Received: by 2002:ab2:710b:0:b0:1ef:a325:1205 with SMTP id z11csp1138721lql; Tue, 12 Mar 2024 08:19:00 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWGnF4rJrtNw+YMfy/WMFk+icHSb+b1GyqLYNCLGdH5oU39u+VfERX2mkmXFtDj1g9zO9VmWO7gNj+xOLEUrHEkp77IVDExYhPinKbBCQ== X-Google-Smtp-Source: AGHT+IGhI0QZpqraJS6coNPx9G9fER2+lyOb8MWyrsQfzonEg/wQqBAOOor3ovOAF7wOwE0XVn3J X-Received: by 2002:a17:906:6c8b:b0:a45:f71e:9e49 with SMTP id s11-20020a1709066c8b00b00a45f71e9e49mr402452ejr.67.1710256739893; Tue, 12 Mar 2024 08:18:59 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710256739; cv=pass; d=google.com; s=arc-20160816; b=SfBLOHjYA81yhOle35jZtPKm4Ee15ukgEn1O/wvxHO2Vf4/FJUBHTbX2sFIPzsiiQg rRQej8sIqkGRbrf66OpE52HCG7IlQW6+ZOuwGLWhQ6liGTQbZiSstekmSttL9qt1PYpJ CAQB/CfGJVGqJ1DsN9uHbwX7pYeZUv7QfcmmkS1ogT99u95W2v5zZHLj9bOdT3AkFq/2 Q71lcnT0vkKVR+O6uaGwX+aTWqKqfLOuGXBWQ/2RF4+UoMZihH/5J+d1ui9ojEgQ0xmZ G3v6btuYqLR+I5unXqmpqWlADlkKRgUWah7FW4OUGHef1mq/hL8+UrDMdD37rZUSNuCt 0anQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=B24NMAvsQ2gN9KKPbzlFkCX8vSQ1G+uRsvCdyX1Z6Ao=; fh=uSEzi8BS98nu6P++y5ch40NF939eCxJSjYFPNSfXt74=; b=Fwu4327iKj9ICeF17Fl2ibLk7hRim3MGtZsP7uiCA+m2Ux3bS51FT+3MBjW788d32L isxC2EKsIaOyW+jwsGzRok3iU4gFNR3TFRB5CrUtq5f2bSwID1CGnWqJw9xZZMekHvkR vwtUMNXsPBA38C4Q2ERGpAyKVkIe6WQi5XgqI5uhPrkabuTXqsqAd+Ypnsa4/m2XBjhW 1WAw31ck4W+A3a1nkOD8+NDP9W1/LbI5PQAMpU/itO34m3VCmUtByai1o0JtMarxyrPU iggopWdMMstxbPsCEWbQFbJS1RtubspHL9hMW/XM6OrjepZU83NYFsR7QST0xN8EsRmh SnuQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=h1Lmwl5P; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-2630-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2630-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id ji19-20020a170907981300b00a46410a1671si801800ejc.565.2024.03.12.08.18.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Mar 2024 08:18:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-2630-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=h1Lmwl5P; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-2630-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-crypto+bounces-2630-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 775C61F22396 for ; Tue, 12 Mar 2024 15:18:59 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 70CF17C0A2; Tue, 12 Mar 2024 15:18:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="h1Lmwl5P" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1B25E7BB04; Tue, 12 Mar 2024 15:18:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710256732; cv=none; b=sJTii9dSzgt4yIIUMSXp2l1Whs6rjG6zOpP1KvNu44QLs/Qqc6MDICUGX7FttjVyg1lx+pqExYl7bQkQ0DJjA5m6ruOy0nHL2jzOwzpq+v602Q/E5nll8oNbkyP87dBIRAqoToTLg5R5EoyVZuqwIVI2eiXJbgJMS2hsTFdsKSA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710256732; c=relaxed/simple; bh=e9D3nRiUkzwoDNU1WO9Mvab1qnoYPq79dDij4jjwu3k=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=DIV1v4BikQ5votpyOmv7W3jlNrfUs21j4+mxn8oVwlcjEa9B0D6SS+sJkuZr0j9LSNX4Iwndn/6iAwnufkGX3P49vH3Ig0jOV9gnf/8dIF+wDYkZ6DGCTgdy31H7YEcdxmu1uIGkbqqo69Y0PC8KTH3aaFQyLGMEpcOroJMCwJs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=h1Lmwl5P; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 74728C433F1; Tue, 12 Mar 2024 15:18:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1710256731; bh=e9D3nRiUkzwoDNU1WO9Mvab1qnoYPq79dDij4jjwu3k=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=h1Lmwl5P+pE/kbBOvKdZOZM25nEbfDfgOnhEj7uMpL3lrvqSkVH9DeyjsZEf7DTHn hE+C1iPnYAEHMQA1AkgjHn1CDxlvyhvh92FjY/rUU57Pura7j3mc/fwaDBHM0YxPTJ EuoUD49zHXeU5FjxnjVBGrnmBZIibE94K4SxGOVFkYeERZITcH2CIZ7Ggl+fqv6eoh IeaxrCO5fembgp1vdfcOdBpTepENLylh42LBlMDfzVapAhKGludQ50rVeZJO1++Zzs ezP/6E7bAq6njdK/Y/+nWz0kYO4KifZtj2dwllKvMBdw9TGXv7C5OxDFZpWF+4z+48 mk2gdGgwHJZMw== Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Tue, 12 Mar 2024 17:18:45 +0200 Message-Id: Cc: "open list:SECURITY SUBSYSTEM" , "David Howells" , "David Woodhouse" , "herbert@gondor.apana.org.au" , "davem@davemloft.net" , "Ard Biesheuvel" , "paul@paul-moore.com" , "jmorris@namei.org" , "serge@hallyn.com" , "zohar@linux.ibm.com" , "roberto.sassu@huawei.com" , "dmitry.kasatkin@gmail.com" , "mic@digikod.net" , "casey@schaufler-ca.com" , "stefanb@linux.ibm.com" , "linux-kernel@vger.kernel.org" , "keyrings@vger.kernel.org" , "linux-crypto@vger.kernel.org" , "linux-efi@vger.kernel.org" , "linux-integrity@vger.kernel.org" Subject: Re: [PATCH RFC 1/8] certs: Introduce ability to link to a system key From: "Jarkko Sakkinen" To: "Eric Snowberg" X-Mailer: aerc 0.17.0 References: <20240311161111.3268190-1-eric.snowberg@oracle.com> <20240311161111.3268190-2-eric.snowberg@oracle.com> <77AE4DEA-9474-44A1-88DC-852523C36797@oracle.com> In-Reply-To: <77AE4DEA-9474-44A1-88DC-852523C36797@oracle.com> On Mon Mar 11, 2024 at 11:31 PM EET, Eric Snowberg wrote: > > > > On Mar 11, 2024, at 1:18=E2=80=AFPM, Jarkko Sakkinen wrote: > >=20 > > On Mon Mar 11, 2024 at 6:11 PM EET, Eric Snowberg wrote: > >> + return -1; > >=20 > > Missed this one: why a magic number? > > Good point, I'll change this to return -ENOKEY. Thanks. Either that or a boolean function, which ever fits to the overall flow better... The upside of error code is less branching in the call sites. The upside of boolean is that caller exactly knows all the values that ever should come out as a result. Your choice ofc. BR, Jarkko