On Sun, Sep 08, 2019 at 10:20:31AM -0400, Mimi Zohar wrote: > On Sun, 2019-09-08 at 03:10 +0300, Jarkko Sakkinen wrote: > > It seems that at least vast majority of the trusted keys patches flow > > through my tree to the mainline. Still, it is undocumented in the > > MAINTAINERS file. > > > > So, should I just add my TPM tree as the upstream there? Or should I > > just create a new GIT for trusted keys? My TPM PR goes to Linux ATM. > > Should my trusted keys PR go to David instead? That would definitely > > require own tree. > > > > With Sumit's recent work trusted keys is turning more than just being > > TPM keys so now it is a good time to consider the flow... Sumit, I'm > > sorry that I haven't added your first series yet. I need to first sync > > up how we are going to move forward. > > Thanks, Jarkko. Agreed, trusted keys is becoming more than just TPM > based keys. Now would be a good time to set up at least a separate > branch or GIT repo. > > Are all "trust" methods equivalent? As new "trust" methods are > defined, there should be a document describing the trust method, with > a comparison to the TPM. > > (It would be nice to have some kernel selftests to ensure existing > methods don't break.) We could put this (with appropriate mods whatever they are) to selftests: https://raw.githubusercontent.com/jsakkine-intel/tpm2-scripts/master/keyctl-smoke.sh No near adequate but it is starting point... /Jarkko
