Re: [PATCH v2 1/3] keys, trusted: select the hash algorithm

Wed, 04 Nov 2015 05:16:28 -0800 

On Tue, Nov 03, 2015 at 06:12:17PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 03, 2015 at 10:39:11AM -0500, Mimi Zohar wrote:
> > On Tue, 2015-11-03 at 09:39 +0200, Jarkko Sakkinen wrote:
> > > On Mon, Nov 02, 2015 at 07:16:49AM -0500, Mimi Zohar wrote:
> > > > On Fri, 2015-10-30 at 13:35 +0200, Jarkko Sakkinen wrote:
> > > > 
> > > > > @@ -787,6 +791,20 @@ static int getoptions(char *c, struct 
> > > > > trusted_key_payload *pay,
> > > > >                               return -EINVAL;
> > > > >                       opt->pcrlock = lock;
> > > > >                       break;
> > > > > +             case Opt_hash:
> > > > > +                     for (i = 0; i < HASH_ALGO__LAST; i++) {
> > > > > +                             if (!strcmp(args[0].from, 
> > > > > hash_algo_name[i])) {
> > > > > +                                     opt->hash = i;
> > > > > +                                     break;
> > > > > +                             }
> > > > > +                     }
> > > > > +                     res = tpm_is_tpm2(TPM_ANY_NUM);
> > > > 
> > > > While looking at this, I wanted to verify that chips are still added to
> > > > the tail of the tpm_chip_list.  Unfortunately, commit "afb5abc tpm:
> > > > two-phase chip management functions" reverted David Howell's commit
> > > > "770ab65 TPM: Add new TPMs to the tail of the list to prevent
> > > > inadvertent change of dev".
> > > > 
> > > > > +                     if (res < 0)
> > > > > +                             return res;
> > > > > +                     if (i == HASH_ALGO__LAST ||
> > > > > +                         (!res && i != HASH_ALGO_SHA1))
> > > > > +                             return -EINVAL;
> > > > > +                     break;
> > > > 
> > > > If the first TPM registered is a TPM 1.2, then changing the default TPM
> > > > 2.0 hash algorithm will fail.
> > > 
> > > Now that we are going fix this issue in 4.3 and 4.4 do you find this
> > > patch otherwise acceptable?
> > > 
> > > PS. In other options that we don't support in TPM2 I'm planning to
> > > submit a fix that they will return -EINVAL (like pcrinfo).
> > 
> > I don't have a problem failing the request, but I do suggest adding some
> > sort of error message.  Different systems might behavior differently
> > without any explanation.
> 
> Something like the pr_info("trusted_key: TPM 1.x supports only sha1")?

I've started to think that maybe it was a bad idea to break this into
patch set as the changes are small and they make sense only together.
What do you think? Should quash everything into single patch?

> > Mimi

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe 
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to