z6l6z0uvM5ptea9I47neQwBuuTy8t7CAEu8/NkaXk3EQ/Sk9yRlG1UJBAjJzUljCU0Mm
         sPFw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id t64si4915869pgd.202.2019.01.18.06.32.51;
        Fri, 18 Jan 2019 06:33:10 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727463AbfARO3A (ORCPT <rfc822;thunderbird.krnldev@gmail.com>
        + 99 others); Fri, 18 Jan 2019 09:29:00 -0500
Received: from mail-it1-f194.google.com ([209.85.166.194]:37615 "EHLO
        mail-it1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727458AbfARO27 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 18 Jan 2019 09:28:59 -0500
Received: by mail-it1-f194.google.com with SMTP id b5so6006722iti.2
        for <linux-kernel@vger.kernel.org>; Fri, 18 Jan 2019 06:28:59 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=MvFgysJBzGiczWPWcdKT/RXNvz0YrddNRHBzAmB0qEQ=;
        b=YhNRNrhQ3ILV2xemHAgrFHKj9er1jBHtK1fO9rXKPZgLQVz62iDiQWOwe+2yAHVtTn
         0rMlnYnfgnurhauYyMO2/QkEPzjU7MDFOGm0xAP/NPPDFNUV0uPLZio3gqzgH7zRoCux
         smQPVOqDUMDG24iboFudH1S0JdTrYDrNOYL22jr/7VlHHRErfsbNq2s2xes1PQxLb3cc
         LCYhUwLWYVELM0VUmR/R3jtE3FQ2i15AQbUOlSOMY6os2QabtHt8rOAQ/S6EYum8JAo+
         2oGk+UYLKyRIWVm+0gYzOrQa5YW3D0AnalTU/rs8BOajkPavri/v08lIkqGFfG3eOxnT
         PGZg==
X-Gm-Message-State: AJcUukesiGSXmZchLcGuDGiBdWdAm3bPtyWKzEg8Je6gMiOdlfxS/8ul
        PbPGo1APLR5bn3QJ0I2hVt5BnfMNanEtwkF2A4bziA==
X-Received: by 2002:a02:45ca:: with SMTP id o71mr11157454jad.127.1547821738643;
 Fri, 18 Jan 2019 06:28:58 -0800 (PST)
MIME-Version: 1.0
References: <20190118091733.29940-1-kasong@redhat.com> <1547812432.3982.55.camel@linux.ibm.com>
 <20190118123437.GA30929@dhcp-128-65.nay.redhat.com> <20190118123745.GA31072@dhcp-128-65.nay.redhat.com>
 <CACPcB9fiVUCfSBe05FOkKuMbzYnMjjKj50L3ydotSFSp5iL+kg@mail.gmail.com>
In-Reply-To: <CACPcB9fiVUCfSBe05FOkKuMbzYnMjjKj50L3ydotSFSp5iL+kg@mail.gmail.com>
From:   Kairui Song <kasong@redhat.com>
Date:   Fri, 18 Jan 2019 22:28:47 +0800
Message-ID: <CACPcB9egBRmP82-NKCRFyJ6b8=CNkn9fuCjCFw0m-VU_vk3z8A@mail.gmail.com>
Subject: Re: [PATCH v4 0/2] let kexec_file_load use platform keyring to verify
 the kernel image
To:     Dave Young <dyoung@redhat.com>, Mimi Zohar <zohar@linux.ibm.com>,
        David Howells <dhowells@redhat.com>
Cc:     Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        David Woodhouse <dwmw2@infradead.org>,
        jwboyer@fedoraproject.org, keyrings@vger.kernel.org,
        jmorris@namei.org, serge@hallyn.com, bauerman@linux.ibm.com,
        Eric Biggers <ebiggers@google.com>, nayna@linux.ibm.com,
        linux-integrity <linux-integrity@vger.kernel.org>,
        kexec@lists.infradead.org
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Jan 18, 2019 at 9:42 PM Kairui Song <kasong@redhat.com> wrote:
>
> On Fri, Jan 18, 2019 at 8:37 PM Dave Young <dyoung@redhat.com> wrote:
> >
> > On 01/18/19 at 08:34pm, Dave Young wrote:
> > > On 01/18/19 at 06:53am, Mimi Zohar wrote:
> > > > On Fri, 2019-01-18 at 17:17 +0800, Kairui Song wrote:
> > > > > This patch series adds a .platform_trusted_keys in system_keyring as the
> > > > > reference to .platform keyring in integrity subsystem, when platform
> > > > > keyring is being initialized it will be updated. So other component could
> > > > > use this keyring as well.
> > > >
> > > > Kairui, when people review patches, the comments could be specific,
> > > > but are normally generic.  My review included a couple of generic
> > > > suggestions - not to use "#ifdef" in C code (eg. is_enabled), use the
> > > > term "preboot" keys, and remove any references to "other components".
> > > >
> > > > After all the wording suggestions I've made, you are still saying, "So
> > > > other components could use this keyring as well".  Really?!  How the
> > > > platform keyring will be used in the future, is up to you and others
> > > > to convince Linus.  At least for now, please limit its usage to
> > > > verifying the PE signed kernel image.  If this patch set needs to be
> > > > reposted, please remove all references to "other components".
> > > >
> > > > Dave/David, are you ok with Kairui's usage of "#ifdef's"?  Dave, you
> > > > Acked the original post.  Can I include it?  Can we get some
> > > > additional Ack's on these patches?
> > >
> > > It is better to update patch to use IS_ENABLED in patch 1/2 as well.
> >
> > Hmm, not only for patch 1/2, patch 2/2 also need an update
> >
> > > Other than that, for kexec part I'm fine with an ack.
> > >
> > > Thanks
> > > Dave
>
> Thanks for the review again, will update the patch using IS_ENABLED
> along with update the cover letter shortly.
>
> --
> Best Regards,
> Kairui Song

Hi, before I update it again, most part of the new
platform_trusted_keyring related code is following how
secondary_trusted_keyring is implemented (surrounded by ifdefs). I
thought this could reduce unused code when the keyring is not enabled.
Else, all ifdef could be simply removed, when platform_keyring is not
enabled, the platform_trusted_keys will always be NULL, and
verify_pkcs7_signature will simply return NOKEY if anyone try to use
platform keyring.

Any suggestions? Or I can just remove the ifdef in
security/integrity/digsig.c and make set_platform_trusted_keys a
inline empty function in system_keyring.h.

-- 
Best Regards,
Kairui Song