[LTP] [PATCH] ima: skip verifying TPM 2.0 PCR values
Petr Vorel
pvorel@suse.cz
Fri May 17 17:04:56 CEST 2019
Hi Nayna,
...
> > + local tpm_description="/sys/class/tpm/tpm0/device/description"
...
> I do not see a "description" file on either my PowerPC or x86 systems with
> TPM 2.0. Perhaps instead of testing for the "description" file, if the
> "pcrs" file is not found, emit a more verbose informational message, for eg.
> - "pcrs file is not found - either you are running a TPM 2.0, or having
> sysfs failed to show pcrs for TPM 1.2"
Some people are using /sys/class/tpm/tpm0/device/description [1] for testing TPM
version. From the discussion on [1] I also got an expression that the file is
not always presented. If there is really no reliable way to detect TPM version
from sysfs (huh!) your approach would make sense for me.
> Thanks & Regards,
> - Nayna
Kind regards,
Petr
[1] https://github.com/tpm2-software/tpm2-tools/issues/604
More information about the ltp
mailing list