On Fri, 2019-10-25 at 07:52 -0500, Serge E. Hallyn wrote: > On Fri, Oct 25, 2019 at 10:56:17AM +0200, Petr Vorel wrote: > > Hi, > > > > > /sys/kernel/security/tpmX/major_version (on fedora and rhel at > least, is it elsewhere on other distros?) This patch doesn't define a securityfs file. It must be a soft link to the actual file. > > > versus > > > > > /sys/class/tpm/tpmX/major_version This is a softlink to the TPM device (eg. /sys/devices/xxxx/.../tpm/tpm0). > > > > Is it more HW related (/sys/class/tpm/tpmX) or LSM related > > (/sys/kernel/security/tpmX)? > > I guess /sys/kernel/security/tpmX might be better. > > This is purely about whether the phsyical TPM chip is 1.2 or 2., > right? /sys/class/tpm/tpmX is where I would expect to find that. > > > Thanks for implementing this, I'll try to test it soon. > > Yes, it's been a pain point, and someone (..., I) should have done this years > ago - thanks! +1