From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
To: Jan Beulich <JBeulich@suse.com>
Cc: matthew.fioravante@jhuapl.edu, xen-devel@lists.xen.org
Subject: Re: [PATCH] drivers/tpm-xen: Change vTPM shared page ABI
Date: Tue, 11 Dec 2012 09:55:02 -0500 [thread overview]
Message-ID: <50C74946.3090807@tycho.nsa.gov> (raw)
In-Reply-To: <50C72C8502000078000AFA6D@nat28.tlf.novell.com>
On 12/11/2012 06:52 AM, Jan Beulich wrote:
>>>> On 10.12.12 at 21:00, Daniel De Graaf <dgdegra@tycho.nsa.gov> wrote:
>> This changes the vTPM shared page ABI from a copy of the Xen network
>> interface to a single-page interface that better reflects the expected
>> behavior of a TPM: only a single request packet can be sent at any given
>> time, and every packet sent generates a single response packet. This
>> protocol change should also increase efficiency as it avoids mapping and
>> unmapping grants when possible.
>
> Given
>
> -#define TPMIF_TX_RING_SIZE 1
>
> where was the problem?
The shared ring still needed to refer to grants and a series of shared pages
for requests and replies, and was implemented by mapping and unmapping grants
on each request. While a persistent mapping (like being introduced in Linux)
could also have addressed the efficiency issues, redoing the shared page
seemed cleaner. Redoing the shared page allows potentially supporting TPM
packets up to 1MB in size, although that requires using the extra_pages list
which isn't implemented (most, if not all, users won't use large packets in
order to support hardware TPMs with hard limitations on the packet size). It
also allows introducing an out-of-band locality field for requests, and the
status field could easily be extended to allow command cancellation - although
that would require a vTPM supporting cancellation; CPU-based vTPMs are fast
enough that cancellation is not needed to meet the timing requirements.
> Also, the patch replaces the old interface by the new one - how
> is that compatible with older implementations?
It is not; we've decided to call this "vtpm2" in xenbus to address this. From
the condition of the old vtpm code in Xen, there appear to be few users of the
old implementation, even if there are many users of a kernel with the driver
present.
> The positive aspect is that the new interface isn't address size
> dependent anymore (and hence mixed size backend/frontend can
> work together, which isn't the case for the original one).
>
> Jan
>
next prev parent reply other threads:[~2012-12-11 14:55 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-12-10 19:55 [PATCH v3 00/14] vTPM new ABI, extensions Daniel De Graaf
2012-12-10 19:55 ` [PATCH 01/14] mini-os/tpm{back, front}: Change shared page ABI Daniel De Graaf
2012-12-14 20:16 ` [PATCH v3.2] " Daniel De Graaf
2012-12-10 19:55 ` [PATCH 02/14] stubdom/vtpm: correct the buffer size returned by TPM_CAP_PROP_INPUT_BUFFER Daniel De Graaf
2012-12-10 19:55 ` [PATCH 03/14] stubdom/vtpm: Support locality field Daniel De Graaf
2012-12-10 19:55 ` [PATCH 04/14] stubdom/vtpm: Allow repoen of closed devices Daniel De Graaf
2012-12-10 19:55 ` [PATCH 05/14] stubdom/vtpm: make state save operation atomic Daniel De Graaf
2012-12-10 19:55 ` [PATCH 06/14] stubdom/grub: send kernel measurements to vTPM Daniel De Graaf
2012-12-10 19:55 ` [PATCH 07/14] stubdom/vtpm: Add locality-5 PCRs Daniel De Graaf
2012-12-10 19:55 ` [PATCH 08/14] stubdom/vtpm: support multiple backends Daniel De Graaf
2012-12-10 19:55 ` [PATCH 09/14] stubdom/vtpm: Add PCR pass-through to hardware TPM Daniel De Graaf
2012-12-14 20:12 ` Daniel De Graaf
2012-12-10 19:55 ` [PATCH 10/14] mini-os/tpmback: set up callbacks before enumeration Daniel De Graaf
2012-12-10 19:55 ` [PATCH 11/14] mini-os/tpmback: Replace UUID field with opaque pointer Daniel De Graaf
2012-12-10 19:55 ` [PATCH 12/14] mini-os/tpmback: add tpmback_get_peercontext Daniel De Graaf
2012-12-10 21:20 ` Samuel Thibault
2012-12-10 21:22 ` Daniel De Graaf
2012-12-10 21:25 ` Samuel Thibault
2012-12-10 19:55 ` [PATCH 13/14] stubdom/vtpm: constrain locality by XSM label Daniel De Graaf
2012-12-10 19:55 ` [PATCH 14/14] stubdom/Makefile: Fix gmp extract rule Daniel De Graaf
2012-12-10 21:24 ` Samuel Thibault
2012-12-10 21:28 ` Daniel De Graaf
2012-12-10 21:33 ` Samuel Thibault
2012-12-10 20:00 ` [PATCH] drivers/tpm-xen: Change vTPM shared page ABI Daniel De Graaf
2012-12-11 11:52 ` Jan Beulich
2012-12-11 14:55 ` Daniel De Graaf [this message]
2013-01-18 15:12 ` [PATCH v3 00/14] vTPM new ABI, extensions Ian Campbell
-- strict thread matches above, loose matches on Subject: below --
2013-03-21 20:11 [PATCH v5 00/12] vTPM updates for 4.3 Daniel De Graaf
2013-03-21 20:12 ` [PATCH] drivers/tpm-xen: Change vTPM shared page ABI Daniel De Graaf
2013-03-22 8:26 ` Jan Beulich
2013-03-22 14:37 ` Daniel De Graaf
2013-03-22 15:25 ` Jan Beulich
2013-03-22 16:46 ` Daniel De Graaf
2013-03-22 12:41 ` Konrad Rzeszutek Wilk
2013-03-22 14:37 ` Daniel De Graaf
2013-01-23 18:29 [PATCH v4 00/13] vTPM new ABI, extensions Daniel De Graaf
2013-01-23 18:43 ` [PATCH] drivers/tpm-xen: Change vTPM shared page ABI Daniel De Graaf
2012-11-20 16:16 [PATCH RFC] stubdom: " Fioravante, Matthew E.
2012-11-20 18:24 ` [PATCH] drivers/tpm-xen: " Daniel De Graaf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50C74946.3090807@tycho.nsa.gov \
--to=dgdegra@tycho.nsa.gov \
--cc=JBeulich@suse.com \
--cc=matthew.fioravante@jhuapl.edu \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.