Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp114176imu;
        Thu, 8 Nov 2018 05:54:34 -0800 (PST)
X-Google-Smtp-Source: AJdET5eD2WhCk6B1ncHIOrZHUjts6IwrwCiQxfp2pG2i2l7oL6HPu+BITOzRa5NNrxdwKX8vTCC0
X-Received: by 2002:a63:585c:: with SMTP id i28mr3886546pgm.178.1541685274447;
        Thu, 08 Nov 2018 05:54:34 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1541685274; cv=none;
        d=google.com; s=arc-20160816;
        b=AOo4cDXR+HwXws4PDYT8NbfbVnR/dPaGhvp/bJe19v2qlB/x6piRvcAk73ZDZ8okAF
         z9QUjZ3qSqBYkEKkASBrjNz3dwiuiujHIneAEzRLYt8K2+uA3BVfa4BSi9QbildtsJvl
         9G8BPchox/kH3eyTxLpVxrkO9VUIAak/7vpLvrfU7RKJiMzeSXbjvSNkynh9r67wqggY
         0xSDBmtnC0XzieyV56EvpwO6q4o6q2zpjIy1MD02rM90fvpYBmjNGivJ+ZCoT9/6ed+p
         AL5plupNrIEf1CFY5Lyvp1rOBRJVKW7awAAxVkGE/vB+a5S0Q9TYISR8qhhEE7e3+W53
         Yk4A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:organization:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=FU+QCh/Ha1SitLUaIgH51B9Ik+VJ5aGTG0QhvKFAoBY=;
        b=0FvqYSFjnckPhOrtBNcnB1FscgOjh2QmLYcih07uzkGozM5QOVtSluvA86q+1ruTAp
         8zxLRUEv+gdx/RFhMV6GO4r+n+SAO47+2VYOPH1Zutg0zg/RgqJ500NNJ57K57KjeXbh
         VtyqvWNfn8IOVBlJ+b07zSeMIIpv/mNzljARtKqIUyjvL0bhD5yVXKp7O/ZFvKOL9G8v
         wJpBZISfoi2WJ5ydvrKIpCG4RbbTg+pLUADxzqQHJHGbMYzPXu23AXlx9ul6wOS4lgCO
         ifDtdshu3Se4RTN67SQ38JHQSeUlfWamTC6Vsqa0mOjROw+1hSIOtw3GqhZ90NlD0duI
         J0Ug==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e1-v6si4460889plk.4.2018.11.08.05.54.18;
        Thu, 08 Nov 2018 05:54:34 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727244AbeKHX1U (ORCPT <rfc822;crosarcplusplustest@gmail.com>
        + 99 others); Thu, 8 Nov 2018 18:27:20 -0500
Received: from mga05.intel.com ([192.55.52.43]:23274 "EHLO mga05.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726897AbeKHX1U (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 8 Nov 2018 18:27:20 -0500
X-Amp-Result: UNKNOWN
X-Amp-Original-Verdict: FILE UNKNOWN
X-Amp-File-Uploaded: False
Received: from orsmga003.jf.intel.com ([10.7.209.27])
  by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Nov 2018 05:51:45 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.54,478,1534834800"; 
   d="scan'208";a="98646335"
Received: from ibanaga-mobl1.ger.corp.intel.com (HELO localhost) ([10.249.254.75])
  by orsmga003.jf.intel.com with ESMTP; 08 Nov 2018 05:51:41 -0800
Date:   Thu, 8 Nov 2018 15:51:40 +0200
From:   Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To:     Roberto Sassu <roberto.sassu@huawei.com>
Cc:     zohar@linux.ibm.com, linux-integrity@vger.kernel.org,
        linux-security-module@vger.kernel.org,
        linux-kernel@vger.kernel.org, silviu.vlasceanu@huawei.com
Subject: Re: [PATCH v4 0/6] tpm: retrieve digest size of unknown algorithms
 from TPM
Message-ID: <20181108135140.GB8922@linux.intel.com>
References: <20181106150159.1136-1-roberto.sassu@huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20181106150159.1136-1-roberto.sassu@huawei.com>
Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Nov 06, 2018 at 04:01:53PM +0100, Roberto Sassu wrote:
> The TPM driver currently relies on the crypto subsystem to determine the
> digest size of supported TPM algorithms. In the future, TPM vendors might
> implement new algorithms in their chips, and those algorithms might not
> be supported by the crypto subsystem.
> 
> Usually, vendors provide patches for the new hardware, and likely
> the crypto subsystem will be updated before the new algorithm is
> introduced. However, old kernels might be updated later, after patches
> are included in the mainline kernel. This would leave the opportunity
> for attackers to misuse PCRs, as PCR banks with an unknown algorithm
> are not extended.
> 
> This patch set provides a long term solution for this issue. If a TPM
> algorithm is not known by the crypto subsystem, the TPM driver retrieves
> the digest size from the TPM with a PCR read. All the PCR banks are
> extended, even if the algorithm is not yet supported by the crypto
> subsystem.
> 
> PCR bank information (TPM algorithm ID, digest size, crypto subsystem ID)
> is stored in the tpm_chip structure and available for users of the TPM
> driver.
> 
> Changelog
> 
> v3:
> - remove end marker change
> - replace active_banks static array with pointer to dynamic array
> - remove TPM2_ACTIVE_PCR_BANKS
> 
> v2:
> - change the end marker of the active_banks array
> - check digest size from output of PCR read command
> - remove count parameter from tpm_pcr_read() and tpm2_pcr_read()
> 
> v1:
> - modify definition of tpm_pcr_read()
> - move hash algorithms and definition of tpm2_digest to include/linux/tpm.h
> 
> Roberto Sassu (6):
>   tpm: dynamically allocate active_banks array
>   tpm: remove definition of TPM2_ACTIVE_PCR_BANKS
>   tpm: rename and export tpm2_digest and tpm2_algorithms
>   tpm: modify tpm_pcr_read() definition to pass a TPM hash algorithm
>   tpm: retrieve digest size of unknown algorithms with PCR read
>   tpm: ensure that the output of PCR read contains the correct digest
>     size
> 
>  drivers/char/tpm/tpm-chip.c         |   1 +
>  drivers/char/tpm/tpm-interface.c    |  34 +++++---
>  drivers/char/tpm/tpm.h              |  19 ++---
>  drivers/char/tpm/tpm2-cmd.c         | 115 ++++++++++++++++++++--------
>  include/linux/tpm.h                 |  30 +++++++-
>  include/linux/tpm_eventlog.h        |  12 +--
>  security/integrity/ima/ima_crypto.c |  10 +--
>  7 files changed, 145 insertions(+), 76 deletions(-)
> 
> -- 
> 2.17.1
> 

You should rebase your series to the latest upstream.

/Jarkko