From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Stefan Berger" Subject: Re: Question on Linux TSS architecture design (kernel vs. user space access) Date: Fri, 18 Dec 2015 08:40:44 -0500 Message-ID: <201512181340.tBIDepEE011860@d01av04.pok.ibm.com> References: <1450021353-8775-1-git-send-email-jarkko.sakkinen@linux.intel.com> <20151214095830.GA21291@intel.com> <20151214112501.GA26100@intel.com> <20151215233237.GA31965@obsidianresearch.com> <201512161652.tBGGqWPG019442@d03av04.boulder.ibm.com> <20151216171633.GB32594@obsidianresearch.com> <201512161721.tBGHLqXh009986@d03av03.boulder.ibm.com> <20151216174523.GC32594@obsidianresearch.com> <201512161804.tBGI47vu000331@d01av02.pok.ibm.com> <201512171533.tBHFXn35003792@d03av02.boulder.ibm.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6008181921543339824==" Return-path: In-Reply-To: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: "Wilck, Martin" Cc: "tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org" List-Id: tpmdd-devel@lists.sourceforge.net --===============6008181921543339824== Content-Type: multipart/alternative; boundary="=_alternative 004B25BD85257F1F_=" --=_alternative 004B25BD85257F1F_= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="US-ASCII" "Wilck, Martin" wrote on 12/18/2015 06:21:01 = AM: >=20 > On Do, 2015-12-17 at 10:23 -0500, Stefan Berger wrote: >=20 > > > kernel space. Can you point out a particular part of the problem > > that > > > could be solved better or more easily in user space? > >=20 > > User space would handle any number of client applications. It would > > handle > > the arbitration between applications from concurrent TPM usage while > > one > > application needs to access the TPM for a sequence of commands that > > requires > > access to session and key slots. This application can use the TPM > > directly > > with commands it passes through /dev/tpm0, so there's no need for a > > higher > > level API (provided by the TPM driver) for the usage of the TPM or the > > need > > to intercept commands where one application's usage of the TPM would > > interfere with another application's usage of TPM, such as one > > application > > swapping out the context of another applications keys/session and/or > > deleting > > another applications session and key handles. >=20 > I had asked for things that user space could do *better* than the > kernel. Could you point that out more clearly? I don't think it can do things 'better' just keep it simpler in the=20 kernel. Stefan --=_alternative 004B25BD85257F1F_= Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="US-ASCII" "Wilck, Martin" <martin.wilck-RJz4owOZxyW1NAuuztSHSw@public.gmane.org= m> wrote on 12/18/2015 06:21:01 AM:

>=
> On Do, 2015-12-17 at 10:23 -0500, Stefan Berger wrote:
> > > > kernel space. Can you point out a particular part of the problem
> > that
> > > could be solved better or more = easily in user space?
> >
> > User space would handle an= y number of client applications. It would
> > handle
> > the arbitration between applications= from concurrent TPM usage while
> > one
> > application needs to access the TPM for= a sequence of commands that
> > requires
> > access to session and key slots. Th= is application can use the TPM
> > directly
> > with commands it passes through /dev= /tpm0, so there's no need for a
> > higher
> > level API (provided by the TPM drive= r) for the usage of the TPM or the
> > need
> > to intercept commands where one appli= cation's usage of the TPM would
> > interfere with another application's usage of TPM, such = as one
> > application
> > swapping out the context of an= other applications keys/session and/or
> > deleting
> > another applications session and = key handles.
>
> I had asked for things that user space could = do *better* than the
> kernel. Could you point that out more clearly?=

I don't think it can do things 'bett= er' just keep it simpler in the kernel.

  &nbs= p;Stefan

--=_alternative 004B25BD85257F1F_=-- --===============6008181921543339824== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ------------------------------------------------------------------------------ --===============6008181921543339824== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ tpmdd-devel mailing list tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org https://lists.sourceforge.net/lists/listinfo/tpmdd-devel --===============6008181921543339824==--