Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-04-04 Thread Jarkko Sakkinen
On Thu Apr 4, 2024 at 2:56 AM EEST, Eric Biggers wrote: > On Wed, Apr 03, 2024 at 09:32:02AM -0700, Andy Lutomirski wrote: > > On Fri, Feb 23, 2024, at 10:30 AM, Eric Biggers wrote: > > > On Fri, Feb 23, 2024 at 06:20:27PM +, Andrew Cooper wrote: > > >> On 23/02/2024 5:54 pm, Eric Biggers

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-04-03 Thread ross . philipson
On 4/3/24 4:56 PM, Eric Biggers wrote: On Wed, Apr 03, 2024 at 09:32:02AM -0700, Andy Lutomirski wrote: On Fri, Feb 23, 2024, at 10:30 AM, Eric Biggers wrote: On Fri, Feb 23, 2024 at 06:20:27PM +, Andrew Cooper wrote: On 23/02/2024 5:54 pm, Eric Biggers wrote: On Fri, Feb 23, 2024 at

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-04-03 Thread Eric Biggers
On Wed, Apr 03, 2024 at 09:32:02AM -0700, Andy Lutomirski wrote: > On Fri, Feb 23, 2024, at 10:30 AM, Eric Biggers wrote: > > On Fri, Feb 23, 2024 at 06:20:27PM +, Andrew Cooper wrote: > >> On 23/02/2024 5:54 pm, Eric Biggers wrote: > >> > On Fri, Feb 23, 2024 at 04:42:11PM +, Andrew

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-04-03 Thread Andy Lutomirski
On Fri, Feb 23, 2024, at 10:30 AM, Eric Biggers wrote: > On Fri, Feb 23, 2024 at 06:20:27PM +, Andrew Cooper wrote: >> On 23/02/2024 5:54 pm, Eric Biggers wrote: >> > On Fri, Feb 23, 2024 at 04:42:11PM +, Andrew Cooper wrote: >> >> Yes, and I agree.  We're not looking to try and force this

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-02-23 Thread Eric Biggers
On Fri, Feb 23, 2024 at 06:20:27PM +, Andrew Cooper wrote: > On 23/02/2024 5:54 pm, Eric Biggers wrote: > > On Fri, Feb 23, 2024 at 04:42:11PM +, Andrew Cooper wrote: > >> Yes, and I agree.  We're not looking to try and force this in with > >> underhand tactics. > >> > >> But a blind "nack

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-02-23 Thread Andrew Cooper
On 23/02/2024 5:54 pm, Eric Biggers wrote: > On Fri, Feb 23, 2024 at 04:42:11PM +, Andrew Cooper wrote: >> Yes, and I agree.  We're not looking to try and force this in with >> underhand tactics. >> >> But a blind "nack to any SHA-1" is similarly damaging in the opposite >> direction. >> >

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-02-23 Thread Eric Biggers
On Fri, Feb 23, 2024 at 04:42:11PM +, Andrew Cooper wrote: > > Yes, and I agree.  We're not looking to try and force this in with > underhand tactics. > > But a blind "nack to any SHA-1" is similarly damaging in the opposite > direction. > Well, reviewers have said they'd prefer that SHA-1

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-02-23 Thread Andrew Cooper
On 23/02/2024 9:27 am, Ard Biesheuvel wrote: > On Thu, 22 Feb 2024 at 13:30, Andrew Cooper wrote: >> On 22/02/2024 9:34 am, Ard Biesheuvel wrote: >>> On Thu, 22 Feb 2024 at 04:05, Andrew Cooper >>> wrote: On 15/02/2024 8:17 am, Ard Biesheuvel wrote: > On Wed, 14 Feb 2024 at 23:31, Ross

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-02-23 Thread Ard Biesheuvel
On Thu, 22 Feb 2024 at 13:30, Andrew Cooper wrote: > > On 22/02/2024 9:34 am, Ard Biesheuvel wrote: > > On Thu, 22 Feb 2024 at 04:05, Andrew Cooper > > wrote: > >> On 15/02/2024 8:17 am, Ard Biesheuvel wrote: > >>> On Wed, 14 Feb 2024 at 23:31, Ross Philipson > >>> wrote: > From: "Daniel

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-02-22 Thread Andrew Cooper
On 22/02/2024 9:34 am, Ard Biesheuvel wrote: > On Thu, 22 Feb 2024 at 04:05, Andrew Cooper wrote: >> On 15/02/2024 8:17 am, Ard Biesheuvel wrote: >>> On Wed, 14 Feb 2024 at 23:31, Ross Philipson >>> wrote: From: "Daniel P. Smith" The SHA algorithms are necessary to measure

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-02-22 Thread Ard Biesheuvel
On Thu, 22 Feb 2024 at 04:05, Andrew Cooper wrote: > > On 15/02/2024 8:17 am, Ard Biesheuvel wrote: > > On Wed, 14 Feb 2024 at 23:31, Ross Philipson > > wrote: > >> From: "Daniel P. Smith" > >> > >> The SHA algorithms are necessary to measure configuration information into > >> the TPM as

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-02-21 Thread Andrew Cooper
On 15/02/2024 8:17 am, Ard Biesheuvel wrote: > On Wed, 14 Feb 2024 at 23:31, Ross Philipson > wrote: >> From: "Daniel P. Smith" >> >> The SHA algorithms are necessary to measure configuration information into >> the TPM as early as possible before using the values. This implementation >> uses

Re: [PATCH v8 06/15] x86: Add early SHA support for Secure Launch early measurements

2024-02-15 Thread Ard Biesheuvel
On Wed, 14 Feb 2024 at 23:31, Ross Philipson wrote: > > From: "Daniel P. Smith" > > The SHA algorithms are necessary to measure configuration information into > the TPM as early as possible before using the values. This implementation > uses the established approach of #including the SHA