Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp3608778ybl;
        Mon, 19 Aug 2019 22:48:08 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyrg04CQc1Y88leq+rfF1ruvu+vLRpVocGGgVxdKuRjchGhw8Q+3c9B+FdNN9IVMcpJHV2Q
X-Received: by 2002:a62:26c4:: with SMTP id m187mr29054101pfm.49.1566280087918;
        Mon, 19 Aug 2019 22:48:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1566280087; cv=none;
        d=google.com; s=arc-20160816;
        b=IFPohWI39FHON/PEzlw3NlWvUpse1VlqAbqW/3NEVe/cit8Wh97wxEeJ5ZqpDd/iLs
         xNLZz/VQzMkh7YkSJnzhXaZDXTABRkuRozPJNH6PlrSMjlF13cOVAhk/Yi1bR7S/++fc
         Uu9+pPNZ/tv3zQD9RrcxPfJOIeLscEXuG5K+xs+EDqV8mJe0ohkEggGxNOvjf4yEGDUS
         fM+67Tpv7S4qFl9f7qMYrC1xSQ+NsFraEE1z8tTQ5wQeTU2noowSWb0vlQ4xuTe67QD/
         TaCspldfsuRy6/boRBBEfuORoID9M49UFdDGVfSc1j8aYt+cxC9wSBXkkRPAdfnS/1+e
         t3dw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=w/16MSoB080+HPdEFGeDYjIeK82W9jRb08AH0y5e7ug=;
        b=BLkBddk7nR4TLtLoRryT+dCs4+uZP6ydHsjnq2hKO9ic2q9feBDqc4IBNkTDP5vRjb
         xnpY/s/ayhRx7UR7cYG3C0TpAIC0CIush9BKpHaFcByzvQvyfwPqTJa8ILPBPpk+/Dr+
         zdq/MwbCYyR1iT9kOCa9tRbuLVW+tg7MUt1epRulds8RaApaal3HrKmKv24MKQXtwcvI
         Yr4g5cmvrUNuvCsDAhSEhGSODafUhkkJ8Kd0CzxRTImhYHrAhSUQvwTIb/LZf3u8O7Ba
         mVjxdm1YwEc8Q53i2LLnOFf6KtaTJuAdC7ha4bab/9lKd2pCXMCQ6j8p+W8zu5i4BaLK
         CCPg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linaro.org header.s=google header.b=ONrMQaez;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q13si10416696pjb.13.2019.08.19.22.47.45;
        Mon, 19 Aug 2019 22:48:07 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linaro.org header.s=google header.b=ONrMQaez;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729206AbfHTFq7 (ORCPT <rfc822;cvimail81@gmail.com> + 99 others);
        Tue, 20 Aug 2019 01:46:59 -0400
Received: from mail-lf1-f41.google.com ([209.85.167.41]:45612 "EHLO
        mail-lf1-f41.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1729203AbfHTFq7 (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Tue, 20 Aug 2019 01:46:59 -0400
Received: by mail-lf1-f41.google.com with SMTP id a30so3124054lfk.12
        for <linux-crypto@vger.kernel.org>; Mon, 19 Aug 2019 22:46:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=w/16MSoB080+HPdEFGeDYjIeK82W9jRb08AH0y5e7ug=;
        b=ONrMQaez/cE4lLvCHTz83wtZhsB6/S4LzrA9EZrBW2K3t2ECG+uxRDWV23qT9rLzpN
         1z3IWOd8jc1HkoLiDGbFYVOMNA6odIeqAnNGVhbYia9Hts4arGeJW6Y6NJOvCLd/3ST+
         Zx5c8d1x7LnZisVXAmLmVMQRX9O1ye60gMU638z3Yrup9N0o4Yeq8zJ14bzMFirSydY9
         HK8q5i/NI6Wdw90AuotXYccM85of5EJzPuPozi5EsiNpb6/QY52qzmvWjo2zFjRk7gg7
         xJ2sGUa8uxrHMISm2XaEQ5+EyKQWPzc7vMAjHtlVpEpEhIPS+55ytCUNUjSiQ+EuOFz2
         JaLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=w/16MSoB080+HPdEFGeDYjIeK82W9jRb08AH0y5e7ug=;
        b=PslANN36u5g52j4+yQci4RyBKlK35MJU2UB7wGegRUw1ZgfQBKdWM5xF70EHCprq4d
         XHlrGQOO/9smpQqvAkNvqMH0/1uC9BhveYfiGy7ZQq79jJlq7rSIgpI4peZm90PT1Fcd
         gvLI/kRNJ8upz6Kwyb562nJjuIQBMHF7C+u7GHFmWe837W/ZgQr36+dRc3IDtx9uOL5P
         LIC3mo/cnWe9WYTZXUoVk+OJbJJ07YvxEiUVIIrSSUu5ErH9KekdY2hKfzbjSJfyBWYk
         odXwlwmdxo5oHQEdj0rNsECsRb+Y02qMV8NY8nrGP93+2c2xfNasRFK+F9lCNCL9615C
         zmxA==
X-Gm-Message-State: APjAAAWUYK0t7mGmoWfrzMB0jdVY+3sktf3WA4+OqcVuvVbRqHng+VMA
        0lVwsLabh1iW86wAn8Pr9JLaQEpm2WJfiDBHZY9sVw==
X-Received: by 2002:ac2:5637:: with SMTP id b23mr14863080lff.186.1566280017646;
 Mon, 19 Aug 2019 22:46:57 -0700 (PDT)
MIME-Version: 1.0
References: <1565682784-10234-1-git-send-email-sumit.garg@linaro.org> <20190819165400.xsgpbtbj26y7d2wb@linux.intel.com>
In-Reply-To: <20190819165400.xsgpbtbj26y7d2wb@linux.intel.com>
From:   Sumit Garg <sumit.garg@linaro.org>
Date:   Tue, 20 Aug 2019 11:16:46 +0530
Message-ID: <CAFA6WYMCjKCf=aCVEXrQtZJ57V+2MCLNZKov6t37unzgpLmc0A@mail.gmail.com>
Subject: Re: [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
To:     Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc:     keyrings@vger.kernel.org, linux-integrity@vger.kernel.org,
        "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" 
        <linux-crypto@vger.kernel.org>,
        linux-security-module@vger.kernel.org, dhowells@redhat.com,
        Herbert Xu <herbert@gondor.apana.org.au>, davem@davemloft.net,
        peterhuewe@gmx.de, jgg@ziepe.ca, jejb@linux.ibm.com,
        Arnd Bergmann <arnd@arndb.de>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Mimi Zohar <zohar@linux.ibm.com>,
        James Morris <jmorris@namei.org>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Casey Schaufler <casey@schaufler-ca.com>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        Daniel Thompson <daniel.thompson@linaro.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        "tee-dev @ lists . linaro . org" <tee-dev@lists.linaro.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Mon, 19 Aug 2019 at 22:24, Jarkko Sakkinen
<jarkko.sakkinen@linux.intel.com> wrote:
>
> On Tue, Aug 13, 2019 at 01:22:59PM +0530, Sumit Garg wrote:
> > This patch-set is an outcome of discussion here [1]. It has evolved very
> > much since v1 to create, consolidate and generalize trusted keys
> > subsystem.
> >
> > This framework has been tested with trusted keys support provided via TEE
> > but I wasn't able to test it with a TPM device as I don't possess one. It
> > would be really helpful if others could test this patch-set using a TPM
> > device.
>
> I think 1/5-4/5 make up a non-RFC patch set that needs to reviewed,
> tested and merged as a separate entity.
>

Okay.

> On the other hand 5/5 cannot be merged even if I fully agreed on
> the code change as without TEE patch it does not add any value for
> Linux.
>

I agree here that 5/5 should go along with TEE patch-set. But if you
look at initial v1 patch-set, the idea was to get feedback on trusted
keys abstraction as a standalone patch along with testing using a TPM
(1.x or 2.0).

Since Mimi has tested this patch-set with TPM (1.x & 2.0), I am happy
to merge 5/5 with TEE patch-set. But it would be nice if I could get
feedback on 5/5 before I send next version of TEE patch-set.

> To straighten up thing I would suggest that the next patch set
> version would only consists of the first four patches and we meld
> them to the shape so that we can land them to the mainline. Then
> it should be way more easier to concentrate the actual problem you
> are trying to resolve.
>

Okay will send next patch-set version with first four patches only.

-Sumit

> /Jarkko