[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v4 00/10] vTPM for aarch64
From: |
Auger Eric |
Subject: |
Re: [PATCH v4 00/10] vTPM for aarch64 |
Date: |
Thu, 27 Feb 2020 09:07:38 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 |
Hi Stefan,
On 2/26/20 11:44 PM, Stefan Berger wrote:
> On 2/26/20 3:59 PM, Eric Auger wrote:
>> This series adds the capability to instantiate an MMIO TPM TIS
>> in ARM virt. It is candidate to qemu 5.0.
>
> I queued it now here:
> https://github.com/stefanberger/qemu-tpm/commits/tpm-next
>
> I will send the PR within a few days. Thanks!
Thank you. I will just ping Peter to make sure he has no comments on
[PATCH v4 06/10] hw/arm/virt: vTPM support
Eric
>
> Cheers,
>
> Stefan
>
>
>
>>
>> The existing TPM TIS code is reshuffled into a generic part,
>> the ISA device and the sysbus device. The sysbus TPM-TIS
>> device gets dynamically instantiated in machvirt on the
>> platform bus.
>>
>> ACPI boot is not yet supported on ARM. Note that the UEFI
>> firmware is itself a consumer of the DT description, so we
>> need the DT related changes regardless of whether the VM
>> boots in DT or ACPI mode.
>>
>> Related qtests are reshuffled to allow the reuse of existing
>> tests for both the ISA and the sysbus devices: Adaption
>> consists in changing the qemu command line (change in the
>> device name and provide explicit machine options) and adapt
>> to the relocation of the TPM-TIS device in the memory map.
>>
>> The series was tested with the swtpm/libtpms emulator.
>> Automatic guest LUKS volume unlocking (tpm2) was successful.
>> EDK2 support is under development [3]. Thanks to Ard
>> for supporting me when setting up the test environment.
>>
>> Best Regards
>>
>> Eric
>>
>> Testing:
>>
>> mkdir /tmp/tpm
>> swtpm socket \
>> --tpm2 \
>> -t -d \
>> --tpmstate dir=/tmp/tpm \
>> --ctrl type=unixio,path=/tmp/swtpm-sock
>>
>> qemu command line must be augmented with the following options:
>>
>> -chardev socket,id=chrtpm,path=/tmp/swtpm-sock \
>> -tpmdev emulator,id=tpm0,chardev=chrtpm \
>> -device tpm-tis-device,tpmdev=tpm0 \
>>
>> References:
>> [1] libtpms: https://github.com/stefanberger/libtpms/wiki
>> [2] swtpm: https://github.com/stefanberger/swtpm/wiki
>> [3] [PATCH v3 0/9] ArmVirtPkg: implement measured boot for ArmVirtQemu
>>
>> This series can be found at:
>> https://github.com/eauger/qemu/tree/v4.2.0-tpm-patch-v4
>>
>> History:
>>
>> v3 -> v4:
>> - collect additional R-b's
>> - add 'Not used but needed for linking' mention related to
>> tpm_tis_base_addr in CRB test files
>> - fix comment style
>>
>> RFCv2 -> PATCH v3:
>> - Updated the doc for ARM
>> - Adapted existing tests for ARM
>> - use qemu_fdt_setprop_string in add_tpm_tis_fdt_node
>> - Collected R-b's
>> - Comments not taken into account:
>> - I have kept the tpm-tis-device name for now despite Stefan's
>> suggestion to rename it into tpm-tis-sysbus. This is not
>> frozen though
>> - Common state still is not a QOM object (no double inheritence)
>>
>> RFC v1 -> RFC v2:
>> - restructure the existing code with common, ISA and sysbus part.
>> - both ARM and x86 integration were tested.
>>
>> Eric Auger (10):
>> tpm: rename TPM_TIS into TPM_TIS_ISA
>> tpm: Use TPMState as a common struct
>> tpm: Separate tpm_tis common functions from isa code
>> tpm: Separate TPM_TIS and TPM_TIS_ISA configs
>> tpm: Add the SysBus TPM TIS device
>> hw/arm/virt: vTPM support
>> docs/specs/tpm: Document TPM_TIS sysbus device for ARM
>> test: tpm: pass optional machine options to swtpm test functions
>> test: tpm-tis: Get prepared to share tests between ISA and sysbus
>> devices
>> test: tpm-tis: Add Sysbus TPM-TIS device test
>>
>> default-configs/i386-softmmu.mak | 2 +-
>> docs/specs/tpm.rst | 25 +-
>> hw/arm/Kconfig | 1 +
>> hw/arm/sysbus-fdt.c | 33 ++
>> hw/arm/virt.c | 7 +
>> hw/i386/Kconfig | 2 +-
>> hw/i386/acpi-build.c | 6 +-
>> hw/tpm/Kconfig | 12 +-
>> hw/tpm/Makefile.objs | 4 +-
>> hw/tpm/tpm_tis.h | 91 +++++
>> hw/tpm/{tpm_tis.c => tpm_tis_common.c} | 181 +---------
>> hw/tpm/tpm_tis_isa.c | 170 +++++++++
>> hw/tpm/tpm_tis_sysbus.c | 159 +++++++++
>> include/sysemu/tpm.h | 7 +-
>> tests/qtest/Makefile.include | 11 +-
>> tests/qtest/tpm-crb-swtpm-test.c | 9 +-
>> tests/qtest/tpm-crb-test.c | 3 +
>> tests/qtest/tpm-tests.c | 10 +-
>> tests/qtest/tpm-tests.h | 5 +-
>> tests/qtest/tpm-tis-device-swtpm-test.c | 76 ++++
>> tests/qtest/tpm-tis-device-test.c | 87 +++++
>> tests/qtest/tpm-tis-swtpm-test.c | 8 +-
>> tests/qtest/tpm-tis-test.c | 414 +---------------------
>> tests/qtest/tpm-tis-util.c | 451 ++++++++++++++++++++++++
>> tests/qtest/tpm-tis-util.h | 23 ++
>> tests/qtest/tpm-util.c | 11 +-
>> tests/qtest/tpm-util.h | 8 +-
>> 27 files changed, 1207 insertions(+), 609 deletions(-)
>> create mode 100644 hw/tpm/tpm_tis.h
>> rename hw/tpm/{tpm_tis.c => tpm_tis_common.c} (85%)
>> create mode 100644 hw/tpm/tpm_tis_isa.c
>> create mode 100644 hw/tpm/tpm_tis_sysbus.c
>> create mode 100644 tests/qtest/tpm-tis-device-swtpm-test.c
>> create mode 100644 tests/qtest/tpm-tis-device-test.c
>> create mode 100644 tests/qtest/tpm-tis-util.c
>> create mode 100644 tests/qtest/tpm-tis-util.h
>>
>
>
- [PATCH v4 03/10] tpm: Separate tpm_tis common functions from isa code, (continued)
- [PATCH v4 03/10] tpm: Separate tpm_tis common functions from isa code, Eric Auger, 2020/02/26
- [PATCH v4 05/10] tpm: Add the SysBus TPM TIS device, Eric Auger, 2020/02/26
- [PATCH v4 04/10] tpm: Separate TPM_TIS and TPM_TIS_ISA configs, Eric Auger, 2020/02/26
- [PATCH v4 06/10] hw/arm/virt: vTPM support, Eric Auger, 2020/02/26
- [PATCH v4 07/10] docs/specs/tpm: Document TPM_TIS sysbus device for ARM, Eric Auger, 2020/02/26
- [PATCH v4 08/10] test: tpm: pass optional machine options to swtpm test functions, Eric Auger, 2020/02/26
- [PATCH v4 09/10] test: tpm-tis: Get prepared to share tests between ISA and sysbus devices, Eric Auger, 2020/02/26
- [PATCH v4 10/10] test: tpm-tis: Add Sysbus TPM-TIS device test, Eric Auger, 2020/02/26
- Re: [PATCH v4 00/10] vTPM for aarch64, Stefan Berger, 2020/02/26
- Re: [PATCH v4 00/10] vTPM for aarch64,
Auger Eric <=