[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 1/4] vtpmmgr: add TPM group support

On Fri, 2014-03-14 at 16:45 -0400, Daniel De Graaf wrote:
> On 03/14/2014 12:40 PM, Ian Campbell wrote:
> > On Wed, 2014-03-12 at 14:41 -0400, Daniel De Graaf wrote:
> >> This is a complete rewrite of the disk format and key hierarchy for the
> > [...]
> >>   29 files changed, 5308 insertions(+), 2157 deletions(-)
> >
> > You weren't joking ;-)
> >
> > I'm not sure who is going to be able to sensibly review this stuff (not
> > just due to the size, but due to the required TPM knowledge).
> >
> > What is the upgrade story here?
> 
> There is no direct upgrade supported from the previous vtpmmgr domain.
> If an upgrade is needed, the incomplete verification of the vTPM's identity
> can be used to request the 52-byte key blob from the old vtpmmgr and load
> this blob into the new one.  Basically:
> 
> 1. Start the old vtpmmgr
> 2. Create a vtpm backend in xenstore with the UUID of the target vTPM,
>     referencing a gntalloc page of the migration application
> 3. Executevtpmmgr_LoadHashKey and save the returned key blob
> 4. Start the new vtpmmgr
> 5. Create a vtpm backend in xenstore with the UUID of the target vTPM,
>     referencing a gntalloc page of the migration application
> 6. Execute vtpmmgr_SaveHashKey with the returned key blob
> 7. Start the new vTPM and let it load the restored key
> 
> The XSM policy must permit this migration; normally, the vtpmmgr domain
> would not be permitted to map granted pages from any non-vtpm domain.

Thanks. Perhaps it's worth putting this in an appendix of the docs?

> The TPM manager also has the ability to verify the kernel hash of the
> vTPM to further restrict what updates are possible, but this is not
> currently available (the hash reports require a V4V-like mechanism).
> 
> >> diff --git a/stubdom/vtpmmgr/README b/stubdom/vtpmmgr/README
> >> index a70c1cc..f51ccf8 100644
> >> --- a/stubdom/vtpmmgr/README
> >> +++ b/stubdom/vtpmmgr/README
> >
> > If you move this to docs somewhere then it will get published on xenbits
> > etc automagically -- which seems beneficial.
> >
> > (or else if you want to set up some build system runes to pull stuff
> > from outside docs into the docs build that might work too)
> 
> I'll move the docs; there's no good reason to have them split them up
> from the existing docs/misc/vtpm.txt.

Sounds good.

> 
> > I glanced through the rest and didn't spot anything, but that's hardly
> > surprising...
> >
> > Ian.
> 
> 



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.