On Thu, Dec 24, 2015 at 10:09:43AM -0500, Ken Goldman wrote:

> I can understand small "patches" to fix bugs, but not for new code.

You need to do it in smaller functional stages.

Ie the first step would be to create a new /dev/ node for the
'virtualized' tpm (vs the raw tpm we have now). We'd want to have some
idea exactly what that is and exactly what the UAPI looks like, and
make decsisions like, should there be one per tpm or one for all tpms?

Next step would be to parse commands and require that the commands are
'valid' and of the allowed subset.

Next step would be to parse commands deeper and do access control on
all the tpm objects. Ie a vtpm fd can only use key ids it created.

Next step would be auto-cleanup of created objects when the vtpm fd
closes, ie destroy key ids created on the fd

Next step would be hooking kernel access through the above

Next step would be allowing objects to be swapped in/out

Jason

------------------------------------------------------------------------------
_______________________________________________
tpmdd-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Reply via email to