On Mon, Aug 05, 2019 at 10:32:59AM +0530, Sumit Garg wrote:
Okay, I will try to move TPM2 trusted keys code also.
I'm definitely for extending trusted keys beyond TPMs. Before that can be done, however, the current mess needs to be cleaned up.
I did a lot of work recently [1] to clean up TPM transmit code to better suited to be used outside of the TPM drivers (remove recursive calls, put the whole stack use tpm_buf for everything).
What still needs to be done is to move tpm_buf stuff to include/linux in order to be usable in the keyring code. Also for TPM 2.0 trusted keys, TPM2 constants need to be moved to include/linux. For the latter, I'd suggest to move all protocol constants there and not just what is required for trusted keys. Better to have them in one place.
[1] https://lkml.org/lkml/2019/2/13/176
/Jarkko