diff for duplicates of <1521219106.3503.54.camel@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 89be73c..601dfd3 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -9,9 +9,9 @@ On Thu, 2018-03-15 at 10:29 -0700, James Bottomley wrote: > > > > If EFI is extending the TPM, will the events be added to the TPM > > > > event log or to the IMA measurement list? > > > -> > > I'm not proposing any changes to the tpm_pcr_extend API. At the +> > > I'm not proposing any changes to the tpm_pcr_extend API. ?At the > > > moment it does an extend without logging, so that's what it will do -> > > in the EFI driver case as well. That means logging is still the +> > > in the EFI driver case as well. ?That means logging is still the > > > responsibility of the caller. > > > > Does EFI support extending multiple TPM banks? @@ -20,7 +20,7 @@ On Thu, 2018-03-15 at 10:29 -0700, James Bottomley wrote: > > https://trustedcomputinggroup.org/tcg-efi-protocol-specification/ > -> As I said, I'm not planning to change the tpm_pcr_.. API. At the +> As I said, I'm not planning to change the tpm_pcr_.. API. ?At the > moment for a TPM2 we extend all banks in the tpm_pcr_extend() API, so > that's what we'll continue to do ... including extending the sha256 > banks with the sha1 hash, which seems to be our current practice. @@ -28,3 +28,8 @@ On Thu, 2018-03-15 at 10:29 -0700, James Bottomley wrote: Thanks, what you're planning on doing is a lot clearer now. Mimi + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index 1f38fbd..06925b4 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -19,21 +19,10 @@ "ref\01521133728.5348.51.camel@HansenPartnership.com\0" "ref\01521134074.3547.629.camel@linux.vnet.ibm.com\0" "ref\01521134981.5348.62.camel@HansenPartnership.com\0" - "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" - "Subject\0Re: [PATCH] security: Fix IMA Kconfig for dependencies on ARM64\0" + "From\0zohar@linux.vnet.ibm.com (Mimi Zohar)\0" + "Subject\0[PATCH] security: Fix IMA Kconfig for dependencies on ARM64\0" "Date\0Fri, 16 Mar 2018 12:51:46 -0400\0" - "To\0James Bottomley <James.Bottomley@hansenpartnership.com>" - Safford - David (GE Global Research - US) <david.safford@ge.com> - Jiandi An <anjiandi@codeaurora.org> - " Jason Gunthorpe <jgg@ziepe.ca>\0" - "Cc\0dmitry.kasatkin@gmail.com <dmitry.kasatkin@gmail.com>" - jmorris@namei.org <jmorris@namei.org> - serge@hallyn.com <serge@hallyn.com> - linux-integrity@vger.kernel.org <linux-integrity@vger.kernel.org> - linux-security-module@vger.kernel.org <linux-security-module@vger.kernel.org> - " linux-kernel@vger.kernel.org <linux-kernel@vger.kernel.org>\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "On Thu, 2018-03-15 at 10:29 -0700, James Bottomley wrote:\n" @@ -47,9 +36,9 @@ "> > > > If EFI is extending the TPM, will the events be added to the TPM\n" "> > > > event log or to the IMA measurement list?\n" "> > > \n" - "> > > I'm not proposing any changes to the tpm_pcr_extend API. At the\n" + "> > > I'm not proposing any changes to the tpm_pcr_extend API. ?At the\n" "> > > moment it does an extend without logging, so that's what it will do\n" - "> > > in the EFI driver case as well. That means logging is still the\n" + "> > > in the EFI driver case as well. ?That means logging is still the\n" "> > > responsibility of the caller.\n" "> > \n" "> > Does EFI support extending multiple TPM banks?\n" @@ -58,13 +47,18 @@ "> \n" "> https://trustedcomputinggroup.org/tcg-efi-protocol-specification/\n" "> \n" - "> As I said, I'm not planning to change the tpm_pcr_.. API. At the\n" + "> As I said, I'm not planning to change the tpm_pcr_.. API. ?At the\n" "> moment for a TPM2 we extend all banks in the tpm_pcr_extend() API, so\n" "> that's what we'll continue to do ... including extending the sha256\n" "> banks with the sha1 hash, which seems to be our current practice.\n" "\n" "Thanks, what you're planning on doing is a lot clearer now.\n" "\n" - Mimi + "Mimi\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -f193476528da41d033d47e9494a8781d838058958b7f98ecf231dc1dd1d28899 +856db3230557da56a163b4a5ccc6ed2411e7ac543d4c021b4f54164f2c4cb2db
diff --git a/a/1.txt b/N2/1.txt index 89be73c..0987ec6 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -9,9 +9,9 @@ On Thu, 2018-03-15 at 10:29 -0700, James Bottomley wrote: > > > > If EFI is extending the TPM, will the events be added to the TPM > > > > event log or to the IMA measurement list? > > > -> > > I'm not proposing any changes to the tpm_pcr_extend API. At the +> > > I'm not proposing any changes to the tpm_pcr_extend API. At the > > > moment it does an extend without logging, so that's what it will do -> > > in the EFI driver case as well. That means logging is still the +> > > in the EFI driver case as well. That means logging is still the > > > responsibility of the caller. > > > > Does EFI support extending multiple TPM banks? @@ -20,7 +20,7 @@ On Thu, 2018-03-15 at 10:29 -0700, James Bottomley wrote: > > https://trustedcomputinggroup.org/tcg-efi-protocol-specification/ > -> As I said, I'm not planning to change the tpm_pcr_.. API. At the +> As I said, I'm not planning to change the tpm_pcr_.. API. At the > moment for a TPM2 we extend all banks in the tpm_pcr_extend() API, so > that's what we'll continue to do ... including extending the sha256 > banks with the sha1 hash, which seems to be our current practice. diff --git a/a/content_digest b/N2/content_digest index 1f38fbd..9314850 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -47,9 +47,9 @@ "> > > > If EFI is extending the TPM, will the events be added to the TPM\n" "> > > > event log or to the IMA measurement list?\n" "> > > \n" - "> > > I'm not proposing any changes to the tpm_pcr_extend API. At the\n" + "> > > I'm not proposing any changes to the tpm_pcr_extend API. \302\240At the\n" "> > > moment it does an extend without logging, so that's what it will do\n" - "> > > in the EFI driver case as well. That means logging is still the\n" + "> > > in the EFI driver case as well. \302\240That means logging is still the\n" "> > > responsibility of the caller.\n" "> > \n" "> > Does EFI support extending multiple TPM banks?\n" @@ -58,7 +58,7 @@ "> \n" "> https://trustedcomputinggroup.org/tcg-efi-protocol-specification/\n" "> \n" - "> As I said, I'm not planning to change the tpm_pcr_.. API. At the\n" + "> As I said, I'm not planning to change the tpm_pcr_.. API. \302\240At the\n" "> moment for a TPM2 we extend all banks in the tpm_pcr_extend() API, so\n" "> that's what we'll continue to do ... including extending the sha256\n" "> banks with the sha1 hash, which seems to be our current practice.\n" @@ -67,4 +67,4 @@ "\n" Mimi -f193476528da41d033d47e9494a8781d838058958b7f98ecf231dc1dd1d28899 +d48a8b48d71445249580b0eeba985846cc7cd3aacace8fa51b64e6647f8871f8
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.