From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:48342)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <coreyb@linux.vnet.ibm.com>) id 1UnWI7-0001si-Oy
	for qemu-devel@nongnu.org; Fri, 14 Jun 2013 11:51:57 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <coreyb@linux.vnet.ibm.com>) id 1UnWI6-0001DP-Hz
	for qemu-devel@nongnu.org; Fri, 14 Jun 2013 11:51:55 -0400
Received: from e39.co.us.ibm.com ([32.97.110.160]:60670)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <coreyb@linux.vnet.ibm.com>) id 1UnWI6-0001Cj-73
	for qemu-devel@nongnu.org; Fri, 14 Jun 2013 11:51:54 -0400
Received: from /spool/local
	by e39.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only!
	Violators will be prosecuted
	for <qemu-devel@nongnu.org> from <coreyb@linux.vnet.ibm.com>;
	Fri, 14 Jun 2013 09:51:53 -0600
Received: from d01relay05.pok.ibm.com (d01relay05.pok.ibm.com [9.56.227.237])
	by d01dlp01.pok.ibm.com (Postfix) with ESMTP id 0E73938C8069
	for <qemu-devel@nongnu.org>; Fri, 14 Jun 2013 11:51:19 -0400 (EDT)
Received: from d01av05.pok.ibm.com (d01av05.pok.ibm.com [9.56.224.195])
	by d01relay05.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
	r5EFpJgM335156
	for <qemu-devel@nongnu.org>; Fri, 14 Jun 2013 11:51:19 -0400
Received: from d01av05.pok.ibm.com (loopback [127.0.0.1])
	by d01av05.pok.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id
	r5EFpJVq013233
	for <qemu-devel@nongnu.org>; Fri, 14 Jun 2013 11:51:19 -0400
Message-ID: <51BB3BF6.3010107@linux.vnet.ibm.com>
Date: Fri, 14 Jun 2013 11:51:18 -0400
From: Corey Bryant <coreyb@linux.vnet.ibm.com>
MIME-Version: 1.0
References: <1370525564-16912-1-git-send-email-coreyb@linux.vnet.ibm.com>
	<8738skg59o.fsf@codemonkey.ws>	<51BB3127.7040708@linux.vnet.ibm.com>
	<87hah03do2.fsf@codemonkey.ws>
In-Reply-To: <87hah03do2.fsf@codemonkey.ws>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH v3 0/3] TPM NVRAM persistent storage
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: kwolf@redhat.com, stefanb@linux.vnet.ibm.com, qemu-devel@nongnu.org, mdroth@linux.vnet.ibm.com, jschopp@linux.vnet.ibm.com, stefanha@redhat.com



On 06/14/2013 11:38 AM, Anthony Liguori wrote:
> Corey Bryant <coreyb@linux.vnet.ibm.com> writes:
>
>> On 06/14/2013 10:01 AM, Anthony Liguori wrote:
>>> Corey Bryant <coreyb@linux.vnet.ibm.com> writes:
>>>
>>>> This patch series provides persistent storage support that a TPM
>>>> can use to store NVRAM data.  It uses QEMU's block driver to store
>>>> data on a drive image.  The libtpms TPM 1.2 backend will be the
>>>> initial user of this functionality to store data that must persist
>>>> through a reboot or migration.  A sample command line may look like
>>>> this:
>>>
>>> This should be folded into the libtpms backend series.
>>>
>>> There are no users for this so this would just be untestable code in the
>>> tree subject to bitrot.
>>>
>>> Regards,
>>>
>>> Anthony Liguori
>>>
>>
>> Fair enough.  I assume you're ok with this code though?
>
> I don't understand why it's needed to be honest.  I suspect this has to
> do with the fact that the libtpms implementation will need significant
> reworking.
>
> Regards,
>
> Anthony Liguori
>

In regards to why it is needed..  The QEMU software-emulated vTPM 
backend will pass callback functions to libtpms for writing/reading 
nvram data.  Those callbacks will use the code in this patch series to 
do the writing/reading of nvram data to/from image files so that the 
data persists through migration/reboot.

I'm not sure I completely understand your second sentence, but yes the 
software-emulated vTPM backend code for QEMU will certainly need rework 
to use the code in this patch series.

-- 
Regards,
Corey Bryant

>>
>> --
>> Regards,
>> Corey Bryant
>>
>>>>
>>>> qemu-system-x86_64 ...
>>>> -drive file=/path/to/nvram.qcow2,id=drive-nvram0-0-0
>>>> -tpmdev libtpms,id=tpm-tpm0
>>>> -device tpm-tis,tpmdev=tpm-tpm0,id=tpm0,drive=drive-nvram0-0-0
>>>>
>>>> Thanks,
>>>> Corey
>>>>
>>>> Corey Bryant (3):
>>>>     nvram: Add TPM NVRAM implementation
>>>>     nvram: Add tpm-tis drive support
>>>>     TPM NVRAM test
>>>>
>>>>    hw/tpm/Makefile.objs     |    1 +
>>>>    hw/tpm/tpm_int.h         |    2 +
>>>>    hw/tpm/tpm_nvram.c       |  324 ++++++++++++++++++++++++++++++++++++++++++++++
>>>>    hw/tpm/tpm_nvram.h       |   25 ++++
>>>>    hw/tpm/tpm_passthrough.c |   85 ++++++++++++
>>>>    hw/tpm/tpm_tis.c         |    8 +
>>>>    6 files changed, 445 insertions(+), 0 deletions(-)
>>>>    create mode 100644 hw/tpm/tpm_nvram.c
>>>>    create mode 100644 hw/tpm/tpm_nvram.h
>>>
>>>
>>>
>>>
>
>
>