Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp10189326rwr;
        Fri, 12 May 2023 05:12:02 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ5xd5zty9XaDjFT7uTE8edKRzwqP/a6KmUP/VnP16xu+JpTdqq0hgEPz6isgMh5eHSwIyUu
X-Received: by 2002:a05:6a20:7d8d:b0:101:166:863f with SMTP id v13-20020a056a207d8d00b001010166863fmr18963920pzj.23.1683893522500;
        Fri, 12 May 2023 05:12:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1683893522; cv=none;
        d=google.com; s=arc-20160816;
        b=C3dccyS8KnLZPX3sFFEFrKVIpFa1MXpc9hmT9dNhbaCrUzGyTj4ndWuDoQq9Q+tO5z
         flbPSor3HVpfkvXjFwoCOIrnm3jEiXjwtNR9TxlPgPBaPk3TntZpFVHojcbhUnhZ6gzD
         VKI64zjenIWfM1XKfNXVDWxGtkogbmZ15bTZMGv6efVY/80W282HbKm7NRdj1sq5/L8h
         8RPORjwRSZm1WKK4VIInY0ILuINsq/gyxA/1mfZ6q6U5DcvDW/tkr6Lt3UWtAnwGz+Kx
         qlTzhlMuAAd35CDLEFqlGqPWDoxojbxwvj9S1l+LdOJk0EUv78nvrYhWWgt7sLnSA1vB
         fbjw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=GeVxL0ueMJmZTedTehP1DoLo/IrZsMtBDutmkttH5AI=;
        b=RgOtgfcfmofL1zmofk3aZB+MGMY/OEZYVoJRUx7zZg6o961V6Fo3TIYatzCL2zm3Fr
         ggwH1ll2KnithhL6r8addFv1CsKowMg/5dfJEhCxm5iOvJSf/8IW0QmQDUdz+9MtYjBX
         hilnukJ2YzTHhmQwsp7Z8Fw3W27K1fvkUIe2H3ZN/FkJdxi/z8/KSF0yUhrdAiGCacC1
         aovA4yIxhE+x8C81kaPoEdjV/MF0ZhhM7nTG+pv7Xn/ACkDhElmHeLHyp3uba7tHHfZs
         xFqEyhYFv2dvbOUauEql2+AQpF1g15CdE+VCr2DC35yU6Zaj+HubKQxkv3UzPVJ1Vq2S
         ivtw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id g9-20020a63fa49000000b0052c73367c13si9118215pgk.871.2023.05.12.05.11.46;
        Fri, 12 May 2023 05:12:02 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S240906AbjELLnz (ORCPT <rfc822;letrhee@gmail.com> + 99 others);
        Fri, 12 May 2023 07:43:55 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33598 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S240347AbjELLnx (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Fri, 12 May 2023 07:43:53 -0400
Received: from cavan.codon.org.uk (irc.codon.org.uk [IPv6:2a00:1098:84:22e::2])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C40E24C3D;
        Fri, 12 May 2023 04:43:50 -0700 (PDT)
Received: by cavan.codon.org.uk (Postfix, from userid 1000)
        id 77AB940A6F; Fri, 12 May 2023 12:43:49 +0100 (BST)
Date:   Fri, 12 May 2023 12:43:49 +0100
From:   Matthew Garrett <mjg59@srcf.ucam.org>
To:     Ross Philipson <ross.philipson@oracle.com>
Cc:     linux-kernel@vger.kernel.org, x86@kernel.org,
        linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org,
        linux-crypto@vger.kernel.org, iommu@lists.linux-foundation.org,
        kexec@lists.infradead.org, linux-efi@vger.kernel.org,
        dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com,
        bp@alien8.de, hpa@zytor.com, ardb@kernel.org,
        James.Bottomley@hansenpartnership.com, luto@amacapital.net,
        nivedita@alum.mit.edu, kanth.ghatraju@oracle.com,
        trenchboot-devel@googlegroups.com
Subject: Re: [PATCH v6 13/14] tpm: Allow locality 2 to be set when
 initializing the TPM for Secure Launch
Message-ID: <20230512114349.GH14461@srcf.ucam.org>
References: <20230504145023.835096-1-ross.philipson@oracle.com>
 <20230504145023.835096-14-ross.philipson@oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20230504145023.835096-14-ross.philipson@oracle.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00,
        HEADER_FROM_DIFFERENT_DOMAINS,KHOP_HELO_FCRDNS,SPF_HELO_NEUTRAL,
        SPF_NEUTRAL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Thu, May 04, 2023 at 02:50:22PM +0000, Ross Philipson wrote:
> The Secure Launch MLE environment uses PCRs that are only accessible from
> the DRTM locality 2. By default the TPM drivers always initialize the
> locality to 0. When a Secure Launch is in progress, initialize the
> locality to 2.

This looks correct in itself, but looking at the CRB driver code I don't 
think locality support is actually implemented. Are there any SL systems 
using CRB?