Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp1446779ybv;
        Thu, 6 Feb 2020 04:19:16 -0800 (PST)
X-Google-Smtp-Source: APXvYqyRvNWZY5+J7geyk1t/+qnVw4vv0MqobQoScgJC2odxxIM01FG+QRyjXMX1CGzq2W7XTA4J
X-Received: by 2002:a9d:d06:: with SMTP id 6mr30657742oti.176.1580991555899;
        Thu, 06 Feb 2020 04:19:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1580991555; cv=none;
        d=google.com; s=arc-20160816;
        b=GYYWLN+3B3nasLjm+YY7wbJPY6FhI1vOkNhP4t9SLiAenLeRaIQAYkYTN8GpACYOVo
         2dfuSruz2SmqGOkruaBiqEfnEuzLIZsT9qsKqRoN2eU6aQsvEaFJgHzi5yJZ0Z0OI6kC
         JiA4RbwBYNO/JDXaJ2elBqpo8NWgkaIR5OLfVTUZn7vvlgxQofLP0ZKQePheyBB+k+wL
         xWl1GQ8TAKuVkNHc1tjd8sHtk3AFimtSYzeiC4PrNMXeb/XUpCBa2UyJEp+11kqN86yd
         tKVhiUqJRwH6/GKH6ZgiIL1UNlsmP4yCj7BNYRETVWwUZwRkcY+zhIIByVo1j5veESmQ
         P+fQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:content-transfer-encoding
         :mime-version:references:in-reply-to:date:cc:to:from:subject;
        bh=4d95/chUWofPdD1fb3RFaiOcUHTSJUPk9EMeuNN3jzo=;
        b=pc1pDUWNtvi8BQVKcxlN+rpo/tIuIJWrPN4jFq8kxauDYEaxW4OlWiaLGgRgmu1i6s
         vjq9ayULd8cIDMOW0WEy4CThVPY5c+YUofqPrgirXW5pVK/v+S3NCvN+6XsL/UaRhXLI
         yXq3g4vwY3suOz2PVltT3SpahEk0AU++hSAUX4hnS76guwGiqr8xEPtJyIISBO9OyO2U
         T5awRCuu6vQ57GF9k3Jtl1sgRiaf4U9JGF9cFNfjV47ieqvNqaCkJjIYNcvCrIIN3KiJ
         HW6xTK5h0LEgesth8Xcs2hcRokrvXCdeMu2HIb/zLuQ789triYsbMopJ/dk+5AK5DX8s
         oblA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e5si1989411oii.32.2020.02.06.04.18.59;
        Thu, 06 Feb 2020 04:19:15 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727904AbgBFMRS (ORCPT <rfc822;shibaboy@gmail.com> + 99 others);
        Thu, 6 Feb 2020 07:17:18 -0500
Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:44812 "EHLO
        mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1727111AbgBFMRS (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 6 Feb 2020 07:17:18 -0500
Received: from pps.filterd (m0098396.ppops.net [127.0.0.1])
        by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 016C9sxO113138
        for <linux-kernel@vger.kernel.org>; Thu, 6 Feb 2020 07:17:17 -0500
Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99])
        by mx0a-001b2d01.pphosted.com with ESMTP id 2xyhn5e31g-1
        (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT)
        for <linux-kernel@vger.kernel.org>; Thu, 06 Feb 2020 07:17:16 -0500
Received: from localhost
        by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
        for <linux-kernel@vger.kernel.org> from <zohar@linux.ibm.com>;
        Thu, 6 Feb 2020 12:17:12 -0000
Received: from b06cxnps4075.portsmouth.uk.ibm.com (9.149.109.197)
        by e06smtp03.uk.ibm.com (192.168.101.133) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted;
        (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256)
        Thu, 6 Feb 2020 12:17:08 -0000
Received: from d06av21.portsmouth.uk.ibm.com (d06av21.portsmouth.uk.ibm.com [9.149.105.232])
        by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 016CH7Ms58720370
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Thu, 6 Feb 2020 12:17:07 GMT
Received: from d06av21.portsmouth.uk.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 869F552051;
        Thu,  6 Feb 2020 12:17:07 +0000 (GMT)
Received: from localhost.localdomain (unknown [9.85.140.59])
        by d06av21.portsmouth.uk.ibm.com (Postfix) with ESMTP id 99E505204F;
        Thu,  6 Feb 2020 12:17:06 +0000 (GMT)
Subject: Re: [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
From:   Mimi Zohar <zohar@linux.ibm.com>
To:     Roberto Sassu <roberto.sassu@huawei.com>,
        "James.Bottomley@HansenPartnership.com" 
        <James.Bottomley@HansenPartnership.com>,
        "jarkko.sakkinen@linux.intel.com" <jarkko.sakkinen@linux.intel.com>
Cc:     "linux-integrity@vger.kernel.org" <linux-integrity@vger.kernel.org>,
        "linux-security-module@vger.kernel.org" 
        <linux-security-module@vger.kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Silviu Vlasceanu <Silviu.Vlasceanu@huawei.com>,
        "stable@vger.kernel.org" <stable@vger.kernel.org>
Date:   Thu, 06 Feb 2020 07:17:06 -0500
In-Reply-To: <b1507c1121b64b3abc00e154fcfeef65@huawei.com>
References: <20200205103317.29356-1-roberto.sassu@huawei.com>
         <20200205103317.29356-3-roberto.sassu@huawei.com>
         <1580936432.5585.309.camel@linux.ibm.com>
         <b1507c1121b64b3abc00e154fcfeef65@huawei.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) 
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TM-AS-GCONF: 00
x-cbid: 20020612-0012-0000-0000-0000038443A0
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 20020612-0013-0000-0000-000021C0B155
Message-Id: <1580991426.5585.334.camel@linux.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138,18.0.572
 definitions=2020-02-06_01:2020-02-06,2020-02-06 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015
 lowpriorityscore=0 phishscore=0 mlxlogscore=999 impostorscore=0 mlxscore=0
 suspectscore=0 priorityscore=1501 malwarescore=0 bulkscore=0 spamscore=0
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2001150001 definitions=main-2002060093
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, 2020-02-06 at 09:36 +0000, Roberto Sassu wrote:
> > Hi Roberto,
> > 
> > On Wed, 2020-02-05 at 11:33 +0100, Roberto Sassu wrote:
> > 
> > <snip>
> > 
> > > Reported-by: Jerry Snitselaar <jsnitsel@redhat.com>
> > > Suggested-by: James Bottomley
> > <James.Bottomley@HansenPartnership.com>
> > > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> > > Cc: stable@vger.kernel.org
> > 
> > Cc'ing stable resulted in Sasha's automated message.  If you're going
> > to Cc stable, then please include the stable kernel release (e.g. Cc:
> > stable@vger.kernel.org # v5.3).  Also please include a "Fixes" tag.
> >  Normally only bug fixes are backported.
> 
> Ok, will add the kernel version. I also thought which commit I should
> mention in the Fixes tag. IMA always read the SHA1 bank from the
> beginning. I could mention the patch that introduces the new API
> to read other banks, but I'm not sure. What do you think?

This patch is dependent on nr_allocated_banks.  Please try applying
this patch to the earliest stable kernel with the commit that
introduces nr_allocated_banks and test to make sure it works properly.

thanks,

Mimi