On Wed, 2020-08-19 at 14:17 -0300, Jason Gunthorpe wrote: > On Wed, Aug 19, 2020 at 12:57:42PM -0400, Mimi Zohar wrote: > > On Wed, 2020-08-19 at 13:18 -0300, Jason Gunthorpe wrote: > > > Yes - it was dropped because TPM 2 was a *complete ABI break* for > > > everything. The kernel was reset to a uABI that matches current > > > uABI standards starting TPM 2. > > > > > > The whole userspace needed to be redone anyhow, and certainly > > > nobody objected at the time. > > > > > > At least my expecation was that a sensible userspace for TPM (for > > > administrator user) would be built, like we see in other > > > subsystems eg 'ip' for netdev. > > > > "Because TPM 2 was a complete ABI break for everything" could be > > reason for upstreaming a minimal subset of functionality initially, > > which could be expanded over time. I don't recall a discussion > > about limting features in the future. > > All new uAPI additions need to pass the usual uAPI hurdles. > > As James outlined, justify why the kernel must present a duplicated > uAPI between sysfs and /dev/tpm. > > There have been good reasons in the past, eg SCSI inquiry. First, can we please agree /dev/tpm does not substitute as a "duplicate API". I can now clarify the objection into "it's a binary marshalled interface and Linus doesn't think we should force users to use them": https://lore.kernel.org/linux-api/CAHk-=wh5YifP7hzKSbwJj94+DZ2czjrZsczy6GBimiogZws=rg@xxxxxxxxxxxxxx/ So the question boils down to whether we're providing a simple interface that allows preboot and other use cases or should we require the complexity of a TSS installation to get the necessary tools. Perhaps we should also simply copy linux-api and accept the judgment of the experts on whether we should expose PCRs via sysfs. > But there are also bad reasons like "our userpsace is dysfunctional > and can't make a library or tool". The reason we provide a kernel interface instead of a library or tool is that libraries and tools tend to be domain specific and the information needs to be provided across domains. So: both the current TPM 2.0 TSSs are written in C. This means they can just about be plugged into python but not easily into Go because of its abhorrence of ffis. Providing the PCRs from sysfs allows Go attestation easy access that the TSS tools don't because of the language domain problem. James
