[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] SeaBios/vTPM: Enable Xen stubdom vTPM for HVM virtual machine




> -----Original Message-----
> From: Kevin O'Connor [mailto:kevin@xxxxxxxxxxxx]
> Sent: Thursday, March 12, 2015 3:49 AM
> To: Xu, Quan; seabios@xxxxxxxxxxx
> Cc: stefano.stabellini@xxxxxxxxxxxxx; stefanb@xxxxxxxxxxxxxxxxxx;
> qemu-devel@xxxxxxxxxx; xen-devel@xxxxxxxxxxxxx
> Subject: Re: [PATCH] SeaBios/vTPM: Enable Xen stubdom vTPM for HVM virtual
> machine
> 
> On Tue, Mar 10, 2015 at 08:16:03AM -0400, Quan Xu wrote:
> > This patch series are only the SeaBios part to enable stubdom vTPM for
> > HVM virtual machine. It will work with Qemu patch series and Xen patch 
> > series.
> >
> > ========================
> >     *INTRODUCTION*
> > ========================
> > The goal of virtual Trusted Platform Module (vTPM) is to provide a TPM
> > functionality to virtual machines (Fedora, Ubuntu, Redhat, Windows
> > .etc). This allows programs to interact with a TPM in a virtual
> > machine the same way they interact with a TPM on the physical system.
> > Each virtual machine gets its own unique, emulated, software TPM. Each
> > major component of vTPM is implemented as a stubdom, providing secure
> separation guaranteed by the hypervisor.
> >
> > The vTPM stubdom is a Xen mini-OS domain that emulates a TPM for the
> > virtual machine to use. It is a small wrapper around the Berlios TPM
> > emulator. TPM commands are passed from mini-os TPM backend driver.
> 
> Thanks.  Does this seabios patch require additional seabios patches before it 
> is
> useful?  Does it depend on upstream patches in Xen/QEMU that are not yet
> committed?
> 
> -Kevin

Kevin, 
     Thanks for your reply.
     It doesn't require additional seabios patches before it is useful. These 
patches 
Should work with:
          [PATCH v3 0/7] vTPM: Xen stubdom vTPM for HVM virtual machine   
--(Xen patch)
          [PATCH v4 0/5] QEMU:Xen stubdom vTPM for HVM virtual machine   
--(Qemu patch)

I have committed but not upstream. I will forward them to you at next thread. 



Thanks 









_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.