On 05/16/2017 03:58 AM, Amarnath Valluri wrote:
This change introduces a new TPM backend driver that can
communicate with
swtpm(software TPM emulator) using unix domain socket interface.
Swtpm uses two unix sockets, one for plain TPM commands and
responses, and one
for out-of-band control messages.
The swtpm and associated tools can be found here:
https://github.com/stefanberger/swtpm
The swtpm's control channel protocol specification can be found
here:
https://github.com/stefanberger/swtpm/wiki/Control-Channel-Spe
cification
Usage:
# setup TPM state directory
mkdir /tmp/mytpm
chown -R tss:root /tmp/mytpm
/usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek
# Ask qemu to use TPM emulator with given tpm state directory
qemu-system-x86_64 \
[...] \
-tpmdev
emulator,id=tpm0,tpmstatedir=/tmp/mytpm,logfile=/tmp/swtpm.log \
-device tpm-tis,tpmdev=tpm0 \
[...]
Signed-off-by: Amarnath Valluri <address@hidden>
Since you are not supporting migration in this patch, you probably
have
to add a migrate_add_blocker() call somewhere along the lines of this
here:
https://github.com/stefanberger/qemu-tpm/commit/27d332dc3b2c6bfd0fcd3
8e69f5c899651f3a5d8#diff-3a0192eef5d20837af490c32bf396f4eR641