[PATCH 1/6] tpm: implement TPM2 function to get update counter
Jarkko Sakkinen
jarkko at kernel.org
Tue Aug 1 20:58:18 PDT 2023
On Wed Aug 2, 2023 at 12:01 AM EEST, Tushar Sugandhi wrote:
> Thanks for the response Jarkko.
>
> On 8/1/23 12:02, Jarkko Sakkinen wrote:
> > The short summary is cryptic to say the least.
> Do you mean the patch subject line, or the description below?
It is in the process documentation:
https://www.kernel.org/doc/html/v6.3/process/submitting-patches.html#the-canonical-patch-format
> > "update counter" does not map it to have anything to do with PCRs.
> Agreed. I noticed that when I was testing the patches.
> The update counter is same for all PCRs. It was also the same for
> the two hash algo's I tested it for (SHA1 and SHA256). But the spec
> description and Kernel implementation requires to pass the
> pcr_idx and hash algo to PCR_Read command to get the update counter.
I was referring to the fact that TPM2_PCR_Read does not have a field
called "update counter" in its response but it has a field called
"pcrUpdateCounter". Please refer to thigs that actually exist.
In the long description you are in some occasions referring to the same
object as:
1. "update counter"
2. "pcrUpdateCounter"
3. "PcrUpdateCounter"
This is ambiguous and wrong.
>From long description I see zero motivation to ack this change, except
some heresay about IMA requiring it. Why does IMA need update_cnt and
why this is not documented to the long description?
> But I can update tpm2_pcr_read() if you are ok with it.
> Please let me know.
You can add "u32 *update_cnt".
BR, Jarkko
More information about the kexec
mailing list