[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM |
Date: |
Wed, 20 Jan 2016 16:15:51 +0000 |
User-agent: |
Mutt/1.5.24 (2015-08-30) |
On Wed, Jan 20, 2016 at 05:58:02PM +0200, Michael S. Tsirkin wrote:
> On Wed, Jan 20, 2016 at 10:36:41AM -0500, Stefan Berger wrote:
> > "Michael S. Tsirkin" <address@hidden> wrote on 01/20/2016 10:20:58 AM:
> >
> > > From: "Michael S. Tsirkin" <address@hidden>
> >
> > > >
> > > > The CUSE TPM and associated tools can be found here:
> > > >
> > > > https://github.com/stefanberger/swtpm
> > > >
> > > > (please use the latest version)
> > > >
> > > > To use the external CUSE TPM, the CUSE TPM should be started as follows:
> > > >
> > > > # terminate previously started CUSE TPM
> > > > /usr/bin/swtpm_ioctl -s /dev/vtpm-test
> > > >
> > > > # start CUSE TPM
> > > > /usr/bin/swtpm_cuse -n vtpm-test
> > > >
> > > > QEMU can then be started using the following parameters:
> > > >
> > > > qemu-system-x86_64 \
> > > > [...] \
> > > > -tpmdev
> > > > cuse-tpm,id=tpm0,cancel-path=/dev/null,path=/dev/vtpm-test
> > \
> > > > -device tpm-tis,id=tpm0,tpmdev=tpm0 \
> > > > [...]
> > > >
> > > >
> > > > Signed-off-by: Stefan Berger <address@hidden>
> > > > Cc: Eric Blake <address@hidden>
> > >
> > > Before we add a dependency on this interface,
> > > I'd rather see this interface supported in kernel
> > > and not just in CUSE.
> >
> > For using the single hardware TPM, we have the passthrough type. It's usage
> > is
> > limited.
> >
> > CUSE extends the TPM character device interface with ioctl's. Behind the
> > character device we can implement a TPM 1.2 and a TPM 2. Both TPM
> > implementations require large amounts of code, which I don't think should go
> > into the Linux kernel itself. So I don't know who would implement this
> > interface inside the Linux kernel.
> >
> > Stefan
> >
>
> BTW I'm not talking about the code - I'm talking about the interfaces here.
>
> One way would be to add support for these interface support in the kernel.
>
> Maybe others can be replaced with QMP events so management
> can take the necessary action.
>
> As long as this is not the case, I suspect this code will have to stay
> out of tree :( We can't depend on interfaces provided solely by cuse
> devices on github.
The kernel already has a userspace device interface for TPMs doesn't
it - it is what our existing 'tpm-passthrough' backend in QEMU surely
uses.
If swtpm is going to the trouble of providing device node emulation
with CUSE, I would have thought it could emulate the same interface
as the existing kernel TPM device nodes, thus removing the need for
any extra driver in QEMU ? Otherwise it doesn't seem like there's
much point in using CUSE, as opposed to a general userspace RPC
protocol that doesn't need kernel support at all.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, (continued)
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Michael S. Tsirkin, 2016/01/20
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Stefan Berger, 2016/01/20
- Message not available
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Michael S. Tsirkin, 2016/01/20
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Stefan Berger, 2016/01/20
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Michael S. Tsirkin, 2016/01/20
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Stefan Berger, 2016/01/20
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Michael S. Tsirkin, 2016/01/21
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Xu, Quan, 2016/01/21
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Michael S. Tsirkin, 2016/01/21
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM, Stefan Berger, 2016/01/21
- Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM,
Daniel P. Berrange <=
Re: [Qemu-devel] [PATCH v5 0/4] Extend TPM support with a QEMU-external TPM, Xu, Quan, 2016/01/04
Re: [Qemu-devel] [PATCH v5 0/4] Extend TPM support with a QEMU-external TPM, Xu, Quan, 2016/01/19
Re: [Qemu-devel] [PATCH v5 0/4] Extend TPM support with a QEMU-external TPM, Daniel P. Berrange, 2016/01/20