From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mimi Zohar Date: Tue, 30 May 2017 12:06:01 +0000 Subject: Re: [Linux-ima-devel] [PATCH v2 4/5] keys, trusted: modify arguments of tpm_pcr_extend() Message-Id: <1496145961.3841.537.camel@linux.vnet.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit List-Id: References: <20170505142152.29795-1-roberto.sassu@huawei.com> <20170505142152.29795-5-roberto.sassu@huawei.com> <1496115337.3841.485.camel@linux.vnet.ibm.com> In-Reply-To: To: linux-security-module@vger.kernel.org On Tue, 2017-05-30 at 09:36 +0200, Roberto Sassu wrote: > On 5/30/2017 5:35 AM, Mimi Zohar wrote: > > On Fri, 2017-05-05 at 16:21 +0200, Roberto Sassu wrote: > >> pcrlock() has been modified to pass the correct arguments > >> to tpm_pcr_extend(): the pointer of a tpm2_digest structure containing > >> a random value generated by tpm_get_random() and the size of the array (1). > > > > If the number of arguments is wrong, that means the patch that > > introduced the change is not bi-sect safe. (This comment is > > applicable to patch 5/5 too.) > > Jarkko (the TPM driver maintainer) asked me to not introduce > a new function to pass multiple digests, but to modify > the parameters of tpm_pcr_extend(). Since struct tpm2_digest is a static size, shouldn't we be able to compute the number of digests? Mimi