On Fri, 2019-11-08 at 12:47 +0100, Lukasz Hawrylko wrote: > For TPM2.0 LCP generation there is a Python tool lcp-gen2 that is > included in tboot's source code. To be honest I didn't try to generate > LCP with tboot's VLP inside but it should work. If not - this is a bug > and need to be fixed. > > lcptools-v2 will is not maintained, any new features like new signing > algorithms will not be included there, so I suggest not to use it for > new designs. We are actively improving lcp-gen2, if there is something > that is missing in your opinion please let me know.
A few problems come to mind with lcp-gen2 all of which are blockers: * I see references to upgrading to newer versions of Python 2.x, but nothing about upgrading to Python 3.x; with Python 2.x going EOL in a few months this needs to happen very soon. * No documentation. This is a general problem with the tboot code/tools: there is very little documentation, and what does seem to be present is mostly wrong or incomplete. * The lcp-gen2 tool appears to be intended mostly as a GUI tool, and I need a CLI tool. It looks like there might be some sort of "batch build" available from the command line, but I don't see any further explanation or documentation on this ability. You mention that lcp-gen2 is being actively improved, is this happening offline? The last commit I see is to the sf.net repo for lcp-gen2 is over six months old. If these issues can't be resolved within the next month or two, is there any reason why we couldn't continue to make changes to the lcptools-v2 tools? -Paul _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
