Received: by 2002:a05:6a10:c604:0:0:0:0 with SMTP id y4csp560934pxt;
        Fri, 6 Aug 2021 08:24:07 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxhNNRzQPmwbtH1jBIXDQiJAFpxxXeh14LurStFZEN+R+nupisq94APYRTdcaN19kFqh2vn
X-Received: by 2002:a5d:9592:: with SMTP id a18mr948959ioo.168.1628263447213;
        Fri, 06 Aug 2021 08:24:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1628263447; cv=none;
        d=google.com; s=arc-20160816;
        b=Un9byd1p+4hUCwYnHAluUK7HZ3uFeKYZ36OZf1Y3lTt6toa48YB/mhyDJnacJTF+VF
         ZupaV5FKCXOaRNq1S8VQEASBU7swRKOl1sQw2VTMuMg7y0CnrTHFfABnIV00aVien1il
         CvG++a5bDhLbz3HFrVCCsrlkWvYWjjy/E9O7ZaVMaCn/wHX3zrLqge3e1+nIwAuq47ZF
         o3MgNNXlel8RHzoJeAw/Zf5gFXL61B+pETavoobZ+TA+SYYQHWSyDRuRmtkyOpKP07df
         R0/DeuEgU/IU0UkISrbvI9m1u0gWdWTA8r0wS5KVHjM0qwF/7/fqeepuK+UM5YOz2nTj
         H1sg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:content-language
         :in-reply-to:mime-version:user-agent:date:message-id:references:cc
         :to:from:subject;
        bh=oUguR/O0bzWi1GQpfBQJiS/CtUwPJwMIJfXRrPd9q0U=;
        b=K/7R4NYM1rpzEMIht+ogvMANpI/dn04D8QPuNbzZ+HJuXQGHZkWyT+F7slxeTDFubj
         F3JBLkmTodpjaPBCY8llY1prfQAW6zmshNp3aTBowWCSRScis5ee/NKLOxYyyYO6MJXc
         WY9A1BYgvqzGDcAH7cAzp6My6F9xj+W2IDJOg1xcrhtJGXzKTm2wa4JolL4CuIa08w0W
         yO8T7vi/JNWkBCaqb2bKkuhQoNMDJfez5V0UrBh1dau7fbH4Bgg1nE5rlsH+5QxanJLq
         S4VxYCKGfjCC4X3GtCRxFRFnkfI0xEJoM2+xTi34SCIQdUFOtua3CtPk8yO6BulU22Lu
         3/ag==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id m8si9696708jat.55.2021.08.06.08.23.54;
        Fri, 06 Aug 2021 08:24:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S245089AbhHFKyP (ORCPT <rfc822;linx.orlando.fred@gmail.com>
        + 99 others); Fri, 6 Aug 2021 06:54:15 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37156 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S245113AbhHFKyL (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 6 Aug 2021 06:54:11 -0400
Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 30AA5C061798
        for <linux-kernel@vger.kernel.org>; Fri,  6 Aug 2021 03:53:56 -0700 (PDT)
Received: from gallifrey.ext.pengutronix.de ([2001:67c:670:201:5054:ff:fe8d:eefb] helo=[IPv6:::1])
        by metis.ext.pengutronix.de with esmtp (Exim 4.92)
        (envelope-from <a.fatoum@pengutronix.de>)
        id 1mBxU5-0002nV-4I; Fri, 06 Aug 2021 12:53:49 +0200
Subject: Re: [RFC PATCH v1 0/4] keys: introduce key_extract_material helper
From:   Ahmad Fatoum <a.fatoum@pengutronix.de>
To:     David Howells <dhowells@redhat.com>,
        Jarkko Sakkinen <jarkko@kernel.org>,
        James Morris <jmorris@namei.org>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Alasdair Kergon <agk@redhat.com>,
        Mike Snitzer <snitzer@redhat.com>, dm-devel@redhat.com,
        Song Liu <song@kernel.org>, Richard Weinberger <richard@nod.at>
Cc:     linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org,
        linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
        linux-mtd@lists.infradead.org, kernel@pengutronix.de,
        linux-integrity@vger.kernel.org
References: <cover.b2fdd70b830d12853b12a12e32ceb0c8162c1346.1626945419.git-series.a.fatoum@pengutronix.de>
Message-ID: <7bc58825-c6d8-5e6d-4e1c-c4375e19c10e@pengutronix.de>
Date:   Fri, 6 Aug 2021 12:53:45 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.12.0
MIME-Version: 1.0
In-Reply-To: <cover.b2fdd70b830d12853b12a12e32ceb0c8162c1346.1626945419.git-series.a.fatoum@pengutronix.de>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-SA-Exim-Connect-IP: 2001:67c:670:201:5054:ff:fe8d:eefb
X-SA-Exim-Mail-From: a.fatoum@pengutronix.de
X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false
X-PTX-Original-Recipient: linux-kernel@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hello everyone,

On 22.07.21 11:17, Ahmad Fatoum wrote:
> While keys of differing type have a common struct key definition, there is
> no common scheme to the payload and key material extraction differs.
> 
> For kernel functionality that supports different key types,
> this means duplicated code for key material extraction and because key type
> is discriminated by a pointer to a global, users need to replicate
> reachability checks as well, so builtin code doesn't depend on a key
> type symbol offered by a module.
> 
> Make this easier by adding a common helper with initial support for
> user, logon, encrypted and trusted keys.
> 
> This series contains two example of its use: dm-crypt uses it to reduce
> boilerplate and ubifs authentication uses it to gain support for trusted
> and encrypted keys alongside the already supported logon keys.
> 
> Looking forward to your feedback,

@Mike, Aliasdair: Do you think of key_extract_material as an improvement?

Does someone share the opinion that the helper is useful or should I drop
it and just send out the ubifs auth patch seperately?

Cheers,
Ahmad

> Ahmad
> 
> ---
> To: David Howells <dhowells@redhat.com>
> To: Jarkko Sakkinen <jarkko@kernel.org>
> To: James Morris <jmorris@namei.org>
> To: "Serge E. Hallyn" <serge@hallyn.com>
> To: Alasdair Kergon <agk@redhat.com>
> To: Mike Snitzer <snitzer@redhat.com>
> To: dm-devel@redhat.com
> To: Song Liu <song@kernel.org>
> To: Richard Weinberger <richard@nod.at>
> Cc: linux-kernel@vger.kernel.org
> Cc: linux-raid@vger.kernel.org
> Cc: linux-integrity@vger.kernel.org
> Cc: keyrings@vger.kernel.org
> Cc: linux-mtd@lists.infradead.org
> Cc: linux-security-module@vger.kernel.org
> 
> Ahmad Fatoum (4):
>   keys: introduce key_extract_material helper
>   dm: crypt: use new key_extract_material helper
>   ubifs: auth: remove never hit key type error check
>   ubifs: auth: consult encrypted and trusted keys if no logon key was found
> 
>  Documentation/filesystems/ubifs.rst |  2 +-
>  drivers/md/dm-crypt.c               | 65 ++++--------------------------
>  fs/ubifs/auth.c                     | 25 +++++-------
>  include/linux/key.h                 | 45 +++++++++++++++++++++-
>  security/keys/key.c                 | 40 ++++++++++++++++++-
>  5 files changed, 107 insertions(+), 70 deletions(-)
> 
> base-commit: 2734d6c1b1a089fb593ef6a23d4b70903526fe0c
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |