qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v4 8/8] tpm: Added support for TPM emulator


From: Valluri, Amarnath
Subject: Re: [Qemu-devel] [PATCH v4 8/8] tpm: Added support for TPM emulator
Date: Tue, 13 Jun 2017 09:12:36 +0000

On Mon, 2017-06-12 at 15:26 -0400, Stefan Berger wrote:
> On 06/05/2017 03:25 AM, Valluri, Amarnath wrote:
> > 
> > On Wed, 2017-05-24 at 11:15 -0400, Stefan Berger wrote:
> > > 
> > > On 05/16/2017 03:58 AM, Amarnath Valluri wrote:
> > > > 
> > > > This change introduces a new TPM backend driver that can
> > > > communicate with
> > > > swtpm(software TPM emulator) using unix domain socket
> > > > interface.
> > > > 
> > > > Swtpm uses two unix sockets, one for plain TPM commands and
> > > > responses, and one
> > > > for out-of-band control messages.
> > > > 
> > > > The swtpm and associated tools can be found here:
> > > >       https://github.com/stefanberger/swtpm
> > > > 
> > > > The swtpm's control channel protocol specification can be found
> > > > here:
> > > >       https://github.com/stefanberger/swtpm/wiki/Control-Channe
> > > > l-Spe
> > > > cification
> > > > 
> > > > Usage:
> > > >       # setup TPM state directory
> > > >       mkdir /tmp/mytpm
> > > >       chown -R tss:root /tmp/mytpm
> > > >       /usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek
> > > > 
> > > >       # Ask qemu to use TPM emulator with given tpm state
> > > > directory
> > > >       qemu-system-x86_64 \
> > > >           [...] \
> > > >           -tpmdev
> > > > emulator,id=tpm0,tpmstatedir=/tmp/mytpm,logfile=/tmp/swtpm.log
> > > > \
> > > >           -device tpm-tis,tpmdev=tpm0 \
> > > >           [...]
> > > > 
> > > > Signed-off-by: Amarnath Valluri <address@hidden>
> > > Since you are not supporting migration in this patch, you
> > > probably
> > > have
> > > to add a migrate_add_blocker() call somewhere along the lines of
> > > this
> > > here:
> > > 
> > > https://github.com/stefanberger/qemu-tpm/commit/27d332dc3b2c6bfd0
> > > fcd3
> > > 8e69f5c899651f3a5d8#diff-3a0192eef5d20837af490c32bf396f4eR641
> > > 
> > I need to dig a bit and femiliarize myself about 'migration'
> > support, I
> > guess i can send it as a separate patch ?
> Fine by me.

By the way, I included this migration blocker in my latest(v5) patch
series i sent.

- Amarnath

reply via email to

[Prev in Thread] Current Thread [Next in Thread]