[PATCH 1/6] tpm: implement TPM2 function to get update counter
Tushar Sugandhi
tusharsu at linux.microsoft.com
Thu Aug 3 12:33:53 PDT 2023
On 8/3/23 01:57, Jarkko Sakkinen wrote:
> On Thu Aug 3, 2023 at 4:22 AM EEST, Mimi Zohar wrote:
>> On Wed, 2023-08-02 at 06:58 +0300, Jarkko Sakkinen wrote:
>>> From long description I see zero motivation to ack this change, except
>>> some heresay about IMA requiring it. Why does IMA need update_cnt and
>>> why this is not documented to the long description?
>> The motivation is to detect whether the IMA measurement list has been
>> truncated, for whatever reason. A new IMA record should be defined
>> containing the "pcrCounter" value. (I have not had a chance to review
>> this patch set.)
>>
>> This new record would be a pre-req for both Tushar's "ima: measure
>> events between kexec load and execute" patch set and Sush's proposal to
>> trim the measurement list. (I haven't looked at it yet either.)
> Please describe the story in a bit more understandable form. In the
> commit messages it is not good to have some redundancy in patch sets.
>
> BR, Jarkko
Thanks Jarkko. I had provided the overall context in the cover letter.
But I understand the cover letter will be lost when the patches are
merged. I will describe the story in the patch descriptions as well,
in the next version of this series.
~Tushar
More information about the kexec
mailing list