[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 1/4] vtpmmgr: add TPM group support
On 03/14/2014 12:40 PM, Ian Campbell wrote: On Wed, 2014-03-12 at 14:41 -0400, Daniel De Graaf wrote:This is a complete rewrite of the disk format and key hierarchy for the[...]29 files changed, 5308 insertions(+), 2157 deletions(-)You weren't joking ;-) I'm not sure who is going to be able to sensibly review this stuff (not just due to the size, but due to the required TPM knowledge). What is the upgrade story here? There is no direct upgrade supported from the previous vtpmmgr domain. If an upgrade is needed, the incomplete verification of the vTPM's identity can be used to request the 52-byte key blob from the old vtpmmgr and load this blob into the new one. Basically: 1. Start the old vtpmmgr 2. Create a vtpm backend in xenstore with the UUID of the target vTPM, referencing a gntalloc page of the migration application 3. Executevtpmmgr_LoadHashKey and save the returned key blob 4. Start the new vtpmmgr 5. Create a vtpm backend in xenstore with the UUID of the target vTPM, referencing a gntalloc page of the migration application 6. Execute vtpmmgr_SaveHashKey with the returned key blob 7. Start the new vTPM and let it load the restored key The XSM policy must permit this migration; normally, the vtpmmgr domain would not be permitted to map granted pages from any non-vtpm domain. The TPM manager also has the ability to verify the kernel hash of the vTPM to further restrict what updates are possible, but this is not currently available (the hash reports require a V4V-like mechanism). diff --git a/stubdom/vtpmmgr/README b/stubdom/vtpmmgr/README index a70c1cc..f51ccf8 100644 --- a/stubdom/vtpmmgr/README +++ b/stubdom/vtpmmgr/READMEIf you move this to docs somewhere then it will get published on xenbits etc automagically -- which seems beneficial. (or else if you want to set up some build system runes to pull stuff from outside docs into the docs build that might work too) I'll move the docs; there's no good reason to have them split them up from the existing docs/misc/vtpm.txt. I glanced through the rest and didn't spot anything, but that's hardly surprising... Ian. -- Daniel De Graaf National Security Agency _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |