Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware

From:	Matthew Garrett
Subject:	Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware
Date:	Mon, 18 Jul 2016 17:49:00 -0700

On Jul 18, 2016 17:46, "Stefan Berger" <address@hidden> wrote:
>
>
> Matthew Garrett <address@hidden> wrote on 07/18/2016 08:39:07 PM:
>
>
> >
> > On Jul 18, 2016 17:08, "Stefan Berger" <address@hidden> wrote:
> > > The point of the TPM is that the device that holds the state of
> > the PCRs provides the signatures over their state rather than some
> > other 'entity' whose trustworthiness wouldn't be clear. Admittedly
> > the device comes with its own set of challenges.
>
> > The hypervisor holds the PCR state and also provides the signature.
> > If the hypervisor is untrustworthy than the state of the virtualised
> > system can never be verified, since it could simply have faked the
> > measurements passed to whatever the root of trust is.
>
> So the hypervisor will have the key for signing and provide the quote ?

Either the hypervisor itself or part of the associated platform. This
framework is typically inside the same trust boundary.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, (continued)
- Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Daniel P. Berrange, 2016/07/14
  - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Matthew Garrett, 2016/07/14
- Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Dr. David Alan Gilbert, 2016/07/15
  - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Stefan Berger, 2016/07/15
    - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Matthew Garrett, 2016/07/18
    - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Stefan Berger, 2016/07/18
    - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Matthew Garrett, 2016/07/18
    - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Stefan Berger, 2016/07/18
    - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Matthew Garrett, 2016/07/18
    - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Stefan Berger, 2016/07/18
    - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Matthew Garrett <=
  - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Matthew Garrett, 2016/07/18
    - Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware, Dr. David Alan Gilbert, 2016/07/19

Prev by Date: Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware
Next by Date: Re: [Qemu-devel] [RFC 2/2] qmp: Implement cpu-add in terms of query-hotpluggable-cpus when available
Previous by thread: Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware
Next by thread: Re: [Qemu-devel] [PATCH] hw/misc: Add simple measurement hardware
Index(es):
- Date
- Thread