On Mon, 2019-08-26 at 22:05 -0300, Jason Gunthorpe wrote: > The sysfs is not done, fundamentally, because the sysfs structure of > the existing TPM1 stuff is grandfathered in, and doing anything like > it for TPM2 is a complete NAK for not following the normal sysfs > interface design rules, particularly of one value per file. This is a > big part of why it was dropped for TPM2. The original TPM 2.0 support was missing a lot of TPM 1.2 functionality, including exporting the TPM event log. So it wasn't clear that leaving out the sysfs support was intentional or simply a question of someone needing to implement it. > > So exposing PCRs and things through sysfs is not going to happen. > > If you had some very narrowly defined things like version, then > *maybe* but I think a well defined use case is needed for why this > needs to be sysfs and can't be done in C as Jarkko explained. Piotr's request for a sysfs file to differentiate between TPM 1.2 and TPM 2.0 is a reasonable request and probably could be implemented on TPM registration. If exposing the PCRs through sysfs is not acceptable, then perhaps suggest an alternative. Mimi > > A good reason would be something like needing to trigger a systemd > unit from udev. > > Jason
