€•Æn      Œsphinx.addnodes”Œdocument”“”)”}”(Œ	rawsource”Œ ”Œchildren”]”(Œtranslations”ŒLanguagesNode”“”)”}”(hhh]”(h Œpending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒChinese (Simplified)”…””}”Œparent”hsbaŒ
attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ	refdomain”Œstd”Œreftype”Œdoc”Œ	reftarget”Œ//translations/zh_CN/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuŒtagname”hhhubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/zh_TW/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/it_IT/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/ja_JP/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/ko_KR/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒPortuguese (Brazilian)”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/pt_BR/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒSpanish”…””}”hh–sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/sp_SP/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒEnglish”uh1h
hhŒ	_document”hŒsource”NŒline”NubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒ-Virtual TPM Proxy Driver for Linux Containers”h]”hŒ-Virtual TPM Proxy Driver for Linux Containers”…””}”(hh¼h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhh·h²hh³ŒI/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy.rst”h´KubhŒ
line_block”“”)”}”(hhh]”(hh´“”)”}”(hŒAuthors:”h]”hŒAuthors:”…””}”(hhÑh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h´Œindent”K hhÍh²hh³hÊh´KubhÐ)”}”(hŒ*Stefan Berger <stefanb@linux.vnet.ibm.com>”h]”(hŒStefan Berger <”…””}”(hhàh²hh³Nh´NubhŒ	reference”“”)”}”(hŒstefanb@linux.vnet.ibm.com”h]”hŒstefanb@linux.vnet.ibm.com”…””}”(hhêh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”Œ!mailto:stefanb@linux.vnet.ibm.com”uh1hèhhàubhŒ>”…””}”(hhàh²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1h´hßK hhÍh²hh³hÊh´Kubeh}”(h]”h ]”h"]”h$]”h&]”uh1hËhh·h²hh³hÊh´KubhŒ	paragraph”“”)”}”(hŒlThis document describes the virtual Trusted Platform Module (vTPM)
proxy device driver for Linux containers.”h]”hŒlThis document describes the virtual Trusted Platform Module (vTPM)
proxy device driver for Linux containers.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³hÊh´Khh·h²hubh¶)”}”(hhh]”(h»)”}”(hŒIntroduction”h]”hŒIntroduction”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhj  h²hh³hÊh´Kubj  )”}”(hX  The goal of this work is to provide TPM functionality to each Linux
container. This allows programs to interact with a TPM in a container
the same way they interact with a TPM on the physical system. Each
container gets its own unique, emulated, software TPM.”h]”hX  The goal of this work is to provide TPM functionality to each Linux
container. This allows programs to interact with a TPM in a container
the same way they interact with a TPM on the physical system. Each
container gets its own unique, emulated, software TPM.”…””}”(hj+  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³hÊh´Khj  h²hubeh}”(h]”Œintroduction”ah ]”h"]”Œintroduction”ah$]”h&]”uh1hµhh·h²hh³hÊh´Kubh¶)”}”(hhh]”(h»)”}”(hŒDesign”h]”hŒDesign”…””}”(hjD  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhjA  h²hh³hÊh´Kubj  )”}”(hXU  To make an emulated software TPM available to each container, the container
management stack needs to create a device pair consisting of a client TPM
character device ``/dev/tpmX`` (with X=0,1,2...) and a 'server side' file
descriptor. The former is moved into the container by creating a character
device with the appropriate major and minor numbers while the file descriptor
is passed to the TPM emulator. Software inside the container can then send
TPM commands using the character device and the emulator will receive the
commands via the file descriptor and use it for sending back responses.”h]”(hŒ§To make an emulated software TPM available to each container, the container
management stack needs to create a device pair consisting of a client TPM
character device ”…””}”(hjR  h²hh³Nh´NubhŒliteral”“”)”}”(hŒ``/dev/tpmX``”h]”hŒ	/dev/tpmX”…””}”(hj\  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hjR  ubhX¥   (with X=0,1,2...) and a â€˜server sideâ€™ file
descriptor. The former is moved into the container by creating a character
device with the appropriate major and minor numbers while the file descriptor
is passed to the TPM emulator. Software inside the container can then send
TPM commands using the character device and the emulator will receive the
commands via the file descriptor and use it for sending back responses.”…””}”(hjR  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³hÊh´KhjA  h²hubj  )”}”(hXU  To support this, the virtual TPM proxy driver provides a device ``/dev/vtpmx``
that is used to create device pairs using an ioctl. The ioctl takes as
an input flags for configuring the device. The flags  for example indicate
whether TPM 1.2 or TPM 2 functionality is supported by the TPM emulator.
The result of the ioctl are the file descriptor for the 'server side'
as well as the major and minor numbers of the character device that was created.
Besides that the number of the TPM character device is returned. If for
example ``/dev/tpm10`` was created, the number (``dev_num``) 10 is returned.”h]”(hŒ@To support this, the virtual TPM proxy driver provides a device ”…””}”(hjt  h²hh³Nh´Nubj[  )”}”(hŒ``/dev/vtpmx``”h]”hŒ
/dev/vtpmx”…””}”(hj|  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hjt  ubhXÇ  
that is used to create device pairs using an ioctl. The ioctl takes as
an input flags for configuring the device. The flags  for example indicate
whether TPM 1.2 or TPM 2 functionality is supported by the TPM emulator.
The result of the ioctl are the file descriptor for the â€˜server sideâ€™
as well as the major and minor numbers of the character device that was created.
Besides that the number of the TPM character device is returned. If for
example ”…””}”(hjt  h²hh³Nh´Nubj[  )”}”(hŒ``/dev/tpm10``”h]”hŒ
/dev/tpm10”…””}”(hjŽ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hjt  ubhŒ was created, the number (”…””}”(hjt  h²hh³Nh´Nubj[  )”}”(hŒ``dev_num``”h]”hŒdev_num”…””}”(hj   h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hjt  ubhŒ) 10 is returned.”…””}”(hjt  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³hÊh´KhjA  h²hubj  )”}”(hŒßOnce the device has been created, the driver will immediately try to talk
to the TPM. All commands from the driver can be read from the file descriptor
returned by the ioctl. The commands should be responded to immediately.”h]”hŒßOnce the device has been created, the driver will immediately try to talk
to the TPM. All commands from the driver can be read from the file descriptor
returned by the ioctl. The commands should be responded to immediately.”…””}”(hj¸  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³hÊh´K(hjA  h²hubeh}”(h]”Œdesign”ah ]”h"]”Œdesign”ah$]”h&]”uh1hµhh·h²hh³hÊh´Kubh¶)”}”(hhh]”(h»)”}”(hŒUAPI”h]”hŒUAPI”…””}”(hjÑ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhjÎ  h²hh³hÊh´K-ubh Œindex”“”)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(Œsingle”Œvtpm_proxy_flags (C enum)”Œc.vtpm_proxy_flags”hNt”auh1jß  hjÎ  h²hh³Nh´Nubh Œdesc”“”)”}”(hhh]”(h Œdesc_signature”“”)”}”(hŒvtpm_proxy_flags”h]”h Œdesc_signature_line”“”)”}”(hŒenum vtpm_proxy_flags”h]”(h Œdesc_sig_keyword”“”)”}”(hŒenum”h]”hŒenum”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”Œk”ah"]”h$]”h&]”uh1j  hjý  h²hh³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´Kubh Œdesc_sig_space”“”)”}”(hŒ ”h]”hŒ ”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”Œw”ah"]”h$]”h&]”uh1j  hjý  h²hh³j  h´Kubh Œ	desc_name”“”)”}”(hŒvtpm_proxy_flags”h]”h Œdesc_sig_name”“”)”}”(hjù  h]”hŒvtpm_proxy_flags”…””}”(hj,  h²hh³Nh´Nubah}”(h]”h ]”Œn”ah"]”h$]”h&]”uh1j*  hj&  ubah}”(h]”h ]”(Œsig-name”Œdescname”eh"]”h$]”h&]”Œ	xml:space”Œpreserve”uh1j$  hjý  h²hh³j  h´Kubeh}”(h]”h ]”h"]”h$]”h&]”jB  jC  Œadd_permalink”ˆuh1jû  Œsphinx_line_type”Œ
declarator”hj÷  h²hh³j  h´Kubah}”(h]”jî  ah ]”(Œsig”Œ
sig-object”eh"]”h$]”h&]”Œis_multiline”ˆŒ
_toc_parts”)Œ	_toc_name”huh1jõ  h³j  h´Khjò  h²hubh Œdesc_content”“”)”}”(hhh]”j  )”}”(hŒflags for the proxy TPM”h]”hŒflags for the proxy TPM”…””}”(hj]  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´KhjZ  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jX  hjò  h²hh³j  h´Kubeh}”(h]”h ]”(Œc”Œenum”eh"]”h$]”h&]”Œdomain”ju  Œobjtype”jv  Œdesctype”jv  Œnoindex”‰Œnoindexentry”‰Œnocontentsentry”‰uh1jð  h²hhjÎ  h³Nh´NubhŒ	container”“”)”}”(hŒM**Constants**

``VTPM_PROXY_FLAG_TPM2``
  the proxy TPM uses TPM 2.0 protocol”h]”(j  )”}”(hŒ**Constants**”h]”hŒstrong”“”)”}”(hjˆ  h]”hŒ	Constants”…””}”(hjŒ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jŠ  hj†  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´Khj‚  ubhŒdefinition_list”“”)”}”(hhh]”hŒdefinition_list_item”“”)”}”(hŒ<``VTPM_PROXY_FLAG_TPM2``
the proxy TPM uses TPM 2.0 protocol”h]”(hŒterm”“”)”}”(hŒ``VTPM_PROXY_FLAG_TPM2``”h]”j[  )”}”(hj¯  h]”hŒVTPM_PROXY_FLAG_TPM2”…””}”(hj±  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hj­  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j«  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´Khj§  ubhŒ
definition”“”)”}”(hhh]”j  )”}”(hŒ#the proxy TPM uses TPM 2.0 protocol”h]”hŒ#the proxy TPM uses TPM 2.0 protocol”…””}”(hjÊ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´KhjÇ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÅ  hj§  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j¥  h³jÄ  h´Khj¢  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j   hj‚  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j€  hjÎ  h²hh³Nh´Nubjà  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(jì  Œvtpm_proxy_new_dev (C struct)”Œc.vtpm_proxy_new_dev”hNt”auh1jß  hjÎ  h²hh³Nh´Nubjñ  )”}”(hhh]”(jö  )”}”(hŒvtpm_proxy_new_dev”h]”jü  )”}”(hŒstruct vtpm_proxy_new_dev”h]”(j  )”}”(hŒstruct”h]”hŒstruct”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1j  hj  h²hh³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K$ubj  )”}”(hŒ ”h]”hŒ ”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”j   ah"]”h$]”h&]”uh1j  hj  h²hh³j  h´K$ubj%  )”}”(hŒvtpm_proxy_new_dev”h]”j+  )”}”(hj  h]”hŒvtpm_proxy_new_dev”…””}”(hj,  h²hh³Nh´Nubah}”(h]”h ]”j6  ah"]”h$]”h&]”uh1j*  hj(  ubah}”(h]”h ]”(j=  j>  eh"]”h$]”h&]”jB  jC  uh1j$  hj  h²hh³j  h´K$ubeh}”(h]”h ]”h"]”h$]”h&]”jB  jC  jJ  ˆuh1jû  jK  jL  hj  h²hh³j  h´K$ubah}”(h]”jþ  ah ]”(jP  jQ  eh"]”h$]”h&]”jU  ˆjV  )jW  huh1jõ  h³j  h´K$hj   h²hubjY  )”}”(hhh]”j  )”}”(hŒ<parameter structure for the ``VTPM_PROXY_IOC_NEW_DEV`` ioctl”h]”(hŒparameter structure for the ”…””}”(hjN  h²hh³Nh´Nubj[  )”}”(hŒ``VTPM_PROXY_IOC_NEW_DEV``”h]”hŒVTPM_PROXY_IOC_NEW_DEV”…””}”(hjV  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hjN  ubhŒ ioctl”…””}”(hjN  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K hjK  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jX  hj   h²hh³j  h´K$ubeh}”(h]”h ]”(ju  Œstruct”eh"]”h$]”h&]”jz  ju  j{  jx  j|  jx  j}  ‰j~  ‰j  ‰uh1jð  h²hhjÎ  h³Nh´Nubj  )”}”(hX  **Definition**::

  struct vtpm_proxy_new_dev {
      __u32 flags;
      __u32 tpm_num;
      __u32 fd;
      __u32 major;
      __u32 minor;
  };

**Members**

``flags``
  flags for the proxy TPM

``tpm_num``
  index of the TPM device

``fd``
  the file descriptor used by the proxy TPM

``major``
  the major number of the TPM device

``minor``
  the minor number of the TPM device”h]”(j  )”}”(hŒ**Definition**::”h]”(j‹  )”}”(hŒ**Definition**”h]”hŒ
Definition”…””}”(hj„  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jŠ  hj€  ubhŒ:”…””}”(hj€  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K$hj|  ubhŒliteral_block”“”)”}”(hŒrstruct vtpm_proxy_new_dev {
    __u32 flags;
    __u32 tpm_num;
    __u32 fd;
    __u32 major;
    __u32 minor;
};”h]”hŒrstruct vtpm_proxy_new_dev {
    __u32 flags;
    __u32 tpm_num;
    __u32 fd;
    __u32 major;
    __u32 minor;
};”…””}”hjŸ  sbah}”(h]”h ]”h"]”h$]”h&]”jB  jC  uh1j  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K&hj|  ubj  )”}”(hŒ**Members**”h]”j‹  )”}”(hj°  h]”hŒMembers”…””}”(hj²  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jŠ  hj®  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K.hj|  ubj¡  )”}”(hhh]”(j¦  )”}”(hŒ"``flags``
flags for the proxy TPM
”h]”(j¬  )”}”(hŒ	``flags``”h]”j[  )”}”(hjÏ  h]”hŒflags”…””}”(hjÑ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hjÍ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j«  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K#hjÉ  ubjÆ  )”}”(hhh]”j  )”}”(hŒflags for the proxy TPM”h]”hŒflags for the proxy TPM”…””}”(hjè  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³jä  h´K#hjå  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÅ  hjÉ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j¥  h³jä  h´K#hjÆ  ubj¦  )”}”(hŒ$``tpm_num``
index of the TPM device
”h]”(j¬  )”}”(hŒ``tpm_num``”h]”j[  )”}”(hj  h]”hŒtpm_num”…””}”(hj
  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j«  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K$hj  ubjÆ  )”}”(hhh]”j  )”}”(hŒindex of the TPM device”h]”hŒindex of the TPM device”…””}”(hj!  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³j  h´K$hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÅ  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j¥  h³j  h´K$hjÆ  ubj¦  )”}”(hŒ1``fd``
the file descriptor used by the proxy TPM
”h]”(j¬  )”}”(hŒ``fd``”h]”j[  )”}”(hjA  h]”hŒfd”…””}”(hjC  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hj?  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j«  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K%hj;  ubjÆ  )”}”(hhh]”j  )”}”(hŒ)the file descriptor used by the proxy TPM”h]”hŒ)the file descriptor used by the proxy TPM”…””}”(hjZ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³jV  h´K%hjW  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÅ  hj;  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j¥  h³jV  h´K%hjÆ  ubj¦  )”}”(hŒ-``major``
the major number of the TPM device
”h]”(j¬  )”}”(hŒ	``major``”h]”j[  )”}”(hjz  h]”hŒmajor”…””}”(hj|  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hjx  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j«  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K&hjt  ubjÆ  )”}”(hhh]”j  )”}”(hŒ"the major number of the TPM device”h]”hŒ"the major number of the TPM device”…””}”(hj“  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³j  h´K&hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÅ  hjt  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j¥  h³j  h´K&hjÆ  ubj¦  )”}”(hŒ,``minor``
the minor number of the TPM device”h]”(j¬  )”}”(hŒ	``minor``”h]”j[  )”}”(hj³  h]”hŒminor”…””}”(hjµ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hj±  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j«  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K&hj­  ubjÆ  )”}”(hhh]”j  )”}”(hŒ"the minor number of the TPM device”h]”hŒ"the minor number of the TPM device”…””}”(hjÌ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h´K'hjÉ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÅ  hj­  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j¥  h³jÈ  h´K&hjÆ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j   hj|  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j€  hjÎ  h²hh³Nh´Nubjà  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(jì  Œvtpmx_ioc_new_dev (C function)”Œc.vtpmx_ioc_new_dev”hNt”auh1jß  hjÎ  h²hh³Nh´Nubjñ  )”}”(hhh]”(jö  )”}”(hŒQlong vtpmx_ioc_new_dev (struct file *file, unsigned int ioctl, unsigned long arg)”h]”jü  )”}”(hŒPlong vtpmx_ioc_new_dev(struct file *file, unsigned int ioctl, unsigned long arg)”h]”(h Œdesc_sig_keyword_type”“”)”}”(hŒlong”h]”hŒlong”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”Œkt”ah"]”h$]”h&]”uh1j  hj	  h²hh³Œm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h´Mfubj  )”}”(hŒ ”h]”hŒ ”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”j   ah"]”h$]”h&]”uh1j  hj	  h²hh³j  h´Mfubj%  )”}”(hŒvtpmx_ioc_new_dev”h]”j+  )”}”(hŒvtpmx_ioc_new_dev”h]”hŒvtpmx_ioc_new_dev”…””}”(hj1  h²hh³Nh´Nubah}”(h]”h ]”j6  ah"]”h$]”h&]”uh1j*  hj-  ubah}”(h]”h ]”(j=  j>  eh"]”h$]”h&]”jB  jC  uh1j$  hj	  h²hh³j  h´Mfubh Œdesc_parameterlist”“”)”}”(hŒ:(struct file *file, unsigned int ioctl, unsigned long arg)”h]”(h Œdesc_parameter”“”)”}”(hŒstruct file *file”h]”(j  )”}”(hj  h]”hŒstruct”…””}”(hjQ  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1j  hjM  ubj  )”}”(hŒ ”h]”hŒ ”…””}”(hj^  h²hh³Nh´Nubah}”(h]”h ]”j   ah"]”h$]”h&]”uh1j  hjM  ubh)”}”(hhh]”j+  )”}”(hŒfile”h]”hŒfile”…””}”(hjo  h²hh³Nh´Nubah}”(h]”h ]”j6  ah"]”h$]”h&]”uh1j*  hjl  ubah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”ju  Œreftype”Œ
identifier”Œ	reftarget”jq  Œmodname”NŒ	classname”NŒc:parent_key”Œsphinx.domains.c”Œ	LookupKey”“”)”}”Œdata”]”jŠ  ŒASTIdentifier”“”)”}”j…  j3  sbŒc.vtpmx_ioc_new_dev”†”asbuh1hhjM  ubj  )”}”(hŒ ”h]”hŒ ”…””}”(hj—  h²hh³Nh´Nubah}”(h]”h ]”j   ah"]”h$]”h&]”uh1j  hjM  ubh Œdesc_sig_punctuation”“”)”}”(hŒ*”h]”hŒ*”…””}”(hj§  h²hh³Nh´Nubah}”(h]”h ]”Œp”ah"]”h$]”h&]”uh1j¥  hjM  ubj+  )”}”(hŒfile”h]”hŒfile”…””}”(hj¶  h²hh³Nh´Nubah}”(h]”h ]”j6  ah"]”h$]”h&]”uh1j*  hjM  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆjB  jC  uh1jK  hjG  ubjL  )”}”(hŒunsigned int ioctl”h]”(j  )”}”(hŒunsigned”h]”hŒunsigned”…””}”(hjÏ  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1j  hjË  ubj  )”}”(hŒ ”h]”hŒ ”…””}”(hjÝ  h²hh³Nh´Nubah}”(h]”h ]”j   ah"]”h$]”h&]”uh1j  hjË  ubj  )”}”(hŒint”h]”hŒint”…””}”(hjë  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1j  hjË  ubj  )”}”(hŒ ”h]”hŒ ”…””}”(hjù  h²hh³Nh´Nubah}”(h]”h ]”j   ah"]”h$]”h&]”uh1j  hjË  ubj+  )”}”(hŒioctl”h]”hŒioctl”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”j6  ah"]”h$]”h&]”uh1j*  hjË  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆjB  jC  uh1jK  hjG  ubjL  )”}”(hŒunsigned long arg”h]”(j  )”}”(hŒunsigned”h]”hŒunsigned”…””}”(hj   h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1j  hj  ubj  )”}”(hŒ ”h]”hŒ ”…””}”(hj.  h²hh³Nh´Nubah}”(h]”h ]”j   ah"]”h$]”h&]”uh1j  hj  ubj  )”}”(hŒlong”h]”hŒlong”…””}”(hj<  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1j  hj  ubj  )”}”(hŒ ”h]”hŒ ”…””}”(hjJ  h²hh³Nh´Nubah}”(h]”h ]”j   ah"]”h$]”h&]”uh1j  hj  ubj+  )”}”(hŒarg”h]”hŒarg”…””}”(hjX  h²hh³Nh´Nubah}”(h]”h ]”j6  ah"]”h$]”h&]”uh1j*  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆjB  jC  uh1jK  hjG  ubeh}”(h]”h ]”h"]”h$]”h&]”jB  jC  uh1jE  hj	  h²hh³j  h´Mfubeh}”(h]”h ]”h"]”h$]”h&]”jB  jC  jJ  ˆuh1jû  jK  jL  hj  h²hh³j  h´Mfubah}”(h]”j   ah ]”(jP  jQ  eh"]”h$]”h&]”jU  ˆjV  )jW  huh1jõ  h³j  h´Mfhj  h²hubjY  )”}”(hhh]”j  )”}”(hŒ0handler for the ``VTPM_PROXY_IOC_NEW_DEV`` ioctl”h]”(hŒhandler for the ”…””}”(hj‚  h²hh³Nh´Nubj[  )”}”(hŒ``VTPM_PROXY_IOC_NEW_DEV``”h]”hŒVTPM_PROXY_IOC_NEW_DEV”…””}”(hjŠ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hj‚  ubhŒ ioctl”…””}”(hj‚  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h´Mfhj  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jX  hj  h²hh³j  h´Mfubeh}”(h]”h ]”(ju  Œfunction”eh"]”h$]”h&]”jz  ju  j{  j¬  j|  j¬  j}  ‰j~  ‰j  ‰uh1jð  h²hhjÎ  h³Nh´Nubj  )”}”(hX  **Parameters**

``struct file *file``
  /dev/vtpmx

``unsigned int ioctl``
  the ioctl number

``unsigned long arg``
  pointer to the struct vtpmx_proxy_new_dev

**Description**

Creates an anonymous file that is used by the process acting as a TPM to
communicate with the client processes. The function will also add a new TPM
device through which data is proxied to this TPM acting process. The caller
will be provided with a file descriptor to communicate with the clients and
major and minor numbers for the TPM device.”h]”(j  )”}”(hŒ**Parameters**”h]”j‹  )”}”(hj¶  h]”hŒ
Parameters”…””}”(hj¸  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jŠ  hj´  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h´Mjhj°  ubj¡  )”}”(hhh]”(j¦  )”}”(hŒ!``struct file *file``
/dev/vtpmx
”h]”(j¬  )”}”(hŒ``struct file *file``”h]”j[  )”}”(hjÕ  h]”hŒstruct file *file”…””}”(hj×  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hjÓ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j«  h³Œm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h´MghjÏ  ubjÆ  )”}”(hhh]”j  )”}”(hŒ
/dev/vtpmx”h]”hŒ
/dev/vtpmx”…””}”(hjî  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³jê  h´Mghjë  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÅ  hjÏ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j¥  h³jê  h´MghjÌ  ubj¦  )”}”(hŒ(``unsigned int ioctl``
the ioctl number
”h]”(j¬  )”}”(hŒ``unsigned int ioctl``”h]”j[  )”}”(hj  h]”hŒunsigned int ioctl”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j«  h³Œm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h´Mhhj  ubjÆ  )”}”(hhh]”j  )”}”(hŒthe ioctl number”h]”hŒthe ioctl number”…””}”(hj'  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³j#  h´Mhhj$  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÅ  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j¥  h³j#  h´MhhjÌ  ubj¦  )”}”(hŒ@``unsigned long arg``
pointer to the struct vtpmx_proxy_new_dev
”h]”(j¬  )”}”(hŒ``unsigned long arg``”h]”j[  )”}”(hjG  h]”hŒunsigned long arg”…””}”(hjI  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jZ  hjE  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j«  h³Œm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h´MihjA  ubjÆ  )”}”(hhh]”j  )”}”(hŒ)pointer to the struct vtpmx_proxy_new_dev”h]”hŒ)pointer to the struct vtpmx_proxy_new_dev”…””}”(hj`  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³j\  h´Mihj]  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÅ  hjA  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j¥  h³j\  h´MihjÌ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j   hj°  ubj  )”}”(hŒ**Description**”h]”j‹  )”}”(hj‚  h]”hŒDescription”…””}”(hj„  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jŠ  hj€  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h´Mkhj°  ubj  )”}”(hXX  Creates an anonymous file that is used by the process acting as a TPM to
communicate with the client processes. The function will also add a new TPM
device through which data is proxied to this TPM acting process. The caller
will be provided with a file descriptor to communicate with the clients and
major and minor numbers for the TPM device.”h]”hXX  Creates an anonymous file that is used by the process acting as a TPM to
communicate with the client processes. The function will also add a new TPM
device through which data is proxied to this TPM acting process. The caller
will be provided with a file descriptor to communicate with the clients and
major and minor numbers for the TPM device.”…””}”(hj˜  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j
  h³Œm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h´Mjhj°  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j€  hjÎ  h²hh³Nh´Nubeh}”(h]”Œuapi”ah ]”h"]”Œuapi”ah$]”h&]”uh1hµhh·h²hh³hÊh´K-ubeh}”(h]”Œ-virtual-tpm-proxy-driver-for-linux-containers”ah ]”h"]”Œ-virtual tpm proxy driver for linux containers”ah$]”h&]”uh1hµhhh²hh³hÊh´Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”hÊuh1hŒcurrent_source”NŒcurrent_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(hºNŒ	generator”NŒ	datestamp”NŒsource_link”NŒ
source_url”NŒtoc_backlinks”Œentry”Œfootnote_backlinks”KŒsectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒstrip_classes”NŒreport_level”KŒ
halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ	traceback”ˆŒinput_encoding”Œ	utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”já  Œerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œlanguage_code”Œen”Œrecord_dependencies”NŒconfig”NŒ	id_prefix”hŒauto_id_prefix”Œid”Œdump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”hÊŒ_destination”NŒ_config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒraw_enabled”KŒline_length_limit”M'Œpep_references”NŒpep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒrfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ	tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œsmart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œdocinfo_xform”KŒsectsubtitle_xform”‰Œimage_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”Œrefids”}”Œnameids”}”(j»  j¸  j>  j;  jË  jÈ  j³  j°  uŒ	nametypes”}”(j»  ‰j>  ‰jË  ‰j³  ‰uh}”(j¸  h·j;  j  jÈ  jA  j°  jÎ  jî  j÷  jþ  j  j   j  uŒfootnote_refs”}”Œcitation_refs”}”Œautofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ	footnotes”]”Œ	citations”]”Œautofootnote_start”KŒsymbol_footnote_start”K Œ
id_counter”Œcollections”ŒCounter”“”}”…”R”Œparse_messages”]”Œtransform_messages”]”Œtransformer”NŒinclude_log”]”Œ
decoration”Nh²hub.