From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: Denis Kenzior <denkenz@gmail.com>
Cc: James Bottomley <jejb@linux.ibm.com>,
Mimi Zohar <zohar@linux.ibm.com>, Joe Perches <joe@perches.com>,
linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org,
keyrings@vger.kernel.org, Mimi Zohar <zohar@us.ibm.com>,
David Howells <dhowells@redhat.com>,
James Morris <jmorris@namei.org>,
Marcel Holtmann <marcel@holtmann.org>,
James Morris <james.morris@microsoft.com>
Subject: Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'
Date: Wed, 27 Mar 2019 06:58:06 +0200 [thread overview]
Message-ID: <20190327045806.GD15397@linux.intel.com> (raw)
In-Reply-To: <c7f70a06-65a5-a1cd-69c5-dae7567b851f@gmail.com>
On Tue, Mar 26, 2019 at 09:59:40AM -0500, Denis Kenzior wrote:
> Hi James,
>
> On 03/26/2019 09:25 AM, James Bottomley wrote:
> > Looking at the contents of linux/keys/trusted.h, it looks like the
> > wrong decision to move it. The contents are way too improperly named
> > and duplicative to be in a standard header. It's mostly actually TPM
> > code including a redefinition of the tpm_buf structure, so it doesn't
> > even seem to be necessary for trusted keys.
> The reason this was done was because asym_tpm.c needed a bunch of the same
> functionality already provided by trusted.c, e.g. TSS_authmac and friends.
>
> >
> > If you want to fix this as a bug, I'd move it back again, but long term
> > I think it should simply be combined with trusted.c because nothing
> > else can include it sanely anyway.
>
> Ideally I'd like to see the TPM subsystem expose these functions using some
> proper API / library abstraction. David Howells had an RFC patch set that
> tried to address some of this a while back. Not sure if that went anywhere.
I think it'd be best to expose tpm_buf API to outside and allow trusted
keys code to construct the TPM commands. It is a single consumer use
(e.g. not like PCR operations where it does make sense to consolidate
to the TPM subsystem).
/Jarkko
next prev parent reply other threads:[~2019-03-27 4:58 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <7cd8d12f59bcacd18a78f599b46dac555f7f16c0.camel@perches.com>
2019-03-25 21:27 ` Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED' Joe Perches
2019-03-26 11:37 ` Jarkko Sakkinen
2019-03-26 12:10 ` Mimi Zohar
2019-03-26 14:25 ` James Bottomley
2019-03-26 14:59 ` Denis Kenzior
2019-03-26 16:25 ` James Bottomley
2019-03-27 4:58 ` Jarkko Sakkinen [this message]
2019-03-27 4:54 ` Jarkko Sakkinen
2019-08-13 6:57 ` Denis Efremov
2019-08-15 21:57 ` Jarkko Sakkinen
2019-08-15 22:12 ` [RESEND PATCH] MAINTAINERS: keys: Update path to trusted.h Denis Efremov
2019-08-16 18:58 ` Jarkko Sakkinen
2019-09-10 11:50 ` Denis Efremov
2019-09-14 13:50 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190327045806.GD15397@linux.intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=denkenz@gmail.com \
--cc=dhowells@redhat.com \
--cc=james.morris@microsoft.com \
--cc=jejb@linux.ibm.com \
--cc=jmorris@namei.org \
--cc=joe@perches.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marcel@holtmann.org \
--cc=zohar@linux.ibm.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).