Re: [PATCH v3 6/7] docs/zh_CN: Add tpm xen-tpmfront Chinese translation

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Yanteng Si <si.yanteng@linux.dev>
To: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>, alexs@kernel.org, corbet@lwn.net
Cc: zhaoyuehui@cqsoftware.com.cn, zhangwei@cqsoftware.com.cn,
	maoyuxian@cqsoftware.com.cn, linux-doc@vger.kernel.org
Subject: Re: [PATCH v3 6/7] docs/zh_CN: Add tpm xen-tpmfront Chinese translation
Date: Fri, 24 Jan 2025 17:23:36 +0800	[thread overview]
Message-ID: <43863dec-89c7-4eb2-9cd3-8cf1f3b3e032@linux.dev> (raw)
In-Reply-To: <570a7a7c6f55996c02dd2e474a4e8cbfa8f9ccc3.1737603330.git.zhaoshuo@cqsoftware.com.cn>




在 2025/1/23 13:17, Shuo Zhao 写道:
> Translate .../security/tpm/xen-tpmfront.rst into Chinese.
>
> Update the translation through commit 9e255e2b9afe
> ("Documentation: drop optional BOMs")
>
> Reviewed-by: Alex Shi <alexs@kernel.org>
> Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>

Thanks,
Yanteng
> ---
>   .../translations/zh_CN/security/tpm/index.rst |   2 +-
>   .../zh_CN/security/tpm/xen-tpmfront.rst       | 114 ++++++++++++++++++
>   2 files changed, 115 insertions(+), 1 deletion(-)
>   create mode 100644 Documentation/translations/zh_CN/security/tpm/xen-tpmfront.rst
>
> diff --git a/Documentation/translations/zh_CN/security/tpm/index.rst b/Documentation/translations/zh_CN/security/tpm/index.rst
> index dd80816f8af8..bf95200ca586 100644
> --- a/Documentation/translations/zh_CN/security/tpm/index.rst
> +++ b/Documentation/translations/zh_CN/security/tpm/index.rst
> @@ -16,7 +16,7 @@
>      tpm-security
>      tpm_tis
>      tpm_vtpm_proxy
> +   xen-tpmfront
>   
>   TODOLIST:
> -*   xen-tpmfront
>   *   tpm_ftpm_tee
> diff --git a/Documentation/translations/zh_CN/security/tpm/xen-tpmfront.rst b/Documentation/translations/zh_CN/security/tpm/xen-tpmfront.rst
> new file mode 100644
> index 000000000000..fa085d98a99b
> --- /dev/null
> +++ b/Documentation/translations/zh_CN/security/tpm/xen-tpmfront.rst
> @@ -0,0 +1,114 @@
> +.. SPDX-License-Identifier: GPL-2.0
> +.. include:: ../../disclaimer-zh_CN.rst
> +
> +:Original: Documentation/security/tpm/xen-tpmfront.rst
> +
> +:翻译:
> + 赵硕 Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
> +
> +================
> +Xen的虚拟TPM接口
> +================
> +
> +作者：Matthew Fioravante (JHUAPL), Daniel De Graaf (NSA)
> +
> +本文档描述了用于Xen的虚拟可信平台模块（vTPM）子系统。假定读者熟悉
> +Xen和Linux的构建和安装，并对TPM和vTPM概念有基本的理解。
> +
> +介绍
> +----
> +
> +这项工作的目标是为虚拟客户操作系统（在Xen中称为DomU）提供TPM功能。这使得
> +程序能够像与物理系统上的TPM交互一样，与虚拟系统中的TPM进行交互。每个客户
> +操作系统都会获得一个唯一的、模拟的软件TPM。然而，vTPM的所有秘密（如密钥、
> +NVRAM 等）由vTPM管理域进行管理，该域将这些秘密封存到物理TPM中。如果创建这
> +些域（管理域、vTPM域和客户域）的过程是可信的，vTPM子系统就能将根植于硬件
> +TPM的信任链扩展到Xen中的虚拟机。vTPM的每个主要组件都作为一个独立的域实现，
> +从而通过虚拟机监控程序（hypervisor）提供安全隔离。
> +
> +这个mini-os vTPM 子系统是建立在IBM和Intel公司之前的vTPM工作基础上的。
> +
> +
> +设计概述
> +--------
> +
> +vTPM的架构描述如下::
> +
> +  +------------------+
> +  |    Linux DomU    | ...
> +  |       |  ^       |
> +  |       v  |       |
> +  |   xen-tpmfront   |
> +  +------------------+
> +          |  ^
> +          v  |
> +  +------------------+
> +  | mini-os/tpmback  |
> +  |       |  ^       |
> +  |       v  |       |
> +  |  vtpm-stubdom    | ...
> +  |       |  ^       |
> +  |       v  |       |
> +  | mini-os/tpmfront |
> +  +------------------+
> +          |  ^
> +          v  |
> +  +------------------+
> +  | mini-os/tpmback  |
> +  |       |  ^       |
> +  |       v  |       |
> +  | vtpmmgr-stubdom  |
> +  |       |  ^       |
> +  |       v  |       |
> +  | mini-os/tpm_tis  |
> +  +------------------+
> +          |  ^
> +          v  |
> +  +------------------+
> +  |   Hardware TPM   |
> +  +------------------+
> +
> +* Linux DomU:
> +               希望使用vTPM的基于Linux的客户机。可能有多个这样的实例。
> +
> +* xen-tpmfront.ko:
> +               Linux内核虚拟TPM前端驱动程序。该驱动程序为基于Linux的DomU提供
> +               vTPM访问。
> +
> +* mini-os/tpmback:
> +               Mini-os TPM后端驱动程序。Linux前端驱动程序通过该后端驱动程序连
> +               接，以便在Linux DomU和其vTPM之间进行通信。该驱动程序还被
> +               vtpmmgr-stubdom用于与vtpm-stubdom通信。
> +
> +* vtpm-stubdom:
> +               一个实现vTPM的mini-os存根域。每个正在运行的vtpm-stubdom实例与系统
> +               上的逻辑vTPM之间有一一对应的关系。vTPM平台配置寄存器（PCRs）通常都
> +               初始化为零。
> +
> +* mini-os/tpmfront:
> +               Mini-os TPM前端驱动程序。vTPM mini-os域vtpm-stubdom使用该驱动程序
> +               与vtpmmgr-stubdom通信。此驱动程序还用于与vTPM域通信的mini-os域，例
> +               如 pv-grub。
> +
> +* vtpmmgr-stubdom:
> +               一个实现vTPM管理器的mini-os域。系统中只有一个vTPM管理器，并且在整个
> +               机器生命周期内应一直运行。此域调节对系统中物理TPM的访问，并确保每个
> +               vTPM的持久状态。
> +
> +* mini-os/tpm_tis:
> +               Mini-osTPM1.2版本TPM 接口规范（TIS）驱动程序。该驱动程序由vtpmmgr-stubdom
> +               用于直接与硬件TPM通信。通信通过将硬件内存页映射到vtpmmgr-stubdom来实现。
> +
> +* 硬件TPM:
> +               固定在主板上的物理 TPM。
> +
> +与Xen的集成
> +-----------
> +
> +vTPM驱动程序的支持已在Xen4.3中通过libxl工具堆栈添加。有关设置vTPM和vTPM
> +管理器存根域的详细信息，请参见Xen文档（docs/misc/vtpm.txt）。一旦存根域
> +运行，与磁盘或网络设备相同，vTPM设备将在域的配置文件中进行设置
> +
> +为了使用诸如IMA（完整性测量架构）等需要在initrd之前加载TPM的功能，必须将
> +xen-tpmfront驱动程序编译到内核中。如果不使用这些功能，驱动程序可以作为
> +模块编译，并像往常一样加载。

next prev parent reply	other threads:[~2025-01-24  9:23 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-01-23  5:17 [PATCH v3 0/7] Add all Chinese translations in the tpm directory Shuo Zhao
2025-01-23  5:17 ` [PATCH v3 1/7] docs/zh_CN: Add tpm index Chinese translation Shuo Zhao
2025-01-24  6:58   ` Yanteng Si
2025-01-23  5:17 ` [PATCH v3 2/7] docs/zh_CN: Add tpm tpm_event_log " Shuo Zhao
2025-01-24  7:01   ` Yanteng Si
2025-01-23  5:17 ` [PATCH v3 3/7] docs/zh_CN: Add tpm tpm-security " Shuo Zhao
2025-01-24  9:19   ` Yanteng Si
2025-01-23  5:17 ` [PATCH v3 4/7] docs/zh_CN: Add tpm tpm_tis " Shuo Zhao
2025-01-24  9:20   ` Yanteng Si
2025-01-23  5:17 ` [PATCH v3 5/7] docs/zh_CN: Add tpm tpm_vtpm_proxy " Shuo Zhao
2025-01-24  9:21   ` Yanteng Si
2025-01-23  5:17 ` [PATCH v3 6/7] docs/zh_CN: Add tpm xen-tpmfront " Shuo Zhao
2025-01-24  9:23   ` Yanteng Si [this message]
2025-01-23  5:17 ` [PATCH v3 7/7] docs/zh_CN: Add tpm tpm_ftpm_tee " Shuo Zhao
2025-01-24  9:24   ` Yanteng Si
2025-02-04 16:54 ` [PATCH v3 0/7] Add all Chinese translations in the tpm directory Jonathan Corbet

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=43863dec-89c7-4eb2-9cd3-8cf1f3b3e032@linux.dev \
    --to=si.yanteng@linux.dev \
    --cc=alexs@kernel.org \
    --cc=corbet@lwn.net \
    --cc=linux-doc@vger.kernel.org \
    --cc=maoyuxian@cqsoftware.com.cn \
    --cc=zhangwei@cqsoftware.com.cn \
    --cc=zhaoshuo@cqsoftware.com.cn \
    --cc=zhaoyuehui@cqsoftware.com.cn \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.