[SLOF] [PATCH v2 09/20] Add support for a TPM menu to control the state of the TPM
stefanb at linux.vnet.ibm.com
Fri Nov 20 03:24:23 AEDT 2015
On 11/19/2015 06:00 AM, Thomas Huth wrote:
> On 17/11/15 18:02, Stefan Berger wrote:
>> From: Stefan Berger <stefanb at linux.vnet.ibm.com>
>> This patch provides an addtional menu that enables the user to control
>> certain aspects of the TPM's state.
>> If a working TPM has been detected, the menu will look like this:
>> The TPM is enabled, active, does not have an owner but one can be installed.
>> To configure the TPM, choose one of the following actions:
>> d. Disable the TPM
>> v. Deactivate the TPM
>> p. Prevent installation of an owner
>> Note: To fully use the TPM it must be enabled and activated.
>> Press escape to continue boot.
>> This menu can be access by pressing the 't' key during boot. The menu will not
>> be shown if no TPM is available.
>> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
> Do we really need such a menu? So far, no other device in SLOF has such
> a menu yet. And if the users do not want TPM, they can also simply
> disable the device in the VM configuration, I think.
We need a menu because some of the aspects of managing the TPM can only
be done while in the firmware and while interacting with the TPM menu.
> Anyway, since your patch set here is already really huge and thus
> difficult to review, I'd suggest that you drop the menu support in this
> series here, so we can focus on the basics first, and once they have
> been included, you can send the menu patch later separately.
> SLOF mailing list
> SLOF at lists.ozlabs.org
More information about the SLOF