From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:50979) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QzB2u-0004Hg-8L for qemu-devel@nongnu.org; Thu, 01 Sep 2011 13:27:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QzB2s-0006lT-VX for qemu-devel@nongnu.org; Thu, 01 Sep 2011 13:27:20 -0400 Received: from mx1.redhat.com ([209.132.183.28]:7648) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QzB2s-0006ky-BL for qemu-devel@nongnu.org; Thu, 01 Sep 2011 13:27:18 -0400 Date: Thu, 1 Sep 2011 20:27:27 +0300 From: "Michael S. Tsirkin" Message-ID: <20110901172726.GG10989@redhat.com> References: <20110831143551.127339744@linux.vnet.ibm.com> <20110831143621.194691516@linux.vnet.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20110831143621.194691516@linux.vnet.ibm.com> Subject: Re: [Qemu-devel] [PATCH V8 07/14] Implementation of the libtpms-based backend List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Stefan Berger Cc: chrisw@redhat.com, anbang.ruan@cs.ox.ac.uk, qemu-devel@nongnu.org, rrelyea@redhat.com, alevy@redhat.com, andreas.niederl@iaik.tugraz.at, serge@hallyn.com On Wed, Aug 31, 2011 at 10:35:58AM -0400, Stefan Berger wrote: > This patch provides the glue for the TPM TIS interface (frontend) to > the libtpms that provides the actual TPM functionality. > > Some details: > > This part of the patch provides support for the spawning of a thread > that will interact with the libtpms-based TPM. It expects a signal > from the frontend to wake and pick up the TPM command that is supposed > to be processed and delivers the response packet using a callback > function provided by the frontend. > > The backend connects itself to the frontend by filling out an interface > structure with pointers to the function implementing support for various > operations. > > In this part a structure with callback functions is registered with > libtpms. Those callback functions are invoked by libtpms for example to > store the TPM's state. > > The libtpms-based backend implements functionality to write into a > Qemu block storage device rather than to plain files. With that we > can support VM snapshotting and we also get the possibility to use > encrypted QCoW2 for free. Thanks to Anthony for pointing this out. > The storage part of the driver has been split off into its own patch. > > v6: > - cache a copy of the last permanent state blob > - move some functions into tpm_builtin.h > - reworked parts of the error path handling where the TPM is > now used to process commands under error conditions and the callbacks > make the TPM aware of the error conditions. Only as the last resort > fault messages are sent by the backend driver circumventing the TPM. > - add out_len variable used in the thread > > v5: > - check access() to TPM's state file and report error if file is not > accessible > > v3: > - temporarily deactivate the building of the tpm_builtin.c until > subsequent patch completely converts it to the libtpms based driver > > v2: > - fixes to adhere to the qemu coding style > > > Signed-off-by: Stefan Berger > > --- > configure | 1 > hw/tpm_builtin.c | 450 ++++++++++++++++++++++++++++++++++++++++++++++++++++--- > hw/tpm_builtin.h | 56 ++++++ > 3 files changed, 482 insertions(+), 25 deletions(-) > > Index: qemu-git/hw/tpm_builtin.c > =================================================================== > --- qemu-git.orig/hw/tpm_builtin.c > +++ qemu-git/hw/tpm_builtin.c > @@ -1,5 +1,5 @@ > /* > - * builtin 'null' TPM driver > + * builtin TPM driver based on libtpms Just wondering - might a stub driver be useful for basic testing on systems without TPM hardware? The namespace comment applies to this and all other patches.