On Sat, Oct 08, 2016 at 10:15:55PM -0400, Nayna Jain wrote: > The existing in-kernel interface for extending a TPM PCR extends > the SHA1 PCR bank. For TPM 1.2, that is the one and only PCR bank > defined. TPM 2.0 adds support for multiple PCR banks, to support > different hash algorithms. The TPM 2.0 Specification[1] > recommends extending all active PCR banks. This patch set enhances > the existing TPM 2.0 extend function and corresponding in-kernel > interface to support extending all active PCR banks. > > The first patch implements the TPM 2.0 capability to retrieve > the list of active PCR banks. > > The second patch modifies the TPM 2.0 device driver extend function > to support extending multiple PCR banks. The existing in-kernel > interface expects only a SHA1 digest. Hence, to extend all active > PCR banks with differing digest sizes for TPM 2.0, the SHA1 digest > is padded with 0's as needed. > > This approach is taken to maintain backwards compatibility for the > existing users (i.e. IMA) in order to continue working with both > TPM 1.2 and TPM 2.0 without any changes and still comply with the > TPM 2.0 Specification[1] requirement of extending all active PCR > banks. > > This patch series has a prerequisite(header file tpm2.h) of TPM 2.0 > event log patch series.
This is an unacceptable requirement. I don't even like the idea of having tpm2.h (rather would keep stuff in tpm2-cmd.c). Also I seriously cannot accept patch sets that add code without giving value. /Jarkko ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
