Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933485AbcKYTom (ORCPT ); Fri, 25 Nov 2016 14:44:42 -0500 Received: from quartz.orcorp.ca ([184.70.90.242]:36814 "EHLO quartz.orcorp.ca" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932266AbcKYToY (ORCPT ); Fri, 25 Nov 2016 14:44:24 -0500 Date: Fri, 25 Nov 2016 12:43:17 -0700 From: Jason Gunthorpe To: Jarkko Sakkinen Cc: Nayna Jain , tpmdd-devel@lists.sourceforge.net, peterhuewe@gmx.de, tpmdd@selhorst.net, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v5 3/3] tpm: add securityfs support for TPM 2.0 firmware event log Message-ID: <20161125194317.GG16504@obsidianresearch.com> References: <1479922057-8752-1-git-send-email-nayna@linux.vnet.ibm.com> <1479922057-8752-4-git-send-email-nayna@linux.vnet.ibm.com> <20161124211057.xynmfteky5r7uc27@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20161124211057.xynmfteky5r7uc27@intel.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-Broken-Reverse-DNS: no host name found for IP address 10.0.0.151 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1070 Lines: 25 On Thu, Nov 24, 2016 at 11:10:57PM +0200, Jarkko Sakkinen wrote: > On Wed, Nov 23, 2016 at 12:27:37PM -0500, Nayna Jain wrote: > > Unlike the device driver support for TPM 1.2, the TPM 2.0 does > > not support the securityfs pseudo files for displaying the > > firmware event log. > > > > This patch enables support for providing the TPM 2.0 event log in > > binary form. TPM 2.0 event log supports a crypto agile format that > > records multiple digests, which is different from TPM 1.2. This > > patch enables the tpm_bios_log_setup for TPM 2.0 and adds the > > event log parser which understand the TPM 2.0 crypto agile format. > > > > Signed-off-by: Nayna Jain > > I don't want to say much about this before I've tested it. I wonder > what cheap hardware I could use to test this. Any advice is on this > from anyone is much appreciated. If you found a small ARM system with TPM you could customize the uboot to build an event log and pass it in via DT. Not sure how much work that would be, does uboot have tpm code already? Jason