On Fri, Dec 08, 2017 at 03:20:02PM -0500, Ken Goldman wrote: > On 11/26/2017 9:06 AM, Jarkko Sakkinen wrote: > > > > I think -EINVAL is better than synthetizing commands that are not really > > from the TPM. And we would break backwards compatability by doing this. > > > > As I said in an earlier response I would rather compare resource > > manager to virtual memory than virtual machine. > > Agreed that synthesizing a response is not trivial. (It's not that hard > either - a 6 byte hard coded header and a 4 byte big endian integer.) > > But what would be wrong with sending an unknown command to the TPM and > letting it handle the response? Breaks the sandbox. /Jarkko
