Re: [Qemu-devel] [PATCH] Add TPM support

[Thiemo Seufer <ths@networkno.de>]

Thomas Bleher wrote:
> This patch adds support for an Atmel TPM chip.
> 
> Background: TPMs are rather complex chips, supporting many commands and
> implementing complex crypto protocols like Direct Anonymous Attestation
> (DAA). Therefore, this patch does not directly implement a TPM chip, but
> instead utilizes the TPM emulator project (http://tpm-emulator.berlios.de/).
> The TPM emulator can be run as a daemon, communicating through a unix domain
> socket.
> 
> This patch adds a "-tpm path" parameter to qemu, where "path" is the unix
> domain socket of the TPM emulator. If the parameter is given, the chip is
> registered in the emulated system. Otherwise, behaviour is unchanged.
> 
> The interface presented inside qemu is that of an Atmel TPM chip, simply
> because there is a Linux driver for this chip and the interface is very
> simple. I do not own any TPM chip, therefore the interface was written
> purely by looking at the Linux driver.
> 
> Use case: This patch makes it possible to experiment with software like IBMs
> Integrity Measurement Architecture (IMA), without having an actual TPM (this
> patch was developed for a demonstration involving IMA, among other things).
> It should also be possible to use Microsofts BitLocker technology, although
> this hasn't been tested yet.
> 
> ---
> 
> * Thiemo Seufer <ths@networkno.de> [2007-10-31 13:54]:
> > Thomas Bleher wrote:
> > > --- /dev/null
> > > +++ b/hw/tpm.c
> > > @@ -0,0 +1,219 @@
> > > +/*
> > > + * TPM emulation
> > > + * Written by Thomas Bleher <ThomasBleher@gmx.de>.
> > > + *
> > > + * This driver emulates a TPM chip. TPM chips are quite complex, and a TPM
> > > + * emulator already exists, therefore this driver just connects to this
> > > + * emulator and forwards all the data. For the TPM emulator project, see
> > > + * http://tpm-emulator.berlios.de/
> > > + *
> > > + * The author does not own any TPM chip himself, so the Linux Kernel driver for
> > > + * Atmel TPM chips was taken as a reference. The code works fine with the Linux
> > > + * driver, but no tests have been done on other operating systems.
> > > + *
> > > + * Some structures are copied from the Linux Kernel source code.
> > > + */
> > 
> > So the License of this file is "GPL, Version 2"? The license should be
> > mentioned in the comment.
> 
> I think that the parts I copied are not copyrightable, as I only copied
> the two enums (I didn't copy any structures, the comment was wrong) and,
> modulo naming, I see no other way to implement this.

Ok, so the Kernel license isn't relevant here.

> So I would be willing to license this under a more liberal license, but
> to be on the safe side, GNU GPLv2 is the best choice.

I didn't intend to enforce GPL licensing, I just concluded from the
description that the patch would include substantial parts of kernel
source code. Since this isn't the case, feel free to choose your
preferred license for it.


Thiemo