-----Original Message----- From: Kevin O'Connor [mailto:kevin@koconnor.net] Sent: Thursday, March 12, 2015 3:49 AM To: Xu, Quan; seabios@seabios.org Cc: stefano.stabellini@eu.citrix.com; stefanb@linux.vnet.ibm.com; qemu-devel@nongnu.org; xen-devel@lists.xen.org Subject: Re: [PATCH] SeaBios/vTPM: Enable Xen stubdom vTPM for HVM virtual machine
On Tue, Mar 10, 2015 at 08:16:03AM -0400, Quan Xu wrote:
This patch series are only the SeaBios part to enable stubdom vTPM for HVM virtual machine. It will work with Qemu patch series and Xen patch series.
======================== *INTRODUCTION* ======================== The goal of virtual Trusted Platform Module (vTPM) is to provide a TPM functionality to virtual machines (Fedora, Ubuntu, Redhat, Windows .etc). This allows programs to interact with a TPM in a virtual machine the same way they interact with a TPM on the physical system. Each virtual machine gets its own unique, emulated, software TPM. Each major component of vTPM is implemented as a stubdom, providing secure
separation guaranteed by the hypervisor.
The vTPM stubdom is a Xen mini-OS domain that emulates a TPM for the virtual machine to use. It is a small wrapper around the Berlios TPM emulator. TPM commands are passed from mini-os TPM backend driver.
Thanks. Does this seabios patch require additional seabios patches before it is useful? Does it depend on upstream patches in Xen/QEMU that are not yet committed?
-Kevin
Kevin, Thanks for your reply. It doesn't require additional seabios patches before it is useful. These patches Should work with: [PATCH v3 0/7] vTPM: Xen stubdom vTPM for HVM virtual machine --(Xen patch) [PATCH v4 0/5] QEMU:Xen stubdom vTPM for HVM virtual machine --(Qemu patch)
I have committed but not upstream. I will forward them to you at next thread.
Thanks