Received: by 2002:a05:7412:2a8a:b0:fc:a2b0:25d7 with SMTP id u10csp649599rdh; Wed, 7 Feb 2024 16:14:14 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUWfIIJaMnqv4p8BEY8SHc7xSI+It+IjtNdKEc5wgn1JHnPOX8lkcHcOCmUd+Toe8X1NZHVxvIZvp9Ru9UBQUNFlCAI3wqg7Hc4MYgmug== X-Google-Smtp-Source: AGHT+IEPEV533GuyDmrxD/XUPFJbystuc/UbDS3pU88n88DhHgFjlsBvKdzGGm96S2NtG7XNa8a2 X-Received: by 2002:a17:903:2447:b0:1d7:8541:f914 with SMTP id l7-20020a170903244700b001d78541f914mr7232477pls.26.1707351254548; Wed, 07 Feb 2024 16:14:14 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707351254; cv=pass; d=google.com; s=arc-20160816; b=IzIIO0S3yA4cW/e6o6dF7KWXp/Od9WI+dgVNm/nPo5NevnSd4oRl4azlVQzehpoo2E VvdSzYs9N4MTAxsjiF9oPC0a1FBa7bgXofxmAd944GDRWyq6tMg8E39SSkBSpHbSJ9kH k7kUh6Adh+GdhAmDwKAvfqOwVFo4j+yOmq5Ux3d8il6je8S/PM1JHL729qWw4FbHsdLZ VGe4qlkccs2da4MzWHBiRI4MfhAefgvcq2BBV7ddmP5nRU6nS9kUfhEUFqBYqGfQxIo4 xZehkME4vJy+s9krwxsTIKFm25seCOqXCnTayBjujsUIrVpPBZmDv5wA3Aw1wrsFk8Vo 4rJA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id:dkim-signature; bh=v7H7uG3MAyTbRSWqPQJW8QSxeCEty6kIH8FKT13xPVQ=; fh=FGcQ/GuLivBbq+GeAOOStA2ezkNkG2oTkLfbX//qGfA=; b=tNozwlOPknqqyR6Xj4BuzXuix3wbkaiuR4Ja2jCoMA1hQ4c+ae8XEtsdN2mzGX+/Ls ESBIbIb1/4FugYoxhgQNbk/ffCWvol+G5JaJ6W81JM5AqmGa58cQ+UtVD60Xq9ZO4Xh0 fATPD5HDKwlen3G3HaonrqHMt7TDibB4vQXAZ8eRrGAFewg7u4kEDX/u12u7wUS+a7lc cQRwHh30bSW+n5yHZc4T1hriwBs9bzJ0E1aGhECwc5anxukITy5SF909d0rBMtAVoZVC vdQ2RHO56eqE/SkN2S07bHhKKZWFmENyjBL/nhpJSiF+hkpo+aDH9Ru27R4XGbYvFH91 Hiaw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=MRVZbsNT; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-57056-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-57056-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Forwarded-Encrypted: i=2; AJvYcCXFNcUtqQ+qNCJTODmiHuosrqpxIf2yesBAigOG2Komin8eHtAbyYpNezqUovqnHtv9zPGxZbtiKwAmfgdSL8Uf4CRHHOEVLCI+H2Dmzg== Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id q2-20020a170902edc200b001d9588f0723si2697217plk.522.2024.02.07.16.14.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Feb 2024 16:14:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-57056-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=MRVZbsNT; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-57056-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-57056-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 09D77285167 for ; Wed, 7 Feb 2024 21:09:06 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 956B3127B6A; Wed, 7 Feb 2024 21:08:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="MRVZbsNT" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4BDDD127B46; Wed, 7 Feb 2024 21:08:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.15 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707340138; cv=none; b=gyzDzSnOtqLtEkbBYLKuSMs3DTnurVuZT1rLbKsGcLpyPdYdpbcfvDtZxMNmmy/VLPqdt/SYRObleLFd8z9rPEp7BMEyKjAo9mBI8qiUyAFftZwX9lQysVzbhaUJmTp0h7JH/t1Ri0vwm6w7pd6tUQaX4NvNtkCGbIi5F6Icy7I= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707340138; c=relaxed/simple; bh=ES++gTsdxdJ8gT+Nc5W70oPKKHmOzpvLYS1vBB9EanE=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=nHfgmaKowuOJrEH58uro+LU40z0BIrHidvA3zCuKIk/DudzFLmTp1U5EbiEWKeA8rt2fIpQmrXYWo5MA3cOxHQOjJa0b8WX7O5gBykjh+3Tt9NJuMaBbr3HHDp304FsOyvWyg7XH+XNgfinfq2+MSNCyLmpMksXUPh53zmZZSFU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=MRVZbsNT; arc=none smtp.client-ip=198.175.65.15 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1707340138; x=1738876138; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=ES++gTsdxdJ8gT+Nc5W70oPKKHmOzpvLYS1vBB9EanE=; b=MRVZbsNTcXdM+gd8Y9wDUoBVh38tWoYg7HziLSbjSHwI03RdAB871ux2 XZmIeg6+NP4GzeBd/WPPvztr0lIet7LfC6+h35O5Z2L7dqMFxsM4FhvKa HLAXPps4fFaa2bZSuqnnmRrEEbHBdd1fViWmvo7haSKLNPkppDNPyCRKR ofoBC2ZuYLs7pQPGfL8mRMnK1QSrezX5uBiwebm+7U/B7QPxwjWGJbUgP s8UkVRSufSPj8cny5ts2Sk18ce7wQBE/PtChWznOtK2xOIKK9iu6WioZu lMS0faY0HuePFBTjIujDPaKZkvKZxnoPXC9TUvZ+APmR8MFXLPhU5h1HK Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10977"; a="4947364" X-IronPort-AV: E=Sophos;i="6.05,251,1701158400"; d="scan'208";a="4947364" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orvoesa107.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Feb 2024 13:08:57 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,251,1701158400"; d="scan'208";a="32526238" Received: from srussjr-mobl1.amr.corp.intel.com (HELO [10.209.91.249]) ([10.209.91.249]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Feb 2024 13:08:55 -0800 Message-ID: <527da630-4952-4b1d-80c0-5a87997ff9fd@linux.intel.com> Date: Wed, 7 Feb 2024 13:08:54 -0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [RFC PATCH v2 0/4] tsm: Runtime measurement registers ABI Content-Language: en-US To: "Xing, Cedric" , Dan Williams , James Bottomley , Dan Middleton , Samuel Ortiz Cc: Qinkun Bao , "Yao, Jiewen" , Dionna Amalie Glaze , biao.lu@intel.com, linux-coco@lists.linux.dev, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org References: <20240128212532.2754325-1-sameo@rivosinc.com> <42e14f74d3819c95fdb97cd2e9b2829dcb1b1563.camel@HansenPartnership.com> <1557f98a-3d52-4a02-992b-4401c7c85dd7@linux.intel.com> <85b7a4a679eada1d17b311bf004c2d9e18ab5cd3.camel@HansenPartnership.com> <65c2e4aa54a0_d4122947f@dwillia2-mobl3.amr.corp.intel.com.notmuch> <22088ed3-51a4-415f-932c-db84c92a2812@intel.com> From: Kuppuswamy Sathyanarayanan In-Reply-To: <22088ed3-51a4-415f-932c-db84c92a2812@intel.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On 2/7/24 12:16 PM, Xing, Cedric wrote: > On 2/6/2024 6:02 PM, Dan Williams wrote: >> James Bottomley wrote: >>> There isn't really anything more complex about an interface that takes >>> a log entry, and does the record an extend, than an interface which >>> takes a PCR extension value.  So best practice would say that you >>> should create the ABI that you can't get wrong (log and record) rather >>> than creating one that causes additional problems for userspace. >> >> Agree, there's no need for the kernel to leave deliberately pointy edges >> for userspace to trip over. >> >> Cedric, almost every time we, kernel community, build an interface where >> userspace says "trust us, we know what we are doing" it inevitably >> results later in "whoops, turns out it would have helped if the kernel >> enforced structure here". So the log ABI adds that structure for the >> primary use cases. > > Dan, I agree with your statement generally. But with the precedent of TPM module not maintaining a log, I just wonder if the addition of log would cause problems or force more changes to existing usages than necessary. For example, IMA has its own log and if changed to use RTMR, how would those 2 logs interoperate? We would also need to decide on a log format that can accommodate all applications. IIUC, CC event logging in firmware uses TCG2 format. Since IMA internally uses TPM calls, I assume it also uses the TCG2 format. I think we can follow the same format for RTMR extension. I am wondering where will the event log be stored? Is it in the log_area region of CCEL table? -- Sathyanarayanan Kuppuswamy Linux Kernel Developer