tpmdd-devel.lists.sourceforge.net archive mirror
 help / color / mirror / Atom feed
From: "Nasim, Kam" <Kam.Nasim-CWA4WttNNZF54TAoqtyWWQ@public.gmane.org>
To: Nayna Jain
	<nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>,
	"tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org"
	<tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
Subject: Re: TPM2.0: No binary_bios_measurements file in securityFS
Date: Wed, 13 Sep 2017 15:01:16 +0000	[thread overview]
Message-ID: <CA352AD04C14CE4985F6AEB6AB8C130E3EDB8A6E@ALA-MBC.corp.ad.wrs.com> (raw)
In-Reply-To: <e9ea0327-ba94-cd19-f35f-dbfae5c8ab03-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>


[-- Attachment #1.1: Type: text/plain, Size: 3075 bytes --]

Thank you Nayna for getting back to me, yes I am using ACPI so that would explain it.

Which brings me to my last issue, I am not seeing the PCRS file in either of these locations:
/sys/devices/pnp0/<pnp#>/pcrs
/sys/devices/platform/tpm_tis/pcrs

I am loading TPM as kernel modules so is this behavior not supported when TPM is not built-in, or are these files specific to TPM 1.2?


Thanks,
Kam
From: Nayna Jain [mailto:nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org]
Sent: Wednesday, September 13, 2017 8:04 AM
To: Nasim, Kam; tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: Re: [tpmdd-devel] TPM2.0: No binary_bios_measurements file in securityFS




On 09/12/2017 04:14 AM, Nasim, Kam wrote:
Hi folks,

I am building my TPM 2.0 driver as Kernel modules (tpm.ko, tpm_tis_core.ko and tpm_tis.ko).

I noticed that while my /sys/kernel/security directory is created and mounted to securityFS, it is empty.

Looking at tpm_bios_log_setup() in tpm1_event.log, I see that this is being done during chip registration:
TPM 2.0 binary_bios_measurements event log file support is currently not available for ACPI based platform. It is only for device tree based platform. And I think you are using ACPI.

Thanks & Regards,
    - Nayna


if (chip->flags & TPM_CHIP_FLAG_TPM2)
        chip->bin_log_seqops.seqops =
            &tpm2_binary_b_measurements_seqops;
    else
        chip->bin_log_seqops.seqops =
            &tpm_binary_b_measurements_seqops;


    chip->bios_dir[cnt] =
        securityfs_create_file("binary_bios_measurements",
                   0440, chip->bios_dir[0],
                   (void *)&chip->bin_log_seqops,
                   &tpm_bios_measurements_ops);
    if (IS_ERR(chip->bios_dir[cnt]))
        goto err;


My TPM modules are loaded properly and I can interact with TPM using userspace TSS2 applications:

$ sudo lsmod | grep tpm
Password:
tpm_crb                 6458  0
tpm_tis                 5950  0
tpm_tis_core           10054  1 tpm_tis
tpm                    48093  3 tpm_crb,tpm_tis,tpm_tis_core


2017-09-08T19:39:16.239 controller-0 kernel: warning [    0.000000] ACPI: TPM2 000000007b7c8000 00034 (v03 INTEL   S2600WT 00000002 INTL 01000013)
2017-09-08T19:39:16.252 controller-0 kernel: info [    5.457568] tpm_tis MSFT0101:00: 2.0 TPM (device-id 0x1A, rev-id 16)


How and when would this file be created? For that matter I don't even have a /sys/devices/pnp0/<pnp#>/pcrs file present
(I am on CentOS 7.3)


Thoughts?

Thanks,
Kam




------------------------------------------------------------------------------

Check out the vibrant tech community on one of the world's most

engaging tech sites, Slashdot.org! http://sdm.link/slashdot




_______________________________________________

tpmdd-devel mailing list

tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org<mailto:tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>

https://lists.sourceforge.net/lists/listinfo/tpmdd-devel


[-- Attachment #1.2: Type: text/html, Size: 11548 bytes --]

[-- Attachment #2: Type: text/plain, Size: 202 bytes --]

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

[-- Attachment #3: Type: text/plain, Size: 192 bytes --]

_______________________________________________
tpmdd-devel mailing list
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

      parent reply	other threads:[~2017-09-13 15:01 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-09-11 22:44 TPM2.0: No binary_bios_measurements file in securityFS Nasim, Kam
     [not found] ` <CA352AD04C14CE4985F6AEB6AB8C130E3EDB8751-/c0cZIGrDsgyzarUywkIaosyD1qQU09I@public.gmane.org>
2017-09-12  6:40   ` Thiebaud Weksteen via tpmdd-devel
     [not found]     ` <CA+zpnLcwMaHAEEE0rTnL-TLixK6J7mXpX8t=J7QVxk8nLEMxAw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-09-12 14:17       ` Nasim, Kam
2017-09-13 12:03   ` Nayna Jain
     [not found]     ` <e9ea0327-ba94-cd19-f35f-dbfae5c8ab03-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-09-13 15:01       ` Nasim, Kam [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CA352AD04C14CE4985F6AEB6AB8C130E3EDB8A6E@ALA-MBC.corp.ad.wrs.com \
    --to=kam.nasim-cwa4wttnnzf54taoqtywwq@public.gmane.org \
    --cc=nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
    --cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).