From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1560EC07E9B for ; Wed, 7 Jul 2021 21:26:15 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F133C61C2F for ; Wed, 7 Jul 2021 21:26:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230442AbhGGV2y (ORCPT ); Wed, 7 Jul 2021 17:28:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:42636 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230312AbhGGV2y (ORCPT ); Wed, 7 Jul 2021 17:28:54 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 2606D619CB; Wed, 7 Jul 2021 21:26:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1625693173; bh=/pVy166dfy+UrmpILZTvgIelpcvDiZkfwT6maygMI/s=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=tbKfcOA64mpmf+AGiUavBt1B1NVDwqFMS6+zQUbbhUqwGaoOGsOJ/Ok5fCMXIUbgy 7YSLAzBg/uu7pkeLxWnHmRHpyldzZK/D9MmS53D0vZjCxEuBk+eNGlFKFcMWIOAAJ7 eOqYIKKWJ4r7zfKeQWUVn+DN3T67mYzZrzVwRFdH98KkmjFs4SERirmFaAgHYPQYj+ 3XdjnGjrQ5AYqGhXHHMwX+wXH1W7PuLap8pIB2lU/t6XLK9hfDvHygvpRqW5hBEkMv /rK9GWJHE1ySC3pOPXX6mcAaose2oadoQWgtB0kAxMahQo32o5wVza3rs/HK52ThDT 1RNdJyn4LWSDg== Date: Thu, 8 Jul 2021 00:26:11 +0300 From: Jarkko Sakkinen To: Linus Torvalds Cc: Eric Snowberg , keyrings@vger.kernel.org, linux-integrity , Mimi Zohar , David Howells , David Woodhouse , Herbert Xu , David Miller , James Morris James Morris , "Serge E. Hallyn" , Kees Cook , Greg Kroah-Hartman , scott.branden@broadcom.com, Wei Yongjun , Nayna Jain , Eric Biggers , Ard Biesheuvel , nramas@linux.microsoft.com, Lenny Szubowicz , Linux Kernel Mailing List , Linux Crypto Mailing List , LSM List , James Bottomley , Peter Jones , Gary Lin , Konrad Rzeszutek Wilk Subject: Re: [PATCH RFC 05/12] integrity: Introduce mok keyring Message-ID: <20210707212611.pdkmkxhqomkf4ngg@kernel.org> References: <20210707024403.1083977-1-eric.snowberg@oracle.com> <20210707024403.1083977-6-eric.snowberg@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: On Wed, Jul 07, 2021 at 12:31:23PM -0700, Linus Torvalds wrote: > On Tue, Jul 6, 2021 at 7:45 PM Eric Snowberg wrote: > > > > Introduce a new keyring called mok. This keyring will be used during > > boot. Afterwards it will be destroyed. > > Already discussed elsewhere, but yeah, when using TLA's, unless they > are universally understood (like "CPU" or "TLB" or whatever), please > spell them out somewhere for people who don't have the background. > > I saw that you said elsewhere that MOK is "Machine Owner Key", but > please let's just have that in the sources and commit messages at > least for the original new code cases. > > Maybe it becomes obvious over time as there is more history to the > code, but when you literally introduce a new concept, please spell it > out. > > Linus > I'd suggest for the short summary: "integrity: Introduce a Linux keyring for the Machine Owner Key (MOK)" Given that "keyring" is such a saturated and ambiguous word, and this not a subsystem patch for keyring itself, it should be explicit what is meant by a keyring. /Jarkko