Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp4949533img; Tue, 26 Mar 2019 21:57:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqxfytXu3cv5nDRcMaYszSu5MbvLoWzd6NoGo582PIkv/O3G+SVLZc1nzt+wKYolZb79LuT6 X-Received: by 2002:a17:902:2ac3:: with SMTP id j61mr34782237plb.112.1553662624012; Tue, 26 Mar 2019 21:57:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553662624; cv=none; d=google.com; s=arc-20160816; b=W6qrIXhUmA2W7av4s0eSmf3epFyNgre+M7VNXFW45zMtY3/rLnJPnINcTxKfC+tgdb cQSQe0yLIj/uzVtl1TseaYnTYNuURxcvh8i5MGEyif+Su8LAeJYwNsRzjQdmvylFhTSM 3wgsbFW6zi1b1/zOPW9xTPMdNWBSc+QSXJiIoWreSFuLGd2xt4+JHIVIkzJdQaCbuOuf kCnllVmY955Nb5RP9unHUkCKsckIe0UbNTu6DmH9TsUzX/ka0VdsvzWq16R8LzSBmxj1 1+0aJg/3m9wAA1+KVIJmDifi1V/SofkJjWOubTP0XUIOTvTsLkb+b3pqrSouvWeUoo3I rjZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:organization:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=9PLSDxVcZez6PdcGUNVlEa3KrMjtUPqA1dzOXi4L/Jg=; b=bpVODcjzhpFbYJayzLOfJ47gEsyRB2aslBhhAt4j+Nco+yVZUxv1B5otppJM++rbJC RRdhDSWZd8vsmtr3b9l4lco/85aDVzL+/D8HP8I5vgNuc8be0cb6hIPupgXD7EfsD6A1 W3r4E+N2lUXkXcfhpJCAdTyVkiQpsjpX+1d9NVFT2CwY66Df4rmsxK0UdgjCxsoD/M9h 1HJa4r1WKEuD6u7CeBSt2eLxXuafZYDG11UFaRqQZe4jvNevxHrlBPk/CXqaDkSEuQ6j HHio+JoH6grXScvygbZLWC1N7u9vk0me/GypewhO9n2KE3kZJuZhUHeLuwi6ddG0BszW vOJg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f7si8953196pfa.50.2019.03.26.21.56.48; Tue, 26 Mar 2019 21:57:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726319AbfC0Ey6 (ORCPT + 99 others); Wed, 27 Mar 2019 00:54:58 -0400 Received: from mga11.intel.com ([192.55.52.93]:21271 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726233AbfC0Ey6 (ORCPT ); Wed, 27 Mar 2019 00:54:58 -0400 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Mar 2019 21:54:57 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,275,1549958400"; d="scan'208";a="158735882" Received: from yannluen-mobl.ccr.corp.intel.com (HELO localhost) ([10.249.254.205]) by fmsmga001.fm.intel.com with ESMTP; 26 Mar 2019 21:54:52 -0700 Date: Wed, 27 Mar 2019 06:54:50 +0200 From: Jarkko Sakkinen To: James Bottomley Cc: Mimi Zohar , Joe Perches , linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, keyrings@vger.kernel.org, Mimi Zohar , David Howells , James Morris , Denis Kenzior , Marcel Holtmann , James Morris Subject: Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED' Message-ID: <20190327045450.GC15397@linux.intel.com> References: <7cd8d12f59bcacd18a78f599b46dac555f7f16c0.camel@perches.com> <20190325212705.26837-1-joe@perches.com> <20190326113725.GA10898@linux.intel.com> <1553602220.3960.29.camel@linux.ibm.com> <1553610317.2900.2.camel@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1553610317.2900.2.camel@linux.ibm.com> Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Mar 26, 2019 at 07:25:17AM -0700, James Bottomley wrote: > On Tue, 2019-03-26 at 08:10 -0400, Mimi Zohar wrote: > > Hi Jarrko, > > > > On Tue, 2019-03-26 at 13:37 +0200, Jarkko Sakkinen wrote: > > > Mimi, > > > > > > Can you fix this and I can ack and send PR through my tree? > > > > Making the "trusted.h" include file public was part of David's "KEYS: > > Support TPM-wrapped key and crypto ops" patch set. I wasn't involved > > in reviewing or upstreaming this patch set. As I recall, it was > > upstreamed rather quickly without much review. As it is TPM related, > > it should have at least been posted on the linux-integrity mailing > > list. I have no idea if "trusted.h" should have been made public. > > > > I'm not sure just "fixing" the MAINTAINERS file is the right > > solution. I was hoping to look at it later this week. Perhaps you > > and James could take a look? > > Looking at the contents of linux/keys/trusted.h, it looks like the > wrong decision to move it. The contents are way too improperly named > and duplicative to be in a standard header. It's mostly actually TPM > code including a redefinition of the tpm_buf structure, so it doesn't > even seem to be necessary for trusted keys. > > If you want to fix this as a bug, I'd move it back again, but long term > I think it should simply be combined with trusted.c because nothing > else can include it sanely anyway. Fully agree with the long term plan. I think it would be better to take the TPM2 trusted keys code from the driver to the keyring subsystem once TPM1 trusted keys code has been converted to use tpm_buf. I don't also know any good reason for the core TPM driver to be compiled as a module. It is just makes the kernel build configuration more awkward. Would be nice to get the TPM callable from any subsystem without fuzz. There is no a production use case for "TPM as an LKM" (obviously drivers for different types of TPM hardware must and will be compilable as LKM's). /Jarkko