The Linux Plumbers 2017 Trusted Platform Module microconference aims to provide a forum to discuss the next steps in improving TPM support under Linux, including discussion of a standardised TPM2 middleware layer and higher level APIs.
Matthew Garrett
Jerry Snitselaar (unable to attend)
Philip Tricca
George Wilson (confirmed)
Mimi Zohar
James Bottomley (confirmed)
David Woodhouse (confirmed)
Jarkko Sakkinen (confirmed)
Daniel Kiper (confirmed)
The following is the list of items presently considered as candidate topics for the microconf. Still very much subject to change.
Can we choose a default TSS layer yet
Progress in adding TPM to the various higher level crypto systems (openssl, openssh, gnutls etc)
crypto system integration: can we agree on a DER description for the TPM2.0 key file for them all to use?
Should TPM key integration just be pkcs11? (see this
document by David Woodhouse)
How can we get a usable higher level
API
What's the state of measured boot
EFI + Intel TXT and TPM + Xen/Linux - how to make it work (Daniel Kiper)
Best practices for bootloaders in handing off to the
OS
How to get the TPM 2 event log exposed
TPM Performance
TPM 1.2 do we need an in-kernel resource manager for it?
TPM In Containers. Probably requires resource manager, so can share access, but what about hostile tenant unsafe commands?