On Tue, May 08, 2018 at 08:25:48AM -0700, James Bottomley wrote: > On Tue, 2018-05-08 at 13:55 +0300, Jarkko Sakkinen wrote: > > On Fri, May 04, 2018 at 02:56:25PM -0500, David R. Bild wrote: > [...] > > > In particular, it sets the credentials for the platform hierarchy. > > > The platform hierarchy is essentially the "root" account of the > > > TPM, so it's critical that those credentials be set before the TPM > > > is exposed to user-space. (The platform credentials aren't > > > persisted in the TPM and must be set by the platform on every > > > boot.) If the driver registers the TPM before doing > > > initialization, there's a chance that something else could access > > > the TPM before the platform credentials get set. > > > > Maybe. Not sure yet where to draw the line eg should TSS2 daemon to > > do it for example. > > > > James? Philip? > > I don't see any reason to set an unreachable password for the platform > hierarchy if the UEFI didn't. If the desire is to disable the platform > hierarchy, then it should be disabled, not have a random password set. > I'd also say this is probably the job of early boot based on policy. > > James A valid point. /Jarkko