From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1ffUR6-0001gA-FL for mharc-grub-devel@gnu.org; Tue, 17 Jul 2018 14:10:56 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46860) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffUR3-0001eJ-SH for grub-devel@gnu.org; Tue, 17 Jul 2018 14:10:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ffUR2-0004Ym-Rd for grub-devel@gnu.org; Tue, 17 Jul 2018 14:10:53 -0400 Received: from cavan.codon.org.uk ([2a00:1098:0:80:1000:c:0:1]:54415) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ffUR2-0004UT-Eo for grub-devel@gnu.org; Tue, 17 Jul 2018 14:10:52 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=codon.org.uk; s=63138784; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=80zOo4D4gDvSD/hP3TON+z7Pg0Ov45beMeoavex/Wc8=; b=senX1PDuvvqnISeNv3BcIwLWJfjXVJb9UiClN3I2vLcLWEGLmA3nkl8mOxZbQKcLcIzxy2W8hWd9T6LOBL5Uqp9k1abnRD3dMFeFXTp72TJjbU3KIt52gjofJM+ROeFeivJU3kW/kGgPWtitMPMfpKBcoT/42pgmMEYE40g3Lb0=; Received: from mjg59 by cavan.codon.org.uk with local (Exim 4.84_2) (envelope-from ) id 1ffUQj-0002Lt-03; Tue, 17 Jul 2018 19:10:33 +0100 Date: Tue, 17 Jul 2018 19:10:32 +0100 From: Matthew Garrett To: "Daniel P. Smith" Cc: Daniel Kiper , daniel.kiper@oracle.com, eric.snowberg@oracle.com, javierm@redhat.com, jonmccune@google.com, kanth.ghatraju@oracle.com, keng-yu.lin@hpe.com, konrad.wilk@oracle.com, leif.lindholm@linaro.org, phcoder@gmail.com, philip.b.tricca@intel.com, ross.philipson@oracle.com, grub-devel@gnu.org Subject: Re: TPM support within Grub2 Message-ID: <20180717181032.GA8927@srcf.ucam.org> References: <20180702163508.GC1111@router-fw-old.local.net-space.pl> <20180716120612.GA12081@router-fw-old.local.net-space.pl> <671c05e8-b260-82a0-b54f-6da84f3d403b@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <671c05e8-b260-82a0-b54f-6da84f3d403b@gmail.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: mjg59@cavan.codon.org.uk X-SA-Exim-Scanned: No (on cavan.codon.org.uk); SAEximRunCond expanded to false X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2a00:1098:0:80:1000:c:0:1 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jul 2018 18:10:54 -0000 On Mon, Jul 16, 2018 at 12:33:42PM -0400, Daniel P. Smith wrote: > On 07/16/2018 08:06 AM, Daniel Kiper wrote: > > In general I am not against reorganization you are mentioning above. > > Though I think that then you should rearange Matthew code and repost > > it. Of course if Matthew does not object. > > I can align Matthew's code or if he would like, he is more than welcome > to collaborate on the solution. There's a lot of user demand for TPM2 support in grub, so my preference would be: 1) Review and merge the verifiers framework 2) Update the current TPM2 code to match and review and merge that 3) Ensure that the functionality matches user expectations and then develop a more generic midlayer based on that to support additional TPM backends My concern about doing (3) before (2) is that it may take multiple attempts to develop something that works for us, and delay being able to provide functionality that people would like to take advantage of. I think some real-world use would make the process easier. -- Matthew Garrett | mjg59@srcf.ucam.org