From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:53404) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RASOx-0002cS-ME for qemu-devel@nongnu.org; Sun, 02 Oct 2011 16:12:44 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1RASOw-0007wn-Hj for qemu-devel@nongnu.org; Sun, 02 Oct 2011 16:12:43 -0400 Received: from e37.co.us.ibm.com ([32.97.110.158]:39130) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RASOw-0007vU-8g for qemu-devel@nongnu.org; Sun, 02 Oct 2011 16:12:42 -0400 Received: from d03relay05.boulder.ibm.com (d03relay05.boulder.ibm.com [9.17.195.107]) by e37.co.us.ibm.com (8.14.4/8.13.1) with ESMTP id p92K92PH022788 for ; Sun, 2 Oct 2011 14:09:02 -0600 Received: from d03av01.boulder.ibm.com (d03av01.boulder.ibm.com [9.17.195.167]) by d03relay05.boulder.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id p92KCLYe125228 for ; Sun, 2 Oct 2011 14:12:21 -0600 Received: from d03av01.boulder.ibm.com (loopback [127.0.0.1]) by d03av01.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id p92KCLvZ025043 for ; Sun, 2 Oct 2011 14:12:21 -0600 Message-ID: <4E88C59E.2020209@linux.vnet.ibm.com> Date: Sun, 02 Oct 2011 16:12:14 -0400 From: Stefan Berger MIME-Version: 1.0 References: <20110928132255.156431784@linux.vnet.ibm.com> <20111002113835.GH30747@redhat.com> In-Reply-To: <20111002113835.GH30747@redhat.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH V11 0/5] Qemu Trusted Platform Module (TPM) integration List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Michael S. Tsirkin" Cc: anbang.ruan@cs.ox.ac.uk, andreas.niederl@iaik.tugraz.at, qemu-devel@nongnu.org, serge@hallyn.com On 10/02/2011 07:38 AM, Michael S. Tsirkin wrote: > On Wed, Sep 28, 2011 at 09:22:55AM -0400, Stefan Berger wrote: >> The following series of patches adds TPM (Trusted Platform Module) support >> to Qemu. An emulator for the TIS (TPM Interface Spec) interface is >> added that provides the basis for accessing a 'backend' implementing the actual >> TPM functionality. The TIS emulator serves as a 'frontend' enabling for >> example Linux's TPM TIS (tpm_tis) driver. >> >> In this series I am posting a backend implementation that makes use of the >> host's TPM through a passthrough driver, which on Linux is accessed >> using /dev/tpm0. > Looks pretty clean, ACK to patches 1-4. Thanks. > The passthrough mode is quite easy to misuse, though most > of the problem is in the hardware, not on our side. > > I'm still trying to think of a good way to warn users > about the pitfalls with that. Disabling by default in configure, unless The documentation isn't enough? If it's really needed could I add another patch on top of the existing V11? > explictly required, is certainly one way. > And/or, let's rename it 'assigned' mode to resemble the name of > another fragile qemu feature :) Only half joking ... > Well, not sure what exactly you mean, but some things seem late versus closing time... Stefan