From: James Bottomley <jejb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
To: "Fuchs,
Andreas"
<andreas.fuchs-iXjGqz/onsDSyEMIgutvibNAH6kLmebB@public.gmane.org>,
Ken Goldman <kgoldman-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>,
"tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org"
<tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
Subject: Re: TPM 2.0 device driver blocking open
Date: Mon, 02 Jan 2017 08:25:48 -0800 [thread overview]
Message-ID: <1483374348.2458.4.camel@linux.vnet.ibm.com> (raw)
In-Reply-To: <9F48E1A823B03B4790B7E6E69430724DC7C1378B-pTbww/UJF9iZbMGAS439G2SU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
On Mon, 2017-01-02 at 15:15 +0000, Fuchs, Andreas wrote:
> That's why current TSS 2.0 and TSS 1.2 assumed a resource-manager in
> UserSpace
We already discussed this at Plumbers. the problem is that the kernel
itself needs access to the TPM (in both Linux and Windows as far as I
can tell). If you put the RM in User Space, the kernel would either
not have access or have some dependency on a user space process which
is never a good idea.
> as signle owner of /dev/tpm0 (enforced by single-open-/dev/tpm0).
> Only alternative would be a RM inside the Kernel.
Right, so that's what we now have with Jarkko's just posted patches.
James
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
prev parent reply other threads:[~2017-01-02 16:25 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-30 15:53 TPM 2.0 device driver blocking open Ken Goldman
2016-12-30 16:22 ` James Bottomley
[not found] ` <1483114928.2442.28.camel-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-12-30 18:46 ` James Bottomley
[not found] ` <1483123609.2712.1.camel-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-01-03 21:26 ` Jason Gunthorpe
2017-01-02 15:15 ` Fuchs, Andreas
[not found] ` <9F48E1A823B03B4790B7E6E69430724DC7C1378B-pTbww/UJF9iZbMGAS439G2SU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2017-01-02 16:25 ` James Bottomley [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1483374348.2458.4.camel@linux.vnet.ibm.com \
--to=jejb-23vcf4htsmix0ybbhkvfkdbpr1lh4cv8@public.gmane.org \
--cc=andreas.fuchs-iXjGqz/onsDSyEMIgutvibNAH6kLmebB@public.gmane.org \
--cc=kgoldman-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.