|
| From: | Stefan Berger |
| Subject: | Re: [Qemu-devel] [PATCH V19 0/7] Qemu Trusted Platform Module (TPM) integration |
| Date: | Fri, 28 Sep 2012 18:43:48 -0400 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120605 Thunderbird/13.0 |
On 09/27/2012 10:59 AM, Corey Bryant wrote:
I reviewed this series and have sent all my comments. In general the patches look good to me other than the comments I've already made.
Thanks for the review.
The external interfaces (command line and monitor commands) look to be in good shape. In particular -tpmdev can easily be modified to support future backend vTPM implementations, such a software vTPM. And the monitor commands are simple and straight forward (info TPM and query-TPM with no arguments).I haven't had the chance to run any tests with the patch series, but I plan to soon. In the mean time I have a couple of general questions:I understand that the passthrough driver won't support migration. What happens on a migration attempt? Does it fail gracefully?
QEMU refuses to migrate.
Yes, if something blocks /dev/tpm0 then an error message is printed. I may adjust that error message suggesting that something else is using the device.What happens when a 2nd guest attempts to use the passthrough vTPM after the 1st guest is already using it? Does it also fail gracefully?
Are there any architecture dependencies for this support?
There are some specifics for x86: on Linux one has to do 'modprobe tpm_tis force=1' to due missing ACPI support in SeaBIOS so far. I have patches for SeaBIOS.
I haven't tried the passthrough driver in VMs running on any other architectures, but I don't see reasons why it shouldn't work.
Stefan
| [Prev in Thread] | Current Thread | [Next in Thread] |