On Mon, Mar 18, 2019 at 11:18 PM Dan Williams <dan.j.williams@xxxxxxxxx> wrote: > > With v5.1-rc1 all the nvdimm sub-system regression tests started failing > because the libnvdimm module failed to load in the qemu-kvm test > environment. Critically that environment does not have a TPM. Commit > 240730437deb "KEYS: trusted: explicitly use tpm_chip structure..." > started to require a TPM to be present for the trusted.ko module to load > where there was no requirement for that before. > > Rather than undo the "fail if no hardware" behavior James points out > that the module dependencies can be broken by looking up the key-type by > name. Remove the dependencies on the "key_type_trusted" and > "key_type_encrypted" symbol exports, and clean up other boilerplate that > supported those exports in different configurations. Any feedback? Was hoping to get at least patch1 in the queue for v5.1-rc2 since this effectively disables the nvdimm driver on typical configurations. Jarkko, would you be willing to merge it since the regression came through your tree? > Dan Williams (6): > security/keys/encrypted: Allow operation without trusted.ko > security/keys/encrypted: Clean up request_trusted_key() > libnvdimm/security: Drop direct dependency on key_type_encrypted > security/keys/ecryptfs: Drop direct dependency on key_type_encrypted > security/integrity/evm: Drop direct dependency on key_type_encrypted > security/keys/encrypted: Drop export of key_type_encrypted > > > drivers/nvdimm/security.c | 11 ++++- > fs/ecryptfs/ecryptfs_kernel.h | 22 ----------- > fs/ecryptfs/keystore.c | 12 ++++++ > include/keys/encrypted-type.h | 2 - > include/linux/key.h | 1 > security/integrity/evm/evm_crypto.c | 9 ++++ > security/keys/encrypted-keys/Makefile | 3 - > security/keys/encrypted-keys/encrypted.c | 35 ++++++++++++++++- > security/keys/encrypted-keys/encrypted.h | 12 ------ > security/keys/encrypted-keys/masterkey_trusted.c | 46 ---------------------- > security/keys/internal.h | 2 - > security/keys/key.c | 1 > 12 files changed, 65 insertions(+), 91 deletions(-) > delete mode 100644 security/keys/encrypted-keys/masterkey_trusted.c
