[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v10 8/9] tpm: Added support for TPM emulator
|
From: |
Valluri, Amarnath |
|
Subject: |
Re: [Qemu-devel] [PATCH v10 8/9] tpm: Added support for TPM emulator |
|
Date: |
Wed, 4 Oct 2017 07:45:01 +0000 |
On Tue, 2017-10-03 at 17:21 -0400, Stefan Berger wrote:
> On 09/29/2017 07:10 AM, Amarnath Valluri wrote:
> >
> > This change introduces a new TPM backend driver that can
> > communicate with
> > swtpm(software TPM emulator) using unix domain socket interface.
> > QEMU talks to
> > TPM emulator using QEMU's socket-based chardev backend device.
> >
> > Swtpm uses two Unix sockets for communications, one for plain TPM
> > commands and
> > responses, and one for out-of-band control messages. QEMU passes
> > data socket to
> > be used over the control channel.
> >
> > The swtpm and associated tools can be found here:
> > https://github.com/stefanberger/swtpm
> >
> > The swtpm's control channel protocol specification can be found
> > here:
> > https://github.com/stefanberger/swtpm/wiki/Control-Channel-Spe
> > cification
> >
> > Usage:
> > # setup TPM state directory
> > mkdir /tmp/mytpm
> > chown -R tss:root /tmp/mytpm
> > /usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek
> To run this, one needs the latest version of swtpm that supports the
> file descriptor passing.
> Then one can start the swtpm like this:
>
> swtpm socket --tpmstate dir=/tmp/mytpm --ctrl
> type=unixio,path=/tmp/swtpm-sock --log level=20
>
> I tested the SeaBIOS menu items so far and that works fine, also for
> TPM2 (--tpm2).
Greate, Thanks for you feedback.
- Amarnath