> 2.6.21 tpm driver doesn't seem to provide securityfs in a non-SE-Linux box. > Does it depend on anything else than just loading tpm?
I can't tell. I just observed that the code in drivers/char/tpm/tpm_bios.c attempts to create some securityfs files in a exported function called tpm_bios_log_setup. This function seems to be called from tpm.c if a real tpm chip was found and setup by one of the tpm chipset drivers. So i guess the files will only appear on a machine which contains a supported tpm chip. My point however: It really seems that securityfs is not specific to apparmor (it probably even predates apparmor) and might not be only used by tpm chips but by other software (e.g. other security frameworks like apparmor) as well, so it probably won't be the right solution to have the mount call in the apparmor package. On the other hand it seems that /sys/kernel/security is present in all newer kernel versions, so when using a generic mount it would get mounted on a lot of systems which don't use it. I'm not sure if this is a problem. I just don't know what would be the right solution, but maybe you do? :-) Regards Michael -- It's an insane world, but i'm proud to be a part of it. -- Bill Hicks -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
