From: Petr Vorel <pvorel@suse.cz>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
linux-integrity@vger.kernel.org
Subject: Re: [PATCH v3 0/4] TPM 2.0 fixes in IMA tests
Date: Tue, 6 Oct 2020 12:01:30 +0200 [thread overview]
Message-ID: <20201006100130.GA14868@dell5510> (raw)
In-Reply-To: <20201001183104.GA15664@linux.intel.com>
Hi Jarkko,
can rely on /dev/tpm0 and /dev/tpmrm0 for TPM detection?
i.e.:
/dev/tpmrm0 => TPM 2.0
/dev/tpm0 => both TPM 1.2 or 2.0
none of them => No TPM device
I'm trying to get reliably TPM version (1, 2 or no TPM) for various kernel
versions (including very old ones like 3.x):
So far I have:
cat /sys/class/tpm/tpm0/tpm_version_major
[ -f /sys/class/tpm/tpm0/device/caps -o -f /sys/class/misc/tpm0/device/caps ] => TPM 1.2
[ ! -d /sys/class/tpm/tpm0/ -a ! -d /sys/class/misc/tpm0/ ] => no TPM
Then I grep
dmesg | grep -q 'activating TPM-bypass' => no TPM
dmesg | grep -q '1\.2 TPM (device-id' => TPM 1.2
dmesg | grep -q '2\.0 TPM (device-id' => TPM 2.0
But according to Mimi there are still some TPM 2.0 devices which does not export
sysfs files.
And I'd prefer avoid using dmesg (not on some embedded targets and not sure if
reliable for all TPM devices).
If I understand James's commit fdc915f7f719 ("tpm: expose spaces via a device link /dev/tpmrm<n>")
from v4.12-rc1 correctly /dev/tpmrm0 is really for TPM 2.0. But how to detect it
for v4.0 - v4.11 when /sys/class/tpm detection fails?
I haven't found anything obvious in drivers/char/tpm/tpm2-cmd.c from v4.0.
Thanks for info.
Kind regards,
Petr
next prev parent reply other threads:[~2020-10-06 10:01 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-29 16:50 [PATCH v3 0/4] TPM 2.0 fixes in IMA tests Petr Vorel
2020-09-29 16:50 ` [PATCH v3 1/4] IMA: Move get_algorithm_digest(), set_digest_index() to ima_setup.sh Petr Vorel
2020-09-29 16:50 ` [PATCH v3 2/4] IMA: Rewrite ima_boot_aggregate.c to new API Petr Vorel
2020-09-29 21:39 ` Mimi Zohar
2020-09-30 6:53 ` Petr Vorel
2020-09-29 16:50 ` [PATCH v3 3/4] ima_tpm.sh: Fix calculating boot aggregate Petr Vorel
2020-09-29 20:46 ` Mimi Zohar
2020-09-29 16:50 ` [PATCH v3 4/4] ima_tpm.sh: Fix calculating PCR aggregate Petr Vorel
2020-09-29 19:01 ` Mimi Zohar
2020-09-29 23:11 ` [PATCH v3 0/4] TPM 2.0 fixes in IMA tests Jarkko Sakkinen
2020-09-30 5:53 ` Petr Vorel
2020-09-30 11:59 ` Jarkko Sakkinen
2020-10-01 12:01 ` Petr Vorel
2020-10-01 18:31 ` Jarkko Sakkinen
2020-10-06 10:01 ` Petr Vorel [this message]
2020-10-06 15:53 ` Jarkko Sakkinen
2020-10-06 15:55 ` Jarkko Sakkinen
2020-10-06 17:37 ` Ken Goldman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201006100130.GA14868@dell5510 \
--to=pvorel@suse.cz \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=linux-integrity@vger.kernel.org \
--cc=nramas@linux.microsoft.com \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).