{"id":18320316,"url":"https://github.com/tpm2-software/tpm2-abrmd","last_synced_at":"2026-03-14T15:21:00.281Z","repository":{"id":38239768,"uuid":"88541464","full_name":"tpm2-software/tpm2-abrmd","owner":"tpm2-software","description":"TPM2 Access Broker \u0026 Resource Management Daemon implementing the TCG spec.","archived":false,"fork":false,"pushed_at":"2024-11-20T20:19:14.000Z","size":2267,"stargazers_count":118,"open_issues_count":59,"forks_count":100,"subscribers_count":19,"default_branch":"master","last_synced_at":"2025-04-03T11:09:05.364Z","etag":null,"topics":["daemon","linux","tpm","tpm2","tss","tss2"],"latest_commit_sha":null,"homepage":"https://github.com/tpm2-software/tpm2-abrmd","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tpm2-software.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-04-17T19:10:14.000Z","updated_at":"2025-04-01T17:25:27.000Z","dependencies_parsed_at":"2023-02-08T12:30:46.324Z","dependency_job_id":"b2ea4afa-a034-4a47-a26e-c89045f0381f","html_url":"https://github.com/tpm2-software/tpm2-abrmd","commit_stats":{"total_commits":1235,"total_committers":44,"mean_commits":"28.068181818181817","dds":0.3214574898785425,"last_synced_commit":"7533130a5efa09c813e1f23cf3d41d3c05ca2d99"},"previous_names":[],"tags_count":29,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tpm2-software%2Ftpm2-abrmd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tpm2-software%2Ftpm2-abrmd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tpm2-software%2Ftpm2-abrmd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tpm2-software%2Ftpm2-abrmd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tpm2-software","download_url":"https://codeload.github.com/tpm2-software/tpm2-abrmd/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248552765,"owners_count":21123308,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["daemon","linux","tpm","tpm2","tss","tss2"],"created_at":"2024-11-05T18:15:54.098Z","updated_at":"2026-03-14T15:20:55.224Z","avatar_url":"https://github.com/tpm2-software.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"![Linux Build Status](https://github.com/tpm2-software/tpm2-abrmd/workflows/Linux%20Build%20Status/badge.svg)\n[![FreeBSD Build Status](https://api.cirrus-ci.com/github/tpm2-software/tpm2-abrmd.svg?branch=master)](https://cirrus-ci.com/github/tpm2-software/tpm2-abrmd)\n[![Coverity Scan](https://img.shields.io/coverity/scan/3997.svg)](https://scan.coverity.com/projects/01org-tpm2-abrmd)\n[![codecov](https://codecov.io/gh/tpm2-software/tpm2-abrmd/branch/master/graph/badge.svg)](https://codecov.io/gh/tpm2-software/tpm2-abrmd)\n[![Language grade: C/C++](https://img.shields.io/lgtm/grade/cpp/g/tpm2-software/tpm2-abrmd.svg?logo=lgtm\u0026logoWidth=18)](https://lgtm.com/projects/g/tpm2-software/tpm2-abrmd/context:cpp)\n\n# TPM2 Access Broker \u0026 Resource Manager\nThis is a system daemon implementing the TPM2 access broker (TAB) \u0026 Resource\nManager (RM) spec from the TCG. The daemon (tpm2-abrmd) is implemented using\nGlib and the GObject system. In this documentation and in the code we use\n`tpm2-abrmd` and `tabrmd` interchangeably.\n\n## Build \u0026 Install\nInstructions to build and install this software are available in the\n[INSTALL.md](INSTALL.md) file.\n\n## tpm2-abrmd\n`tpm2-abrmd` is a daemon. It should be started as part of the OS boot process.\nCommunication between the daemon and clients using the TPM is done with a\ncombination of DBus and Unix pipes. DBus is used for discovery, session\nmanagement and the 'cancel', 'setLocality', and 'getPollHandles' API calls\n(mostly these aren't yet implemented). Pipes are used to send and receive\nTPM commands and responses (respectively) between client and server.\n\nThe daemon owns the com.intel.tss2.Tabrmd name on dbus. It can be configured\nto connect to either the system or the session bus. Configuring name\nselection would be a handy feature but that's future work.\n\nCheck out the man page TPM2-ABRMD(8) for the currently supported options.\n\n## libtcti-tabrmd\nThis repository also hosts a client library for interacting with this daemon.\nIt is intended for use with the SAPI library (libtss2-sapi) like any other\nTCTI. The initialization function for this library is hard coded to connect to\nthe tabrmd on the system bus as this is the most common configuration.\n\nCheck out the man page TSS2-TCTI-TABRMD(7) and TSS2_TCTI_TABRMD_INIT(3).\n\n## tpm2-abrmd vs in-kernel RM\nThe current implementations are mostly equivalent with a few differences.\nBoth provide isolation between objects \u0026 sessions created by different\nconnections which is the core functionality required by applications. The\nreason we have both is that the in-kernel RM was only added very recently\n(4.12) and we have TPM2 users in environments with kernels going back to the\n3.x series. So the user space RM will be around at least till everyone is\nusing the kernel RM.\n\nFor the short term we're recommending that developers stick to using the\ntabrmd as the default to get the most stable / widest possible support.\nIf you structure your code properly you'll be able to switch in / out TCTI\nmodules with relative ease and migrating to the in-kernel RM should be pretty\npainless. Eventually, all of the required features will end up in the kernel\nRM and it will become the default.\n\nHow we get to the ideal future of a single RM in the kernel: our current plan\nis to prototype various features in user space as a way to get them tested /\nvalidated. There's a lot of stuff in the related TCG spec that we haven't yet\nimplemented and we all agree that it's generally a bad ideal to to put\nfeatures into the kernel before we:\n1. understand how they work\n2. how they're going to be used by applications\n3. agree we want the feature at all\n\nA good example of this are the asynchronous portions of the SAPI. Right now\nwith the kernel RM you can use the async API but it won't really be\nasynchronous: Calls to functions that should be async will block since the\nkernel doesn't supply user space with an async / polling I/O interface. For\nthe short term, if you want to use the SAPI in an event driven I/O framework\nyou will only get async I/O from the user space resource manager. In the long\nrun though, if this feature is important to our users, we can work to upstream\nsupport to the in-kernel RM. The plan is to treat future features in the same\nway.\n\nThis was the subject of a talk that was given @ the Linux Plumbers Conference\n2017:\nhttp://linuxplumbersconf.com/2017/ocw//system/presentations/4818/original/TPM2-kernel-evnet-app_tricca-sakkinen.pdf\n\n# Related Specifications\n* [TPM2 Software Stack Access Broker and Resource Manager](https://trustedcomputinggroup.org/wp-content/uploads/TSS-TAB-and-Resource-Manager-ver1.0-rev16_Public_Review.pdf)\n* [TPM2 Software Stack System API and TPM2 Command Transmission Interface](http://www.trustedcomputinggroup.org/wp-content/uploads/TSS-system-API-01.pdf)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftpm2-software%2Ftpm2-abrmd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftpm2-software%2Ftpm2-abrmd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftpm2-software%2Ftpm2-abrmd/lists"}