On Wed, 2023-08-30 at 17:14 +0800, Guozihua (Scott) wrote: > On 2023/8/19 7:17, Mimi Zohar wrote: > > On Fri, 2023-08-18 at 09:25 +0800, Guozihua (Scott) wrote: > >> On 2023/8/17 22:19, Mimi Zohar wrote: > >>> On Thu, 2023-08-17 at 14:13 +0800, GUO Zihua wrote: > > [...] > > > >>> Other proposals have changed the hard coded hash algorithm and PCR > >>> value from SHA1 to SHA256. Both that proposal and this will break > >>> existing userspace applications. > >> > >> This is the part I would like to "RFC" on, and thanks for the comment! > > > > Another proposal included all of the enabled TPM bank digests. > Will this introduce some performance issue? I don't think we should be > calculating various hashes on the same thing again and again. Per TPM bank specific hashes are already being calculated and extended into the TPM banks. Refer to ima_calc_field_array_hash(). -- thanks, Mimi
