Re: [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver im

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver im

From:	Michael S. Tsirkin
Subject:	Re: [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver implementation
Date:	Tue, 27 Sep 2011 20:13:39 +0300
User-agent:	Mutt/1.5.21 (2010-09-15)

On Tue, Sep 27, 2011 at 10:50:48AM -0400, Stefan Berger wrote:
> +Since the host's firmware (BIOS/UEFI) has already initialized the TPM,
> +the VM's firmware (BIOS/UEFI) will not be able to initialize the
> +TPM again and may therefore not show a TPM-specific menu that would
> +otherwise allow the user to configure the TPM.

> +Also, if TPM ownership is released from within a VM then this will
> +require a reboot of the host and the user will have to enter the host's
> +firmware menu to enable and activate the TPM again.

Rewrite:
 Further, if TPM ownership is released from within a VM,
 TPM gets deactivated in host.
 To enable and activate the TPM again afterwards,
 host has to be rebooted and the user is required to
 enter the host's firmware menu.

> If the TPM is left
> +disabled and deactivated most TPM commands will fail.

Why do we allow guest to do this then?
Can we return an error, or ignore the release
command? If someone really wants this unsafe behaviour
we could make this an option, off by default.

-- 
MST

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH V10 0/5] Qemu Trusted Platform Module (TPM) integration, Stefan Berger, 2011/09/27
- [Qemu-devel] [PATCH V10 2/5] Add TPM (frontend) hardware interface (TPM TIS) to Qemu, Stefan Berger, 2011/09/27
- [Qemu-devel] [PATCH V10 4/5] Build the TPM frontend code, Stefan Berger, 2011/09/27
- [Qemu-devel] [PATCH V10 3/5] Add a debug register, Stefan Berger, 2011/09/27
- [Qemu-devel] [PATCH V10 1/5] Support for TPM command line options, Stefan Berger, 2011/09/27
- [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver implementation, Stefan Berger, 2011/09/27
  - Re: [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver implementation, Michael S. Tsirkin <=
    - Re: [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver implementation, Stefan Berger, 2011/09/27
    - Re: [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver implementation, Michael S. Tsirkin, 2011/09/27
    - Re: [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver implementation, Stefan Berger, 2011/09/27

Prev by Date: Re: [Qemu-devel] [PATCH v3] memory: simple memory tree printer
Next by Date: Re: [Qemu-devel] [PATCH 24/58] PPC: E500: Add PV spinning code
Previous by thread: [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver implementation
Next by thread: Re: [Qemu-devel] [PATCH V10 5/5] Add a TPM Passthrough backend driver implementation
Index(es):
- Date
- Thread