Re: [tpmdd-devel] [PATCH] TPM: Let the tpm char device be openable multiple times
From: Jason Gunthorpe
Date: Tue Nov 03 2009 - 23:27:26 EST
On Tue, Nov 03, 2009 at 10:24:29PM -0500, Valdis.Kletnieks@xxxxxx wrote:
> A number of other things under drivers/ implement "only one open" semantics,
> but those are hard-coded into the driver. But for the TPM, it's unclear if
> exclusive or non-exclusive is the right model.
The underlying hardware already supports multiplexing multiple clients
in the same command stream - I'm not sure why this shouldn't be
exported to user space as-is. The kernel already accesses the TPM
without going through the middleware for in kernel features..
> Maybe the right answer is to default to multiple opens, but have an
> ioctl() that turns on exclusive mode. If you have a 'tcsd' daemon,
> it will need to get launched early enough to do the open/ioctl
Why is this an issue? /dev/tpm is root only accessible. There are a lot
of things that can go horribly wrong if root does improper things, and
you can create quite reasonable multi-process tpm using applications
without the middleware.
Even if another root process does open /dev/tpm - what is the worst it
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/