Re: [TrouSerS-users] Tspi_Tpm_GetEventLog question

Thu, 06 Sep 2012 13:16:39 -0700 

Thanks for the help! I did find the entries in /etc/tcsd.conf, but didn't
know about securityfs.

-- per aspera ad astra --



On Thu, Sep 6, 2012 at 3:56 PM, Kent Yoder <[email protected]> wrote:

> Hi,
>
> On Thu, Sep 6, 2012 at 2:33 PM, Olga Chen <[email protected]> wrote:
> > Hello,
> > Does the Tspi_TPM_GetEventLog function do anything? Every computer that
> I've
> > tried it on simply returns zero events.
>
>   It does, as long as the tcsd is set up to provide events to the tspi
> layer. This means setting either of the firmware_log_file or
> kernel_log_file options in the tcsd.conf file to point to event log
> sources.  Those sources are backed by the TPM driver itself (usually
> tpm_tis) through securityfs.  securityfs isn't usually mounted by
> default, but to do that, put this line in your /etc/fstab:
>
> securityfs              /sys/kernel/security    securityfs defaults 0 0
>
> then set in your tcsd.conf:
>
> firmware_log_file = /sys/kernel/security/tpm0/binary_bios_measurements
> firmware_pcrs = 0,1,2,3,4,5,6,7
>
> If you can see events when you cat
> /sys/kernel/security/tpm0/ascii_bios_measurements, then
> binary_bios_measurements should work too and you should see output
> from the GetEventLog testcase.
>
> Kent
>
> > thanks,
> > Olga
> >
> >
> >
> >
> ------------------------------------------------------------------------------
> > Live Security Virtual Conference
> > Exclusive live event will cover all the ways today's security and
> > threat landscape has changed and how IT managers can respond. Discussions
> > will include endpoint security, mobile security and the latest in malware
> > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> > _______________________________________________
> > TrouSerS-users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/trousers-users
> >
>
>
>
> --
> IBM LTC Security
>

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users

Reply via email to