From: Stefan Berger <stefanb@linux.vnet.ibm.com>
To: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>
Cc: Andreas Niederl <andreas.niederl@iaik.tugraz.at>
Subject: [Qemu-devel] [PATCH 0/5]: Qemu Trusted Platform Module (TPM) integration
Date: Thu, 24 Feb 2011 14:40:32 -0500 [thread overview]
Message-ID: <1298576432.17424.1.camel@d941e-10> (raw)
The following series of patches adds a TPM (Trusted Platform Module)
TIS (TPM Interface Spec) interface to Qemu and with that provides
means to access a backend implementing the actual TPM functionality.
This frontend enables for example Linux's TPM TIS (tpm_tis) driver.
I am also posting the implementation of a backend implementation that is based
on a library (libtpms) providing TPM functionality. This library is currently
under review for inclusion in Fedora Core and is not commonly available, yet.
The main purpose of me posting the libtpms-based backend patches now is to
show an example of how to integrate a backend with this TIS frontend. The
frontend is independent of the code in the backend and could be checked-in
separately, though will be of limited use as long as no backend is provided.
The backend driver for Xen, however, should be adapted to work with this
frontend's extensive interface.
My testing is all based on the libtpms-based backend that provides support for
VM suspend/resume, migration and snapshotting. It uses QCoW2 as the file
format for storing its persistent state onto, which is necessary for support
of snapshotting. Using Linux as the OS along with some recently posted patches
for the Linux TPM TIS driver, suspend/resume works fine (using 'virsh
save/restore') along with hibernation and OS suspend (ACPI S3).
Proper support for the TPM requires support in the BIOS since the BIOS
needs to initialize the TPM upon machine start or issue commands to the TPM
when it resumes from suspend (ACPI S3). It also builds and connects the
necessary ACPI tables (SSDT for TPM device, TCPA table for logging) to the
ones that are built by a BIOS. To support this I have fairly extensive
set of extensions for SeaBIOS that I will later on post to the SeaBIOS
mailing list.
Regards,
Stefan
next reply other threads:[~2011-02-24 19:40 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-24 19:40 Stefan Berger [this message]
2011-02-24 20:01 ` [Qemu-devel] [PATCH 1/5]: Add tpm_tis driver to build process Stefan Berger
2011-02-24 20:03 ` [Qemu-devel] [PATCH 2/5]: Support for TPM command line options Stefan Berger
2011-02-24 20:04 ` [Qemu-devel] [PATCH 3/5]: Add TPM (frontend) hardware interface (TPM TIS) to Qemu Stefan Berger
2011-02-24 20:05 ` [Qemu-devel] [PATCH 4/5]: Implement qemu_thread_join function Stefan Berger
2011-02-24 20:06 ` [Qemu-devel] [PATCH 5/5]: Implementation of the libtpms-based backend Stefan Berger
2011-02-24 20:13 ` [Qemu-devel] [PATCH Appendix] Skeleton backend driver Stefan Berger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1298576432.17424.1.camel@d941e-10 \
--to=stefanb@linux.vnet.ibm.com \
--cc=andreas.niederl@iaik.tugraz.at \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).