[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 0/4] vtpm{,mgr}: TPM groups and deep quotes

On Fri, 2014-03-14 at 17:13 -0400, Daniel De Graaf wrote:
> On 03/14/2014 12:50 PM, Ian Campbell wrote:
> > On Wed, 2014-03-12 at 14:41 -0400, Daniel De Graaf wrote:
> >> This is an updated vTPM Manager domain which adds support for using the
> >> physical TPM to protect vTPM secrets according to its PCR values, and to
> >> allow virtual machines (including dom0) to attest to both the platform's
> >> state and to their own state.  The commit message for the first patch
> >> contains more details.
> >>
> >> [PATCH 1/4] vtpmmgr: add TPM group support
> >> [PATCH 2/4] vtpm: passthru requests to manager
> >> [PATCH 3/4] vtpm: add ordinal for obtaining an EK signature
> >> [PATCH 4/4] vtpm: Deep Quote support
> >
> > I wonder who would be able to review this sensibly? Unless you want to
> > nominate someone who you think should ack it before it goes in then I'm
> > inclined to give it my "I've glanced at this Ack" and commit it (subject
> > to the very superficial comments I've made, which barely even count as
> > "review").
> >
> > Unless there are any objections to that I'll do so next week.
> >
> > Ian.
> 
> I will post an updated version of the first patch with docs moved and
> with some sample scripts.  There are also currently two follow-up
> patches pending which I (or the author) will be posting when the author
> is able to confirm their Signed-off-by; they address some issues where
> real TPMs don't exactly conform to the TPM specification.

OK, I'll wait for v2 then.

> The two support scripts that I plan to add are:
>       tools/vtpmmgr/manage-vtpmmgr.pl
>       tools/vtpmmgr/group-agent.pl
> The first is a management script used for provisioning and managing
> vTPMs, which needs to be run in the management domain.  The second is a
> back-end configuration approval script that should be part of the
> attestation and upgrade approval infrastructure for the host of a vTPM.
> Is tools the proper location for adding these scripts?

I guess it is as good as anywhere. Do these get installed to
$prefix/lib/xen/bin?

Ian.


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.