From: Stefan Berger <stefanb@linux.vnet.ibm.com>
To: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Stefan Berger <stefanb@us.ibm.com>,
"mst@redhat.com" <mst@redhat.com>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
"hagen.lauer@huawei.com" <hagen.lauer@huawei.com>,
"Xu, Quan" <quan.xu@intel.com>,
"silviu.vlasceanu@gmail.com" <silviu.vlasceanu@gmail.com>,
"SERBAN, CRISTINA" <cs1731@att.com>,
"SHIH, CHING C" <cs1815@att.com>
Subject: Re: [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM
Date: Thu, 16 Jun 2016 11:04:05 -0400 [thread overview]
Message-ID: <5762BFE5.9070906@linux.vnet.ibm.com> (raw)
In-Reply-To: <20160616080520.GA2249@work-vm>
On 06/16/2016 04:05 AM, Dr. David Alan Gilbert wrote:
> * Stefan Berger (stefanb@linux.vnet.ibm.com) wrote:
>> On 06/15/2016 03:30 PM, Dr. David Alan Gilbert wrote:
> <snip>
>
>>> So what was the multi-instance vTPM proxy driver patch set about?
>> That's for containers.
> Why have the two mechanisms? Can you explain how the multi-instance
> proxy works; my brief reading when I saw your patch series seemed
> to suggest it could be used instead of CUSE for the non-container case.
The multi-instance vtpm proxy driver basically works through usage of an
ioctl() on /dev/vtpmx that is used to spawn a new front- and backend
pair. The front-end is a new /dev/tpm%d device that then can be moved
into the container (mknod + device cgroup setup). The backend is an
anonymous file descriptor that is to be passed to a TPM emulator for
reading TPM requests coming in from that /dev/tpm%d and returning
responses to. Since it is implemented as a kernel driver, we can hook it
into the Linux Integrity Measurement Architecture (IMA) and have it be
used by IMA in place of a hardware TPM driver. There's ongoing work in
the area of namespacing support for IMA to have an independent IMA
instance per container so that this can be used.
A TPM does not only have a data channel (/dev/tpm%d) but also a control
channel, which is primarily implemented in its hardware interface and is
typically not fully accessible to user space. The vtpm proxy driver
_only_ supports the data channel through which it basically relays TPM
commands and responses from user space to the TPM emulator. The control
channel is provided by the software emulator through an additional TCP
or UnixIO socket or in case of CUSE through ioctls. The control channel
allows to reset the TPM when the container/VM is being reset or set the
locality of a command or retrieve the state of the vTPM (for suspend)
and set the state of the vTPM (for resume) among several other things.
The commands for the control channel are defined here:
https://github.com/stefanberger/swtpm/blob/master/include/swtpm/tpm_ioctl.h
For a container we would require that its management stack initializes
and resets the vTPM when the container is rebooted. (These are typically
operations that are done through pulses on the motherboard.)
In case of QEMU we would need to have more access to the control
channel, which includes initialization and reset of the vTPM, getting
and setting its state for suspend/resume/migration, setting the locality
of commands, etc., so that all low-level functionality is accessible to
the emulator (QEMU). The proxy driver does not help with this but we
should use the swtpm implementation that either has that CUSE interface
with control channel (through ioctls) or provides UnixIO and TCP sockets
for the control channel.
Stefan
>
> Dave
> P.S. I've removed Jeff from the cc because I got a bounce from
> his AT&T address saying 'restricted/not authorized'
>
>> Stefan
>>
> --
> Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
>
next prev parent reply other threads:[~2016-06-16 15:12 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-04 15:23 [Qemu-devel] [PATCH v5 0/4] Extend TPM support with a QEMU-external TPM Stefan Berger
2016-01-04 15:23 ` [Qemu-devel] [PATCH v5 1/4] Provide support for the CUSE TPM Stefan Berger
2016-01-20 15:00 ` Daniel P. Berrange
2016-01-20 15:31 ` Stefan Berger
[not found] ` <201601201532.u0KFW2q2019737@d03av03.boulder.ibm.com>
2016-01-20 15:46 ` Daniel P. Berrange
2016-01-20 15:54 ` Stefan Berger
2016-01-20 16:03 ` Michael S. Tsirkin
2016-01-20 16:13 ` Stefan Berger
2016-01-20 16:22 ` Daniel P. Berrange
2016-01-21 11:36 ` Dr. David Alan Gilbert
2016-05-31 18:58 ` BICKFORD, JEFFREY E
2016-05-31 19:10 ` Dr. David Alan Gilbert
2016-06-01 22:54 ` BICKFORD, JEFFREY E
2016-06-13 10:56 ` Stefan Berger
2016-06-01 1:58 ` Xu, Quan
2016-06-13 11:02 ` Stefan Berger
2016-06-15 19:30 ` Dr. David Alan Gilbert
2016-06-15 20:54 ` Stefan Berger
2016-06-16 8:05 ` Dr. David Alan Gilbert
2016-06-16 8:25 ` Daniel P. Berrange
2016-06-16 15:20 ` Stefan Berger
2017-03-01 12:25 ` Stefan Berger
2017-03-01 12:54 ` Daniel P. Berrange
2017-03-01 13:25 ` Stefan Berger
2017-03-01 14:17 ` Marc-André Lureau
2017-03-01 14:50 ` Stefan Berger
2017-03-01 15:24 ` Marc-André Lureau
2017-03-01 15:58 ` Stefan Berger
2017-03-01 16:22 ` Michael S. Tsirkin
2017-03-01 16:31 ` Daniel P. Berrange
2017-03-01 16:57 ` Dr. David Alan Gilbert
2017-03-01 17:02 ` Michael S. Tsirkin
2017-03-01 17:12 ` Stefan Berger
2017-03-01 17:16 ` Michael S. Tsirkin
2017-03-01 17:20 ` Daniel P. Berrange
2017-03-01 18:03 ` Michael S. Tsirkin
2017-03-01 17:25 ` Stefan Berger
2017-03-01 17:38 ` Daniel P. Berrange
2017-03-01 17:58 ` Michael S. Tsirkin
2017-03-01 18:06 ` Dr. David Alan Gilbert
2017-03-01 18:09 ` Michael S. Tsirkin
2017-03-01 18:18 ` Dr. David Alan Gilbert
2017-03-01 18:30 ` Michael S. Tsirkin
2017-03-01 19:24 ` Stefan Berger
2017-03-01 23:36 ` Michael S. Tsirkin
2017-03-01 23:42 ` Michael S. Tsirkin
2017-03-01 18:11 ` Daniel P. Berrange
2017-03-01 18:20 ` Michael S. Tsirkin
2017-03-01 18:32 ` Marc-André Lureau
2017-03-01 18:56 ` Daniel P. Berrange
2017-03-01 19:18 ` Marc-André Lureau
2017-03-01 22:22 ` Michael S. Tsirkin
2017-03-01 17:36 ` Daniel P. Berrange
2017-03-01 15:18 ` Daniel P. Berrange
2017-03-01 15:40 ` Stefan Berger
2017-03-01 16:13 ` Daniel P. Berrange
2016-06-16 13:58 ` SERBAN, CRISTINA
2016-06-16 15:04 ` Stefan Berger [this message]
2016-06-16 15:22 ` Dr. David Alan Gilbert
2016-06-16 15:35 ` Stefan Berger
2016-06-16 17:54 ` Dr. David Alan Gilbert
2016-06-16 18:43 ` Stefan Berger
2016-06-16 19:24 ` Dr. David Alan Gilbert
2016-06-16 21:28 ` Stefan Berger
2017-02-28 18:31 ` Marc-André Lureau
2017-03-01 12:32 ` Stefan Berger
2016-01-28 13:15 ` Daniel P. Berrange
2016-01-28 14:51 ` Stefan Berger
2016-01-20 15:20 ` Michael S. Tsirkin
2016-01-20 15:36 ` Stefan Berger
[not found] ` <201601201536.u0KFanwG004844@d01av04.pok.ibm.com>
2016-01-20 15:58 ` Michael S. Tsirkin
2016-01-20 16:06 ` Stefan Berger
2016-01-20 18:54 ` Michael S. Tsirkin
2016-01-20 21:25 ` Stefan Berger
2016-01-21 5:08 ` Michael S. Tsirkin
2016-01-21 5:41 ` Xu, Quan
2016-01-21 9:19 ` Michael S. Tsirkin
2016-01-21 12:09 ` Stefan Berger
2016-01-20 16:15 ` Daniel P. Berrange
2016-01-04 15:23 ` [Qemu-devel] [PATCH v5 2/4] Introduce condition to notify waiters of completed command Stefan Berger
2016-01-04 15:23 ` [Qemu-devel] [PATCH v5 3/4] Introduce condition in TPM backend for notification Stefan Berger
2016-01-04 15:23 ` [Qemu-devel] [PATCH v5 4/4] Add support for VM suspend/resume for TPM TIS Stefan Berger
2016-01-05 1:26 ` [Qemu-devel] [PATCH v5 0/4] Extend TPM support with a QEMU-external TPM Xu, Quan
2016-01-05 3:36 ` Stefan Berger
2016-01-20 1:40 ` Xu, Quan
2016-01-20 9:23 ` Hagen Lauer
2016-01-20 9:41 ` Xu, Quan
2016-01-20 14:58 ` Daniel P. Berrange
2016-01-20 15:23 ` Stefan Berger
[not found] ` <201601201523.u0KFNwOH000398@d01av04.pok.ibm.com>
2016-01-20 15:42 ` Daniel P. Berrange
2016-01-20 19:51 ` Stefan Berger
[not found] ` <OF1010A111.39918A93-ON00257F40.006CA5ED-85257F40.006D2225@LocalDomain>
2016-01-20 20:16 ` Stefan Berger
2016-01-21 11:40 ` Dr. David Alan Gilbert
2016-01-21 12:31 ` Stefan Berger
[not found] ` <201601211231.u0LCVGCZ021111@d01av01.pok.ibm.com>
2016-01-21 14:53 ` Dr. David Alan Gilbert
[not found] ` <OF7ED031CA.CDD3196F-ON00257F41.004305BB-85257F41.0044C71A@LocalDomain>
2016-02-01 17:40 ` Stefan Berger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5762BFE5.9070906@linux.vnet.ibm.com \
--to=stefanb@linux.vnet.ibm.com \
--cc=cs1731@att.com \
--cc=cs1815@att.com \
--cc=dgilbert@redhat.com \
--cc=hagen.lauer@huawei.com \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quan.xu@intel.com \
--cc=silviu.vlasceanu@gmail.com \
--cc=stefanb@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.