[PATCH v4 1/4] KEYS: trusted: Add generic trusted keys framework

Sumit Garg sumit.garg at linaro.org
Tue Jun 2 08:40:37 UTC 2020


On Tue, 2 Jun 2020 at 12:44, Jarkko Sakkinen
<jarkko.sakkinen at linux.intel.com> wrote:
>
> On Mon, Jun 01, 2020 at 02:41:55PM +0530, Sumit Garg wrote:
> > > This, I think is wrong. You should have a compile time flag for TPM e.g.
> > > CONFIG_TRUSTED_TPM, not this dynamic mess.
> > >
> >
> > The whole idea to have it dynamic was to have a common trusted keys
> > module which could support both TPM and TEE implementation depending
> > on hardware. I guess it may be useful in scenarios where a particular
> > hardware supports a TPM chip while other doesn't but both need to run
> > a common kernel image.
>
> For now it should only scale to what is needed. No problems refining
> it later when there is something to enable.
>

Fair enough, will switch to compile time mode then.

-Sumit

> /Jarkko



More information about the Linux-security-module-archive mailing list