On Thu May 9, 2024 at 11:04 PM EEST, Jarkko Sakkinen wrote: > Hi, > > These are the changes for the TPM driver with a single major new > feature: TPM bus encryption and integrity protection. The key pair > on TPM side is generated from so called null random seed per power > on of the machine [1]. This supports the TPM encryption of the hard > drive by adding layer of protection against bus interposer attacks. > > Other than the pull request a few minor fixes and documentation for > tpm_tis to clarify basics of TPM localities for future patch review > discussions (will be extended and refined over times, just a seed). > > [1] https://lore.kernel.org/linux-integrity/20240429202811.13643-1-James.Bottomley@xxxxxxxxxxxxxxxxxxxxx/ Two former PR's (keys, trusted keys) look a bit different as I realized that my current script does not scale too well. So I do in future use a method where the subsystem name is picked from MAINTAINERS and I have crafted aerc templates [1] for each subsystem (also CC lists need tuning). This will get better and more polished as I get my scripting more polished. If anything went wrong, it is mostly because process changes have their glitches :-) https://man.archlinux.org/man/aerc-templates.7.en BR, Jarkko
