On Sat, Dec 07, 2019 at 09:06:40PM -0800, James Bottomley wrote: > The big problem with this patch is still that we can't yet combine > policy with authorization because that requires proper session > handling, but at least with this rewrite it becomes possible (whereas > it was never possible with the old external policy session code). > Thus, when we have the TPM 2.0 security patch upstream, we'll be able > to use the session logic from that patch to imlement authorizations. This essentially means that this is an RFC, not something that can be merged at this point before whatever you mean by proper has been landed. /Jarkko
