"Wilck, Martin" wrote on 12/18/2015 06:21:01 AM: > > On Do, 2015-12-17 at 10:23 -0500, Stefan Berger wrote: > > > > kernel space. Can you point out a particular part of the problem > > that > > > could be solved better or more easily in user space? > > > > User space would handle any number of client applications. It would > > handle > > the arbitration between applications from concurrent TPM usage while > > one > > application needs to access the TPM for a sequence of commands that > > requires > > access to session and key slots. This application can use the TPM > > directly > > with commands it passes through /dev/tpm0, so there's no need for a > > higher > > level API (provided by the TPM driver) for the usage of the TPM or the > > need > > to intercept commands where one application's usage of the TPM would > > interfere with another application's usage of TPM, such as one > > application > > swapping out the context of another applications keys/session and/or > > deleting > > another applications session and key handles. > > I had asked for things that user space could do *better* than the > kernel. Could you point that out more clearly? I don't think it can do things 'better' just keep it simpler in the kernel. Stefan