On Mon, 2022-12-12 at 10:20 -0500, Stefan Berger wrote:
On 12/12/22 09:47, James Bottomley wrote:
[...]
I don't actually use virsh in my harness. I'm mostly interested in
the running the kernel TPM selftests against the reference model.
But I anticipate it wouldn't currently work because I don't believe
virsh triggers a S3 event which is why snapshot and migration
doesn't always work with PCI passthrough.
Then I think you should at least add a blocker to your model so that
suspend/resume/snapshotting/migration are all disabled because the
mssim reference implementation doesn't support permanent & volatile
state suspend/resume (and upgrading!) without significant work on it
as can be seen in libtpms.
Actually, I would think adding support, if that's what people wanted,
would be pretty simple. Since the network end point is the identifier,
the protocol would be not to power down the TPM on suspend/resume and
simply to send TPM_STOP to close down the sockets gracefully. Then the
next connection picks up the state where the previous one left off.
Why would we support another model for the backend that provides no
advantages over what is there right now?
The advantages were what was stated: ability to connect to the MS
reference model directly and no dependence on the Linux VTPM_PROXY
protocol.