On Thu, Oct 23, 2014 at 02:45:28PM -0700, Mike Pontillo wrote: > On 10/7/14, 10:58 AM, "Andy Lutomirski" <[email protected]> wrote: > > > >Trousers is a daemon, not a library, and it's really quite scary. > > > >Admittedly, my information may be a bit out of date, but trousers > >contains way too much code (it has layers in the server!), it has > >parsers and serializers of questionable safety (I found one critical > >bug *by accident* a couple years ago), it listens on a TCP socket > >(this should really be a UNIX socket under /run), it's heavy-weight, > >and it does far more than necessary (all it needs to do is context > >switching). > > > >Also, Trousers is quite unfriendly to non-Trousers-using programs > >(e.g. chapsd/trunks). > > > >If the kernel helped with context switching, then user programs that > >actually want Trousers' functionality could run their own copies. > > > >--Andy > > I noticed that Google's fork of TrouSerS (available here) already uses > UNIX sockets. [1] > > However, (according to our lawyer) we aren't able to use this code, > since it was forked before the license was changed to BSD. It's unclear, > also, if it's okay to merge them into the TrouSerS source, since Google > released the changes under the CPL already. > > Would it be possible for this code to be integrated into mainline > TrouSerS? From what I understand, the Google contributor agreement [2] > allows Google to relicense those changes, if desired. (presumably, with > the agreement of the TrouSerS contributors - but apparently it has already > been decided that a BSD license is okay; is this retroactive?)
In the long run you still want a broker to the kernel because there is no other way to resolve race between kernel and user space when the TPM is used. > Regards, > Mike /Jarkko ------------------------------------------------------------------------------ _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
