Auditing the TPM

I have been experimenting with the TPM and the TrouSerS package some and have so far come up with this list of possible events that could be interesting from a OS auditing perspective: * Taking Ownership of the TPM * Clearing Ownership * Dis/Enabling the TPM * Dis/Activating the TPM * Recording PCR values * Adjustments to PCR values * Remote attestation connections/commands and their results * Requests of the Public Endorsement Key (EK) * Adjustments to the access controls on the EK * Creating/Destroying the EK * Changes to the TPM locked status (set/reset) For some of these events it makes sense that the auditing would happen in the TPM kernel driver, other events will need to be audited up in user space to accurately capture all the important information. Has anyone in this community begun looking at what TPM events are interesting from an audit perspective? thanks -matt