On Sun, Mar 23, 2025 at 03:09:05PM +0100, Nicolai Stange wrote:
> The existing tpm_pcr_extend() extends all of a PCR's allocated banks with
> the corresponding digest from the provided digests[] argument.
Why not "just" tpm_pcr_extend(). We don't have a concept of
"non-existing tpm_pcr_extend()".
"tpm_pcr_extend() extends the allocated PCR banks ..."
or something.
>
> An upcoming code change to IMA will introduce the need to skip over those
Don't talk about upcoming code changes. Just explain why IMA depends on
the change.
> banks it does not have a hash algorithm implementation available for.
>
> Introduce tpm_pcr_extend_sel() to support this.
>
> tpm_pcr_extend_sel() also expects a digests[] array, always being the
> number of allocated PCR banks in size, just as it's the case for the
> existing tpm_pcr_extend(). In addition to that however, it takes a
> 'banks_skip_mask', and will skip the extension of any bank having its
> corresponding bit set there.
>
> Signed-off-by: Nicolai Stange <nsta...@suse.de>
> ---
> drivers/char/tpm/tpm-interface.c | 29 +++++++++++++++++++++++++++--
> drivers/char/tpm/tpm.h | 3 ++-
> drivers/char/tpm/tpm2-cmd.c | 29 +++++++++++++++++++++++++++--
> include/linux/tpm.h | 3 +++
> 4 files changed, 59 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c
> b/drivers/char/tpm/tpm-interface.c
> index b1daa0d7b341..88b4496de1df 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -314,6 +314,26 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
> */
> int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
> struct tpm_digest *digests)
> +{
> + return tpm_pcr_extend_sel(chip, pcr_idx, digests, 0);
> +}
> +EXPORT_SYMBOL_GPL(tpm_pcr_extend);
I'd add just an extra argument to tpm_pcr_extend().
BR, Jarkko
