<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 11/23/2017 03:19 PM, Marc-André
Lureau wrote:<br>
</div>
<blockquote
cite="mid:CAJ+F1CKf73iJU-3Q7UB0AzrXjZOqqCTNCQ2hz0LwpsTaLb7rNA@mail.gmail.com"
type="cite">
<div dir="ltr">Hi<br>
<div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Nov 23, 2017 at 8:49 PM,
Stefan Berger <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:stefanb@linux.vnet.ibm.com"
target="_blank">stefanb@linux.vnet.ibm.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF"><span class="gmail-">
<div
class="gmail-m_9090830907091030486moz-cite-prefix">On
11/23/2017 07:48 AM, <a moz-do-not-send="true"
class="gmail-m_9090830907091030486moz-txt-link-abbreviated"
href="mailto:jwang@whu.edu.cn" target="_blank">jwang@whu.edu.cn</a>
wrote:<br>
</div>
<blockquote type="cite">
<blockquote
class="gmail-m_9090830907091030486ReferenceQuote"
style="padding-left:5px;margin-right:0px;margin-left:5px;border-left:2px
solid rgb(182,182,182)">
<p> Hi,Berger, </p>
<p> Thanks. But as I know CRB interface should
be for mobile platform. We just want to
support Windows Server
2012. Currently,the Windows Server 2012 can
find physical TPM2 device. However, for vTPM,
the windows server 2012 virtual machine just
can find a virtual TPM 1.2 device and can not
find vTPM 2.0 device. We have tried linux such
as ubuntu and the ubuntu virtual machine
can find vTPM 2.0 device in seabios 1.10 and
our modified <span lang="EN-US">qemu-kvm-ev-2.6.</span></p>
</blockquote>
</blockquote>
</span> My suggestion is to try to pick the patches
for QEMU and SeaBIOS CRB support or wait for the next
version of QEMU...<span class="gmail-HOEnZb"><font
color="#888888"><br>
</font></span></div>
</blockquote>
<div><br>
</div>
<div>I couldn't make Windows work with TPM2 and seabios.
However, I have some patch for ovmf to compile TPM2
support in, and it seem to work quite ok. I still have
to figure out some PhysicalPresence issues (using
swtpm/libtpms). I am busy with other projects now, but
you can take a look at the branches (<a
moz-do-not-send="true"
href="https://github.com/elmarco/edk2/tree/tpm2">https://github.com/elmarco/edk2/tree/tpm2</a>,
<a moz-do-not-send="true"
href="https://github.com/elmarco/qemu/tree/tpm">https://github.com/elmarco/qemu/tree/tpm</a>).
As you can see, work in progress, and help welcome!<br>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
Windows seems to need CRB for it to accept the TPM 2... It may work
'better' with UEFI, but the device is also recognized with (patched)
SeaBIOS.<br>
<br>
For Win2012R2 this is also relevant:<br>
<br>
<a class="moz-txt-link-freetext" href="https://support.microsoft.com/en-us/help/3095701/tpm-2-0-device-can-t-be-recognized-in-windows-server-2012-r2">https://support.microsoft.com/en-us/help/3095701/tpm-2-0-device-can-t-be-recognized-in-windows-server-2012-r2</a><br>
<br>
<br>
Stefan<br>
<br>
<blockquote
cite="mid:CAJ+F1CKf73iJU-3Q7UB0AzrXjZOqqCTNCQ2hz0LwpsTaLb7rNA@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div class="gmail_extra">
<div class="gmail_quote">
<div><br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF"><span class="gmail-HOEnZb"><font
color="#888888"> <br>
Stefan</font></span>
<div>
<div class="gmail-h5"><br>
<br>
<blockquote type="cite">
<blockquote
class="gmail-m_9090830907091030486ReferenceQuote"
style="padding-left:5px;margin-right:0px;margin-left:5px;border-left:2px
solid rgb(182,182,182)">
<p> </p>
<p> <span lang="EN-US">This problem has been
bothering us for a month. Could you give
us some help?</span> </p>
<p> </p>
<p> Best,<br>
Juan<br>
<br>
<br>
<br>
<br>
</p>
<blockquote
class="gmail-m_9090830907091030486ReferenceQuote"
style="padding-left:5px;margin-right:0px;margin-left:5px;border-left:2px
solid rgb(182,182,182)" name="replyContent">
-----原始邮件-----<br>
<b>发件人:</b><span
id="gmail-m_9090830907091030486rc_from">"Stefan
Berger" <<a moz-do-not-send="true"
href="mailto:stefanb@linux.vnet.ibm.com"
target="_blank">stefanb@linux.vnet.ibm.com</a>></span><br>
<b>发送时间:</b><span
id="gmail-m_9090830907091030486rc_senttime">2017-11-23
03:41:30 (星期四)</span><br>
<b>收件人:</b> <a moz-do-not-send="true"
href="mailto:00011007@whu.edu.cn"
target="_blank">00011007@whu.edu.cn</a><br>
<b>抄送:</b> <br>
<b>主题:</b> Re: Fw: Can VTPM2 support WINDOWS<br>
<br>
<div
class="gmail-m_9090830907091030486moz-cite-prefix">
On 11/16/2017 08:40 AM, <a
moz-do-not-send="true"
class="gmail-m_9090830907091030486moz-txt-link-abbreviated"
href="mailto:00011007@whu.edu.cn"
target="_blank">00011007@whu.edu.cn</a>
wrote:<br>
</div>
<blockquote type="cite"> <br>
<br>
<br>
<blockquote
class="gmail-m_9090830907091030486ReferenceQuote"
style="padding-left:5px;margin-right:0px;margin-left:5px;border-left:2px
solid rgb(182,182,182)"> -----原始邮件-----<br>
<b>发件人:</b><span
id="gmail-m_9090830907091030486rc_from"><a
moz-do-not-send="true"
class="gmail-m_9090830907091030486moz-txt-link-abbreviated"
href="mailto:00011007@whu.edu.cn"
target="_blank">00011007@whu.edu.cn</a></span><br>
<b>发送时间:</b><span
id="gmail-m_9090830907091030486rc_senttime">2017-11-16
17:30:57 (星期四)</span><br>
<b>收件人:</b> <a moz-do-not-send="true"
class="gmail-m_9090830907091030486moz-txt-link-abbreviated"
href="mailto:seabios@seabios.org"
target="_blank">seabios@seabios.org</a><br>
<b>抄送:</b> <br>
<b>主题:</b> Can VTPM2 support WINDOWS<br>
<br>
<p> Hi,all, </p>
<p> We want VTPM2 to support
windows virtual machines. So I want to
know if the current seabios can
support the windows guest OS when the
tpm driver can not be modified. The
host OS we used is CentOS 7.3 and the
seabios version is 1.10.2. The
hypervisor is KVM+QEMU. The windows
version is windows server 2012 that
can automatically support physical
TPM2 chip. </p>
</blockquote>
</blockquote>
<br>
I only ever tried with Windows 10 and that
requires a CRB interface (rather than TIS )
for a TPM2, which we will only get with the
next version of QEMU. I would assume that
this is also the case with windows server
2012.<br>
<br>
Stefan<br>
<br>
<blockquote type="cite">
<blockquote
class="gmail-m_9090830907091030486ReferenceQuote"
style="padding-left:5px;margin-right:0px;margin-left:5px;border-left:2px
solid rgb(182,182,182)">
<p> Looking forward to reply as soon as
possible. </p>
<p> <br>
Yours sincerely, </p>
<p> Juan </p>
<p> <br>
</p>
<span>
<hr
class="gmail-m_9090830907091030486signature-separator"
style="margin:0.5em
0px;border-color:currentcolor;border-style:none;border-width:medium;width:30em;height:1px;background-color:rgb(153,153,153)"
align="left"> <br>
Best Wishes! <br>
******************************<wbr>******************************<wbr>******************************<wbr>*****
<br>
Juan Wang <br>
Computer School, Wuhan <wbr>University
<br>
Key Laboratory of Aerospace <wbr>Information Security and <wbr>Trusted Computing, Ministry <wbr>of Education
<br>
Mobile Phone : 18986213038 <br>
E-Mail : <a
moz-do-not-send="true"
href="mailto:jwang@whu.edu.cn"
target="_blank">jwang@whu.edu.<wbr>cn</a>
<br>
******************************<wbr>******************************<wbr>******************************<wbr>***** </span><br>
<br>
<b><span
style="color:rgb(255,0,0);font-family:幼圆;font-size:large"><span
style="color:rgb(0,0,255);font-family:楷体;font-size:x-large"><img
moz-do-not-send="true"
src="http://www.whu.edu.cn/ch_template/img/logo.png"></span></span></b>
</blockquote>
<br>
<br>
<br>
<span>
<hr
class="gmail-m_9090830907091030486signature-separator"
style="margin:0.5em
0px;border-color:currentcolor;border-style:none;border-width:medium;width:30em;height:1px;background-color:rgb(153,153,153)"
align="left"> <br>
Best Wishes! <br>
******************************<wbr>******************************<wbr>******************************<wbr>*****
<br>
Juan Wang <br>
Computer School, Wuhan <wbr>University <br>
Key Laboratory of Aerospace <wbr>Information Security and <wbr>Trusted Computing, Ministry <wbr>of Education
<br>
Mobile Phone : 18986213038 <br>
E-Mail : <a
moz-do-not-send="true"
class="gmail-m_9090830907091030486moz-txt-link-abbreviated"
href="mailto:jwang@whu.edu.cn"
target="_blank">jwang@whu.edu.<wbr>cn</a>
<br>
******************************<wbr>******************************<wbr>******************************<wbr>***** </span><br>
<br>
<b><span
style="color:rgb(255,0,0);font-family:幼圆;font-size:large"><span
style="color:rgb(0,0,255);font-family:楷体;font-size:x-large"><img
moz-do-not-send="true"
src="http://www.whu.edu.cn/ch_template/img/logo.png"></span></span></b>
</blockquote>
<p> <br>
</p>
</blockquote>
<br>
<br>
<br>
<span>
<hr
class="gmail-m_9090830907091030486signature-separator"
style="margin:0.5em
0px;border-color:currentcolor;border-style:none;border-width:medium;width:30em;height:1px;background-color:rgb(153,153,153)"
align="left"> <br>
Best Wishes! <br>
******************************<wbr>******************************<wbr>******************************<wbr>*****
<br>
Juan Wang <br>
Computer School, Wuhan <wbr>University <br>
Key Laboratory of Aerospace <wbr>Information Security and <wbr>Trusted Computing, Ministry <wbr>of Education
<br>
Mobile Phone : 18986213038 <br>
E-Mail : <a moz-do-not-send="true"
href="mailto:jwang@whu.edu.cn"
target="_blank">jwang@whu.edu.<wbr>cn</a>
<br>
******************************<wbr>******************************<wbr>******************************<wbr>***** </span><br>
<br>
<b><span
style="color:rgb(255,0,0);font-family:幼圆;font-size:large"><span
style="color:rgb(0,0,255);font-family:楷体;font-size:x-large"><img
moz-do-not-send="true"
src="http://www.whu.edu.cn/ch_template/img/logo.png"></span></span></b>
</blockquote>
<br>
<br>
<br>
<span>
<hr
class="gmail-m_9090830907091030486signature-separator"
style="margin:0.5em
0px;border-color:currentcolor;border-style:none;border-width:medium;width:30em;height:1px;background-color:rgb(153,153,153)"
align="left"> <br>
Best Wishes! <br>
******************************<wbr>******************************<wbr>******************************<wbr>*****
<br>
Juan Wang <br>
Computer School, Wuhan <wbr>University <br>
Key Laboratory of Aerospace <wbr>Information Security and <wbr>Trusted Computing, Ministry <wbr>of Education
<br>
Mobile Phone : 18986213038 <br>
E-Mail : <a moz-do-not-send="true"
class="gmail-m_9090830907091030486moz-txt-link-abbreviated"
href="mailto:jwang@whu.edu.cn"
target="_blank">jwang@whu.edu.<wbr>cn</a> <br>
******************************<wbr>******************************<wbr>******************************<wbr>***** </span><br>
<br>
<b><font face="幼圆" size="5" color="#ff0000"><font
face="楷体" size="6" color="#0000ff"><img
moz-do-not-send="true"
src="http://www.whu.edu.cn/ch_template/img/logo.png"></font></font></b>
</blockquote>
<p><br>
</p>
</div>
</div>
</div>
<br>
______________________________<wbr>_________________<br>
SeaBIOS mailing list<br>
<a moz-do-not-send="true"
href="mailto:SeaBIOS@seabios.org">SeaBIOS@seabios.org</a><br>
<a moz-do-not-send="true"
href="https://mail.coreboot.org/mailman/listinfo/seabios"
rel="noreferrer" target="_blank">https://mail.coreboot.org/<wbr>mailman/listinfo/seabios</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
<div class="gmail_signature">Marc-André Lureau<br>
</div>
</div>
</div>
</div>
</blockquote>
<p><br>
</p>
</body>
</html>