On Sat, Feb 25, 2017 at 12:04:49PM -0500, James Bottomley wrote:
> > device cgroup blocks access to the cdevs of tpm0 but not to the
> > sysfs files.
>
> What the device cgroup currently does for us and what it could do are
> two different things. It seems if it exported
> __devcgroup_check_per
On Mon, 2017-02-27 at 17:16 +0530, Nayna wrote:
>
> On 02/24/2017 06:23 PM, James Bottomley wrote:
> > On Fri, 2017-02-24 at 12:29 +0530, Nayna wrote:
> > >
> > > On 02/17/2017 12:55 AM, Jarkko Sakkinen wrote:
> > > > From: James Bottomley
> > > >
> > > > Currently the tpm spaces are not expose
On 02/24/2017 06:23 PM, James Bottomley wrote:
On Fri, 2017-02-24 at 12:29 +0530, Nayna wrote:
On 02/17/2017 12:55 AM, Jarkko Sakkinen wrote:
From: James Bottomley
Currently the tpm spaces are not exposed to userspace. Make this
exposure via a separate device, which can now be opened mult
On Fri, 2017-02-24 at 17:25 -0700, Jason Gunthorpe wrote:
> On Fri, Feb 24, 2017 at 06:43:27PM -0500, James Bottomley wrote:
>
> > > It just seems confusing to call something a namespace that isn't
> > > also a CLONE_NEW* option..
> >
> > Well, there's namespace behaviour and then there's how yo
On Fri, Feb 24, 2017 at 06:43:27PM -0500, James Bottomley wrote:
> > It just seems confusing to call something a namespace that isn't also
> > a CLONE_NEW* option..
>
> Well, there's namespace behaviour and then there's how you enter them.
> We have namespace behaviour with the /dev/tpms but th
On Fri, 2017-02-24 at 16:23 -0700, Jason Gunthorpe wrote:
> On Fri, Feb 24, 2017 at 06:01:00PM -0500, James Bottomley wrote:
>
> > Well, as a glib answer, I'd say the TPM is a device, so the thing
> > which restricts device access to containers is the device cgroup
> > ... that's what we should
On Fri, Feb 24, 2017 at 06:01:00PM -0500, James Bottomley wrote:
> Well, as a glib answer, I'd say the TPM is a device, so the thing which
> restricts device access to containers is the device cgroup ... that's
> what we should be plugging into. I'd have to look, but I suspect the
> device cgroup
On Fri, 2017-02-24 at 13:52 -0700, Jason Gunthorpe wrote:
> On Fri, Feb 24, 2017 at 03:29:15PM -0500, James Bottomley wrote:
> > On Fri, 2017-02-24 at 11:11 -0700, Jason Gunthorpe wrote:
> > > On Fri, Feb 24, 2017 at 07:39:22PM +0200, Jarkko Sakkinen wrote:
> > >
> > > > > I think therefore that t
On Fri, 2017-02-24 at 12:29 +0530, Nayna wrote:
>
> On 02/17/2017 12:55 AM, Jarkko Sakkinen wrote:
> > From: James Bottomley
> >
> > Currently the tpm spaces are not exposed to userspace. Make this
> > exposure via a separate device, which can now be opened multiple
> > times because each read
On 02/17/2017 12:55 AM, Jarkko Sakkinen wrote:
From: James Bottomley
Currently the tpm spaces are not exposed to userspace. Make this
exposure via a separate device, which can now be opened multiple times
because each read/write transaction goes separately via the space.
Concurrency is prot
10 matches
Mail list logo
