From: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
To: "Wilck, Martin" <martin.wilck-RJz4owOZxyXQFUHtdCDX3A@public.gmane.org>
Cc: "tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org"
<tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
Subject: Re: Question on Linux TSS architecture design (kernel vs. user space access)
Date: Fri, 18 Dec 2015 13:41:31 +0200 [thread overview]
Message-ID: <20151218114131.GA3287@intel.com> (raw)
In-Reply-To: <C5A28EF7B98F574C85C70238C8E9ECC04E6940754D-bIoXcEM4pvRAuK1PVaBULA@public.gmane.org>
On Fri, Dec 18, 2015 at 12:09:02PM +0100, Wilck, Martin wrote:
> On Fr, 2015-12-18 at 12:53 +0200, Jarkko Sakkinen wrote:
> > On Fri, Dec 18, 2015 at 12:51:48PM +0200, Jarkko Sakkinen wrote:
> > > On Fri, Dec 18, 2015 at 11:06:54AM +0100, Wilck, Martin wrote:
> > > > > That is the discussion to be held if the decision against RM inside
> > > > > kernel remains as is.
> > > >
> > > > Is there a decision? If yes, who made it? Where is it documented?
> > >
> > > Yeah, I'd be interested too.
> >
> > That was sarcasm. You really can't make such decisions for the kernel.
> > It's always the code/patches that speaks.
>
> Decisions are being made all the time, by maintainers, in mailing list
> discussions, on kernel summits. If only a limited subsystem is affected,
> they can be made based on coded quality alone. But it becomes difficult
> when several communities are involved, like kernel & systemd or, in our
> case, TPM device driver & user space TSS. In these cases it's important
> to take a step back from the purely technical developer perspective and
> try to figure out what the common goal is and how it can best be
> reached.
>
> The question whether resource management should be done in the kernel or
> in user space can't be decided based on patches alone. Maybe we'll end
> up with a situation where both ways are implemented and either distro
> makers or even end users will have to make the choice. Is that
> desirable?
For me this discussion seems a bit paralyzed. If one wants to do
something for the issue, one should send a patch or patches and then we
can see how elegant the solution is and how much it does or does not
interfere the user space. That's why enumerated the technical
constraints for TPM2 in my previous responses and otherwise have been
quite passive. I'm not too interested on this "philosophical" side.
To give more pointers about the possible architecture I would like to
see LRU with objects enumerated by client, virtual handle and physical
handle. You would swap as many objects needed from LRU when you run out
of space.
This kind of architecture would have couple of advantages:
* You would have "unlimited" transient storage per client. This could
simplify user space implementation even if you end up having daemon
also there. Also kernel subsystems would not have to worry space
running out.
* Swapping would be lazy. When you'd switch a client, immediately
you'd do a zero amount of work for swapping.
* I think in the end you would get with this architecture the cleanest
and simplest code paths inside the kernel.
You could use shmem_file for backing storage like GPU drivers do.
> Martin
/Jarkko
------------------------------------------------------------------------------
next prev parent reply other threads:[~2015-12-18 11:41 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-13 15:42 [PATCH v2 0/3] TPM 2.0 trusted key features for v4.5 Jarkko Sakkinen
2015-12-13 15:42 ` Jarkko Sakkinen
2015-12-13 15:42 ` Jarkko Sakkinen
2015-12-13 15:42 ` [PATCH v2 1/3] keys, trusted: fix: *do not* allow duplicate key options Jarkko Sakkinen
2015-12-14 13:46 ` Mimi Zohar
2015-12-14 14:54 ` Jarkko Sakkinen
2015-12-13 15:42 ` [PATCH v2 2/3] keys, trusted: select hash algorithm for TPM2 chips Jarkko Sakkinen
2015-12-13 15:42 ` Jarkko Sakkinen
2015-12-13 15:42 ` [PATCH v2 3/3] keys, trusted: seal with a TPM2 authorization policy Jarkko Sakkinen
2015-12-14 13:49 ` Mimi Zohar
2015-12-14 14:56 ` Jarkko Sakkinen
[not found] ` <20151214095830.GA21291@intel.com>
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E682BF197@ABGEX74E.FSC.NET>
[not found] ` <20151214112501.GA26100@intel.com>
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E682BF19D@ABGEX74E.FSC.NET>
[not found] ` <20151215233237.GA31965@obsidianresearch.com>
[not found] ` <201512161652.tBGGqWPG019442@d03av04.boulder.ibm.com>
[not found] ` <20151216171633.GB32594@obsidianresearch.com>
[not found] ` <201512161721.tBGHLqXh009986@d03av03.boulder.ibm.com>
[not found] ` <20151216174523.GC32594@obsidianresearch.com>
[not found] ` <201512161804.tBGI47vu000331@d01av02.pok.ibm.com>
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E69407545@ABGEX74E.FSC.NET>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA5864641@EXCH2010A.sit.fraunhofer.de>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA5864641-wI35/lLZEdT5yyJIIHUSGGSU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2015-12-18 0:57 ` Question on Linux TSS architecture design (kernel vs. user space access) Jason Gunthorpe
[not found] ` <201512171523.tBHFNlJ6013434@d03av03.boulder.ibm.com>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA58648F1@EXCH2010A.sit.fraunhofer.de>
[not found] ` <201512171620.tBHGK3GE030569@d03av04.boulder.ibm.com>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA586493C@EXCH2010A.sit.fraunhofer.de>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA586493C-wI35/lLZEdT5yyJIIHUSGGSU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2015-12-18 10:06 ` Wilck, Martin
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E6940754C-bIoXcEM4pvRAuK1PVaBULA@public.gmane.org>
2015-12-18 10:51 ` Jarkko Sakkinen
[not found] ` <20151218105148.GA12882-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-18 10:53 ` Jarkko Sakkinen
[not found] ` <20151218105323.GB12882-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-18 11:09 ` Wilck, Martin
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E6940754D-bIoXcEM4pvRAuK1PVaBULA@public.gmane.org>
2015-12-18 11:41 ` Jarkko Sakkinen [this message]
[not found] ` <20151218114131.GA3287-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-18 14:10 ` Ken Goldman
2015-12-21 13:22 ` Fuchs, Andreas
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA586A57C-wI35/lLZEdRyXeJKmmMAp2SU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2015-12-21 14:23 ` Stefan Berger
2015-12-22 21:23 ` Jason Gunthorpe
[not found] ` <20151222212348.GB9461-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2015-12-23 15:02 ` Ken Goldman
2015-12-24 11:42 ` Jarkko Sakkinen
[not found] ` <20151224114241.GA5119-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-24 15:09 ` Ken Goldman
2016-01-02 20:39 ` Jason Gunthorpe
[not found] ` <20160102203957.GA19490-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-03 13:53 ` Jarkko Sakkinen
[not found] ` <20160103135346.GA4047-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-04 16:22 ` Fuchs, Andreas
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA5877E95-wI35/lLZEdRyXeJKmmMAp2SU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2016-01-04 18:19 ` Jarkko Sakkinen
[not found] ` <20160104181915.GA15908-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-04 20:06 ` Mimi Zohar
2016-01-05 9:43 ` Fuchs, Andreas
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA58784A8-wI35/lLZEdRyXeJKmmMAp2SU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2016-01-05 13:13 ` Mimi Zohar
2016-01-05 17:39 ` Jason Gunthorpe
2015-12-22 6:59 ` Jarkko Sakkinen
[not found] ` <20151222065917.GB7867-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-04 16:07 ` Fuchs, Andreas
2016-01-07 21:07 ` TPM2 resource manager vendor specific commands Ken Goldman
[not found] ` <201512171533.tBHFXn35003792@d03av02.boulder.ibm.com>
[not found] ` <201512171533.tBHFXn35003792-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2015-12-18 11:21 ` Question on Linux TSS architecture design (kernel vs. user space access) Wilck, Martin
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E6940754E-bIoXcEM4pvRAuK1PVaBULA@public.gmane.org>
2015-12-18 11:51 ` Jarkko Sakkinen
[not found] ` <20151218115137.GA4774-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-18 11:57 ` Jarkko Sakkinen
2015-12-18 13:40 ` Stefan Berger
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E69407545-bIoXcEM4pvRAuK1PVaBULA@public.gmane.org>
2015-12-18 15:03 ` Kenneth Goldman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151218114131.GA3287@intel.com \
--to=jarkko.sakkinen-vuqaysv1563yd54fqh9/ca@public.gmane.org \
--cc=martin.wilck-RJz4owOZxyXQFUHtdCDX3A@public.gmane.org \
--cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.