From: "Stefan Berger" <stefanb-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: Jarkko Sakkinen
<jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
Cc: dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org,
dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org
Subject: Re: [RFC PATCH 3/4] Implement driver for supporting multiple emulated TPMs
Date: Wed, 27 Jan 2016 07:17:17 -0500 [thread overview]
Message-ID: <201601271217.u0RCHRPe017929@d03av04.boulder.ibm.com> (raw)
In-Reply-To: <20160127023603.GA23863-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
[-- Attachment #1.1: Type: text/plain, Size: 1416 bytes --]
Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> wrote on 01/26/2016
09:36:03 PM:
>
> On Wed, Jan 20, 2016 at 09:39:09AM -0500, Stefan Berger wrote:
> > > Presumably some namespace magic can be used to make them show up as
> > > tpm0 in a container?
> >
> > The magic is to have the container management stack create the device
pair.
> > From the ioctl it learns the name of the devices that were created
> and it then
> > finds out about the major/minor number of the created device and
> have /dev/tpm0
> > with that major/minor created in the container's /dev directory.
>
> Is the device created before container launched? I would assume that
> this would work user space accesses through /dev/tpm0.
Yes, device would be created before container is launched.
>
> I don't know how this would work for kernel clients.
For IMA we have these additional ioctls to either 'reserve' a vTPM for a
container before clone() or to hook the vTPM up to a IMA namespace after
clone() -- you may have read the discussions about these in other emails.
As for trusted and encrypted keys and the TPM based RNG, the kernel
determines the current IMA namespace a process that wants to use the
kernel service is associated with. It then uses the TPM associated with
the IMA namespace or returns an error if there is none.
Stefan
>
> /Jarkko
>
[-- Attachment #1.2: Type: text/html, Size: 1771 bytes --]
[-- Attachment #2: Type: text/plain, Size: 413 bytes --]
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
[-- Attachment #3: Type: text/plain, Size: 192 bytes --]
_______________________________________________
tpmdd-devel mailing list
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
next prev parent reply other threads:[~2016-01-27 12:17 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-14 16:01 [RFC PATCH 0/4] Multi-instance vTPM driver Stefan Berger
[not found] ` <1452787318-29610-1-git-send-email-stefanb-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2016-01-14 16:01 ` [RFC PATCH 1/4] New flags for TPM chip avoiding filesystem registrations Stefan Berger
[not found] ` <1452787318-29610-2-git-send-email-stefanb-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2016-01-21 8:07 ` Jarkko Sakkinen
2016-01-14 16:01 ` [RFC PATCH 2/4] Allow to provide a name pattern of the device Stefan Berger
2016-01-14 16:01 ` [RFC PATCH 3/4] Implement driver for supporting multiple emulated TPMs Stefan Berger
[not found] ` <1452787318-29610-4-git-send-email-stefanb-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2016-01-19 23:51 ` Jason Gunthorpe
[not found] ` <20160119235107.GA4307-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-20 14:39 ` Stefan Berger
[not found] ` <201601201439.u0KEdGB9031710-YREtIfBy6dDImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-27 2:36 ` Jarkko Sakkinen
[not found] ` <20160127023603.GA23863-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 12:17 ` Stefan Berger [this message]
[not found] ` <201601271217.u0RCHQIX004914@d03av02.boulder.ibm.com>
[not found] ` <201601271217.u0RCHQIX004914-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 14:22 ` Jarkko Sakkinen
[not found] ` <20160127142239.GA3756-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 18:24 ` Jason Gunthorpe
[not found] ` <20160127182448.GA31680-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-27 21:13 ` Jarkko Sakkinen
2016-01-27 22:38 ` Stefan Berger
[not found] ` <201601271217.u0RCHQkf003637@d03av03.boulder.ibm.com>
[not found] ` <201601271217.u0RCHQkf003637-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 17:35 ` Jason Gunthorpe
[not found] ` <201601201439.u0KEdFao027907@d03av05.boulder.ibm.com>
[not found] ` <201601201439.u0KEdFao027907-3MP/CPU4Muo+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 1:17 ` Jason Gunthorpe
[not found] ` <20160121011701.GA20361-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-21 3:01 ` Stefan Berger
[not found] ` <201601210301.u0L31hLD018933-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 2:50 ` Jarkko Sakkinen
[not found] ` <20160127025057.GB23863-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 12:20 ` Stefan Berger
[not found] ` <201601271220.u0RCKpEG016626@d03av02.boulder.ibm.com>
[not found] ` <201601271220.u0RCKpEG016626-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 14:23 ` Jarkko Sakkinen
[not found] ` <201601210301.u0L31h5r012187@d03av03.boulder.ibm.com>
[not found] ` <201601210301.u0L31h5r012187-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 3:21 ` Jason Gunthorpe
[not found] ` <20160121032115.GA26266-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-21 3:56 ` Stefan Berger
[not found] ` <201601210356.u0L3uP1n029818@d03av05.boulder.ibm.com>
[not found] ` <201601210356.u0L3uP1n029818-3MP/CPU4Muo+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 17:42 ` Jason Gunthorpe
[not found] ` <20160121174243.GD3064-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-21 19:02 ` Stefan Berger
[not found] ` <201601211902.u0LJ2LbL001130@d03av01.boulder.ibm.com>
[not found] ` <201601211902.u0LJ2LbL001130-Rn83F4s8Lwc+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 19:30 ` Jason Gunthorpe
[not found] ` <20160121193049.GA31938-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-21 21:51 ` Stefan Berger
[not found] ` <201601212151.u0LLpC93021986@d03av03.boulder.ibm.com>
[not found] ` <201601212151.u0LLpC93021986-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 22:10 ` Jason Gunthorpe
[not found] ` <20160121221040.GA1630-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-22 12:01 ` Jarkko Sakkinen
2016-01-22 15:09 ` Stefan Berger
[not found] ` <56A2461C.7030607-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-01-25 18:10 ` Jason Gunthorpe
[not found] ` <20160125181046.GB28108-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-26 1:05 ` Stefan Berger
2016-01-26 1:46 ` Jarkko Sakkinen
[not found] ` <20160126014652.GB10732-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-26 3:19 ` Jason Gunthorpe
[not found] ` <20160126031919.GA24217-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-26 13:56 ` Jarkko Sakkinen
[not found] ` <20160126135658.GA6813-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-26 17:58 ` Jason Gunthorpe
[not found] ` <20160126175816.GA17937-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-27 2:06 ` Jarkko Sakkinen
[not found] ` <20160127020617.GB22703-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 19:48 ` Jarkko Sakkinen
[not found] ` <201601260105.u0Q15IWW028777@d03av04.boulder.ibm.com>
[not found] ` <201601260105.u0Q15IWW028777-2xHzGjyANq4+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-26 3:46 ` Jason Gunthorpe
[not found] ` <20160126034632.GB24217-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-26 14:21 ` Stefan Berger
2016-02-02 19:22 ` Stefan Berger
[not found] ` <201601261421.u0QELnI3002626@d01av02.pok.ibm.com>
[not found] ` <201601261421.u0QELnI3002626-prK0F/7GlgzImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-26 18:22 ` Jason Gunthorpe
[not found] ` <20160126182248.GB17937-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-26 23:22 ` Stefan Berger
[not found] ` <201601262322.u0QNMo1r022303@d03av03.boulder.ibm.com>
[not found] ` <201601262322.u0QNMo1r022303-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 18:21 ` Jason Gunthorpe
2016-01-27 3:13 ` Jarkko Sakkinen
[not found] ` <20160127031320.GC23863-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 12:42 ` Stefan Berger
[not found] ` <201601271242.u0RCgM0E031875@d03av05.boulder.ibm.com>
[not found] ` <201601271242.u0RCgM0E031875-3MP/CPU4Muo+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 17:58 ` Jason Gunthorpe
[not found] ` <20160127175839.GA31038-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-27 21:58 ` Stefan Berger
[not found] ` <201601272158.u0RLwvIK005533@d01av01.pok.ibm.com>
[not found] ` <201601272158.u0RLwvIK005533-4ZtxiNBBw+3ImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-27 22:25 ` Jason Gunthorpe
[not found] ` <20160127222534.GB5520-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-27 22:55 ` Stefan Berger
[not found] ` <201601272255.u0RMtuqY014120@d03av02.boulder.ibm.com>
[not found] ` <201601272255.u0RMtuqY014120-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 23:33 ` Jason Gunthorpe
2016-01-14 16:01 ` [RFC PATCH 4/4] A test program for vTPM device creation Stefan Berger
2016-01-15 10:11 ` [RFC PATCH 0/4] Multi-instance vTPM driver Jarkko Sakkinen
[not found] ` <20160115101146.GA11987-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-15 13:02 ` Stefan Berger
[not found] ` <201601151302.u0FD2wGG003518@d03av03.boulder.ibm.com>
[not found] ` <201601151302.u0FD2wGG003518-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-25 23:15 ` Jarkko Sakkinen
[not found] ` <20160125231532.GA10732-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-26 0:28 ` Stefan Berger
2016-01-26 0:29 ` Jarkko Sakkinen
[not found] ` <201601260029.u0Q0T7Ek004865@d03av04.boulder.ibm.com>
[not found] ` <201601260029.u0Q0T7Ek004865-2xHzGjyANq4+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-26 1:48 ` Jarkko Sakkinen
2016-01-19 17:44 ` Jason Gunthorpe
[not found] ` <20160119174400.GA7616-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-19 17:53 ` Stefan Berger
2016-01-19 22:59 ` Jarkko Sakkinen
[not found] ` <201601191753.u0JHrku2031608@d01av01.pok.ibm.com>
[not found] ` <201601191753.u0JHrku2031608-4ZtxiNBBw+3ImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-19 18:08 ` Jason Gunthorpe
[not found] ` <20160119180802.GA8038-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-19 18:18 ` Stefan Berger
2016-01-19 22:14 ` Mimi Zohar
[not found] ` <1453241668.2673.31.camel-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-01-19 22:48 ` Jason Gunthorpe
[not found] ` <20160119224851.GA31745-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-19 23:05 ` Stefan Berger
[not found] ` <201601191818.u0JIIExQ010843@d03av04.boulder.ibm.com>
[not found] ` <201601191818.u0JIIExQ010843-2xHzGjyANq4+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-19 23:04 ` Jason Gunthorpe
[not found] ` <20160119230456.GB31745-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-19 23:15 ` Stefan Berger
[not found] ` <201601192315.u0JNFFG6030371-Rn83F4s8Lwc+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-20 15:40 ` Ken Goldman
[not found] ` <201601192315.u0JNFGkm029862@d01av04.pok.ibm.com>
[not found] ` <201601192315.u0JNFGkm029862-YREtIfBy6dDImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-19 23:42 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201601271217.u0RCHRPe017929@d03av04.boulder.ibm.com \
--to=stefanb-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org \
--cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.