Re: Fedora TPM1.2 Support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Wed, Dec 2, 2020 at 12:08 PM Jerry Snitselaar <jsnitsel@xxxxxxxxxx> wrote:

We are looking to no longer support TPM1.2 in RHEL9. Than raised the
question with regards to opencryptoki-tpmtok if it should be changed in
Fedora as well, so I thought I'd see what everyone thinks about future
TPM1.2 support in Fedora. I know at one point in the last year or so
trousers almost dropped from Fedora due to being orphaned for quite a
while. From what I could find the following packages have dependencies:

ecryptfs-utils  - --disable-tspi
openconnect - looks like it will only build support if trousers-devel is
              there, and makes use of tpm2-tss as well.
strongswan  - --enable-tss-tss2 instead of --enable-tss-trousers?
tboot       - the trousers dependency was just in a policy tool that has now
              been deprecated upstream.
opencryptoki-tpmtok - --disable-tpmtok

tpm-quote-tools, tpm-tools, and trousers are all tpm1.2 specific
packages.

Another thing is that in the kernel there currently is no way to build
with just tpm1.2 or tpm2.0 support so the kernel support for tpm1.2
would still be there.

I don't think Fedora needs to drop the tpm1.2 support if people want to
continue supporting it, but wanted to put the question out there and see
how everyone felt.



How much support is needed?  I've written some TPM1.2 code that no one uses, so I don't personally care, but I'm pretty sure there are quite a few systems around that use TPM 1.2  For example, until I manually did the magic incantation to switch my laptop from its TPM 1.2 default to TPM 2 mode, it had TPM 1.2.  It's not even particularly old.

I think we should at least keep TPM 1.2 kernel support, but basic user support where it's not too inconvenient seems reasonable.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux