Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1382875pxb; Sun, 21 Feb 2021 23:40:49 -0800 (PST) X-Google-Smtp-Source: ABdhPJzGCrDhUwo7iSmIwYWsMXkYyWmom+MV4EVN9Yhk1dDZRhTAjMmd0OTq+G01sHcMjRlYLgcN X-Received: by 2002:aa7:da4b:: with SMTP id w11mr12537326eds.66.1613979649333; Sun, 21 Feb 2021 23:40:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613979649; cv=none; d=google.com; s=arc-20160816; b=tOCixL5aKseDkRchzCr0QvkHXn5qxigueMNnfLjezQmDx/EVDLfA0dpd8OWVEfxjfc nLyInSKSFHnXrh7X15nI/Rm4UJkQ38GfDkSo5HvSGUSu1TA7EAOxPQ5ywHkNI7tTBzrG WkqojjBXpQAtisupbfaBFxQ7Hg21jXxGOLr66pqLnhNAzJ2BhY2rKB34kbURXFtA4aSa o6tTysv8Rc1Nk5F82ud+ZpJH1k9GLEoJmtaBZy3TQRWjvhuR/zeyAdoC0/zl7WxzOUeC PN48iF/P1FUg0WL/1zarhEcx+sQMAIxHrw/M0xv96cLh0wr/lA36keHcTZJY28WnizwG f/dA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=PRh88qbeC/mtBr0FwCFOVryhxhsJCJrA855sEcPQWrA=; b=m52IPoFnBasHXiQF/WG6mvdfQkiS9UR18W3qLjcGNL/1uOzT7Fqlnmq5/CbuzYS/Tn NE1I2+tmYVqz8H6qjbQJhA7eQNR5nG2R4iHfMpRwdFdN7A0oy6V2wE7tK6JP0fSAaGIZ 7sabk/OViCBd9AMsMcm/3mp8VULKEn+8zrd9VpSAO2xCFpehnZXzOtBDxaguZRXl15dC JhTHa2N5R27of0KuKVLxGZaF+YFcITokZzasy/hOpB8byz6OssyrnQNLcslMxOjxOYjd yYNZ65yMNCfPepuwa4iFJKSjPj4RE4ZcGddCb2kjZmywUnqE6C0q80FFpJoFCnM8HNK+ qRmw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bo17si8116276edb.355.2021.02.21.23.40.26; Sun, 21 Feb 2021 23:40:49 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230163AbhBVHhy (ORCPT + 99 others); Mon, 22 Feb 2021 02:37:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55424 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230099AbhBVHhx (ORCPT ); Mon, 22 Feb 2021 02:37:53 -0500 X-Greylist: delayed 95 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Sun, 21 Feb 2021 23:37:13 PST Received: from cavan.codon.org.uk (cavan.codon.org.uk [IPv6:2a00:1098:84:22e::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4EEC9C061786 for ; Sun, 21 Feb 2021 23:37:13 -0800 (PST) Received: by cavan.codon.org.uk (Postfix, from userid 1000) id 109D340A2E; Mon, 22 Feb 2021 07:36:27 +0000 (UTC) Date: Mon, 22 Feb 2021 07:36:27 +0000 From: Matthew Garrett To: Jarkko Sakkinen Cc: Matthew Garrett , linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, linux-pm@vger.kernel.org, keyrings@vger.kernel.org, zohar@linux.ibm.com, jejb@linux.ibm.com, corbet@lwn.net, rjw@rjwysocki.net, Matthew Garrett Subject: Re: [PATCH 3/9] security: keys: trusted: Parse out individual components of the key blob Message-ID: <20210222073627.GB30403@codon.org.uk> References: <20210220013255.1083202-1-matthewgarrett@google.com> <20210220013255.1083202-4-matthewgarrett@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Feb 20, 2021 at 05:05:36AM +0200, Jarkko Sakkinen wrote: > On Sat, Feb 20, 2021 at 01:32:49AM +0000, Matthew Garrett wrote: > > Performing any sort of state validation of a sealed TPM blob requires > > being able to access the individual members in the response. Parse the > > blob sufficiently to be able to stash pointers to each member, along > > with the length. > > > > Signed-off-by: Matthew Garrett > > I'll just say LGTM for now. Did not see anything obviously wrong in > the code change (and does make sense to nitpick minor things just > yet). > > Need to understand the whole use case just a little bit better. I wrote this up with some more detail at https://mjg59.dreamwidth.org/55845.html - it seemed longer than appropriate for a commit message, but if you'd like more detail somewhere I can certainly add it.