Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp10189326rwr; Fri, 12 May 2023 05:12:02 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5xd5zty9XaDjFT7uTE8edKRzwqP/a6KmUP/VnP16xu+JpTdqq0hgEPz6isgMh5eHSwIyUu X-Received: by 2002:a05:6a20:7d8d:b0:101:166:863f with SMTP id v13-20020a056a207d8d00b001010166863fmr18963920pzj.23.1683893522500; Fri, 12 May 2023 05:12:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683893522; cv=none; d=google.com; s=arc-20160816; b=C3dccyS8KnLZPX3sFFEFrKVIpFa1MXpc9hmT9dNhbaCrUzGyTj4ndWuDoQq9Q+tO5z flbPSor3HVpfkvXjFwoCOIrnm3jEiXjwtNR9TxlPgPBaPk3TntZpFVHojcbhUnhZ6gzD VKI64zjenIWfM1XKfNXVDWxGtkogbmZ15bTZMGv6efVY/80W282HbKm7NRdj1sq5/L8h 8RPORjwRSZm1WKK4VIInY0ILuINsq/gyxA/1mfZ6q6U5DcvDW/tkr6Lt3UWtAnwGz+Kx qlTzhlMuAAd35CDLEFqlGqPWDoxojbxwvj9S1l+LdOJk0EUv78nvrYhWWgt7sLnSA1vB fbjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=GeVxL0ueMJmZTedTehP1DoLo/IrZsMtBDutmkttH5AI=; b=RgOtgfcfmofL1zmofk3aZB+MGMY/OEZYVoJRUx7zZg6o961V6Fo3TIYatzCL2zm3Fr ggwH1ll2KnithhL6r8addFv1CsKowMg/5dfJEhCxm5iOvJSf/8IW0QmQDUdz+9MtYjBX hilnukJ2YzTHhmQwsp7Z8Fw3W27K1fvkUIe2H3ZN/FkJdxi/z8/KSF0yUhrdAiGCacC1 aovA4yIxhE+x8C81kaPoEdjV/MF0ZhhM7nTG+pv7Xn/ACkDhElmHeLHyp3uba7tHHfZs xFqEyhYFv2dvbOUauEql2+AQpF1g15CdE+VCr2DC35yU6Zaj+HubKQxkv3UzPVJ1Vq2S ivtw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g9-20020a63fa49000000b0052c73367c13si9118215pgk.871.2023.05.12.05.11.46; Fri, 12 May 2023 05:12:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240906AbjELLnz (ORCPT + 99 others); Fri, 12 May 2023 07:43:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33598 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240347AbjELLnx (ORCPT ); Fri, 12 May 2023 07:43:53 -0400 Received: from cavan.codon.org.uk (irc.codon.org.uk [IPv6:2a00:1098:84:22e::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C40E24C3D; Fri, 12 May 2023 04:43:50 -0700 (PDT) Received: by cavan.codon.org.uk (Postfix, from userid 1000) id 77AB940A6F; Fri, 12 May 2023 12:43:49 +0100 (BST) Date: Fri, 12 May 2023 12:43:49 +0100 From: Matthew Garrett To: Ross Philipson Cc: linux-kernel@vger.kernel.org, x86@kernel.org, linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org, linux-crypto@vger.kernel.org, iommu@lists.linux-foundation.org, kexec@lists.infradead.org, linux-efi@vger.kernel.org, dpsmith@apertussolutions.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, ardb@kernel.org, James.Bottomley@hansenpartnership.com, luto@amacapital.net, nivedita@alum.mit.edu, kanth.ghatraju@oracle.com, trenchboot-devel@googlegroups.com Subject: Re: [PATCH v6 13/14] tpm: Allow locality 2 to be set when initializing the TPM for Secure Launch Message-ID: <20230512114349.GH14461@srcf.ucam.org> References: <20230504145023.835096-1-ross.philipson@oracle.com> <20230504145023.835096-14-ross.philipson@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230504145023.835096-14-ross.philipson@oracle.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,KHOP_HELO_FCRDNS,SPF_HELO_NEUTRAL, SPF_NEUTRAL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, May 04, 2023 at 02:50:22PM +0000, Ross Philipson wrote: > The Secure Launch MLE environment uses PCRs that are only accessible from > the DRTM locality 2. By default the TPM drivers always initialize the > locality to 0. When a Secure Launch is in progress, initialize the > locality to 2. This looks correct in itself, but looking at the CRB driver code I don't think locality support is actually implemented. Are there any SL systems using CRB?