Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp2958223ybl; Mon, 19 Aug 2019 09:54:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqy1VKDgu5SFvDII84trwyCPF6w5gERmk2itHN65ImDXSeuiM3px8LOJR4L3CKo7m7SN0DTR X-Received: by 2002:a17:90a:5207:: with SMTP id v7mr20857645pjh.127.1566233675944; Mon, 19 Aug 2019 09:54:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1566233675; cv=none; d=google.com; s=arc-20160816; b=FQJIIdz0+5OiGYdqB8c0LneRXtv6dUFTR+Ol8r1JK7WwRxYX0mEwUzU4h3brBDUkXO FRUEmJYxt2L848A9Wi/Z5heA/Z+HMFm94S3GMtdXSvd66aIuf5Gu+DEHCoKqpiOGNHEe +FWICoHfDxhpaIL8gsIBML23+v6T3vl7keY+d7qF1VujWBAE77/na75BelDix7Ek2eME O6NkijxlLfXS1eA3+gE6e7s+MF8jxnWqdGPUz3RrWGk13AsyzkOlxAW/3q5F8vTH2syd ZItFpLfNhfz0EyaMBbXIJ5tdr+Ho94QmLmnrqcLSDrkv/VgTVFtZ7pSUMaHWIBULux2U Kb7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:organization:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=ogcz4x8OzxhgZFWtOPTFzNtyyuwIysh/1ZqCPZpL1L4=; b=qpBWF4J8i5bFb013qWX2pcquFIy1SvIAp4lqRK1rqMsfgKhWPNLDiLRYiOqfMQdlhy fA0n6h4e7z/K3aplG+XAVAMZmkCpcDCPz77CFP/PePJwCKET0vyYs0PYcJ0RZXzybxvD DbyjzK2b2xxjWdie3+TnSw0J2ZG5e6HZllIZjR0iwaFCLYN7Dl44s3Z/b3LhWaXi/UTG YQ8XKwiPiHn31fk72sPwP+JulzTE0Q5FegkP/Xr7Kjck+MiXSUimoLQVvjxq39R7c4XA Ta00B94JiLOxjaXoEURTFMS8g7KYiNvvvNk3EdikQnIm85q2KSQBdd9RCWexdbJR3gJo fyBQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g11si10768207plm.230.2019.08.19.09.54.16; Mon, 19 Aug 2019 09:54:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726918AbfHSQyN (ORCPT + 99 others); Mon, 19 Aug 2019 12:54:13 -0400 Received: from mga03.intel.com ([134.134.136.65]:40558 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726525AbfHSQyN (ORCPT ); Mon, 19 Aug 2019 12:54:13 -0400 X-Amp-Result: UNSCANNABLE X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Aug 2019 09:54:05 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,405,1559545200"; d="scan'208";a="261894927" Received: from jsakkine-mobl1.tm.intel.com (HELO localhost) ([10.237.50.125]) by orsmga001.jf.intel.com with ESMTP; 19 Aug 2019 09:54:00 -0700 Date: Mon, 19 Aug 2019 19:54:00 +0300 From: Jarkko Sakkinen To: Sumit Garg Cc: keyrings@vger.kernel.org, linux-integrity@vger.kernel.org, linux-crypto@vger.kernel.org, linux-security-module@vger.kernel.org, dhowells@redhat.com, herbert@gondor.apana.org.au, davem@davemloft.net, peterhuewe@gmx.de, jgg@ziepe.ca, jejb@linux.ibm.com, arnd@arndb.de, gregkh@linuxfoundation.org, zohar@linux.ibm.com, jmorris@namei.org, serge@hallyn.com, casey@schaufler-ca.com, ard.biesheuvel@linaro.org, daniel.thompson@linaro.org, linux-kernel@vger.kernel.org, tee-dev@lists.linaro.org Subject: Re: [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem Message-ID: <20190819165400.xsgpbtbj26y7d2wb@linux.intel.com> References: <1565682784-10234-1-git-send-email-sumit.garg@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1565682784-10234-1-git-send-email-sumit.garg@linaro.org> Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: NeoMutt/20180716 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Tue, Aug 13, 2019 at 01:22:59PM +0530, Sumit Garg wrote: > This patch-set is an outcome of discussion here [1]. It has evolved very > much since v1 to create, consolidate and generalize trusted keys > subsystem. > > This framework has been tested with trusted keys support provided via TEE > but I wasn't able to test it with a TPM device as I don't possess one. It > would be really helpful if others could test this patch-set using a TPM > device. I think 1/5-4/5 make up a non-RFC patch set that needs to reviewed, tested and merged as a separate entity. On the other hand 5/5 cannot be merged even if I fully agreed on the code change as without TEE patch it does not add any value for Linux. To straighten up thing I would suggest that the next patch set version would only consists of the first four patches and we meld them to the shape so that we can land them to the mainline. Then it should be way more easier to concentrate the actual problem you are trying to resolve. /Jarkko