Garrett D'Amore wrote: >> The TCS daemon is designed to be the primary access point, applications >> are never supposed to access the device directly. >> -Wyllys >> >> >> > This really sounds, to me at least, like the TPM/TCS should be a > global zone only thing. I see little merit in making possible to run > it anywhere else.
I agree. > > Someday, might we not want the TPM stack to do more than just PKCS#11 > and generic crypto? (I.e. TPM was also designed to support trusted > verification of the platform itself -- the kernel bit.) I think if we > want to allow for future developments in that area, it might be better > to constrain the daemon to the global zone only for now. (This > shouldn't be too much of a limitation for local zones, since for > various reasons the global zone has to be trusted with at least the > same level of privilege as the local zone. The local zones just need > to be configured to use a network interface to access the TCS on the > global zone.) > > -- Garrett Yes, eventually we do want the TPM to be used for more. There are projects that are planning to use the TPM and TSS interfaces in the future (ZFS crypto, Validated Execution). Though, for the most part they only need the crypto and verification interfaces. The TPM device itself is a pretty simple and really only offers limited functionality, the critical piece is the TSS (TCG Software Stack). The TSS that we are delivering (TrouSerS) does have interfaces for doing more than just crypto, there just isn't much software written to take advantage of it yet. -Wyllys
