TPM: enabling the tpm as builtin in trusty
Mimi Zohar
zohar at linux.vnet.ibm.com
Wed Jan 15 15:19:39 UTC 2014
On Wed, 2014-01-15 at 07:03 -0700, Tim Gardner wrote:
> On 01/14/2014 01:04 PM, Mimi Zohar wrote:
> > Hi,
> >
> > Thank you for enabling IMA/IMA-appraisal! Enabling IMA requires the
> > TPM, if enabled, to be builtin. I'm curious if this will be the first
> > release with the TPM being builtin?
> >
> > thanks,
> >
> > Mimi
> >
> >
>
> Mimi - Ubuntu has not had IMA enabled in any kernel to date (except for
> Trusty 3.13) because of the runtime overhead imposed by this config
> option. Recent development has improved that situation considerably.
Cool!
> The
> Trusty kernel now has the following TPM config options on all arches
> that support the driver:
>
> CONFIG_HW_RANDOM_TPM=m
> CONFIG_TCG_IBMVTPM=y
> CONFIG_TCG_TPM=y
Just making sure that you're aware, that there were problems with the
TPM being builtin, a while ago, because of buggy TPMs. All of the known
problems were supposedly resolved.
(https://bugzilla.redhat.com/show_bug.cgi?id=746097)
thanks,
Mimi
More information about the kernel-team
mailing list