On Thu, 2017-02-09 at 12:04 -0700, Jason Gunthorpe wrote: > On Thu, Feb 09, 2017 at 05:19:22PM +0200, Jarkko Sakkinen wrote: > > The current patch set does not define policy. The simple policy > > addition that could be added soon is the limit of connections > > because it is easy to implement in non-intrusive way. > > It is also trivial for a userspace RM to limit the number of sessions > or connections or otherwise to manage this limitation. It is hard to > see why we'd need kernel support for this.
Because the kernel is a primary TPM user. We can't have the kernel call on the in-userspace resource manager without causing a deadlock, so we need as much of the RM as is needed to support the kernel in the kernel itself. James
