On Wed, Jul 24, 2019 at 09:56:41AM -0400, Mimi Zohar wrote: > [Cc'ing Jarkko] > > On Wed, 2019-07-24 at 09:24 +0200, Petr Vorel wrote: > > > > > The kernel does not expose the crypto agile TPM 2.0 PCR banks to > > > > > userspace like it exposes PCRs for TPM 1.2. As a result, a userspace > > > > > application is required to read PCRs. > > > > OT: anyone aware why TPM 2.0 does not expose PCR banks to userspace via sysfs? > > > > > TPM 2.0 support is slowly being upstreamed in stages. Initially the > > > TPM 2.0 event log was not exported. Assuming that support for > > > exposing the TPM 2.0 PCRs is upstreamed, it doesn't necessarily > > > guarantee that it will be backported to stable. > > > Thanks for info. I'm glad it's being addressed :). > > IMHO it'd be backporting it (once upstreamed), let's see. > > Clarification, I'm not working on exposing the TPM 2.0 PCRs. Too much > else to do. > > Jarkko, in case you missed this thread, is there any reason why the > TPM 2.0 PCRs can not be exposed to userspace? What is meant by TPM 2.0 PCRs support? /Jarkko
