James Carlson wrote: > Wyllys Ingersoll writes: > >> sources. That is why I originally suggested that the TPM should only >> reside >> in the global zone and that local zones would access it over the network >> and be subject to access controls as specified in the tcsd.conf. >> > > It sounds to me like the complete Zones solution will require a > non-network-based cross-zone communication mechanism. >
Yes. That is something we would prefer to develop with the involvement of the Trousers community later. >> I suggested that we could deliver the TPM device and libraries in all zones >> but that the administrator would have to know that only 1 zone per-system >> is allowed to access the TPM. That would at least allow the administrator >> to configure any single zone to run the TCS daemon instead of forcing it to >> be in the global zone, but it still has the restriction of only 1 TCS >> daemon per TPM. >> > > That doesn't make sense to me. Why would the administrator _NOT_ want > to have access to the TPM in more than one zone? > By "access" do you mean having the ability to use the TPM through the standard TSS interfaces or do you mean having the ability to actually open /dev/tpm directly ? The first case is possible now by accessing the TCS daemon over the network using standard TSS APIs. The latter is prohibited by the TPM spec if another app is holding it open. -Wyllys
