From 6c206fab58fc556b253e78547cc0073ef0c53975 Mon Sep 17 00:00:00 2001
From: Andrew Lytvynov <awly@tailscale.com>
Date: Fri, 18 Jul 2025 10:17:40 -0700
Subject: [PATCH] feature/tpm: try opening /dev/tpmrm0 before /tmp/tpm0 on
 Linux (#16600)

The tpmrm0 is a kernel-managed version of tpm0 that multiplexes multiple
concurrent connections. The basic tpm0 can only be accessed by one
application at a time, which can be pretty unreliable.

Updates #15830

Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
---
 feature/tpm/tpm_linux.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/feature/tpm/tpm_linux.go b/feature/tpm/tpm_linux.go
index f2d0f1402..6c8131e8d 100644
--- a/feature/tpm/tpm_linux.go
+++ b/feature/tpm/tpm_linux.go
@@ -9,5 +9,9 @@ import (
 )
 
 func open() (transport.TPMCloser, error) {
+	tpm, err := linuxtpm.Open("/dev/tpmrm0")
+	if err == nil {
+		return tpm, nil
+	}
 	return linuxtpm.Open("/dev/tpm0")
 }