Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Suggest using /dev/tpmrm0 over /dev/tpm #655

Open
wiktor-k opened this issue Jan 11, 2023 · 0 comments
Open

Suggest using /dev/tpmrm0 over /dev/tpm #655

wiktor-k opened this issue Jan 11, 2023 · 0 comments
Assignees
@paulhowardarm

Comments

@wiktor-k
Copy link

Parsec by default is using /dev/tpm which provides a low-level access to the TPM. This is problematic for several reasons: /dev/tpm can be accessed only by one client at a time since it doesn't provide a resource manager.

It would be better if the documentation suggested using /dev/tpmrm0 over /dev/tpm. /dev/tpmrm0 can be accessed by multiple clients since it uses in kernel Resource Manager. /dev/tpmrm0 additionally is more accessible than /dev/tpm in most distros since /dev/tpmrm0 requires membership in the tss group while /dev/tpm is accessible only by root.

As @paulhowardarm noticed the default cannot be changed since it would be a breaking change.

Suggested change: in docs prefer /dev/tpmrm0 over /dev/tpm and note that the parsec user need to be added to the tss group.
@paulhowardarm paulhowardarm self-assigned this Jan 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@paulhowardarm paulhowardarm

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wiktor-k @paulhowardarm