> -----Original Message----- > From: Ken Goldman [mailto:kgold@xxxxxxxxxxxxx] > Sent: Wednesday, December 25, 2019 5:47 PM > To: Roberto Sassu <roberto.sassu@xxxxxxxxxx>; linux- > integrity@xxxxxxxxxxxxxxx > Subject: Re: Does IMA support SHA-256 PCR banks? > > On 12/11/2019 3:45 AM, Roberto Sassu wrote: > > > > For the first part, the patch will be very simple, as IMA will just query the > TPM > > to get the list of hash algorithms and will calculate all the digests in > > ima_calc_field_array_hash(). > > This query is probably for the allocated PCR banks. I.e., a TPM may > implement more hash algorithms than it allocates PCR banks. Yes, correct. The TPM driver determines the allocated banks at initialization time and stores them in the tpm_chip structure which is retrieved by IMA. Roberto
