Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp306011ybl; Wed, 29 Jan 2020 00:31:50 -0800 (PST) X-Google-Smtp-Source: APXvYqz/nA8QK81l4cqrfn2/tnL234bVaINVR1GQSprgq+0aaPEWUFmQ0NZ6rnhU/kRd1B8zGP+0 X-Received: by 2002:a9d:7357:: with SMTP id l23mr18988062otk.10.1580286710670; Wed, 29 Jan 2020 00:31:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1580286710; cv=none; d=google.com; s=arc-20160816; b=nVjEP696ka3RQQkWvyvqrLPajUK5tGS51UYF3IkyjPvSz949BwrC87YZPEXIPgab0t 9cnycuxDVVTlOYg+B75J4QVlo1BAYR0kFtLb+w6wu1aKGUiAfQupmeq0NWYx+7C8nLy5 jU642ciURx5C1BhEgHLxk6ctPLxhvHSrwCuhG8IZmQY5a0ZVE3Ji6uPKLJoAq4SASYYC qMN0GfVcxQHGFNKrXMP+MKfR8s9OsE9NwK/FjNG9d0a40TypS9wKOnZKden08jx+rfUJ 9HX/6JVBNWAcfvWW+g4L/8CLICe5NS46iNkzl82NzuY4FFRLLN5DLLEGBw06Nlul+Dh3 Ijzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:reply-to:message-id:subject:cc:to:from:date; bh=Ox0LKp7ZS/Gp58rh7QbKvQYTjiHYNDzVwb6l+1jrimM=; b=SEQFFLrb3h0uC3ka0U7HNGjSfN7xtZgXR6VgPbPZ752eW5sP8kz6mSwqnmpqk3r6nm SRp+SAFZYfIa49h+6TkNzgewhGwc6de6gDQ63QnzMqjAi/v4c+BQBfBXFI9mv3j9/rgi Oz3sW8JccY1JwBeTr3X5md8uj6bv9cLFI4x3JQKQ+bwDJVwcfxMmE1u1gchXlp5KGCxb ufOqXSFIp9O3eEPafizVTuT9oFtWhckTmuMAzzsvwkxur993PfZy41dummpCnDSgMjrM BWvurK0t1ICBWzibVwfth9Op/lAVEZYeULSpDsVCeg5dyU+QIYk/EhghXvcn5vHT1NPy HdOA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w15si814760otm.263.2020.01.29.00.31.36; Wed, 29 Jan 2020 00:31:50 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726271AbgA2Iai (ORCPT + 99 others); Wed, 29 Jan 2020 03:30:38 -0500 Received: from mx2.suse.de ([195.135.220.15]:38582 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726068AbgA2Iai (ORCPT ); Wed, 29 Jan 2020 03:30:38 -0500 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 74626B00A; Wed, 29 Jan 2020 08:30:36 +0000 (UTC) Date: Wed, 29 Jan 2020 09:30:34 +0100 From: Petr Vorel To: Mimi Zohar Cc: Jerry Snitselaar , linux-integrity@vger.kernel.org, James Bottomley , linux-kernel@vger.kernel.org Subject: Re: [PATCH 1/2] ima: use the IMA configured hash algo to calculate the boot aggregate Message-ID: <20200129083034.GA387@dell5510> Reply-To: Petr Vorel References: <1580140919-6127-1-git-send-email-zohar@linux.ibm.com> <20200127204941.2ewman4y5nzvkjqe@cantor> <1580160699.5088.64.camel@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1580160699.5088.64.camel@linux.ibm.com> User-Agent: Mutt/1.12.2 (2019-09-21) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Mimi, Reviewed-by: Petr Vorel > The original LTP ima_boot_aggregate.c test needed to be updated to > support TPM 2.0 before this change. ?For TPM 2.0, the PCRs are not > exported. ?With this change, the kernel could be reading PCRs from a > TPM bank other than SHA1 and calculating the boot_aggregate based on a > different hash algorithm as well. ?I'm not sure how a remote verifier > would know which TPM bank was read, when calculating the boot- > aggregate. Mimi, do you plan to do update LTP test? Kind regards, Petr