From: Ken Goldman <kgoldman-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: TPM2 resource manager vendor specific commands
Date: Thu, 7 Jan 2016 16:07:53 -0500 [thread overview]
Message-ID: <n6mk37$86r$1@ger.gmane.org> (raw)
In-Reply-To: <20151222065917.GB7867-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
On 12/22/2015 1:59 AM, Jarkko Sakkinen wrote:
>
> One of the corner cases are vendor specific commands. I raised that but
> it was ignored in this discussion.
>
> Now that I looked at TCG document it does not give any recommendation how
> they should be managed:
You are right that we should add this to the TCG documents. We
discussed this on a TPM WG call today. Here's some design information
for an implementer.
My high level conclusion is that the resource manager (RM) should not
have any command specific handling. It it does, that's a red flag that
a vendor specific command may not work.
The TPM 2.0 design includes features to generalize vendor specific
commands. There is a getcapability that returns command ordinal
properties, specifically:
- The number of command and response handles indicate whether and how
many handles should be mapped.
- Whether transient objects are flushed.
- An extensive flag indicates that the command has many side effects.
For these commands, the RM should use getcapability to enumerate the
handles that are still active or loaded and synchronize its tables.
TPM2_Clear is an example.
------------------------------------------------------------------------------
next prev parent reply other threads:[~2016-01-07 21:07 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-13 15:42 [PATCH v2 0/3] TPM 2.0 trusted key features for v4.5 Jarkko Sakkinen
2015-12-13 15:42 ` Jarkko Sakkinen
2015-12-13 15:42 ` Jarkko Sakkinen
2015-12-13 15:42 ` [PATCH v2 1/3] keys, trusted: fix: *do not* allow duplicate key options Jarkko Sakkinen
2015-12-14 13:46 ` Mimi Zohar
2015-12-14 14:54 ` Jarkko Sakkinen
2015-12-13 15:42 ` [PATCH v2 2/3] keys, trusted: select hash algorithm for TPM2 chips Jarkko Sakkinen
2015-12-13 15:42 ` Jarkko Sakkinen
2015-12-13 15:42 ` [PATCH v2 3/3] keys, trusted: seal with a TPM2 authorization policy Jarkko Sakkinen
2015-12-14 13:49 ` Mimi Zohar
2015-12-14 14:56 ` Jarkko Sakkinen
[not found] ` <20151214095830.GA21291@intel.com>
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E682BF197@ABGEX74E.FSC.NET>
[not found] ` <20151214112501.GA26100@intel.com>
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E682BF19D@ABGEX74E.FSC.NET>
[not found] ` <20151215233237.GA31965@obsidianresearch.com>
[not found] ` <201512161652.tBGGqWPG019442@d03av04.boulder.ibm.com>
[not found] ` <20151216171633.GB32594@obsidianresearch.com>
[not found] ` <201512161721.tBGHLqXh009986@d03av03.boulder.ibm.com>
[not found] ` <20151216174523.GC32594@obsidianresearch.com>
[not found] ` <201512161804.tBGI47vu000331@d01av02.pok.ibm.com>
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E69407545@ABGEX74E.FSC.NET>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA5864641@EXCH2010A.sit.fraunhofer.de>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA5864641-wI35/lLZEdT5yyJIIHUSGGSU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2015-12-18 0:57 ` Question on Linux TSS architecture design (kernel vs. user space access) Jason Gunthorpe
[not found] ` <201512171523.tBHFNlJ6013434@d03av03.boulder.ibm.com>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA58648F1@EXCH2010A.sit.fraunhofer.de>
[not found] ` <201512171620.tBHGK3GE030569@d03av04.boulder.ibm.com>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA586493C@EXCH2010A.sit.fraunhofer.de>
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA586493C-wI35/lLZEdT5yyJIIHUSGGSU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2015-12-18 10:06 ` Wilck, Martin
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E6940754C-bIoXcEM4pvRAuK1PVaBULA@public.gmane.org>
2015-12-18 10:51 ` Jarkko Sakkinen
[not found] ` <20151218105148.GA12882-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-18 10:53 ` Jarkko Sakkinen
[not found] ` <20151218105323.GB12882-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-18 11:09 ` Wilck, Martin
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E6940754D-bIoXcEM4pvRAuK1PVaBULA@public.gmane.org>
2015-12-18 11:41 ` Jarkko Sakkinen
[not found] ` <20151218114131.GA3287-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-18 14:10 ` Ken Goldman
2015-12-21 13:22 ` Fuchs, Andreas
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA586A57C-wI35/lLZEdRyXeJKmmMAp2SU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2015-12-21 14:23 ` Stefan Berger
2015-12-22 21:23 ` Jason Gunthorpe
[not found] ` <20151222212348.GB9461-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2015-12-23 15:02 ` Ken Goldman
2015-12-24 11:42 ` Jarkko Sakkinen
[not found] ` <20151224114241.GA5119-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-24 15:09 ` Ken Goldman
2016-01-02 20:39 ` Jason Gunthorpe
[not found] ` <20160102203957.GA19490-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-03 13:53 ` Jarkko Sakkinen
[not found] ` <20160103135346.GA4047-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-04 16:22 ` Fuchs, Andreas
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA5877E95-wI35/lLZEdRyXeJKmmMAp2SU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2016-01-04 18:19 ` Jarkko Sakkinen
[not found] ` <20160104181915.GA15908-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-04 20:06 ` Mimi Zohar
2016-01-05 9:43 ` Fuchs, Andreas
[not found] ` <9F48E1A823B03B4790B7E6E69430724DA58784A8-wI35/lLZEdRyXeJKmmMAp2SU2VBt9E6NG9Ur7JDdleE@public.gmane.org>
2016-01-05 13:13 ` Mimi Zohar
2016-01-05 17:39 ` Jason Gunthorpe
2015-12-22 6:59 ` Jarkko Sakkinen
[not found] ` <20151222065917.GB7867-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-04 16:07 ` Fuchs, Andreas
2016-01-07 21:07 ` Ken Goldman [this message]
[not found] ` <201512171533.tBHFXn35003792@d03av02.boulder.ibm.com>
[not found] ` <201512171533.tBHFXn35003792-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2015-12-18 11:21 ` Wilck, Martin
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E6940754E-bIoXcEM4pvRAuK1PVaBULA@public.gmane.org>
2015-12-18 11:51 ` Jarkko Sakkinen
[not found] ` <20151218115137.GA4774-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-12-18 11:57 ` Jarkko Sakkinen
2015-12-18 13:40 ` Stefan Berger
[not found] ` <C5A28EF7B98F574C85C70238C8E9ECC04E69407545-bIoXcEM4pvRAuK1PVaBULA@public.gmane.org>
2015-12-18 15:03 ` Kenneth Goldman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='n6mk37$86r$1@ger.gmane.org' \
--to=kgoldman-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.