On Thu, Oct 10, 2013 at 07:42:49AM +0000, Fuchs, Andreas wrote: > In any case, I like your idea to split trousers IPC to two distinct > unix sockets for localities. In this case, we could also split tcsd > into two processes along with it for accessing the distinct > char-devices and thereby make it more robust against bugs for > "locality-escalation".
You still have to somehow manage cross locality state between the two daemons.. > Also remember that many people have developed alternative stacks > that don't use trousers but operate directly on the char-device. > They would also benefit from char-device access control for localities. I am one of those people, we actually don't use any middleware at all. But to make that work I've had to carry the multi-open patch for years :| > Even with only a single trousers, I see no harm in two devices. For > backwards compatibility, the current /dev/tpm0 could be exported (with > highest level access control) along with tpm0l1, tpm0l2, ... and/or > trousers could open both char-devices if it wanted to. Well, we could start with a 'no way out IOCTL'. So trousers can open /dev/tpm twice and lock the two FDs to a specific locality then drop privileges and fork priv-sep style sub processes. The current kernel code is not ready for multiple char devices, it will need a device class first.. > The kernel may want to use localityAtRelease OS in order to protect sealed > data (trusted keyrings) such that user-space could not even unseal It seems reasonable to have TPM data that will only live in the kernel to be only releasable by the kernel.. Jason ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
