Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[Joe Perches]

A file pattern line in this section of the MAINTAINERS file in linux-next
does not have a match in the linux source files.

This could occur because a matching filename was never added, was deleted
or renamed in some other commit.

The commits that added and if found renamed or removed the file pattern
are shown below.

Please fix this defect appropriately.

1: ---------------------------------------------------------------------------

linux-next MAINTAINERS section:

	8587	KEYS-TRUSTED
	8588	M:	James Bottomley <jejb@linux.ibm.com>
	8589	M:      Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
	8590	M:	Mimi Zohar <zohar@linux.ibm.com>
	8591	L:	linux-integrity@vger.kernel.org
	8592	L:	keyrings@vger.kernel.org
	8593	S:	Supported
	8594	F:	Documentation/security/keys/trusted-encrypted.rst
	8595	F:	include/keys/trusted-type.h
	8596	F:	security/keys/trusted.c
-->	8597	F:	security/keys/trusted.h

2: ---------------------------------------------------------------------------

The most recent commit that added or modified file pattern 'security/keys/trusted.h':

commit 7f3c68bee977ab872827e44de017216736fe21d7
Author: Mimi Zohar <zohar@linux.vnet.ibm.com>
Date:   Tue Jan 18 09:07:13 2011 -0500

    keys: add trusted and encrypted maintainers
    
    Add myself and David Safford as maintainers for trusted/encrypted keys.
    
    Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
    Acked-by: David Howells <dhowells@redhat.com>
    Signed-off-by: James Morris <jmorris@namei.org>

 MAINTAINERS | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

3: ---------------------------------------------------------------------------

The last commit with a real presence of file pattern 'security/keys/trusted.h':

commit 22447981fc050b5f1bdd0e7cbee89b4152a2b2d8
Author: Denis Kenzior <denkenz@gmail.com>
Date:   Tue Oct 9 17:48:49 2018 +0100

    KEYS: Move trusted.h to include/keys [ver #2]
    
    Signed-off-by: Denis Kenzior <denkenz@gmail.com>
    Signed-off-by: David Howells <dhowells@redhat.com>
    Tested-by: Marcel Holtmann <marcel@holtmann.org>
    Reviewed-by: Marcel Holtmann <marcel@holtmann.org>
    Signed-off-by: James Morris <james.morris@microsoft.com>

 {security => include}/keys/trusted.h | 0
 security/keys/trusted.c              | 2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)

Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[Jarkko Sakkinen]

Mimi,

Can you fix this and I can ack and send PR through my tree?

/Jarkko

On Mon, Mar 25, 2019 at 02:27:05PM -0700, Joe Perches wrote:
> A file pattern line in this section of the MAINTAINERS file in linux-next
> does not have a match in the linux source files.
> 
> This could occur because a matching filename was never added, was deleted
> or renamed in some other commit.
> 
> The commits that added and if found renamed or removed the file pattern
> are shown below.
> 
> Please fix this defect appropriately.
> 
> 1: ---------------------------------------------------------------------------
> 
> linux-next MAINTAINERS section:
> 
> 	8587	KEYS-TRUSTED
> 	8588	M:	James Bottomley <jejb@linux.ibm.com>
> 	8589	M:      Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 	8590	M:	Mimi Zohar <zohar@linux.ibm.com>
> 	8591	L:	linux-integrity@vger.kernel.org
> 	8592	L:	keyrings@vger.kernel.org
> 	8593	S:	Supported
> 	8594	F:	Documentation/security/keys/trusted-encrypted.rst
> 	8595	F:	include/keys/trusted-type.h
> 	8596	F:	security/keys/trusted.c
> -->	8597	F:	security/keys/trusted.h
> 
> 2: ---------------------------------------------------------------------------
> 
> The most recent commit that added or modified file pattern 'security/keys/trusted.h':
> 
> commit 7f3c68bee977ab872827e44de017216736fe21d7
> Author: Mimi Zohar <zohar@linux.vnet.ibm.com>
> Date:   Tue Jan 18 09:07:13 2011 -0500
> 
>     keys: add trusted and encrypted maintainers
>     
>     Add myself and David Safford as maintainers for trusted/encrypted keys.
>     
>     Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
>     Acked-by: David Howells <dhowells@redhat.com>
>     Signed-off-by: James Morris <jmorris@namei.org>
> 
>  MAINTAINERS | 22 ++++++++++++++++++++++
>  1 file changed, 22 insertions(+)
> 
> 3: ---------------------------------------------------------------------------
> 
> The last commit with a real presence of file pattern 'security/keys/trusted.h':
> 
> commit 22447981fc050b5f1bdd0e7cbee89b4152a2b2d8
> Author: Denis Kenzior <denkenz@gmail.com>
> Date:   Tue Oct 9 17:48:49 2018 +0100
> 
>     KEYS: Move trusted.h to include/keys [ver #2]
>     
>     Signed-off-by: Denis Kenzior <denkenz@gmail.com>
>     Signed-off-by: David Howells <dhowells@redhat.com>
>     Tested-by: Marcel Holtmann <marcel@holtmann.org>
>     Reviewed-by: Marcel Holtmann <marcel@holtmann.org>
>     Signed-off-by: James Morris <james.morris@microsoft.com>
> 
>  {security => include}/keys/trusted.h | 0
>  security/keys/trusted.c              | 2 +-
>  2 files changed, 1 insertion(+), 1 deletion(-)

Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[Mimi Zohar]

Hi Jarrko,

On Tue, 2019-03-26 at 13:37 +0200, Jarkko Sakkinen wrote:
> Mimi,
> 
> Can you fix this and I can ack and send PR through my tree?

Making the "trusted.h" include file public was part of David's "KEYS:
Support TPM-wrapped key and crypto ops" patch set.  I wasn't involved
in reviewing or upstreaming this patch set.  As I recall, it was
upstreamed rather quickly without much review.  As it is TPM related,
it should have at least been posted on the linux-integrity mailing
list.  I have no idea if "trusted.h" should have been made public.

I'm not sure just "fixing" the MAINTAINERS file is the right solution.
 I was hoping to look at it later this week.  Perhaps you and James
could take a look?

Mimi

Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[James Bottomley]

On Tue, 2019-03-26 at 08:10 -0400, Mimi Zohar wrote:
> Hi Jarrko,
> 
> On Tue, 2019-03-26 at 13:37 +0200, Jarkko Sakkinen wrote:
> > Mimi,
> > 
> > Can you fix this and I can ack and send PR through my tree?
> 
> Making the "trusted.h" include file public was part of David's "KEYS:
> Support TPM-wrapped key and crypto ops" patch set.  I wasn't involved
> in reviewing or upstreaming this patch set.  As I recall, it was
> upstreamed rather quickly without much review.  As it is TPM related,
> it should have at least been posted on the linux-integrity mailing
> list.  I have no idea if "trusted.h" should have been made public.
> 
> I'm not sure just "fixing" the MAINTAINERS file is the right
> solution.  I was hoping to look at it later this week.  Perhaps you
> and James could take a look?

Looking at the contents of linux/keys/trusted.h, it looks like the
wrong decision to move it.  The contents are way too improperly named
and duplicative to be in a standard header.  It's mostly actually TPM
code including a redefinition of the tpm_buf structure, so it doesn't
even seem to be necessary for trusted keys.

If you want to fix this as a bug, I'd move it back again, but long term
I think it should simply be combined with trusted.c because nothing
else can include it sanely anyway.

James

Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[Denis Kenzior]

Hi James,

On 03/26/2019 09:25 AM, James Bottomley wrote:
> Looking at the contents of linux/keys/trusted.h, it looks like the
> wrong decision to move it.  The contents are way too improperly named
> and duplicative to be in a standard header.  It's mostly actually TPM
> code including a redefinition of the tpm_buf structure, so it doesn't
> even seem to be necessary for trusted keys.
The reason this was done was because asym_tpm.c needed a bunch of the 
same functionality already provided by trusted.c, e.g. TSS_authmac and 
friends.

> 
> If you want to fix this as a bug, I'd move it back again, but long term
> I think it should simply be combined with trusted.c because nothing
> else can include it sanely anyway.

Ideally I'd like to see the TPM subsystem expose these functions using 
some proper API / library abstraction.  David Howells had an RFC patch 
set that tried to address some of this a while back.  Not sure if that 
went anywhere.

Regards,
-Denis

Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[James Bottomley]

On Tue, 2019-03-26 at 09:59 -0500, Denis Kenzior wrote:
> Hi James,
> 
> On 03/26/2019 09:25 AM, James Bottomley wrote:
> > Looking at the contents of linux/keys/trusted.h, it looks like the
> > wrong decision to move it.  The contents are way too improperly
> > named
> > and duplicative to be in a standard header.  It's mostly actually
> > TPM
> > code including a redefinition of the tpm_buf structure, so it
> > doesn't
> > even seem to be necessary for trusted keys.
> 
> The reason this was done was because asym_tpm.c needed a bunch of
> the same functionality already provided by trusted.c, e.g.
> TSS_authmac and  friends.

So make a header which only includes those.  We can't have things like
this:

struct tpm_buf {
	int len;
	unsigned char data[MAX_BUF_SIZE];
};

Which means you can't include drivers/char/tpm/tpm.h with this file. 
The storeX functions are also way too generically named and are, in
fact, duplicating the tpm buffer functions in tpm.h

The solution looks to be to elevate agreed tpm_buf functions into
linux/tpm.h and use them.

> > If you want to fix this as a bug, I'd move it back again, but long
> > term I think it should simply be combined with trusted.c because
> > nothing else can include it sanely anyway.
> 
> Ideally I'd like to see the TPM subsystem expose these functions
> using some proper API / library abstraction.  David Howells had an
> RFC patch set that tried to address some of this a while back.  Not
> sure if that went anywhere.

I'm not actually sure I saw it but the solution seems pretty simple:
The TSS functions you want can be renamed tpm1_whatever and we can put
them in tpm1-cmd.c ... tpm2-cmd.c is where all the TPM 2.0 trusted key
stuff is anyway.

James

Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[Jarkko Sakkinen]

On Tue, Mar 26, 2019 at 07:25:17AM -0700, James Bottomley wrote:
> On Tue, 2019-03-26 at 08:10 -0400, Mimi Zohar wrote:
> > Hi Jarrko,
> > 
> > On Tue, 2019-03-26 at 13:37 +0200, Jarkko Sakkinen wrote:
> > > Mimi,
> > > 
> > > Can you fix this and I can ack and send PR through my tree?
> > 
> > Making the "trusted.h" include file public was part of David's "KEYS:
> > Support TPM-wrapped key and crypto ops" patch set.  I wasn't involved
> > in reviewing or upstreaming this patch set.  As I recall, it was
> > upstreamed rather quickly without much review.  As it is TPM related,
> > it should have at least been posted on the linux-integrity mailing
> > list.  I have no idea if "trusted.h" should have been made public.
> > 
> > I'm not sure just "fixing" the MAINTAINERS file is the right
> > solution.  I was hoping to look at it later this week.  Perhaps you
> > and James could take a look?
> 
> Looking at the contents of linux/keys/trusted.h, it looks like the
> wrong decision to move it.  The contents are way too improperly named
> and duplicative to be in a standard header.  It's mostly actually TPM
> code including a redefinition of the tpm_buf structure, so it doesn't
> even seem to be necessary for trusted keys.
> 
> If you want to fix this as a bug, I'd move it back again, but long term
> I think it should simply be combined with trusted.c because nothing
> else can include it sanely anyway.

<offtopic>
Fully agree with the long term plan.

I think it would be better to take the TPM2 trusted keys code from the
driver to the keyring subsystem once TPM1 trusted keys code has been
converted to use tpm_buf.

I don't also know any good reason for the core TPM driver to be compiled
as a module. It is just makes the kernel build configuration more
awkward. Would be nice to get the TPM callable from any subsystem
without fuzz. There is no a production use case for "TPM as an LKM"
(obviously drivers for different types of TPM hardware must and will
be compilable as LKM's).
</offtopic>

/Jarkko

Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[Jarkko Sakkinen]

On Tue, Mar 26, 2019 at 09:59:40AM -0500, Denis Kenzior wrote:
> Hi James,
> 
> On 03/26/2019 09:25 AM, James Bottomley wrote:
> > Looking at the contents of linux/keys/trusted.h, it looks like the
> > wrong decision to move it.  The contents are way too improperly named
> > and duplicative to be in a standard header.  It's mostly actually TPM
> > code including a redefinition of the tpm_buf structure, so it doesn't
> > even seem to be necessary for trusted keys.
> The reason this was done was because asym_tpm.c needed a bunch of the same
> functionality already provided by trusted.c, e.g. TSS_authmac and friends.
> 
> > 
> > If you want to fix this as a bug, I'd move it back again, but long term
> > I think it should simply be combined with trusted.c because nothing
> > else can include it sanely anyway.
> 
> Ideally I'd like to see the TPM subsystem expose these functions using some
> proper API / library abstraction.  David Howells had an RFC patch set that
> tried to address some of this a while back.  Not sure if that went anywhere.

I think it'd be best to expose tpm_buf API to outside and allow trusted
keys code to construct the TPM commands. It is a single consumer use
(e.g. not like PCR operations where it does make sense to consolidate
to the TPM subsystem).

/Jarkko

Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[Denis Efremov]

Hi All,

Initially, I've prepared a patch and only after found this discussion. So, please,
look at this patch no more than just a simple reminder that get_maintainers.pl
still emits this warning.

Thanks,
Denis

------------------------ >8 ------------------------
Subject: [PATCH] MAINTAINERS: keys: Update path to trusted.h

Update MAINTAINERS record to reflect that trusted.h
was moved to a different directory.

Cc: Denis Kenzior <denkenz@gmail.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Mimi Zohar <zohar@linux.ibm.com>
Cc: linux-integrity@vger.kernel.org
Fixes: 22447981fc05 ("KEYS: Move trusted.h to include/keys [ver #2]")
Signed-off-by: Denis Efremov <efremov@linux.com>
---
 MAINTAINERS | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MAINTAINERS b/MAINTAINERS
index 7d213e192626..eeeb4097d5bd 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -8920,7 +8920,7 @@ S:	Supported
 F:	Documentation/security/keys/trusted-encrypted.rst
 F:	include/keys/trusted-type.h
 F:	security/keys/trusted.c
-F:	security/keys/trusted.h
+F:	include/keys/trusted.h
 
 KEYS/KEYRINGS:
 M:	David Howells <dhowells@redhat.com>
-- 
2.21.0

Re: Bad file pattern in MAINTAINERS section 'KEYS-TRUSTED'

[Jarkko Sakkinen]

On Tue, Aug 13, 2019 at 09:57:59AM +0300, Denis Efremov wrote:
> Hi All,
> 
> Initially, I've prepared a patch and only after found this discussion. So, please,
> look at this patch no more than just a simple reminder that get_maintainers.pl
> still emits this warning.

Can you resend this as a proper patch that can be applied. No other
complains.

/Jarkko

[RESEND PATCH] MAINTAINERS: keys: Update path to trusted.h

[Denis Efremov]

Update MAINTAINERS record to reflect that trusted.h
was moved to a different directory in commit 22447981fc05
("KEYS: Move trusted.h to include/keys [ver #2]").

Cc: Denis Kenzior <denkenz@gmail.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Mimi Zohar <zohar@linux.ibm.com>
Cc: linux-integrity@vger.kernel.org
Signed-off-by: Denis Efremov <efremov@linux.com>
---
 MAINTAINERS | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MAINTAINERS b/MAINTAINERS
index cfb344ba2914..168e5121578e 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -8916,7 +8916,7 @@ S:	Supported
 F:	Documentation/security/keys/trusted-encrypted.rst
 F:	include/keys/trusted-type.h
 F:	security/keys/trusted.c
-F:	security/keys/trusted.h
+F:	include/keys/trusted.h
 
 KEYS/KEYRINGS:
 M:	David Howells <dhowells@redhat.com>
-- 
2.21.0

Re: [RESEND PATCH] MAINTAINERS: keys: Update path to trusted.h

[Jarkko Sakkinen]

On Fri, Aug 16, 2019 at 01:12:00AM +0300, Denis Efremov wrote:
> Update MAINTAINERS record to reflect that trusted.h
> was moved to a different directory in commit 22447981fc05
> ("KEYS: Move trusted.h to include/keys [ver #2]").
> 
> Cc: Denis Kenzior <denkenz@gmail.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Cc: Mimi Zohar <zohar@linux.ibm.com>
> Cc: linux-integrity@vger.kernel.org
> Signed-off-by: Denis Efremov <efremov@linux.com>

Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

Re: [RESEND PATCH] MAINTAINERS: keys: Update path to trusted.h

[Denis Efremov]

Hi,

On 8/16/19 9:58 PM, Jarkko Sakkinen wrote:
> On Fri, Aug 16, 2019 at 01:12:00AM +0300, Denis Efremov wrote:
>> Update MAINTAINERS record to reflect that trusted.h
>> was moved to a different directory in commit 22447981fc05
>> ("KEYS: Move trusted.h to include/keys [ver #2]").
>>
>> Cc: Denis Kenzior <denkenz@gmail.com>
>> Cc: James Bottomley <jejb@linux.ibm.com>
>> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>> Cc: Mimi Zohar <zohar@linux.ibm.com>
>> Cc: linux-integrity@vger.kernel.org
>> Signed-off-by: Denis Efremov <efremov@linux.com>
> 
> Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 
> /Jarkko
> 

Could someone take this fix through his tree?

Thanks,
Denis

Re: [RESEND PATCH] MAINTAINERS: keys: Update path to trusted.h

[Jarkko Sakkinen]

On Tue, Sep 10, 2019 at 02:50:39PM +0300, Denis Efremov wrote:
> Hi,
> 
> On 8/16/19 9:58 PM, Jarkko Sakkinen wrote:
> > On Fri, Aug 16, 2019 at 01:12:00AM +0300, Denis Efremov wrote:
> >> Update MAINTAINERS record to reflect that trusted.h
> >> was moved to a different directory in commit 22447981fc05
> >> ("KEYS: Move trusted.h to include/keys [ver #2]").
> >>
> >> Cc: Denis Kenzior <denkenz@gmail.com>
> >> Cc: James Bottomley <jejb@linux.ibm.com>
> >> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> >> Cc: Mimi Zohar <zohar@linux.ibm.com>
> >> Cc: linux-integrity@vger.kernel.org
> >> Signed-off-by: Denis Efremov <efremov@linux.com>
> > 
> > Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > 
> > /Jarkko
> > 
> 
> Could someone take this fix through his tree?

I picked this up now to the tpmdd tree.

/Jarkko