On Wed, 2020-08-19 at 09:02 -0300, Jason Gunthorpe wrote:
> On Tue, Aug 18, 2020 at 02:55:50PM -0400, Mimi Zohar wrote:
>
> > The problem is that there isn't just one single userspace library or
> > application for reading PCRs. So now not only is there the kernel
> > "boot_aggregate" regression testing, but regression testing of the tool
> > itself to support multiple methods of reading the PCRs.
>
> I was thinking just open code
> open("/dev/tpm")
> write(read_pcrs_cmd)
> read(read_pcrs_cmd)
>
> It isn't particularly hard to retrive the PCRs, don't really need to
> depend on a library.
Ok, do you want to contribute it to ima-evm-utils? While you're at it,
do you also have code to parse the TPM 2.0 event log that you could
contribute?
Seriously, we shouldn't be (re-)writing code to do this.
Mimi
