[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] tpm: add backend for mssim
|
From: |
James Bottomley |
|
Subject: |
Re: [PATCH] tpm: add backend for mssim |
|
Date: |
Mon, 12 Dec 2022 09:32:19 -0500 |
|
User-agent: |
Evolution 3.42.4 |
On Mon, 2022-12-12 at 09:27 -0500, Stefan Berger wrote:
>
>
> On 12/12/22 08:59, James Bottomley wrote:
> > On Mon, 2022-12-12 at 08:43 -0500, Stefan Berger wrote:
> > >
> > >
> > > On 12/10/22 12:10, James Bottomley wrote:
> > > > The Microsoft Simulator (mssim) is the reference emulation
> > > > platform
> > > > for the TCG TPM 2.0 specification.
> > > >
> > > > https://github.com/Microsoft/ms-tpm-20-ref.git
> > > >
> > > > It exports a fairly simple network socket baset protocol on two
> > >
> > > baset -> based.
> > >
> > > > sockets, one for command (default 2321) and one for control
> > > > (default 2322). This patch adds a simple backend that can
> > > > speak the mssim protocol over the network. It also allows the
> > > > host, and two ports to be specified on the qemu command line.
> > > > The benefits are twofold: firstly it gives us a backend that
> > > > actually speaks a standard TPM emulation protocol instead of
> > > > the linux specific TPM driver format of the current emulated
> > > > TPM backend and secondly, using the microsoft protocol, the end
> > > > point of the emulator can be anywhere on the network,
> > > > facilitating the cloud use case where a central TPM ervice can
> > > > be used over a control network.
> > > >
> > > > The implementation does basic control commands like power
> > > > off/on, but doesn't implement cancellation or startup. The
> > > > former because cancellation is pretty much useless on a fast
> > > > operating TPM emulator and the latter because this emulator is
> > > > designed to be used with OVMF which itself does TPM startup and
> > > > I wanted to validate that.
> > >
> > > How did you implement VM suspend/resume and snapshotting support?
> >
> > TPM2 doesn't need to. The mssim follows the reference model which
>
>
> You mean TPM2 doesn't need to resume at the point where the VM
> resumes (I am not talking about ACPI resume but virsh save/restore)
> after for example a host reboot?
> What does this have to do with the mssim reference model and
> TPM2_Shutdown protocol?
Running S3 suspend/resume before doing VM save/restore could fix a lot
of issue with passthrough PCI and when QEMU gets around to doing that a
TPM following the standard model should just work. It's useful to have
a driver supporting this work.
James
- [PATCH] tpm: add backend for mssim, James Bottomley, 2022/12/10
- Re: [PATCH] tpm: add backend for mssim, Stefan Berger, 2022/12/12
- Re: [PATCH] tpm: add backend for mssim, James Bottomley, 2022/12/12
- Re: [PATCH] tpm: add backend for mssim, Stefan Berger, 2022/12/12
- Re: [PATCH] tpm: add backend for mssim,
James Bottomley <=
- Re: [PATCH] tpm: add backend for mssim, Stefan Berger, 2022/12/12
- Re: [PATCH] tpm: add backend for mssim, James Bottomley, 2022/12/12
- Re: [PATCH] tpm: add backend for mssim, Stefan Berger, 2022/12/12
- Re: [PATCH] tpm: add backend for mssim, James Bottomley, 2022/12/12
- Re: [PATCH] tpm: add backend for mssim, Stefan Berger, 2022/12/12
Re: [PATCH] tpm: add backend for mssim, Daniel P . Berrangé, 2022/12/12