[LTP] [PATCH] ima: skip verifying TPM 2.0 PCR values
Petr Vorel
pvorel@suse.cz
Fri Oct 25 15:25:27 CEST 2019
Hi,
> > > /sys/kernel/security/tpmX/major_version (on fedora and rhel at least, is it elsewhere on other distros?)
> > > versus
> > > /sys/class/tpm/tpmX/major_version
> > Is it more HW related (/sys/class/tpm/tpmX) or LSM related
> > (/sys/kernel/security/tpmX)?
> > I guess /sys/kernel/security/tpmX might be better.
> This is purely about whether the phsyical TPM chip is 1.2 or 2.,
> right? /sys/class/tpm/tpmX is where I would expect to find that.
+1
> > Thanks for implementing this, I'll try to test it soon.
> Yes, it's been a pain point, and someone (..., I) should have done this years
> ago - thanks!
Kind regards,
Petr
More information about the ltp
mailing list