Introduce helper for formatting PCR selection bitmasks#345
Merged
chrisfenner merged 3 commits intogoogle:mainfrom Sep 14, 2023
Merged
Introduce helper for formatting PCR selection bitmasks#345chrisfenner merged 3 commits intogoogle:mainfrom
chrisfenner merged 3 commits intogoogle:mainfrom
Conversation
This change introduces PCClientCompatible.PCRs(), a function that converts a variadic list of PCR indices (as ints) into a PCR selection bitmask. Because of the vagaries of TPM: 1. That the minimum size of a PCR selection bitmask is not 0, but related to the minimum number of PCRs specified by the profile 2. That the PC Client Platform TPM Profile specification mandates a minimum but not a maximum number of implementation PCR, this change creates an interface that could be implemented for other TPM profiles that specify different amounts of PCRs. The vast majority of on-market TPMs will just work with PCClientCompatible.PCRs, even if they implement more than 24 PCRs. PCRs() can panic if given invalid values; this is to allow it to be inlined into the definition of a structure that needs a PCR selection.
alexmwu
approved these changes
Sep 14, 2023
Contributor
alexmwu
left a comment
alexmwu
left a comment
There was a problem hiding this comment.
Great quality-of-life improvement!
tpm2/pcrs.go
Outdated
| selection := make([]byte, selectionSize) | ||
| for _, pcr := range pcrs { | ||
| // Panic if negative PCRs are selected. | ||
| if pcr < 0 { |
Member
Author
There was a problem hiding this comment.
Done. I had initially used int since functions like len return int but I think uint is way better (no panics now)!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This change introduces PCClientCompatible.PCRs(), a function that converts a variadic list of PCR indices (as ints) into a PCR selection bitmask. Because of the vagaries of TPM:
this change creates an interface that could be implemented for other TPM profiles that specify different amounts of PCRs. The vast majority of on-market TPMs will just work with PCClientCompatible.PCRs, even if they implement more than 24 PCRs.
PCRs() can panic if given invalid values; this is to allow it to be inlined into the definition of a structure that needs a PCR selection.