From mboxrd@z Thu Jan 1 00:00:00 1970 From: James Bottomley Subject: Re: TPM 2.0 device driver blocking open Date: Mon, 02 Jan 2017 08:25:48 -0800 Message-ID: <1483374348.2458.4.camel@linux.vnet.ibm.com> References: <9F48E1A823B03B4790B7E6E69430724DC7C1378B@exch2010c.sit.fraunhofer.de> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <9F48E1A823B03B4790B7E6E69430724DC7C1378B-pTbww/UJF9iZbMGAS439G2SU2VBt9E6NG9Ur7JDdleE@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: "Fuchs, Andreas" , Ken Goldman , "tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org" List-Id: tpmdd-devel@lists.sourceforge.net On Mon, 2017-01-02 at 15:15 +0000, Fuchs, Andreas wrote: > That's why current TSS 2.0 and TSS 1.2 assumed a resource-manager in > UserSpace We already discussed this at Plumbers. the problem is that the kernel itself needs access to the TPM (in both Linux and Windows as far as I can tell). If you put the RM in User Space, the kernel would either not have access or have some dependency on a user space process which is never a good idea. > as signle owner of /dev/tpm0 (enforced by single-open-/dev/tpm0). > Only alternative would be a RM inside the Kernel. Right, so that's what we now have with Jarkko's just posted patches. James ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot