Received: by 2002:ab2:6a05:0:b0:1f8:1780:a4ed with SMTP id w5csp341458lqo; Fri, 10 May 2024 01:13:02 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXljvExAdXcBE0kDcMLPAzfxVolKSiikQ8dFcFLf/H67HK/ONQNQ1/ubreghRg//PiRNhUHQbBEER3l+9NIRuRrIhpqe5gw7rJhK/wtVQ== X-Google-Smtp-Source: AGHT+IHACzqlghbLVYMPRf/k19pwyNqfEczN+re3nafqSI+RhzEVUOtCMIRbuW2Y+dMJOmznUC7S X-Received: by 2002:a05:6a21:279a:b0:1af:d228:ca5b with SMTP id adf61e73a8af0-1afde0d5488mr2207222637.21.1715328782660; Fri, 10 May 2024 01:13:02 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715328782; cv=pass; d=google.com; s=arc-20160816; b=fLUwUJ0WfhB0vStlIcqUK9YM/JnQeNIXhAFENjARhQAz/zSW0TAErmpxsqzWm+emuy H+n+7LbaOZsAHBqe5zAlj3JlwQG2peHKCNgoGkNEiEDnGBA0a9lS24iTy4sl9jAZE/N1 0to5ej5tCDjVpRgpiB5VthVR9v+fdHZx3AFjo8PW1dvffG/K+ToBpNT042CDCWPN33ov FY6nDTkiHq62Pu/DAxHxyIeFTz2wPzM/hSxLChN5QKChr1KXF4+oiJTMpsaoZgxON42N Bw5549B2IpQ+2vxpe8MCwJyuEy+X7k+c7rxGDxTdcepU8FmSsmV3S5nwoBCt2Vq2TJG1 Sbgg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:cc:to:from:subject:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=63LkKxQnPfNPFz4Ce8J7HQ+Gp+UglZPRuwLqfkkEBus=; fh=qfH0ChF54NtfbsuKg3Uq6HJA0Otnkn31yf/ciqaLLBM=; b=vRIrjs4/Rc2HmkhkRsEcmC0GXW2vyoD6qU4i+xnqxGVNPzOwS4iZboIglDoHEmMteI QbGU5rG1fkPnertvmEYQi6uewqGuADdYuXhJys4Gnaf15C2BNWVDH/zoom5pc3t+p08C li5azFIHh8hHABqRWwKOvydx6RXYQeyTpqUzr/8NfeDZsIhqzV5r6sWdPzOAYWiQgCFx +pSqWJNzH06mLyC8cnSTeCyMe6mzPIb7J8Jx80dx72Eb4yf9mtqS+ZIFcaDwB71UFy7h TaRlKtSTqm5aK6Q1Zq1dWtJ1eWFZBiGdi4e8DBZzlZX1om9FUL9vOlCcwTo/nbXmSb8D aKsg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Ml0DaCEw; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-175429-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-175429-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id 98e67ed59e1d1-2b628a5d97csi5162201a91.72.2024.05.10.01.13.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 10 May 2024 01:13:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-175429-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Ml0DaCEw; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-175429-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-175429-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id C6AE22834A1 for ; Fri, 10 May 2024 08:13:01 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0A61B1607A0; Fri, 10 May 2024 08:12:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Ml0DaCEw" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2E1EF15FA7D; Fri, 10 May 2024 08:12:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715328765; cv=none; b=q6ue/+uGMftA1YQoECtBoNZYrXGBQYQ597I47Gq8TQw6g57oiK+XGSjpje38f753mZUjO8qEyQIbcjQYjI9TCSmJ65wyk3y3pjOKxjXe8mpVNiXaBEK79pHmYCwTOI0ZwH6k5pp61W0cmYBUC62Y5c9xCW5VQx7/ZtFBZae1lzo= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715328765; c=relaxed/simple; bh=63LkKxQnPfNPFz4Ce8J7HQ+Gp+UglZPRuwLqfkkEBus=; h=Mime-Version:Content-Type:Date:Message-Id:Subject:From:To:Cc: References:In-Reply-To; b=ika6esgrg/O9Gn2xmzsUEjYXz2naMOrKpM3xfW9Futt9znu1qq9QIth1RIQHK1Cra4e+8KTxMU4g9djOMzSvzj37KM0/NpjgawCmmJUmP/UwZpKt3vrPUJPy2K6/xzHeo8/d3qYlBep/8V1sQP5xHj+Wv3laJLMipEkOwvFO13o= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Ml0DaCEw; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id DC741C113CC; Fri, 10 May 2024 08:12:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1715328764; bh=63LkKxQnPfNPFz4Ce8J7HQ+Gp+UglZPRuwLqfkkEBus=; h=Date:Subject:From:To:Cc:References:In-Reply-To:From; b=Ml0DaCEwmyQJ+cPHaXugULPb202ZJ8XY/7ZY2ttRkJoRrBw1snl+vKk/Hrmoj9xt2 gQeK5NkRW30ddPPzFoxvcABS5IEGuYgcc607+72b2ModNQj5oDuoU1s7HEy2DtOm63 Ld21K2lyXEzS2XwAEfdgrLpheYWs79xqNSR83usZxSG99urtXZo6WiWozjJmzNWQn6 Q1dkCPph2QpigJ+mpvIeWfZU5oJVZg/gN2NW8k+pPAfCACD+9lONTCDG0L7PNUvWj4 bA6t4y3ldK5WD17Gxti7jwB1SOGWvjSF3fN3MW+SKLuqTwlNMRzf/1R5+bKmFVzJYS DrUf4fB0rfNaQ== Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Fri, 10 May 2024 11:12:40 +0300 Message-Id: Subject: Re: [GIT PULL] TPM DEVICE DRIVER: tpmdd-next-6.10-rc1 From: "Jarkko Sakkinen" To: "Jarkko Sakkinen" , "Linus Torvalds" Cc: "Peter Huewe" , "Jason Gunthorpe" , "David Howells" , , , X-Mailer: aerc 0.17.0 References: In-Reply-To: On Thu May 9, 2024 at 11:04 PM EEST, Jarkko Sakkinen wrote: > Hi, > > These are the changes for the TPM driver with a single major new > feature: TPM bus encryption and integrity protection. The key pair > on TPM side is generated from so called null random seed per power > on of the machine [1]. This supports the TPM encryption of the hard > drive by adding layer of protection against bus interposer attacks. > > Other than the pull request a few minor fixes and documentation for > tpm_tis to clarify basics of TPM localities for future patch review > discussions (will be extended and refined over times, just a seed). > > [1] https://lore.kernel.org/linux-integrity/20240429202811.13643-1-James.= Bottomley@HansenPartnership.com/ Two former PR's (keys, trusted keys) look a bit different as I realized that my current script does not scale too well. So I do in future use a method where the subsystem name is picked from MAINTAINERS and I have crafted aerc templates [1] for each subsystem (also CC lists need tuning). This will get better and more polished as I get my scripting more polished. If anything went wrong, it is mostly because process changes have their glitches :-) https://man.archlinux.org/man/aerc-templates.7.en BR, Jarkko