Re: [PATCH v1 12/12] tpm: TPM2 sysfs attributes
From: Jason Gunthorpe
Date: Wed Sep 24 2014 - 16:46:58 EST
On Wed, Sep 24, 2014 at 10:35:42PM +0200, Peter Hüwe wrote:
> Am Mittwoch, 24. September 2014, 22:19:38 schrieb Jason Gunthorpe:
> > On Wed, Sep 24, 2014 at 10:02:34PM +0300, Jarkko Sakkinen wrote:
> > > > The pcrs file never conformed to the sysfs rules, if TPM2 is getting a
> > > > whole new file set, I wouldn't mind seeing it not include the
> > > > non-conformant ones. What do you think?
> > >
> > > I think that it's better to put extra focus on these sysfs attributes in
> > > first patch set because it's user space visible. What's wrong in the
> > > current pcrs file?
> >
> > Each PCR should be a distinct sysfs file, probably with a
> > directory. One Value Per File is the rule.
>
> That would be 24*2 files only for pcrs...
Some subsystems do just that..
$ ls /sys/class/infiniband/qib0/ports/1/sl2vl/
0 1 10 11 12 13 14 15 2 3 4 5 6 7 8 9
> Documentation/filesystems/sysfs.txt says:
>
> "
> Attributes should be ASCII text files, preferably with only one value
> per file. It is noted that it may not be efficient to contain only one
> value per file, so it is socially acceptable to express an array of
> values of the same type. "
>
> So it would be more or less o.k. to have it in one file like we had.
>
> Then however:
> "Mixing types, expressing multiple lines of data, and doing fancy
> formatting of data is heavily frowned upon. Doing these things may get
> you publicly humiliated and your code rewritten without notice."
I think taken together that says an array of 128 bit PCR hex values
without new lines or other formatting would be OK. But the breakdown
and fancy formatting we do is not OK.
> Do we really need the PCRs as sysfs files? I know they are handy as
> a dev, but does any application actually use this directly?
No idea, but using tpm2 to find out seems like a reasonable idea,
especially if the pcr meaning changes in some way with TPM2 ..
Jason
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/