[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4



On 26/09/12 15:39, Matthew Fioravante wrote:
The last piece of this puzzle that I haven't figured out is the linux
tpm frontend driver. Its not in the main linux tree. Its from the old
2006 vtpm code but it still works. I believe it shipped with the old xen
2.6.18 kernel but now I don't know whats happened to it. I still have a
copy we have been porting to newer kernels internally.

Should we try to get it in mainline linux? Or maybe provide it in the
xen tree as an externally compilable kernel module?

There also exists a linux tpm backend driver, but if were only going to
support the domain model that is no longer needed and can go away.
We should absolutely get it into mainline Linux. I presume it's mainly the front/back code, which would live in the xen/ tree, and then hooks to make it work with /dev/tpm? It seems like that should be fairly straightforward to get upstream.

Re the backend driver: obviously you're going to be the one doing the work, so the final call will be up to you. But it seems to me that if it's not too difficult (and from the docs I looked at, it seemed like not much more than a dumb pipe?), I think you might as well port it. That would make it easy to run vtpm and vtpmmgr in Linux stubdoms instead of a mini-os stubdoms, should it ever becomes necessary to do so (for instance, if the vtpm code ever requires more functionality than the mini-os libc has).

To upstream, I think the SOP is to rebase to the most recently released Linux kernel (3.6 now I think), and cross-post the patches to xen-devel and linux-kernel, CC'ing the Xen maintainer, Konrad Wilk <konrad.wilk@xxxxxxxxxx>, and probably the TPM maintianer as well. (Correct me if I'm wrong, Konrad!)

 -George

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.