[SLOF] [PATCH v2 09/20] Add support for a TPM menu to control the state of the TPM

Stefan Berger stefanb at linux.vnet.ibm.com
Fri Nov 20 03:24:23 AEDT 2015


On 11/19/2015 06:00 AM, Thomas Huth wrote:
> On 17/11/15 18:02, Stefan Berger wrote:
>> From: Stefan Berger <stefanb at linux.vnet.ibm.com>
>>
>> This patch provides an addtional menu that enables the user to control
>> certain aspects of the TPM's state.
>>
>> If a working TPM has been detected, the menu will look like this:
>>
>> The TPM is enabled, active, does not have an owner but one can be installed.
>>
>> To configure the TPM, choose one of the following actions:
>>
>> d. Disable the TPM
>> v. Deactivate the TPM
>> p. Prevent installation of an owner
>>
>>
>> Note: To fully use the TPM it must be enabled and activated.
>>
>> Press escape to continue boot.
>>
>>
>> This menu can be access by pressing the 't' key during boot. The menu will not
>> be shown if no TPM is available.
>>
>> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
> Do we really need such a menu? So far, no other device in SLOF has such
> a menu yet. And if the users do not want TPM, they can also simply
> disable the device in the VM configuration, I think.

We need a menu because some of the aspects of managing the TPM can only 
be done while in the firmware and while interacting with the TPM menu.

    Stefan

>
> Anyway, since your patch set here is already really huge and thus
> difficult to review, I'd suggest that you drop the menu support in this
> series here, so we can focus on the basics first, and once they have
> been included, you can send the menu patch later separately.
>
>   Thomas
>
> _______________________________________________
> SLOF mailing list
> SLOF at lists.ozlabs.org
> https://lists.ozlabs.org/listinfo/slof



More information about the SLOF mailing list