From: Hal Finney <hal.finney@gmail.com>
To: "Jonathan M. McCune" <jonmccune@cmu.edu>
Cc: Greg KH <greg@kroah.com>,
m.selhorst@sirrix.com, linux-kernel@vger.kernel.org,
jbeulich@novell.com, jmorris@namei.org,
Jason Gunthorpe <jgunthorpe@obsidianresearch.com>,
tpmdd-devel@lists.sourceforge.net,
Andrew Morton <akpm@linux-foundation.org>,
Roland Dreier <rdreier@cisco.com>
Subject: Re: [tpmdd-devel] [PATCH] TPM: Fixup pubek sysfs file
Date: Tue, 15 Sep 2009 09:34:28 -0700 [thread overview]
Message-ID: <da7b3ce30909150934q4d84252exd8fa264ffd8e6420@mail.gmail.com> (raw)
In-Reply-To: <4AAE84EA.8010109@cmu.edu>
One file-based aspect of the TPM driver interface is the securityfs
file system, typically mounted at /sys/kernel/security/tpm0. This
includes the IMA and/or BIOS event measurements. Trousers does read
these files optionally, however it has to be configured in tcsd.conf.
But the file formats are shared between the kernel driver and the
Trousers parsing code. This functionality is necessary for Trousers to
report pre-boot and post-boot measurement events to user code, which
in turn is necessary for meaningful Quote operations in some contexts.
Hal Finney
On Mon, Sep 14, 2009 at 11:01 AM, Jonathan M. McCune <jonmccune@cmu.edu> wrote:
> Hello everybody,
>
> I have decided to chime in as a frequent (and I'm going to claim
> "experienced") user of the linux kernel TPM driver.
>
> To the best of my knowledge there is very little code in the wild that
> depends on the current structure of these sysfs entries. Probably the
> most used set of libraries and programs -- "TrouSerS" and "TPM Tools"
> (trousers.sourceforge.net) -- interact directly with the TPM via
> /dev/tpm*. I'm fairly confident that "tboot" (tboot.sourceforge.net)
> and "jTPM Tools" (trustedjava.sourceforge.net) don't use the sysfs
> entries either.
>
> Thus, fixing the one-item-per-file issues seems reasonable to me. For
> example, changing /sys/devices/platform/tpm_tis/pcrs from a single
> multi-entry file to a directory containing files named 0-15 or 0-23 that
> each then contain only the relevant 20-byte value seems quite
> reasonable. (Today's TPMs contain either 16 or 24 PCRs but future ones
> could contain many more.)
>
> I believe the pubek entry has gone broken for so long because once a TPM
> has been "owned" (and "taking ownership" is almost certainly the first
> thing one does when using the TPM for something), accessing the pubek
> needs to be authorized and so the sysfs entry shouldn't return anything
> anyways ("Authorization required."?). But it should definitely be fixed
> or removed.
>
> Likewise "caps" could be made into a directory containing files for the
> relevant data (Manufacturer, TCG version, Firmware version, ...).
>
> What I _disagree_ with is that these values should be moved debugfs.
> They are characteristics of a particular hardware device's current state
> and I believe fit the definition of what belongs in sysfs reasonably
> well. Their current implementation simply needs help.
>
> The changes I've mentioned are larger and don't seem appropriate for
> 2.6.31, but perhaps a plan to have them implemented for an upcoming
> version is reasonable? Is anybody willing to help put together such a
> patch? Discuss whether it's reasonable / acceptable to do so?
>
> Thanks,
> -Jon
next prev parent reply other threads:[~2009-09-15 16:34 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-04 4:52 [PATCH] TPM: Fixup pubek sysfs file Jason Gunthorpe
2009-09-04 5:02 ` Roland Dreier
2009-09-04 21:03 ` Andrew Morton
2009-09-04 21:23 ` Jason Gunthorpe
2009-09-11 16:28 ` Greg KH
[not found] ` <17754_1252731784_n8C533ou010944_20090911162837.GC17677@kroah.com>
2009-09-14 18:01 ` [tpmdd-devel] " Jonathan M. McCune
2009-09-14 18:34 ` Rajiv Andrade
2009-09-14 18:43 ` Jason Gunthorpe
2009-09-14 19:23 ` Jonathan M. McCune
2009-09-14 19:46 ` Jason Gunthorpe
2009-09-14 19:50 ` Greg KH
2009-09-15 3:06 ` Mimi Zohar
2009-09-15 18:52 ` Jonathan M. McCune
2009-09-15 16:34 ` Hal Finney [this message]
2009-09-11 16:28 ` Greg KH
2009-09-14 20:48 ` Rajiv Andrade
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=da7b3ce30909150934q4d84252exd8fa264ffd8e6420@mail.gmail.com \
--to=hal.finney@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=greg@kroah.com \
--cc=jbeulich@novell.com \
--cc=jgunthorpe@obsidianresearch.com \
--cc=jmorris@namei.org \
--cc=jonmccune@cmu.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=m.selhorst@sirrix.com \
--cc=rdreier@cisco.com \
--cc=tpmdd-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.