Please review the URL listed above and the Linux Journal article, "Take Control of TCPA" (http://www.linuxjournal.com/article.php?sid=6633). It provides an overview of why including support for the TPM is important, addresses misconceptions regarding it, provides the GPLed/BSD-licensed source code to the TPM driver (GPL) and preliminary interface library (BSD) to the driver. The Linux Journal article provides an overview of the entire system. This could be a real boon for security, and I'd like to see it included as an option in Gentoo. The TPM could be a USE flag, as I believe there are projects such as grub which include patches or could be patched to take advantage of the existance of a TPM. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Joseph, From a quick read/review of the url it sounds like special hardware is required. I'm not aware of anybody that has this type of hardware, so here is the deal. We cant/wont add anything to portage which can cant test and verify that it works. If you can find a way for us to test/verify that this works then it will be considered.
My new laptop (whenever it gets here) will have such hardware. I have contacted the vendor of the TPM, and at least the project manager would like to help make it work under Linux. Thus, I could help test.
Any new news on this bug Joseph? Gentoo devs still dont have this kinda hardware.
Sorry. After HP dropping the ball waaaay too many times, I went with a Dell home system, which has no TPM. Sorry! You might contact Infineon to see if they'll help. I know IBM is working on it. They would be glad to get any help you may provide, and you may get hardware from either or both of them. Sorry I can't be of help anymore. HP sucks, I guess.
updating component.
I own an IBM ThinkPad X31 which has a TCPA chip. I'd be happy to look into this more and help testing.
My T30 (whenever it gets back from being repaired) also has a TPM chip in it. I've gotten the driver working under 2.6 before with some mild hacking of the driver (quite a few months ago). I'd also be interested in this work.
http://www.prosec.rub.de/trusted_grub.html has some information about a TPM enabled GRUB.
Well we still lack the hardware to support this. Bouncing back to bug-wranglers.
*** Bug 62673 has been marked as a duplicate of this bug. ***
Created attachment 48822 [details] app-crypt/tpm-2.0.ebuild This is an updated ebuild for the IBM TPM driver.
added app-crypt/tpm-module and sys-libs/libtpm - Thanks Henrik Brix Andersen <brix@NOHATEMAIL.gentoo.org> Drivers added. Recruitment underway.