From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E54D8149C6E; Thu, 25 Apr 2024 14:01:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714053695; cv=none; b=lCjuaz2HJK4w0p0RrTTKhXDLHbDN7gakVpRpnHTJPZtlplqgc+7Wz8Axhk9gJ/NJ1/MPPvVE8IZjYN0svzSRk2SI5sQry4GdfFnjnO3p6ULJ1N3s8NDsMiEq39ol1SMIiTni2NInoiEQcMw5TiE4Bsm6Rubrrby3keHkBq5fwAE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714053695; c=relaxed/simple; bh=gOKjqTrwy/H/hFGh4uedpQPBDplAM1BDzbOPolpCIYg=; h=Mime-Version:Content-Type:Date:Message-Id:To:Cc:Subject:From: References:In-Reply-To; b=tlUc8Txksa3qvXJBbCng/tgeTnbsSEmpRThuQvQVVi2CuD7CWOJ0iIYMeU583DMIB/Ore7MZeaQzK7lKIpoqfLjqVOLTNROCj9iIdx9PWocW678P215RPSIQyD98wF7VA+VTCxO/p6lMw/Kais960MF0CcHmmYJe1t3++0rmI+A= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=EbeyGHjb; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="EbeyGHjb" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A2A1FC113CC; Thu, 25 Apr 2024 14:01:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1714053694; bh=gOKjqTrwy/H/hFGh4uedpQPBDplAM1BDzbOPolpCIYg=; h=Date:To:Cc:Subject:From:References:In-Reply-To:From; b=EbeyGHjbiDenFYP6KGmF/qCZqSu6doaojbB9dgrUPfciACqeqsBTPpfSn1RekYtTw CufsNwYj+bScnknse+DnYbet1t3Ziqn8DUQop+Ej5fqex+ag8duuyQjzMwNHrvKX5B 0Ux2whXse8jX/0w0y7hF/S5to5IUyRPihqrhgZWPTHf8o4Oz7cVs6J/938dIIkJamF Zf2ZNbxL3ibXeaFpaTfUETc+KvNDwmriW42SUVPHb164ERFpDsiSTB5azlqleLhvUp vYOyHC+vo5yGzw7KU11M3fJswSBNJ5nDpxTnL+vwYvJkuEyBP5HEa3kArC6GVEEvel xFhnAT+pLkxNQ== Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Thu, 25 Apr 2024 17:01:28 +0300 Message-Id: To: "Lennart Poettering" , "Ard Biesheuvel" Cc: "Ilias Apalodimas" , "James Bottomley" , "Mikko Rapeli" , , , Subject: Re: [PATCH] efi: expose TPM event log to userspace via sysfs From: "Jarkko Sakkinen" X-Mailer: aerc 0.17.0 References: <20240422112711.362779-1-mikko.rapeli@linaro.org> <6e751959b9056884c1b9d3ba23e303d1737d8763.camel@HansenPartnership.com> In-Reply-To: On Thu Apr 25, 2024 at 12:58 PM EEST, Lennart Poettering wrote: > General purpose distros typically don't build all TPM drivers into the > kernel, but ship some in the initrd instead. Then, udev is responsible > for iterating all buses/devices and auto-loading the necessary > drivers. Each loaded bus driver might make more devices available for I've had since day 0 that I've worked with TPM driver (i.e. since 2013 or 2014) that module support should be removed. I've kept the module compilation only because huge turnback from the community. It does not make sense: 1. Because it makes sense as part of "TCB". 2. "TCB" is should in be vmlinux. 3. TPM is also a subsystem with other clients in the kernel. At minimum the main TPM driver should IMHO just in vmlinux e.g. because it is rare to see distro kernel with TPM enabled and IMA disabled, I don't know any. That said, I would not mind either if TPM subsystem drivers were only y/n *except* tpm_vtpm_proxy. BR, Jarkko