On Wed, Jun 24, 2020 at 06:14:08PM -0400, Mimi Zohar wrote: > Hi Bruno, > > On Wed, 2020-06-24 at 18:24 -0300, Bruno Meneguele wrote: > > boot_aggregate test make use of a software TPM 2.0 in case it doesn't find > > any /dev/tpm0 in the system or if the test is ran as a normal user. However, > > when the system has a discrete TPM 1.2 and the user runs the test with a > > non-root user evmctl fails to return the software TPM 2.0 boot aggregate > > value because it tries to access the sysfs PCRs file and, consequently, the > > test fails. > > > > Supporting a software TPM 1.2 involved some more work and new dependency in > > other programs to extend the PCRs accordingly. Because of that, just drop > > support for this scenario for now. > > The problem is that the TPM 1.2 PCRs are visible to userspace. > Insteaad of reading the software TPM PCRs, it's reading the discrete > TPM 1.2 PCRs. I would drop this paragraph and simply say the sample > TPM 2.0 log test is not supported on systems with a discrete TPM 1.2. > Ack. Will send a v2 dropping it. > The patch itself is fine. > > thanks, > > Mimi > -- bmeneg PGP Key: http://bmeneg.com/pubkey.txt
Attachment:
signature.asc
Description: PGP signature
