Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp9917097imu;
        Wed, 5 Dec 2018 12:33:09 -0800 (PST)
X-Google-Smtp-Source: AFSGD/WpILUKFcvsuVi056TcH37nhx+Lzu8oL4XOhOXXkMbkUjZGzYl1Sydn77bVwexlJTgmnrqz
X-Received: by 2002:a63:20e:: with SMTP id 14mr21694344pgc.161.1544041989079;
        Wed, 05 Dec 2018 12:33:09 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1544041989; cv=none;
        d=google.com; s=arc-20160816;
        b=Y0Wunt38yT36IiDN7ukkz57JkJ36GApf2QcQjR0VheN7/yXFuq6oVXq2czdA+VyV0p
         EyqTpWZVMPibAibfhv3ebMUs7OFqFWj749ll8bil8kcbMh5ok2orGMCqk03TdVQHjPuK
         8HmLWWGwGk2BrSWYNMssFmR2GAwc+N/eG59s+W87rTRr/YFjvc9ggozYkWTzB/j9c1hd
         4KztoSLGP1i/I+qsu7jiw+8vTNbJydKgNy7i8Jw3LGqJb2lehtTOd/rwYTVg9cN7NGG3
         JntgTalPQD2agtOBlGdIiN2ytITkPBLR7qq0Dt8NbTAD1zlWnk+EvRo2nhzz+7bfcVWX
         kzYQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:content-transfer-encoding
         :mime-version:references:in-reply-to:date:cc:to:from:subject;
        bh=X3mshlEqbmVidAKQhBCooIS/DeMtuMptKmkY9F197t0=;
        b=PZtJain9/bUoUp82eMJkQqTW8E1S5e7lKjX2TWf81KZMEKkCoPCK08C7wJHnDNum0d
         ltsT/hjrb4oyifZLhu/Bg0nrfs6Hqb/6PZ8LueTtsvII1i+/sYvxJjwmnygHvJdZ+tfw
         3nLXr89vp6DH6vPaolujMXOYLlh+oPG8KSgg+OoxUPNNmPxuzZXOprWoU4ra5NwMxNTf
         KQqfN44Bm0ycpgBZtPrRcHhMIELy9mPgiZ1xb3tfI5eulgr7TdAuNY0cS4Xpo5jEuWp+
         RjvP0ZNNprYV1/Nh9qZkEKTo3PwrTDdU3Y2Hl9Wxw9N8gqlfOqF2kkMuqYnmAZk6npfB
         /oHg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d12si21698050pln.340.2018.12.05.12.32.54;
        Wed, 05 Dec 2018 12:33:09 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728511AbeLEUbz (ORCPT <rfc822;speed.demon0047@gmail.com>
        + 99 others); Wed, 5 Dec 2018 15:31:55 -0500
Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:37012 "EHLO
        mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S1728372AbeLEUby (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 5 Dec 2018 15:31:54 -0500
Received: from pps.filterd (m0098417.ppops.net [127.0.0.1])
        by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id wB5KUoPX106752
        for <linux-kernel@vger.kernel.org>; Wed, 5 Dec 2018 15:31:53 -0500
Received: from e06smtp02.uk.ibm.com (e06smtp02.uk.ibm.com [195.75.94.98])
        by mx0a-001b2d01.pphosted.com with ESMTP id 2p6nsbr1g0-1
        (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT)
        for <linux-kernel@vger.kernel.org>; Wed, 05 Dec 2018 15:31:52 -0500
Received: from localhost
        by e06smtp02.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
        for <linux-kernel@vger.kernel.org> from <zohar@linux.ibm.com>;
        Wed, 5 Dec 2018 20:31:51 -0000
Received: from b06cxnps4075.portsmouth.uk.ibm.com (9.149.109.197)
        by e06smtp02.uk.ibm.com (192.168.101.132) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted;
        (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256)
        Wed, 5 Dec 2018 20:31:47 -0000
Received: from d06av22.portsmouth.uk.ibm.com (d06av22.portsmouth.uk.ibm.com [9.149.105.58])
        by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id wB5KVk5l9568652
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL);
        Wed, 5 Dec 2018 20:31:46 GMT
Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 5FB354C046;
        Wed,  5 Dec 2018 20:31:46 +0000 (GMT)
Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 689A54C044;
        Wed,  5 Dec 2018 20:31:45 +0000 (GMT)
Received: from dhcp-9-31-102-82.watson.ibm.com (unknown [9.31.102.82])
        by d06av22.portsmouth.uk.ibm.com (Postfix) with ESMTP;
        Wed,  5 Dec 2018 20:31:45 +0000 (GMT)
Subject: Re: [PATCH v6 4/7] tpm: modify tpm_pcr_read() definition to pass a
 TPM hash algorithm
From:   Mimi Zohar <zohar@linux.ibm.com>
To:     Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Roberto Sassu <roberto.sassu@huawei.com>
Cc:     david.safford@ge.com, monty.wiseman@ge.com,
        linux-integrity@vger.kernel.org,
        linux-security-module@vger.kernel.org,
        linux-kernel@vger.kernel.org, silviu.vlasceanu@huawei.com
Date:   Wed, 05 Dec 2018 15:31:44 -0500
In-Reply-To: <20181204234024.GC1233@linux.intel.com>
References: <20181204082138.24600-1-roberto.sassu@huawei.com>
         <20181204082138.24600-5-roberto.sassu@huawei.com>
         <20181204234024.GC1233@linux.intel.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) 
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TM-AS-GCONF: 00
x-cbid: 18120520-0008-0000-0000-0000029D6F4D
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 18120520-0009-0000-0000-00002207D3B8
Message-Id: <1544041904.4017.8.camel@linux.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-12-05_08:,,
 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501
 malwarescore=0 suspectscore=3 phishscore=0 bulkscore=0 spamscore=0
 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0
 mlxlogscore=916 adultscore=0 classifier=spam adjust=0 reason=mlx
 scancount=1 engine=8.0.1-1810050000 definitions=main-1812050180
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 2018-12-04 at 15:40 -0800, Jarkko Sakkinen wrote:
> On Tue, Dec 04, 2018 at 09:21:35AM +0100, Roberto Sassu wrote:
> > Currently the TPM driver allows other kernel subsystems to read only the
> > SHA1 PCR bank. This patch modifies the parameters of tpm_pcr_read() and
> > tpm2_pcr_read() to pass a tpm_digest structure, which contains the desired
> > hash algorithm. Also, since commit 125a22105410 ("tpm: React correctly to
> > RC_TESTING from TPM 2.0 self tests") removed the call to tpm2_pcr_read(),
> > the new parameter is expected to be always not NULL.
> > 
> > Due to the API change, IMA functions have been modified.
> > 
> > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> > Acked-by: Mimi Zohar <zohar@linux.ibm.com>
> 
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 
> Mimi, Nayna, can you help with testing this (because of the IMA change)?

It's up & running and the measurement list verifies against the TPM
PCR.  Although this system has two algorithms enabled, all of the PCRs
are allocated for one algorithm and none for the other.  I'm still
looking around for another system with PCR 10 enabled for multiple
algorithms.

Mimi