On Wed, Jan 11, 2017 at 07:39:53AM -0800, James Bottomley wrote: > RAW access means the ability to DoS the TPM simply by exhausting > handles. Therefore, I think most applications only get RM access.
Re-read what Jarkko is proposing. He is not making a complete safe & secure RM in the kernel. He is making a tool to allow userspace and the kernel to share the TPM sanely. It is not an access control tool, it is not a security tool, it is not intended to support safe unpriv userspace access. So there is no reason to have a different access control model in userspace, it is not a fundamentally different security environment from the existing raw device. A future project to provide an unpriv safe cdev from the kernel is something different. Jason
