€•am      Œsphinx.addnodes”Œdocument”“”)”}”(Œ	rawsource”Œ ”Œchildren”]”(Œtranslations”ŒLanguagesNode”“”)”}”(hhh]”(h Œpending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒChinese (Simplified)”…””}”Œparent”hsbaŒ
attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ	refdomain”Œstd”Œreftype”Œdoc”Œ	reftarget”Œ//translations/zh_CN/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuŒtagname”hhhubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/zh_TW/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/it_IT/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/ja_JP/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/ko_KR/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒSpanish”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ//translations/sp_SP/security/tpm/tpm_vtpm_proxy”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒEnglish”uh1h
hhŒ	_document”hŒsource”NŒline”NubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒ-Virtual TPM Proxy Driver for Linux Containers”h]”hŒ-Virtual TPM Proxy Driver for Linux Containers”…””}”(hh¨hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¦hh£hžhhŸŒI/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy.rst”h KubhŒ
line_block”“”)”}”(hhh]”(hh “”)”}”(hŒAuthors:”h]”hŒAuthors:”…””}”(hh½hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h Œindent”K hh¹hžhhŸh¶h Kubh¼)”}”(hŒ*Stefan Berger <stefanb@linux.vnet.ibm.com>”h]”(hŒStefan Berger <”…””}”(hhÌhžhhŸNh NubhŒ	reference”“”)”}”(hŒstefanb@linux.vnet.ibm.com”h]”hŒstefanb@linux.vnet.ibm.com”…””}”(hhÖhžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”Œ!mailto:stefanb@linux.vnet.ibm.com”uh1hÔhhÌubhŒ>”…””}”(hhÌhžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1h hËK hh¹hžhhŸh¶h Kubeh}”(h]”h ]”h"]”h$]”h&]”uh1h·hh£hžhhŸh¶h KubhŒ	paragraph”“”)”}”(hŒlThis document describes the virtual Trusted Platform Module (vTPM)
proxy device driver for Linux containers.”h]”hŒlThis document describes the virtual Trusted Platform Module (vTPM)
proxy device driver for Linux containers.”…””}”(hhøhžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸh¶h Khh£hžhubh¢)”}”(hhh]”(h§)”}”(hŒIntroduction”h]”hŒIntroduction”…””}”(hj	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¦hj  hžhhŸh¶h Kubh÷)”}”(hX  The goal of this work is to provide TPM functionality to each Linux
container. This allows programs to interact with a TPM in a container
the same way they interact with a TPM on the physical system. Each
container gets its own unique, emulated, software TPM.”h]”hX  The goal of this work is to provide TPM functionality to each Linux
container. This allows programs to interact with a TPM in a container
the same way they interact with a TPM on the physical system. Each
container gets its own unique, emulated, software TPM.”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸh¶h Khj  hžhubeh}”(h]”Œintroduction”ah ]”h"]”Œintroduction”ah$]”h&]”uh1h¡hh£hžhhŸh¶h Kubh¢)”}”(hhh]”(h§)”}”(hŒDesign”h]”hŒDesign”…””}”(hj0  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¦hj-  hžhhŸh¶h Kubh÷)”}”(hXU  To make an emulated software TPM available to each container, the container
management stack needs to create a device pair consisting of a client TPM
character device ``/dev/tpmX`` (with X=0,1,2...) and a 'server side' file
descriptor. The former is moved into the container by creating a character
device with the appropriate major and minor numbers while the file descriptor
is passed to the TPM emulator. Software inside the container can then send
TPM commands using the character device and the emulator will receive the
commands via the file descriptor and use it for sending back responses.”h]”(hŒ§To make an emulated software TPM available to each container, the container
management stack needs to create a device pair consisting of a client TPM
character device ”…””}”(hj>  hžhhŸNh NubhŒliteral”“”)”}”(hŒ``/dev/tpmX``”h]”hŒ	/dev/tpmX”…””}”(hjH  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj>  ubhX¥   (with X=0,1,2...) and a â€˜server sideâ€™ file
descriptor. The former is moved into the container by creating a character
device with the appropriate major and minor numbers while the file descriptor
is passed to the TPM emulator. Software inside the container can then send
TPM commands using the character device and the emulator will receive the
commands via the file descriptor and use it for sending back responses.”…””}”(hj>  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1höhŸh¶h Khj-  hžhubh÷)”}”(hXU  To support this, the virtual TPM proxy driver provides a device ``/dev/vtpmx``
that is used to create device pairs using an ioctl. The ioctl takes as
an input flags for configuring the device. The flags  for example indicate
whether TPM 1.2 or TPM 2 functionality is supported by the TPM emulator.
The result of the ioctl are the file descriptor for the 'server side'
as well as the major and minor numbers of the character device that was created.
Besides that the number of the TPM character device is returned. If for
example ``/dev/tpm10`` was created, the number (``dev_num``) 10 is returned.”h]”(hŒ@To support this, the virtual TPM proxy driver provides a device ”…””}”(hj`  hžhhŸNh NubjG  )”}”(hŒ``/dev/vtpmx``”h]”hŒ
/dev/vtpmx”…””}”(hjh  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj`  ubhXÇ  
that is used to create device pairs using an ioctl. The ioctl takes as
an input flags for configuring the device. The flags  for example indicate
whether TPM 1.2 or TPM 2 functionality is supported by the TPM emulator.
The result of the ioctl are the file descriptor for the â€˜server sideâ€™
as well as the major and minor numbers of the character device that was created.
Besides that the number of the TPM character device is returned. If for
example ”…””}”(hj`  hžhhŸNh NubjG  )”}”(hŒ``/dev/tpm10``”h]”hŒ
/dev/tpm10”…””}”(hjz  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj`  ubhŒ was created, the number (”…””}”(hj`  hžhhŸNh NubjG  )”}”(hŒ``dev_num``”h]”hŒdev_num”…””}”(hjŒ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj`  ubhŒ) 10 is returned.”…””}”(hj`  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1höhŸh¶h Khj-  hžhubh÷)”}”(hŒßOnce the device has been created, the driver will immediately try to talk
to the TPM. All commands from the driver can be read from the file descriptor
returned by the ioctl. The commands should be responded to immediately.”h]”hŒßOnce the device has been created, the driver will immediately try to talk
to the TPM. All commands from the driver can be read from the file descriptor
returned by the ioctl. The commands should be responded to immediately.”…””}”(hj¤  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸh¶h K(hj-  hžhubeh}”(h]”Œdesign”ah ]”h"]”Œdesign”ah$]”h&]”uh1h¡hh£hžhhŸh¶h Kubh¢)”}”(hhh]”(h§)”}”(hŒUAPI”h]”hŒUAPI”…””}”(hj½  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¦hjº  hžhhŸh¶h K-ubh Œindex”“”)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(Œsingle”Œvtpm_proxy_flags (C enum)”Œc.vtpm_proxy_flags”hNt”auh1jË  hjº  hžhhŸNh Nubh Œdesc”“”)”}”(hhh]”(h Œdesc_signature”“”)”}”(hŒvtpm_proxy_flags”h]”h Œdesc_signature_line”“”)”}”(hŒenum vtpm_proxy_flags”h]”(h Œdesc_sig_keyword”“”)”}”(hŒenum”h]”hŒenum”…””}”(hjï  hžhhŸNh Nubah}”(h]”h ]”Œk”ah"]”h$]”h&]”uh1jí  hjé  hžhhŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h Kubh Œdesc_sig_space”“”)”}”(hŒ ”h]”hŒ ”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”Œw”ah"]”h$]”h&]”uh1jÿ  hjé  hžhhŸjþ  h Kubh Œ	desc_name”“”)”}”(hŒvtpm_proxy_flags”h]”h Œdesc_sig_name”“”)”}”(hjå  h]”hŒvtpm_proxy_flags”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”Œn”ah"]”h$]”h&]”uh1j  hj  ubah}”(h]”h ]”(Œsig-name”Œdescname”eh"]”h$]”h&]”Œ	xml:space”Œpreserve”uh1j  hjé  hžhhŸjþ  h Kubeh}”(h]”h ]”h"]”h$]”h&]”j.  j/  Œadd_permalink”ˆuh1jç  Œsphinx_line_type”Œ
declarator”hjã  hžhhŸjþ  h Kubah}”(h]”jÚ  ah ]”(Œsig”Œ
sig-object”eh"]”h$]”h&]”Œis_multiline”ˆŒ
_toc_parts”)Œ	_toc_name”huh1já  hŸjþ  h KhjÞ  hžhubh Œdesc_content”“”)”}”(hhh]”h÷)”}”(hŒflags for the proxy TPM”h]”hŒflags for the proxy TPM”…””}”(hjI  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h KhjF  hžhubah}”(h]”h ]”h"]”h$]”h&]”uh1jD  hjÞ  hžhhŸjþ  h Kubeh}”(h]”h ]”(Œc”Œenum”eh"]”h$]”h&]”Œdomain”ja  Œobjtype”jb  Œdesctype”jb  Œnoindex”‰Œnoindexentry”‰Œnocontentsentry”‰uh1jÜ  hžhhjº  hŸNh NubhŒ	container”“”)”}”(hŒM**Constants**

``VTPM_PROXY_FLAG_TPM2``
  the proxy TPM uses TPM 2.0 protocol”h]”(h÷)”}”(hŒ**Constants**”h]”hŒstrong”“”)”}”(hjt  h]”hŒ	Constants”…””}”(hjx  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jv  hjr  ubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h Khjn  ubhŒdefinition_list”“”)”}”(hhh]”hŒdefinition_list_item”“”)”}”(hŒ<``VTPM_PROXY_FLAG_TPM2``
the proxy TPM uses TPM 2.0 protocol”h]”(hŒterm”“”)”}”(hŒ``VTPM_PROXY_FLAG_TPM2``”h]”jG  )”}”(hj›  h]”hŒVTPM_PROXY_FLAG_TPM2”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj™  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j—  hŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h Khj“  ubhŒ
definition”“”)”}”(hhh]”h÷)”}”(hŒ#the proxy TPM uses TPM 2.0 protocol”h]”hŒ#the proxy TPM uses TPM 2.0 protocol”…””}”(hj¶  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h Khj³  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j±  hj“  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j‘  hŸj°  h KhjŽ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jŒ  hjn  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1jl  hjº  hžhhŸNh NubjÌ  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(jØ  Œvtpm_proxy_new_dev (C struct)”Œc.vtpm_proxy_new_dev”hNt”auh1jË  hjº  hžhhŸNh NubjÝ  )”}”(hhh]”(jâ  )”}”(hŒvtpm_proxy_new_dev”h]”jè  )”}”(hŒstruct vtpm_proxy_new_dev”h]”(jî  )”}”(hŒstruct”h]”hŒstruct”…””}”(hj÷  hžhhŸNh Nubah}”(h]”h ]”jú  ah"]”h$]”h&]”uh1jí  hjó  hžhhŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K%ubj   )”}”(hŒ ”h]”hŒ ”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jÿ  hjó  hžhhŸj  h K%ubj  )”}”(hŒvtpm_proxy_new_dev”h]”j  )”}”(hjñ  h]”hŒvtpm_proxy_new_dev”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”j"  ah"]”h$]”h&]”uh1j  hj  ubah}”(h]”h ]”(j)  j*  eh"]”h$]”h&]”j.  j/  uh1j  hjó  hžhhŸj  h K%ubeh}”(h]”h ]”h"]”h$]”h&]”j.  j/  j6  ˆuh1jç  j7  j8  hjï  hžhhŸj  h K%ubah}”(h]”jê  ah ]”(j<  j=  eh"]”h$]”h&]”jA  ˆjB  )jC  huh1já  hŸj  h K%hjì  hžhubjE  )”}”(hhh]”h÷)”}”(hŒ<parameter structure for the ``VTPM_PROXY_IOC_NEW_DEV`` ioctl”h]”(hŒparameter structure for the ”…””}”(hj:  hžhhŸNh NubjG  )”}”(hŒ``VTPM_PROXY_IOC_NEW_DEV``”h]”hŒVTPM_PROXY_IOC_NEW_DEV”…””}”(hjB  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj:  ubhŒ ioctl”…””}”(hj:  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K hj7  hžhubah}”(h]”h ]”h"]”h$]”h&]”uh1jD  hjì  hžhhŸj  h K%ubeh}”(h]”h ]”(ja  Œstruct”eh"]”h$]”h&]”jf  ja  jg  jd  jh  jd  ji  ‰jj  ‰jk  ‰uh1jÜ  hžhhjº  hŸNh Nubjm  )”}”(hX  **Definition**::

  struct vtpm_proxy_new_dev {
      __u32 flags;
      __u32 tpm_num;
      __u32 fd;
      __u32 major;
      __u32 minor;
  };

**Members**

``flags``
  flags for the proxy TPM

``tpm_num``
  index of the TPM device

``fd``
  the file descriptor used by the proxy TPM

``major``
  the major number of the TPM device

``minor``
  the minor number of the TPM device”h]”(h÷)”}”(hŒ**Definition**::”h]”(jw  )”}”(hŒ**Definition**”h]”hŒ
Definition”…””}”(hjp  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jv  hjl  ubhŒ:”…””}”(hjl  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K$hjh  ubhŒliteral_block”“”)”}”(hŒrstruct vtpm_proxy_new_dev {
    __u32 flags;
    __u32 tpm_num;
    __u32 fd;
    __u32 major;
    __u32 minor;
};”h]”hŒrstruct vtpm_proxy_new_dev {
    __u32 flags;
    __u32 tpm_num;
    __u32 fd;
    __u32 major;
    __u32 minor;
};”…””}”hj‹  sbah}”(h]”h ]”h"]”h$]”h&]”j.  j/  uh1j‰  hŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K&hjh  ubh÷)”}”(hŒ**Members**”h]”jw  )”}”(hjœ  h]”hŒMembers”…””}”(hjž  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jv  hjš  ubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K.hjh  ubj  )”}”(hhh]”(j’  )”}”(hŒ"``flags``
flags for the proxy TPM
”h]”(j˜  )”}”(hŒ	``flags``”h]”jG  )”}”(hj»  h]”hŒflags”…””}”(hj½  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj¹  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j—  hŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K#hjµ  ubj²  )”}”(hhh]”h÷)”}”(hŒflags for the proxy TPM”h]”hŒflags for the proxy TPM”…””}”(hjÔ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸjÐ  h K#hjÑ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j±  hjµ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j‘  hŸjÐ  h K#hj²  ubj’  )”}”(hŒ$``tpm_num``
index of the TPM device
”h]”(j˜  )”}”(hŒ``tpm_num``”h]”jG  )”}”(hjô  h]”hŒtpm_num”…””}”(hjö  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hjò  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j—  hŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K$hjî  ubj²  )”}”(hhh]”h÷)”}”(hŒindex of the TPM device”h]”hŒindex of the TPM device”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸj	  h K$hj
  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j±  hjî  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j‘  hŸj	  h K$hj²  ubj’  )”}”(hŒ1``fd``
the file descriptor used by the proxy TPM
”h]”(j˜  )”}”(hŒ``fd``”h]”jG  )”}”(hj-  h]”hŒfd”…””}”(hj/  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj+  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j—  hŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K%hj'  ubj²  )”}”(hhh]”h÷)”}”(hŒ)the file descriptor used by the proxy TPM”h]”hŒ)the file descriptor used by the proxy TPM”…””}”(hjF  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸjB  h K%hjC  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j±  hj'  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j‘  hŸjB  h K%hj²  ubj’  )”}”(hŒ-``major``
the major number of the TPM device
”h]”(j˜  )”}”(hŒ	``major``”h]”jG  )”}”(hjf  h]”hŒmajor”…””}”(hjh  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hjd  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j—  hŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K&hj`  ubj²  )”}”(hhh]”h÷)”}”(hŒ"the major number of the TPM device”h]”hŒ"the major number of the TPM device”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸj{  h K&hj|  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j±  hj`  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j‘  hŸj{  h K&hj²  ubj’  )”}”(hŒ,``minor``
the minor number of the TPM device”h]”(j˜  )”}”(hŒ	``minor``”h]”jG  )”}”(hjŸ  h]”hŒminor”…””}”(hj¡  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j—  hŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K&hj™  ubj²  )”}”(hhh]”h÷)”}”(hŒ"the minor number of the TPM device”h]”hŒ"the minor number of the TPM device”…””}”(hj¸  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒk/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:47: ./include/uapi/linux/vtpm_proxy.h”h K'hjµ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j±  hj™  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j‘  hŸj´  h K&hj²  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jŒ  hjh  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1jl  hjº  hžhhŸNh NubjÌ  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(jØ  Œvtpmx_ioc_new_dev (C function)”Œc.vtpmx_ioc_new_dev”hNt”auh1jË  hjº  hžhhŸNh NubjÝ  )”}”(hhh]”(jâ  )”}”(hŒQlong vtpmx_ioc_new_dev (struct file *file, unsigned int ioctl, unsigned long arg)”h]”jè  )”}”(hŒPlong vtpmx_ioc_new_dev(struct file *file, unsigned int ioctl, unsigned long arg)”h]”(h Œdesc_sig_keyword_type”“”)”}”(hŒlong”h]”hŒlong”…””}”(hjû  hžhhŸNh Nubah}”(h]”h ]”Œkt”ah"]”h$]”h&]”uh1jù  hjõ  hžhhŸŒm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h Moubj   )”}”(hŒ ”h]”hŒ ”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jÿ  hjõ  hžhhŸj
  h Moubj  )”}”(hŒvtpmx_ioc_new_dev”h]”j  )”}”(hŒvtpmx_ioc_new_dev”h]”hŒvtpmx_ioc_new_dev”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”j"  ah"]”h$]”h&]”uh1j  hj  ubah}”(h]”h ]”(j)  j*  eh"]”h$]”h&]”j.  j/  uh1j  hjõ  hžhhŸj
  h Moubh Œdesc_parameterlist”“”)”}”(hŒ:(struct file *file, unsigned int ioctl, unsigned long arg)”h]”(h Œdesc_parameter”“”)”}”(hŒstruct file *file”h]”(jî  )”}”(hjù  h]”hŒstruct”…””}”(hj=  hžhhŸNh Nubah}”(h]”h ]”jú  ah"]”h$]”h&]”uh1jí  hj9  ubj   )”}”(hŒ ”h]”hŒ ”…””}”(hjJ  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jÿ  hj9  ubh)”}”(hhh]”j  )”}”(hŒfile”h]”hŒfile”…””}”(hj[  hžhhŸNh Nubah}”(h]”h ]”j"  ah"]”h$]”h&]”uh1j  hjX  ubah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”ja  Œreftype”Œ
identifier”Œ	reftarget”j]  Œmodname”NŒ	classname”NŒc:parent_key”Œsphinx.domains.c”Œ	LookupKey”“”)”}”Œdata”]”jv  ŒASTIdentifier”“”)”}”jq  j  sbŒc.vtpmx_ioc_new_dev”†”asbuh1hhj9  ubj   )”}”(hŒ ”h]”hŒ ”…””}”(hjƒ  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jÿ  hj9  ubh Œdesc_sig_punctuation”“”)”}”(hŒ*”h]”hŒ*”…””}”(hj“  hžhhŸNh Nubah}”(h]”h ]”Œp”ah"]”h$]”h&]”uh1j‘  hj9  ubj  )”}”(hŒfile”h]”hŒfile”…””}”(hj¢  hžhhŸNh Nubah}”(h]”h ]”j"  ah"]”h$]”h&]”uh1j  hj9  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆj.  j/  uh1j7  hj3  ubj8  )”}”(hŒunsigned int ioctl”h]”(jú  )”}”(hŒunsigned”h]”hŒunsigned”…””}”(hj»  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jù  hj·  ubj   )”}”(hŒ ”h]”hŒ ”…””}”(hjÉ  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jÿ  hj·  ubjú  )”}”(hŒint”h]”hŒint”…””}”(hj×  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jù  hj·  ubj   )”}”(hŒ ”h]”hŒ ”…””}”(hjå  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jÿ  hj·  ubj  )”}”(hŒioctl”h]”hŒioctl”…””}”(hjó  hžhhŸNh Nubah}”(h]”h ]”j"  ah"]”h$]”h&]”uh1j  hj·  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆj.  j/  uh1j7  hj3  ubj8  )”}”(hŒunsigned long arg”h]”(jú  )”}”(hŒunsigned”h]”hŒunsigned”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jù  hj  ubj   )”}”(hŒ ”h]”hŒ ”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jÿ  hj  ubjú  )”}”(hŒlong”h]”hŒlong”…””}”(hj(  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jù  hj  ubj   )”}”(hŒ ”h]”hŒ ”…””}”(hj6  hžhhŸNh Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jÿ  hj  ubj  )”}”(hŒarg”h]”hŒarg”…””}”(hjD  hžhhŸNh Nubah}”(h]”h ]”j"  ah"]”h$]”h&]”uh1j  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆj.  j/  uh1j7  hj3  ubeh}”(h]”h ]”h"]”h$]”h&]”j.  j/  uh1j1  hjõ  hžhhŸj
  h Moubeh}”(h]”h ]”h"]”h$]”h&]”j.  j/  j6  ˆuh1jç  j7  j8  hjñ  hžhhŸj
  h Moubah}”(h]”jì  ah ]”(j<  j=  eh"]”h$]”h&]”jA  ˆjB  )jC  huh1já  hŸj
  h Mohjî  hžhubjE  )”}”(hhh]”h÷)”}”(hŒ0handler for the ``VTPM_PROXY_IOC_NEW_DEV`` ioctl”h]”(hŒhandler for the ”…””}”(hjn  hžhhŸNh NubjG  )”}”(hŒ``VTPM_PROXY_IOC_NEW_DEV``”h]”hŒVTPM_PROXY_IOC_NEW_DEV”…””}”(hjv  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hjn  ubhŒ ioctl”…””}”(hjn  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h Mdhjk  hžhubah}”(h]”h ]”h"]”h$]”h&]”uh1jD  hjî  hžhhŸj
  h Moubeh}”(h]”h ]”(ja  Œfunction”eh"]”h$]”h&]”jf  ja  jg  j˜  jh  j˜  ji  ‰jj  ‰jk  ‰uh1jÜ  hžhhjº  hŸNh Nubjm  )”}”(hX  **Parameters**

``struct file *file``
  /dev/vtpmx

``unsigned int ioctl``
  the ioctl number

``unsigned long arg``
  pointer to the struct vtpmx_proxy_new_dev

**Description**

Creates an anonymous file that is used by the process acting as a TPM to
communicate with the client processes. The function will also add a new TPM
device through which data is proxied to this TPM acting process. The caller
will be provided with a file descriptor to communicate with the clients and
major and minor numbers for the TPM device.”h]”(h÷)”}”(hŒ**Parameters**”h]”jw  )”}”(hj¢  h]”hŒ
Parameters”…””}”(hj¤  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jv  hj   ubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h Mhhjœ  ubj  )”}”(hhh]”(j’  )”}”(hŒ!``struct file *file``
/dev/vtpmx
”h]”(j˜  )”}”(hŒ``struct file *file``”h]”jG  )”}”(hjÁ  h]”hŒstruct file *file”…””}”(hjÃ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj¿  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j—  hŸŒm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h Mehj»  ubj²  )”}”(hhh]”h÷)”}”(hŒ
/dev/vtpmx”h]”hŒ
/dev/vtpmx”…””}”(hjÚ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸjÖ  h Mehj×  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j±  hj»  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j‘  hŸjÖ  h Mehj¸  ubj’  )”}”(hŒ(``unsigned int ioctl``
the ioctl number
”h]”(j˜  )”}”(hŒ``unsigned int ioctl``”h]”jG  )”}”(hjú  h]”hŒunsigned int ioctl”…””}”(hjü  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hjø  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j—  hŸŒm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h Mfhjô  ubj²  )”}”(hhh]”h÷)”}”(hŒthe ioctl number”h]”hŒthe ioctl number”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸj  h Mfhj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j±  hjô  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j‘  hŸj  h Mfhj¸  ubj’  )”}”(hŒ@``unsigned long arg``
pointer to the struct vtpmx_proxy_new_dev
”h]”(j˜  )”}”(hŒ``unsigned long arg``”h]”jG  )”}”(hj3  h]”hŒunsigned long arg”…””}”(hj5  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jF  hj1  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j—  hŸŒm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h Mghj-  ubj²  )”}”(hhh]”h÷)”}”(hŒ)pointer to the struct vtpmx_proxy_new_dev”h]”hŒ)pointer to the struct vtpmx_proxy_new_dev”…””}”(hjL  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸjH  h MghjI  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j±  hj-  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j‘  hŸjH  h Mghj¸  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jŒ  hjœ  ubh÷)”}”(hŒ**Description**”h]”jw  )”}”(hjn  h]”hŒDescription”…””}”(hjp  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jv  hjl  ubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h Mihjœ  ubh÷)”}”(hXX  Creates an anonymous file that is used by the process acting as a TPM to
communicate with the client processes. The function will also add a new TPM
device through which data is proxied to this TPM acting process. The caller
will be provided with a file descriptor to communicate with the clients and
major and minor numbers for the TPM device.”h]”hXX  Creates an anonymous file that is used by the process acting as a TPM to
communicate with the client processes. The function will also add a new TPM
device through which data is proxied to this TPM acting process. The caller
will be provided with a file descriptor to communicate with the clients and
major and minor numbers for the TPM device.”…””}”(hj„  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1höhŸŒm/var/lib/git/docbuild/linux/Documentation/security/tpm/tpm_vtpm_proxy:49: ./drivers/char/tpm/tpm_vtpm_proxy.c”h Mihjœ  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1jl  hjº  hžhhŸNh Nubeh}”(h]”Œuapi”ah ]”h"]”Œuapi”ah$]”h&]”uh1h¡hh£hžhhŸh¶h K-ubeh}”(h]”Œ-virtual-tpm-proxy-driver-for-linux-containers”ah ]”h"]”Œ-virtual tpm proxy driver for linux containers”ah$]”h&]”uh1h¡hhhžhhŸh¶h Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”h¶uh1hŒcurrent_source”NŒcurrent_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(h¦NŒ	generator”NŒ	datestamp”NŒsource_link”NŒ
source_url”NŒtoc_backlinks”Œentry”Œfootnote_backlinks”KŒsectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒstrip_classes”NŒreport_level”KŒ
halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ	traceback”ˆŒinput_encoding”Œ	utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”jÍ  Œerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œlanguage_code”Œen”Œrecord_dependencies”NŒconfig”NŒ	id_prefix”hŒauto_id_prefix”Œid”Œdump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”h¶Œ_destination”NŒ_config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒraw_enabled”KŒline_length_limit”M'Œpep_references”NŒpep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒrfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ	tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œsmart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œdocinfo_xform”KŒsectsubtitle_xform”‰Œimage_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”Œrefids”}”Œnameids”}”(j§  j¤  j*  j'  j·  j´  jŸ  jœ  uŒ	nametypes”}”(j§  ‰j*  ‰j·  ‰jŸ  ‰uh}”(j¤  h£j'  j  j´  j-  jœ  jº  jÚ  jã  jê  jï  jì  jñ  uŒfootnote_refs”}”Œcitation_refs”}”Œautofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ	footnotes”]”Œ	citations”]”Œautofootnote_start”KŒsymbol_footnote_start”K Œ
id_counter”Œcollections”ŒCounter”“”}”…”R”Œparse_messages”]”Œtransform_messages”]”Œtransformer”NŒinclude_log”]”Œ
decoration”Nhžhub.