From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BFA00C001DB for ; Thu, 3 Aug 2023 23:35:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: Content-Transfer-Encoding:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:From:References:Cc:To:Subject: MIME-Version:Date:Message-ID:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=qfW74o99mQcnkUOV1RCw7DNSqVXblBRgaD7aYWkhr4Q=; b=siUTlB1ENNWjB+ DSlqh/6lLklSt8ZbGLyY7PbG3/AZukixbBLg1W7F6/GtIOtH1NV2MmZfXsPd+F/THEZvysDavwAFh mKUmtkWWIRv1cU5oNRHui2z8A3gsl2rpn3rJoz1FfmGTAuFOipX6KqSZEvTW+jROLk1SJqRAVzt9Z A4RXM24D9sKUJELuvg0fJoe1jSkeqLYlzRd31fLW0NvvHsgnRLqDdDxT8IqlQE1ZGwV2Bzv5ky6fm 6EjwRBnr6GFUuKeSXCjIvv7kXDANBR2rrk/RMXcBi5q7AL1IDeu7Whud/a2V8ZqBXCdrmVX/72geh tX5jW3/sTNfe5SmPa5iA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1qRhqR-00B6gy-0C; Thu, 03 Aug 2023 23:35:03 +0000 Received: from linux.microsoft.com ([13.77.154.182]) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1qRhqN-00B6gJ-0N for kexec@lists.infradead.org; Thu, 03 Aug 2023 23:35:00 +0000 Received: from [192.168.87.36] (c-98-237-170-177.hsd1.wa.comcast.net [98.237.170.177]) by linux.microsoft.com (Postfix) with ESMTPSA id C6098207F5B1; Thu, 3 Aug 2023 16:34:56 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com C6098207F5B1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1691105697; bh=L8yrCktR1bInfqFj8yOAiQus2L1BtlSzyz1/mAjoTyI=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=sTQbB6oC/uYAco2S/dtzv26Klf8dFhBBWQwL9wfYoMhbBie1PciAnjj2E66O/TXXb Jd0VzJCTzZYfEmZ43Ba/QRWvhGhfp7wNi84sYFKaTEOvb7j/a6g5OD6bVVHVXATTKs EXCp+Hgs6nVDcNjR2J23clcbrtrElcQcGpFor57s= Message-ID: Date: Thu, 3 Aug 2023 16:34:56 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.13.0 Subject: Re: [PATCH 5/6] ima: measure TPM update counter at ima_init Content-Language: en-US To: Mimi Zohar , noodles@fb.com, bauermann@kolabnow.com, ebiederm@xmission.com, bhe@redhat.com, vgoyal@redhat.com, dyoung@redhat.com, peterhuewe@gmx.de, jarkko@kernel.org, jgg@ziepe.ca, kexec@lists.infradead.org, linux-integrity@vger.kernel.org Cc: code@tyhicks.com, nramas@linux.microsoft.com, paul@paul-moore.com References: <20230801181917.8535-1-tusharsu@linux.microsoft.com> <20230801181917.8535-6-tusharsu@linux.microsoft.com> <223d5c5a655fec263895c991550e4291d1bbd4c9.camel@linux.ibm.com> From: Tushar Sugandhi In-Reply-To: <223d5c5a655fec263895c991550e4291d1bbd4c9.camel@linux.ibm.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230803_163459_204504_00CAAC3F X-CRM114-Status: GOOD ( 23.49 ) X-BeenThere: kexec@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Sender: "kexec" Errors-To: kexec-bounces+kexec=archiver.kernel.org@lists.infradead.org CgpPbiA4LzMvMjMgMTU6MTUsIE1pbWkgWm9oYXIgd3JvdGU6Cj4gT24gVHVlLCAyMDIzLTA4LTAx IGF0IDExOjE5IC0wNzAwLCBUdXNoYXIgU3VnYW5kaGkgd3JvdGU6Cj4+IElNQSBsb2cgZW50cmll cyBjYW4gYmUgbG9zdCBkdWUgdG8gYSB2YXJpZXR5IG9mIGNhdXNlcywgc3VjaCBhcyBjb2RlIGJ1 Z3MKPj4gb3IgZXJyb3IgY29uZGl0aW9ucywgbGVhZGluZyB0byBhIG1pc21hdGNoIGJldHdlZW4g VFBNIFBDUnMgYW5kCj4+IHRoZSBJTUEgbG9nLiAgTWVhc3VyaW5nIFRQTSBQQ1IgdXBkYXRlIGNv dW50ZXIgZHVyaW5nIGltYV9pbml0IHdvdWxkCj4+IHByb3ZpZGUgYSBiYXNlbGluZSBjb3VudGVy IGZvciB0aGUgbnVtYmVyIG9mIHRpbWVzIHRoZSBUUE0gUENScyBhcmUKPj4gdXBkYXRlZC4gIFRo ZSByZW1vdGUgYXR0ZXN0YXRpb24gc2VydmljZSBjYW4gY29tcGFyZSB0aGlzIGJhc2VsaW5lCj4+ IGNvdW50ZXIgd2l0aCBhIHN1YnNlcXVlbnQgbWVhc3VyZWQgb25lIChlLmcuLCBwb3N0LWtleGVj IHNvZnQtYm9vdCkgdG8KPj4gaWRlbnRpZnkgaWYgdGhlcmUgYXJlIGFueSBsb3N0IElNQSBsb2cg ZXZlbnRzLgo+Pgo+PiBNZWFzdXJlIHRoZSBUUE0gdXBkYXRlIGNvdW50ZXIgYXQgaW1hIGluaXQu Cj4gTm8gbmVlZCBmb3Igc2VwYXJhdGUgcGF0Y2hlcyBmb3Igb25lIGxpbmUgY2hhbmdlcyBsaWtl IHRoaXMuICBFaXRoZXIKPiBtZXJnZSBwYXRjaGVzIDUvNiBhbmQgNi82IG9yIGFsbCB0aHJlZSA0 LzYsIDUvNiwgNi82IHRvZ2V0aGVyLgo+ClNvdW5kcyBnb29kLgpJIHdpbGwgbWVyZ2UgNC82LCA1 LzYsIDYvNiB0b2dldGhlci4KPj4gU2lnbmVkLW9mZi1ieTogVHVzaGFyIFN1Z2FuZGhpIDx0dXNo YXJzdUBsaW51eC5taWNyb3NvZnQuY29tPgo+PiAtLS0KPj4gICBzZWN1cml0eS9pbnRlZ3JpdHkv aW1hL2ltYV9pbml0LmMgfCAzICsrKwo+PiAgIHNlY3VyaXR5L2ludGVncml0eS9pbWEvaW1hX21h aW4uYyB8IDEgKwo+PiAgIDIgZmlsZXMgY2hhbmdlZCwgNCBpbnNlcnRpb25zKCspCj4+Cj4+IGRp ZmYgLS1naXQgYS9zZWN1cml0eS9pbnRlZ3JpdHkvaW1hL2ltYV9pbml0LmMgYi9zZWN1cml0eS9p bnRlZ3JpdHkvaW1hL2ltYV9pbml0LmMKPj4gaW5kZXggNjM5NzlhZWZjOTVmLi45YmIxOGQ2YzJm ZDYgMTAwNjQ0Cj4+IC0tLSBhL3NlY3VyaXR5L2ludGVncml0eS9pbWEvaW1hX2luaXQuYwo+PiAr KysgYi9zZWN1cml0eS9pbnRlZ3JpdHkvaW1hL2ltYV9pbml0LmMKPj4gQEAgLTE1NCw1ICsxNTQs OCBAQCBpbnQgX19pbml0IGltYV9pbml0KHZvaWQpCj4+ICAgCQkJCSAgVVRTX1JFTEVBU0UsIHN0 cmxlbihVVFNfUkVMRUFTRSksIGZhbHNlLAo+PiAgIAkJCQkgIE5VTEwsIDApOwo+PiAgIAo+PiAr CS8qIE1lYXN1cmVzIFRQTSB1cGRhdGUgY291bnRlciBhdCBpbWFfaW5pdCAqLwo+PiArCWltYV9t ZWFzdXJlX3VwZGF0ZV9jb3VudGVyKCJpbWFfaW5pdF90cG1fdXBkYXRlX2NvdW50ZXIiKTsKPj4g Kwo+IFdpdGggImltYV9wb2xpY3k9Y3JpdGljYWxfZGF0YSIgb24gdGhlIGJvb3QgY29tbWFuZCBs aW5lLCB0aGUgSU1BCj4gbWVhc3VyZW1lbnQgbGlzdCByZWNvcmQgbG9va3MgbGlrZToKPgo+IDZl MTkwY2M2NDNmZjBiNzE4NDg1OTY2YTAzMDA0NzNiYWVkZmFjZTczNSBpbWFfaW5pdF90cG1fdXBk YXRlX2NvdW50ZXIgNzU3MDY0NjE3NDY1NWY2MzZmNzU2ZTc0NjU3MjNkMzMzMDM4M2IKPgo+IFBs ZWFzZSBjaGFuZ2UgdGhlICJpbWFfaW5pdF90cG1fdXBkYXRlX2NvdW50ZXIiIHRvIHNvbWV0aGlu ZyBzaG9ydGVyCj4gYW5kIHRoZSBoZXggZW5jb2RlZCBhc2NpaSBzdHJpbmcgYW5kIHBjciBjb3Vu dGVyIHRvIHNvbWV0aGluZyByZWFkYWJsZS4KSSBiZWxpZXZlIHlvdSBhcmUgc2VlaW5nIHRoZSBh Ym92ZSBsaW5lIGluIGFzY2lsbF9ydW50aW1lX21lYXN1cmVtZW50cyBsb2cuCgpUaGUgYXNjaWkg bG9nZ2luZyBmb3JtYXQgaXMgY29uc2lzdGVudCB3aXRoIG90aGVyIGV2ZW50IGRhdGEgZm9yIApj cml0aWNhbF9kYXRhIGV2ZW50IGUuZy4ga2VybmVsX3ZlcnNpb24uCjEwIDhmNDQ5MTc1YmJmODhi YzU1ZmMxMTI3NDY2NjI4YzM5YTM5NTdkMTUgaW1hLWJ1ZiAKc2hhMTo0YWNhYjRmYmIwOGRiNjYz YjdiN2I0NTI4ZTg3MjkxODdkNzI2NzgyIGtlcm5lbF92ZXJzaW9uIAozNjJlMzMyZTMwMmQ3MjYz MzMyYgoxMCBmMTA2NzhiNjNjNGIyNTI5MzM5ZGZmMDIyODJlNjNkOWM2YmIwMzg1IGltYS1idWYg CnNoYTE6ZDhjMTg3NTI0NDEyZjc0YTk2MWYyMDUxYTk1MjljMDA5ZTcwMDMzNyAKaW1hX2luaXRf dHBtX3VwZGF0ZV9jb3VudGVyIDc1NzA2NDYxNzQ2NTVmNjM2Zjc1NmU3NDY1NzIzZDMxMzMzMDNi CgpFbnRyaWVzIGluIHRoZSBiaW5hcnkgcnVudGltZSBtZWFzdXJlbWVudHMgbG9vayByZWFkYWJs ZSB0byBtZS4KCmltYV9pbml0X3RwbV91cGRhdGVfY291bnRlciB1cGRhdGVfY291bnRlcj0xMzA7 Ci4uLgprZXhlY19sb2FkX3RwbV91cGRhdGVfY291bnRlIHJ1cGRhdGVfY291bnRlcj0xMzM7CgpQ bGVhc2UgbGV0IG1lIGtub3cgaWYgeW91IHN0aWxsIHdhbnQgbWUgdG8gY2hhbmdlIHRoZSBmb3Jt YXQuCgo+IFBlcmhhcHMgbmFtZSB0aGlzIGNyaXRpY2FsLWRhdGEgInRwbSIgYW5kICJ0cG0taW5m byIsIHNpbWlsYXIgdG8gdGhlCiBGcm9tIHBhdGNoIDQvNjoKK8KgwqDCoCByZXN1bHQgPSBpbWFf bWVhc3VyZV9jcml0aWNhbF9kYXRhKCJ0cG1fcGNyX3VwZGF0ZV9jb3VudGVyIiwgCmV2ZW50X25h bWUsCivCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIGJ1ZiwgYnVmX2xlbiwgZmFs c2UsIE5VTEwsIDApOwoKVGhlIGNyaXRpY2FsX2RhdGEgZXZlbnRfbGFiZWwgdmFsdWUgaXMgY3Vy cmVudGx5IHNldCB0byAKInRwbV9wY3JfdXBkYXRlX2NvdW50ZXIiLgpJIGNhbiByZW5hbWUgZXZl bnRfbGFiZWwgdG8gInRwbS1pbmZvIiwgc28gdGhhdCB0aGUgYWRtaW5zIGNhbiBmaWx0ZXIgdGhl CmV2ZW50IGluIElNQSBwb2xpY3kgYmFzZWQgb24gdGhlIGxhYmVsIGlmIG5lZWRlZC4KCkFzIHlv dSBrbm93LCBldmVudF9sYWJlbCBkb2Vzbid0IGFwcGVhciBpbiBJTUEgbG9nLCBpdCBjYW4gYXBw ZWFyIGluIElNQSAKcG9saWN5LgpXaGVyZWFzIGV2ZW50X25hbWUgYXBwZWFycyBpbiBJTUEgbG9n LgoKSSB3YXMgdGhpbmtpbmcgb2YgdXNpbmcgZXZlbnRfbmFtZSB0byBpZGVudGlmeSB3aGVuIHdh cyB0aGUgaW5mbyBjYXB0dXJlZC4KKGUuZy4gaW1hX2luaXQsIGtleGVjX2xvYWQsIG9yIGF0IHNv bWUgb3RoZXIgZXZlbnQgaW4gZnV0dXJlKS4KCldlIGNhbiBlaXRoZXIgZG8KKGEpCmV2ZW50X2xh YmVsID0gInRwbS1pbmZvIiBldmVudF9uYW1lID0gInRwbS1pbmZvLWltYS1pbml0IiB8IAoidHBt LWluZm8ta2V4ZWMtbG9hZCIgfCAuLi4KCi1vci0KCihiKQpldmVudF9sYWJlbCA9ICJ0cG0iIGV2 ZW50X25hbWUgPSAidHBtLWluZm8iCmFuZCBldmVudF9kYXRhIHRvIGRlc2NyaWJlIHRoZSB3aGVy ZS93aGVuIHRoaXMgaW5mbyB3YXMgY2FwdHVyZWQuCmUuZy4KdmVyc2lvbj08Tj4uPE4+LjxOPjtu dW1fZW5hYmxlZF9wY3JfYmFua3M9PE4+O3BjclVwZGF0ZUNvdW50ZXI9PE4+O251bV9pbWFfbWVh c3VyZW1lbnRzPTxOPjtldmVudD1rZXhlY19sb2FkOwoKTGV0IG1lIGtub3cgaWYgeW91IHdvdWxk IHByZWZlciBvcHRpb24gKGEpIG9yIChiKSBvciBzb21ldGhpbmcgZWxzZS4KCgo+IFNFTGludXgg InNlbGludXgiIGFuZCAic2VsaW51eC1zdGF0ZSIuICBUaGVuIGFnYWluLCBpZiB0aGlzIGlzIFRQ TQo+IGNyaXRpY2FsLWRhdGEgd2Ugc2hvdWxkIHJldGhpbmsgd2hhdCBvdGhlciBpbmZvIHNob3Vs ZCBiZSBpbmNsdWRlZC4KQXMgeW91IHN1Z2dlc3RlZCBpbiBQYXRjaCA0LzYsIEkgd2lsbCBhZGQg dmVyc2lvbiwgbnVtYmVyIG9mIGVuYWJsZWQgcGNyIApiYW5rcywKcGNyVXBkYXRlQ291bnRlciwg YW5kIG51bV9pbWFfbWVhc3VyZW1lbnRzLiBJIHRoaW5rIHdlIHNob3VsZCBpbmNsdWRlIAp0aGUg VFBNCnZlcnNpb24gYXMgd2VsbCAoMSB2L3MgMikuCgpQbGVhc2UgbGV0IG1lIGtub3cgaWYgeW91 IHRoaW5rIG9mIGFueSBvdGhlciBhdHRyaWJ1dGUgdG8gcmVjb3JkLgoKPj4gICAJcmV0dXJuIHJj Owo+PiAgIH0KPj4gZGlmZiAtLWdpdCBhL3NlY3VyaXR5L2ludGVncml0eS9pbWEvaW1hX21haW4u YyBiL3NlY3VyaXR5L2ludGVncml0eS9pbWEvaW1hX21haW4uYwo+PiBpbmRleCAxYmNkNDVjYzVh NmEuLjkzMzU3YzI0NWU4MiAxMDA2NDQKPj4gLS0tIGEvc2VjdXJpdHkvaW50ZWdyaXR5L2ltYS9p bWFfbWFpbi5jCj4+ICsrKyBiL3NlY3VyaXR5L2ludGVncml0eS9pbWEvaW1hX21haW4uYwo+PiBA QCAtMTAzNSw2ICsxMDM1LDcgQEAgdm9pZCBpbWFfa2V4ZWNfY21kbGluZShpbnQga2VybmVsX2Zk LCBjb25zdCB2b2lkICpidWYsIGludCBzaXplKQo+PiAgIAkJCQkgICBidWYsIHNpemUsICJrZXhl Yy1jbWRsaW5lIiwgS0VYRUNfQ01ETElORSwgMCwKPj4gICAJCQkJICAgTlVMTCwgZmFsc2UsIE5V TEwsIDApOwo+PiAgIAlmZHB1dChmKTsKPj4gKwo+PiAgIH0KPj4gICAKPj4gICAvKioKPiBVbm5l Y2Vzc2FyeSBjaGFuZ2UuCj4Kb29wcy4gVGhhbmtzIGZvciBjYXRjaGluZy4gV2lsbCBmaXguCgoK flR1c2hhcgoKCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f CmtleGVjIG1haWxpbmcgbGlzdAprZXhlY0BsaXN0cy5pbmZyYWRlYWQub3JnCmh0dHA6Ly9saXN0 cy5pbmZyYWRlYWQub3JnL21haWxtYW4vbGlzdGluZm8va2V4ZWMK