On Wed, Jan 25, 2017 at 10:21:37PM +0200, Jarkko Sakkinen wrote: > There should be anyway someway to limit what commands can be sent but > I understand your point.
What is the filter for? James and I talked about a filter to create a safer cdev for use by users. However tpms0 cannot be that 'safer' cdev - it is now the 'all access' path. I also suggested a filter in the kernel to ensure that the RM is only passing commands it actually knows it handles properly. eg you would filter out list handles. That is hardwired into the kernel, and does not ge to be configured by user space. > Would it make more sense to have a sysfs file for configuring the > global filter that would get the data in the same format (list of > 16-bit words)? Probably not, then there is no way to escape the filter in userspace, so some command just become impossible even for root. (And no, something like tpm should not test CAP_ flags, that is putting too much policy into the kernel) Jason