[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <c8e90ebc-a0f5-4861-933b-7b4978eda684@linux.vnet.ibm.com>
Date: Tue, 28 Feb 2017 12:22:36 -0500
From: Ken Goldman <kgold@...ux.vnet.ibm.com>
To: "Dr. Greg Wettstein" <greg@...ellic.com>
Cc: tpmdd-devel@...ts.sourceforge.net,
linux-security-module@...r.kernel.org,
open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 6/7] tpm: expose spaces via a device link /dev/tpms<n>
On 2/26/2017 1:30 PM, Dr. Greg Wettstein wrote:
>
> For example, Ken's tools which come in his TSS2 library, don't work
> properly with the 'spaces' device due to the virtualization lifetime.
> As an example, the getcapability call will 'lie' about the number of
> transient handles which are available through the device. Attempts to
> string multiple transaction sequences together will fail as well.
Two comments:
1 = The intent of the command line tools was for rapid prototyping
scripts against a SW TPM, and then as sample code for writing the
application.
2 - If you really want to script against a hardware TPM, it can be done.
Simply place a proxy between the TSS and the TPM device driver. The
proxy passes commands from the TCP socket to the TPM device driver. It
keeps the connection open so the resource manager doesn't flush between
transactions.
The proxy can be obtained from here. It's from TPM 1.2 days, but it
works for TPM 2.0 as well.
https://sourceforge.net/projects/ibmswtpm/files/?source=navbar
Powered by blists - more mailing lists