From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:40345) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RaFnB-0004eD-TF for qemu-devel@nongnu.org; Mon, 12 Dec 2011 19:00:22 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1RaFnA-000528-QH for qemu-devel@nongnu.org; Mon, 12 Dec 2011 19:00:21 -0500 Received: from e2.ny.us.ibm.com ([32.97.182.142]:37441) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RaFnA-00051k-Nd for qemu-devel@nongnu.org; Mon, 12 Dec 2011 19:00:20 -0500 Received: from /spool/local by e2.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 12 Dec 2011 19:00:19 -0500 Received: from d01av04.pok.ibm.com (d01av04.pok.ibm.com [9.56.224.64]) by d01relay01.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id pBCNxd6A297032 for ; Mon, 12 Dec 2011 18:59:39 -0500 Received: from d01av04.pok.ibm.com (loopback [127.0.0.1]) by d01av04.pok.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id pBCNxdqQ002759 for ; Mon, 12 Dec 2011 18:59:39 -0500 Received: from [9.59.241.154] (d941e-10.watson.ibm.com [9.59.241.154]) by d01av04.pok.ibm.com (8.14.4/8.13.1/NCO v10.0 AVin) with ESMTP id pBCNxdlk002756 for ; Mon, 12 Dec 2011 18:59:39 -0500 Message-ID: <4EE6956B.1000006@linux.vnet.ibm.com> Date: Mon, 12 Dec 2011 18:59:39 -0500 From: Stefan Berger MIME-Version: 1.0 References: <1323717136-21661-1-git-send-email-stefanb@linux.vnet.ibm.com> <1323717136-21661-6-git-send-email-stefanb@linux.vnet.ibm.com> <4EE68DE6.4040706@codemonkey.ws> In-Reply-To: <4EE68DE6.4040706@codemonkey.ws> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH V13 5/7] Add a TPM Passthrough backend driver implementation List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org On 12/12/2011 06:27 PM, Anthony Liguori wrote: > On 12/12/2011 01:12 PM, Stefan Berger wrote: >> From Andreas Niederl's original posting with adaptations where >> necessary: >> >> This patch is based of off version 9 of Stefan Berger's patch series >> "Qemu Trusted Platform Module (TPM) integration" >> and adds a new backend driver for it. >> >> This patch adds a passthrough backend driver for passing commands >> sent to the >> emulated TPM device directly to a TPM device opened on the host machine. >> >> Thus it is possible to use a hardware TPM device in a system running >> on QEMU, >> providing the ability to access a TPM in a special state (e.g. after >> a Trusted >> Boot). >> >> This functionality is being used in the acTvSM Trusted Virtualization >> Platform >> which is available on [1]. [...] >> >> +static void *tpm_passthrough_main_loop(void *d) >> +{ >> + TPMPassthruThreadParams *thr_parms = d; >> + TPMPassthruState *tpm_pt = thr_parms->tb->s.tpm_pt; >> + uint32_t in_len, out_len; >> + uint8_t *in, *out; >> + uint8_t locty; >> + TPMLocality *cmd_locty; >> + int ret; > > This is rather scary. I'd rather see us make use of a GThreadPool in > order to submit read/write requests asynchronously to the /dev/tpm > device. I don't think the code should be structured expecting > synchronous command execution. This part here is running as a thread, create via qemu_thread_create(). Relative to the main thread this is of course running asynchronously. The same design will re-appear when the libtpms based TPM backend appears. Here we will need a thread for concurrent execution of more time consuming crypto functions. Regards, Stefan