Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp894449img; Mon, 18 Mar 2019 17:25:40 -0700 (PDT) X-Google-Smtp-Source: APXvYqzZA2t3ZWP03o5pUrOA2GrhADys5m8BMzwrvvyM0PXCr5py88+ixOhmhlAbS3HPYTljoaWW X-Received: by 2002:a65:568b:: with SMTP id v11mr20652156pgs.23.1552955140340; Mon, 18 Mar 2019 17:25:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552955140; cv=none; d=google.com; s=arc-20160816; b=EMEmWdiZzEahz8c7yvrTtbhjf1EgMTjmX+v8aM7AGE5GJvX3o5OpTqzKRQCJcgFcsW XSdpSGHl0zYtECrUPbMJGPMY8bqCJhb1mPYnl1cU2di4mOS/HlNopTPlM8rmFowByHz3 WsITWmDvlnQL/ZMweBXnK67ZJNQM8cLOJCeqXhkMShClL73g/rVQfNj4w/ZBLLrzneHa Vw/V2pjSsH42UWU2LnJloG6gJU38MHXsrKEma0ULvczKCXuSqx5+tW0txvnzVr141ohi KaDAKAoxrK0vSNfWqPje97ywmXTTy6qUYQkh6L2r5rkLLrNt8vbhyrUH82zaBpZ59d9a 30Dw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-transfer-encoding :mime-version:references:in-reply-to:date:cc:to:from:subject; bh=drXVlztshUEAQ+bTPOdHCVR3+rKDPuD78fgJg+qf0ks=; b=zkmzryX5Af2m6b8/AX4Qc4uxRrxiDW+AjXDO222gNTw3I6p4CnyH9njjOR01jBHUso kAwrIzyzIjeshq870AUaEUYY8C1Rd2/RedArVudUWzk1euusQkfvfKB9rCwUEg3XFRHm l1zCaZoT/y8o7XolupQNzMdR3ZcRha9ikSj+BKr1T5ZjHXeCAFAIwCPHciQya408pPUT s3Mkc0JW60lKgO0ebCKA/whhb10zqdK+zhrE3QnE7kkLQf3aCOrzzEC+EeBUmj1c8qNa 4PqC5fz6xcXh7ws3ll4npGJinSPfz5NxowY2KFVd9QQzUU0bfLQ9BuzHdDtRVj99QENo TJvA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e12si10247382pgd.381.2019.03.18.17.25.24; Mon, 18 Mar 2019 17:25:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726788AbfCSAYu (ORCPT + 99 others); Mon, 18 Mar 2019 20:24:50 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:42706 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726438AbfCSAYu (ORCPT ); Mon, 18 Mar 2019 20:24:50 -0400 Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x2J0Igb3123705 for ; Mon, 18 Mar 2019 20:24:49 -0400 Received: from e15.ny.us.ibm.com (e15.ny.us.ibm.com [129.33.205.205]) by mx0a-001b2d01.pphosted.com with ESMTP id 2rahx381wa-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 18 Mar 2019 20:24:48 -0400 Received: from localhost by e15.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 19 Mar 2019 00:24:46 -0000 Received: from b01cxnp22035.gho.pok.ibm.com (9.57.198.25) by e15.ny.us.ibm.com (146.89.104.202) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Tue, 19 Mar 2019 00:24:41 -0000 Received: from b01ledav002.gho.pok.ibm.com (b01ledav002.gho.pok.ibm.com [9.57.199.107]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x2J0OfvD11469030 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 19 Mar 2019 00:24:42 GMT Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D66FC124053; Tue, 19 Mar 2019 00:24:41 +0000 (GMT) Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B3BAA12405E; Tue, 19 Mar 2019 00:24:40 +0000 (GMT) Received: from jarvis.ext.hansenpartnership.com (unknown [9.85.131.215]) by b01ledav002.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 19 Mar 2019 00:24:40 +0000 (GMT) Subject: Re: [PATCH] security/keys/trusted: Allow operation without hardware TPM From: James Bottomley To: Dan Williams , jarkko.sakkinen@linux.intel.com Cc: Roberto Sassu , Mimi Zohar , David Howells , keyrings@vger.kernel.org, linux-nvdimm@lists.01.org, linux-kernel@vger.kernel.org Date: Mon, 18 Mar 2019 17:24:40 -0700 In-Reply-To: <155295271345.1945351.6465460744078693578.stgit@dwillia2-desk3.amr.corp.intel.com> References: <155295271345.1945351.6465460744078693578.stgit@dwillia2-desk3.amr.corp.intel.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.26.6 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-TM-AS-GCONF: 00 x-cbid: 19031900-0068-0000-0000-000003A7AAC1 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00010782; HX=3.00000242; KW=3.00000007; PH=3.00000004; SC=3.00000281; SDB=6.01176356; UDB=6.00615286; IPR=6.00957041; MB=3.00026041; MTD=3.00000008; XFM=3.00000015; UTC=2019-03-19 00:24:44 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19031900-0069-0000-0000-000047DD126C Message-Id: <1552955080.2785.26.camel@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-03-18_14:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=792 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1903190000 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 2019-03-18 at 16:45 -0700, Dan Williams wrote: > Rather than fail initialization of the trusted.ko module, arrange for > the module to load, but rely on trusted_instantiate() to fail > trusted-key operations. What actual problem is this fixing? To me it would seem like an enhancement to make the trusted module fail at load time if there's no TPM rather than waiting until first use to find out it can never work. Is there some piece of user code that depends on the successful insertion of trusted.ko? James