[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 00/42] TPM: code cleanup & CRB device
From: |
Marc-André Lureau |
Subject: |
Re: [Qemu-devel] [PATCH 00/42] TPM: code cleanup & CRB device |
Date: |
Tue, 10 Oct 2017 14:14:44 +0200 |
Hi Stefan
On Tue, Oct 10, 2017 at 4:34 AM, Stefan Berger
<address@hidden> wrote:
> On 10/09/2017 06:55 PM, Marc-André Lureau wrote:
>>
>> Hi,
>>
>> I accumulated a series of patch doing some TPM code cleanup while
>> doing review. I removed some dead code, simplified other parts, and
>> tried to isolate implementation of the backend and frontend by using a
>> new TPMIf interface. I solved a few issues, and added some FIXME for
>> what should be tackled. Finally, I implemented a simple CRB device
>> (tpm 2.0) that is work in progress for now - it works fine with
>> passthrough, but swtpm/libtpms with win10 has some issues that need
>> more investigations.
>
>
> You are using the swtpm with --tpm2, right? And I suppose you are using the
> tpm2-preview.rev146 branch of libtpms. What are the symptoms?
Yes, I was using tpm2-preview.rev146.ossl11 branch
Windows complained about malfunctioning TPM 2.0 device, despite doing
many exchanges. Sadly, I couldn't find many option to make libtpms a
bit more verbose, as I am not able to parse the hexdump. I haven't
spent much time investigating yet.
>
> Most of this series looks good to me. I'll go over it again and will add my
> Reviewed-by. It seems to have some build problems, though.
I fixed the build issue (gcc on centos is a bit old), last version is
https://github.com/elmarco/qemu/commits/tpm.
>
> For libtpms + swtpm the biggest challenge is supporting state migration,
> especially with TPM2. I have that working on the swtpm level in form of test
> cases and also with the old CUSE TPM support in QEMU + libvirt mgmt. stack
> with CUSE support. So ideally we would get to that point as well with the
> QEMU TPM emulator device to make sure suspend/resume, snapshotting, and
> migration work. libtpms 0.6 should have TPM 2 code and ideally swtpm 0.1
> would support TPM 2 as well.
Yes! thanks a lot for working on this, this is indeed essential. How
close are you from releasing the migration code?
Depending how quickly this series is reviewed & merged, I would like
to work on cleaning up the threading code next.
thanks
>
> Regards,
> Stefan
>
>
>>
>> seabios CRB support is required for TPM 2.0 & emulation
>> (https://mail.coreboot.org/pipermail/seabios/2017-October/011839.html)
>>
>> Comments/review welcome!
>>
>> Based-on: <address@hidden>
>>
>> Marc-André Lureau (42):
>> tpm-tis: remove unused hw_access argument
>> tpm-tis: remove RAISE_STS_IRQ
>> tpm: make tpm_get_backend_driver() static
>> tpm: lookup tpm backend class in tpm_driver_find_by_type()
>> tpm: replace tpm_get_backend_driver() to drop be_drivers
>> tpm: remove tpm_register_driver()
>> tpm: move TPMSizedBuffer to tpm_tis.h
>> tpm: remove TPMDriverOps
>> tpm: remove init() class method
>> tpm: remove configure_tpm() hop
>> tpm: remove unused TPMBackendCmd
>> tpm: remove needless cast
>> tpm: remove locty argument from receive_cb
>> tpm: add TPMBackendCmd to hold the request state
>> tpm-emulator: fix error handling
>> tpm: remove locty_data from TPMState
>> tpm-tis: move TPMState to TIS header
>> tpm-tis: remove tpm_tis.h header
>> tpm-tis: fold TPMTISEmuState in TPMState
>> tpm: add a QOM TPM interface
>> tpm: move recv_data_callback to TPM interface
>> tpm-backend: store TPMIf interface, improve backend_init()
>> tpm-tis: no longer expose TPMState
>> tpm-be: call request_completed() out of thread
>> tpm-be: report error instead of front-end
>> tpm-be: ask model to the TPM interface
>> tpm: remove unused opened code
>> tpm-passthrough: don't save guessed cancel_path in options
>> tpm-be: update optional function pointers
>> tpm-passthrough: pass TPMPassthruState to handle_device_opts
>> tpm-backend: move set 'id' to common code
>> tpm-passthrough: make it safer to destroy after creation
>> tpm-passthrough: remove error cleanup from handle_device_opts
>> tpm-passthrough: workaround a possible race
>> tpm-tis: simplify header inclusion
>> tpm: rename qemu_find_tpm() -> qemu_find_tpm_be()
>> tpm: lookup the the TPM interface instead of TIS device
>> tpm: add TPM interface to lookup TPM version
>> tpm: add tpm_cmd_get_size() to tpm_util
>> acpi: change TPM TIS data conditions
>> tpm-emulator: add a FIXME comment about blocking cancel
>> WIP: add TPM CRB device
>>
>> qapi/tpm.json | 7 +-
>> hw/tpm/tpm_int.h | 25 +-
>> hw/tpm/tpm_tis.h | 70 ------
>> hw/tpm/tpm_util.h | 8 +-
>> include/hw/acpi/tpm.h | 65 +++++
>> include/sysemu/tpm.h | 59 +++--
>> include/sysemu/tpm_backend.h | 70 ++----
>> backends/tpm.c | 121 ++++-----
>> hw/i386/acpi-build.c | 33 ++-
>> hw/tpm/tpm_crb.c | 320 ++++++++++++++++++++++++
>> hw/tpm/tpm_emulator.c | 95 +++----
>> hw/tpm/tpm_passthrough.c | 114 +++------
>> hw/tpm/tpm_tis.c | 499
>> +++++++++++++++++++------------------
>> hw/tpm/tpm_util.c | 1 +
>> tpm.c | 63 ++---
>> default-configs/i386-softmmu.mak | 1 +
>> default-configs/x86_64-softmmu.mak | 1 +
>> hw/tpm/Makefile.objs | 1 +
>> scripts/checkpatch.pl | 1 -
>> 19 files changed, 899 insertions(+), 655 deletions(-)
>> delete mode 100644 hw/tpm/tpm_tis.h
>> create mode 100644 hw/tpm/tpm_crb.c
>>
>
>
--
Marc-André Lureau
- Re: [Qemu-devel] [PATCH 39/42] tpm: add tpm_cmd_get_size() to tpm_util, (continued)
- [Qemu-devel] [PATCH 40/42] acpi: change TPM TIS data conditions, Marc-André Lureau, 2017/10/09
- [Qemu-devel] [PATCH 41/42] tpm-emulator: add a FIXME comment about blocking cancel, Marc-André Lureau, 2017/10/09
- [Qemu-devel] [PATCH 42/42] WIP: add TPM CRB device, Marc-André Lureau, 2017/10/09
- Re: [Qemu-devel] [PATCH 00/42] TPM: code cleanup & CRB device, no-reply, 2017/10/09
- Re: [Qemu-devel] [PATCH 00/42] TPM: code cleanup & CRB device, Stefan Berger, 2017/10/09
- Re: [Qemu-devel] [PATCH 00/42] TPM: code cleanup & CRB device,
Marc-André Lureau <=
- Re: [Qemu-devel] [PATCH 00/42] TPM: code cleanup & CRB device, Stefan Berger, 2017/10/19