Re: [PATCH v4 00/10] vTPM for aarch64

[Auger Eric]

Hi Stefan,
On 2/26/20 11:44 PM, Stefan Berger wrote:
> On 2/26/20 3:59 PM, Eric Auger wrote:
>> This series adds the capability to instantiate an MMIO TPM TIS
>> in ARM virt. It is candidate to qemu 5.0.
> 
> I queued it now here:
> https://github.com/stefanberger/qemu-tpm/commits/tpm-next
> 
> I will send the PR within a few days. Thanks!
Thank you. I will just ping Peter to make sure he has no comments on

[PATCH v4 06/10] hw/arm/virt: vTPM support

Eric

> 
> Cheers,
> 
>    Stefan
> 
> 
> 
>>
>> The existing TPM TIS code is reshuffled into a generic part,
>> the ISA device and the sysbus device. The sysbus TPM-TIS
>> device gets dynamically instantiated in machvirt on the
>> platform bus.
>>
>> ACPI boot is not yet supported on ARM. Note that the UEFI
>> firmware is itself a consumer of the DT description, so we
>> need the DT related changes regardless of whether the VM
>> boots in DT or ACPI mode.
>>
>> Related qtests are reshuffled to allow the reuse of existing
>> tests for both the ISA and the sysbus devices: Adaption
>> consists in changing the qemu command line (change in the
>> device name and provide explicit machine options) and adapt
>> to the relocation of the TPM-TIS device in the memory map.
>>
>> The series was tested with the swtpm/libtpms emulator.
>> Automatic guest LUKS volume unlocking (tpm2) was successful.
>> EDK2 support is under development [3]. Thanks to Ard
>> for supporting me when setting up the test environment.
>>
>> Best Regards
>>
>> Eric
>>
>> Testing:
>>
>> mkdir /tmp/tpm
>> swtpm socket \
>> --tpm2 \
>> -t -d \
>> --tpmstate dir=/tmp/tpm \
>> --ctrl type=unixio,path=/tmp/swtpm-sock
>>
>> qemu command line must be augmented with the following options:
>>
>> -chardev socket,id=chrtpm,path=/tmp/swtpm-sock \
>> -tpmdev emulator,id=tpm0,chardev=chrtpm \
>> -device tpm-tis-device,tpmdev=tpm0 \
>>
>> References:
>> [1] libtpms: https://github.com/stefanberger/libtpms/wiki
>> [2] swtpm: https://github.com/stefanberger/swtpm/wiki
>> [3] [PATCH v3 0/9] ArmVirtPkg: implement measured boot for ArmVirtQemu
>>
>> This series can be found at:
>> https://github.com/eauger/qemu/tree/v4.2.0-tpm-patch-v4
>>
>> History:
>>
>> v3 -> v4:
>> - collect additional R-b's
>> - add 'Not used but needed for linking' mention related to
>>    tpm_tis_base_addr in CRB test files
>> - fix comment style
>>
>> RFCv2 -> PATCH v3:
>> - Updated the doc for ARM
>> - Adapted existing tests for ARM
>> - use qemu_fdt_setprop_string in add_tpm_tis_fdt_node
>> - Collected R-b's
>> - Comments not taken into account:
>>    - I have kept the tpm-tis-device name for now despite Stefan's
>>      suggestion to rename it into tpm-tis-sysbus. This is not
>>      frozen though
>>    - Common state still is not a QOM object (no double inheritence)
>>
>> RFC v1 -> RFC v2:
>> - restructure the existing code with common, ISA and sysbus part.
>> - both ARM and x86 integration were tested.
>>
>> Eric Auger (10):
>>    tpm: rename TPM_TIS into TPM_TIS_ISA
>>    tpm: Use TPMState as a common struct
>>    tpm: Separate tpm_tis common functions from isa code
>>    tpm: Separate TPM_TIS and TPM_TIS_ISA configs
>>    tpm: Add the SysBus TPM TIS device
>>    hw/arm/virt: vTPM support
>>    docs/specs/tpm: Document TPM_TIS sysbus device for ARM
>>    test: tpm: pass optional machine options to swtpm test functions
>>    test: tpm-tis: Get prepared to share tests between ISA and sysbus
>>      devices
>>    test: tpm-tis: Add Sysbus TPM-TIS device test
>>
>>   default-configs/i386-softmmu.mak        |   2 +-
>>   docs/specs/tpm.rst                      |  25 +-
>>   hw/arm/Kconfig                          |   1 +
>>   hw/arm/sysbus-fdt.c                     |  33 ++
>>   hw/arm/virt.c                           |   7 +
>>   hw/i386/Kconfig                         |   2 +-
>>   hw/i386/acpi-build.c                    |   6 +-
>>   hw/tpm/Kconfig                          |  12 +-
>>   hw/tpm/Makefile.objs                    |   4 +-
>>   hw/tpm/tpm_tis.h                        |  91 +++++
>>   hw/tpm/{tpm_tis.c => tpm_tis_common.c}  | 181 +---------
>>   hw/tpm/tpm_tis_isa.c                    | 170 +++++++++
>>   hw/tpm/tpm_tis_sysbus.c                 | 159 +++++++++
>>   include/sysemu/tpm.h                    |   7 +-
>>   tests/qtest/Makefile.include            |  11 +-
>>   tests/qtest/tpm-crb-swtpm-test.c        |   9 +-
>>   tests/qtest/tpm-crb-test.c              |   3 +
>>   tests/qtest/tpm-tests.c                 |  10 +-
>>   tests/qtest/tpm-tests.h                 |   5 +-
>>   tests/qtest/tpm-tis-device-swtpm-test.c |  76 ++++
>>   tests/qtest/tpm-tis-device-test.c       |  87 +++++
>>   tests/qtest/tpm-tis-swtpm-test.c        |   8 +-
>>   tests/qtest/tpm-tis-test.c              | 414 +---------------------
>>   tests/qtest/tpm-tis-util.c              | 451 ++++++++++++++++++++++++
>>   tests/qtest/tpm-tis-util.h              |  23 ++
>>   tests/qtest/tpm-util.c                  |  11 +-
>>   tests/qtest/tpm-util.h                  |   8 +-
>>   27 files changed, 1207 insertions(+), 609 deletions(-)
>>   create mode 100644 hw/tpm/tpm_tis.h
>>   rename hw/tpm/{tpm_tis.c => tpm_tis_common.c} (85%)
>>   create mode 100644 hw/tpm/tpm_tis_isa.c
>>   create mode 100644 hw/tpm/tpm_tis_sysbus.c
>>   create mode 100644 tests/qtest/tpm-tis-device-swtpm-test.c
>>   create mode 100644 tests/qtest/tpm-tis-device-test.c
>>   create mode 100644 tests/qtest/tpm-tis-util.c
>>   create mode 100644 tests/qtest/tpm-tis-util.h
>>
> 
>