Re: [PATCH v5 12/21] tpm: move pcr extend code to tpm2-cmd.c

[Roberto Sassu]

On 10/4/2018 1:45 PM, Winkler, Tomas wrote:
> > -----Original Message-----
> > From: Jarkko Sakkinen [mailto:jarkko.sakkinen@xxxxxxxxxxxxxxx]
> > Sent: Thursday, October 04, 2018 14:35
> > To: Winkler, Tomas <tomas.winkler@xxxxxxxxx>
> > Cc: Jason Gunthorpe <jgg@xxxxxxxx>; Nayna Jain
> > <nayna@xxxxxxxxxxxxxxxxxx>; Usyskin, Alexander
> > <alexander.usyskin@xxxxxxxxx>; Struk, Tadeusz <tadeusz.struk@xxxxxxxxx>;
> > linux-integrity@xxxxxxxxxxxxxxx; linux-security-module@xxxxxxxxxxxxxxx;
> > linux-kernel@xxxxxxxxxxxxxxx; roberto.sassu@xxxxxxxxxx
> > Subject: Re: [PATCH v5 12/21] tpm: move pcr extend code to tpm2-cmd.c
> >
> > On Wed, Oct 03, 2018 at 10:24:09PM +0000, Winkler, Tomas wrote:
> > > > -----Original Message-----
> > > > From: Jarkko Sakkinen [mailto:jarkko.sakkinen@xxxxxxxxxxxxxxx]
> > > > Sent: Wednesday, October 03, 2018 15:02
> > > > To: Winkler, Tomas <tomas.winkler@xxxxxxxxx>
> > > > Cc: Jason Gunthorpe <jgg@xxxxxxxx>; Nayna Jain
> > > > <nayna@xxxxxxxxxxxxxxxxxx>; Usyskin, Alexander
> > > > <alexander.usyskin@xxxxxxxxx>; Struk, Tadeusz
> > > > <tadeusz.struk@xxxxxxxxx>; linux-integrity@xxxxxxxxxxxxxxx;
> > > > linux-security-module@xxxxxxxxxxxxxxx;
> > > > linux-kernel@xxxxxxxxxxxxxxx; roberto.sassu@xxxxxxxxxx
> > > > Subject: Re: [PATCH v5 12/21] tpm: move pcr extend code to
> > > > tpm2-cmd.c
> > > >
> > > > On Tue, Oct 02, 2018 at 04:58:25AM +0000, Winkler, Tomas wrote:
> > > > > > On Sat, Sep 29, 2018 at 01:30:26AM +0300, Tomas Winkler wrote:
> > > > > > > Add tpm2_pcr_extend() function to tpm2-cmd.c with signature
> > > > > > > required by tpm-interface.c. It wraps the original open code
> > > > implementation.
> > > > > > > The original original tpm2_pcr_extend() function is renamed to
> > > > > > > __tpm2_pcr_extend() and made static, it is called only from
> > > > > > > new tpm2_pcr_extend().
> > > > > > >
> > > > > > > Fix warnings in __tpm2_pcr_extend()
> > > > > > > tpm2-cmd.c:251:16: warning: comparison between signed and
> > > > > > > unsigned integer expressions [-Wsign-compare]
> > > > > > > tpm2-cmd.c:252:17: warning: comparison between signed and
> > > > > > > unsigned integer expressions [-Wsign-compare]
> > > > > > >
> > > > > > > Signed-off-by: Tomas Winkler <tomas.winkler@xxxxxxxxx>
> > > > > >
> > > > > > We do not want the signature change, especially because as we
> > > > > > are working on getting Roberto's changes in and also because it
> > > > > > has absolutely a zero gain. Who cares if those functions take
> > > > > > different
> > > > parameters? I don't.
> > > > > Yes, we do care this series tries to have a clean cut between 1.x
> > > > > and 2.x
> > > > specs. Please, let's finish one transformation and then move to another.
> > > > > I understand that Roberto will have to rebase anyhow, if this
> > > > > series goes in
> > > > first, if this is hard I can do it myself, it's trivial.
> > > > > Tomas
> > > >
> > > > I'm happy to tune this minor stuff.
> > > What minor stuff?  This patch is just okay, let's change the API in next
> > round.
> >
> > The patch is not okay because it does a completely unnecessary API change.
>   
> There is no API change, in that sense.
> The exported API is in tpm-interface.c int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
> that is used is outside of the tpm reminds the same, only the open coded implementation of tpm2_pcr_extned has moved to
> tpm2-cmd.c, This code is not called out of tpm module.
> Please review the code again.

Hi Tomas

I will update tpm_pcr_extend() by replacing the array of u8 with an
array of tpm2_digest structures, so that the caller can provide multiple
digests with one call. The array of tpm2_digest structures will be
passed to tpm2_pcr_extend(). Please, don't modify the parameters of
tpm2_pcr_extend().

Thanks

Roberto

--
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Bo PENG, Jian LI, Yanli SHI