From: Jarkko Sakkinen <jarkko@kernel.org>
To: James Bottomley <James.Bottomley@hansenpartnership.com>
Cc: Jonathan McDowell <noodles@earth.li>,
linux-integrity@vger.kernel.org, dpsmith@apertussolutions.com,
ross.philipson@oracle.com,
Jarkko Sakkinen <jarkko.sakkinen@opinsys.com>,
Roberto Sassu <roberto.sassu@huawei.com>,
Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>,
David Howells <dhowells@redhat.com>,
Paul Moore <paul@paul-moore.com>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
open list <linux-kernel@vger.kernel.org>,
"open list:KEYS/KEYRINGS" <keyrings@vger.kernel.org>,
"open list:SECURITY SUBSYSTEM"
<linux-security-module@vger.kernel.org>
Subject: Re: [PATCH v3 01/10] tpm: Cap the number of PCR banks
Date: Wed, 1 Oct 2025 14:16:00 +0300 [thread overview]
Message-ID: <aN0NcIlyrUsejMXW@kernel.org> (raw)
In-Reply-To: <cf3fb265dd70a23d598fc3d68562b4be5355e7ae.camel@HansenPartnership.com>
On Tue, Sep 30, 2025 at 10:17:22AM -0400, James Bottomley wrote:
> On Tue, 2025-09-30 at 15:36 +0300, Jarkko Sakkinen wrote:
> > On Tue, Sep 30, 2025 at 12:09:15PM +0100, Jonathan McDowell wrote:
> > > On Mon, Sep 29, 2025 at 10:48:23PM +0300, Jarkko Sakkinen wrote:
> [...]
> > > > +#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
> > > > +#define TPM2_MAX_BANKS 4
> > >
> > > Where does this max come from? It matches what I see with swtpm by
> > > default (SHA1, SHA2-256, SHA2-384, SHA-512), so I haven't seen
> > > anything that exceeds it myself.
> >
> > I've never seen hardware TPM that would have more than one or two
> > banks. We can double it to leave some room. This was tested with
> > swtpm defaults.
>
> I've got a hardware TPM that comes with 3 banks by default (it's a
> chinese one which has sha1 sha256 and sm2). swtpm isn't a good
> indicator because it's default allocation is rather pejorative (it
> disables sha1 whereas most field TPMs don't).
>
> However, if you look at how the reference implementation works, the
> user is allowed to define any number of banks they want, up to the
> number of supported hashes. The only limitation being there can't be
> >1 bank for the same hash. Field TPM implementations are allowed to
> constrain this, but most don't. The question you should be asking
> here is not how many banks does a particular implementation allow by
> default, but what's the maximum number a user could configure.
It needs some compilation time cap as the value comes from external
device. If someone hits to that value, then it needs to be increased
but as unconstrained it's a bug.
> Regards,
>
> James
>
BR, Jarkko
next prev parent reply other threads:[~2025-10-01 11:16 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-29 19:48 [PATCH v3 00/10] tpm: Decouple Trenchboot dependencies Jarkko Sakkinen
2025-09-29 19:48 ` [PATCH v3 01/10] tpm: Cap the number of PCR banks Jarkko Sakkinen
2025-09-30 11:09 ` Jonathan McDowell
2025-09-30 12:36 ` Jarkko Sakkinen
2025-09-30 14:17 ` James Bottomley
2025-10-01 11:16 ` Jarkko Sakkinen [this message]
2025-10-01 12:52 ` Jarkko Sakkinen
2025-09-29 19:48 ` [PATCH v3 02/10] tpm: Use -EPERM as fallback error code in tpm_ret_to_err Jarkko Sakkinen
2025-09-30 12:11 ` Stefano Garzarella
2025-09-30 12:37 ` Jarkko Sakkinen
2025-09-29 19:48 ` [PATCH v3 03/10] KEYS: trusted: Use tpm_ret_to_err() in trusted_tpm2 Jarkko Sakkinen
2025-09-30 12:12 ` Stefano Garzarella
2025-09-30 12:39 ` Jarkko Sakkinen
2025-09-29 19:48 ` [PATCH v3 04/10] tpm2-sessions: Remove 'attributes' from tpm_buf_append_auth Jarkko Sakkinen
2025-09-30 11:10 ` Jonathan McDowell
2025-09-30 12:39 ` Jarkko Sakkinen
2025-09-29 19:48 ` [PATCH v3 05/10] tpm2-sessions: Umask tpm_buf_append_hmac_session() Jarkko Sakkinen
2025-09-30 11:11 ` Jonathan McDowell
2025-09-30 12:41 ` Jarkko Sakkinen
2025-09-29 19:48 ` [PATCH v3 06/10] KEYS: trusted: Open code tpm2_buf_append() Jarkko Sakkinen
2025-09-29 19:48 ` [PATCH v3 07/10] tpm-buf: check for corruption in tpm_buf_append_handle() Jarkko Sakkinen
2025-09-30 11:13 ` Jonathan McDowell
2025-09-30 12:43 ` Jarkko Sakkinen
2025-09-29 19:48 ` [PATCH v3 08/10] tpm-buf: Remove chip parameter from tpm_buf_append_handle Jarkko Sakkinen
2025-09-30 11:14 ` Jonathan McDowell
2025-09-29 19:48 ` [PATCH v3 09/10] tpm-buf: Build PCR extend commands Jarkko Sakkinen
2025-09-29 19:48 ` [PATCH v3 10/10] tpm-buf: Enable managed and stack allocations Jarkko Sakkinen
2025-09-30 12:44 ` Stefano Garzarella
2025-09-30 13:11 ` Jarkko Sakkinen
2025-09-30 13:20 ` Stefano Garzarella
2025-09-29 20:10 ` [PATCH v3 00/10] tpm: Decouple Trenchboot dependencies Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aN0NcIlyrUsejMXW@kernel.org \
--to=jarkko@kernel.org \
--cc=James.Bottomley@hansenpartnership.com \
--cc=dhowells@redhat.com \
--cc=dpsmith@apertussolutions.com \
--cc=jarkko.sakkinen@opinsys.com \
--cc=jgg@ziepe.ca \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=noodles@earth.li \
--cc=paul@paul-moore.com \
--cc=peterhuewe@gmx.de \
--cc=roberto.sassu@huawei.com \
--cc=ross.philipson@oracle.com \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).