[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/2] tpm: add backend for mssim
From: |
James Bottomley |
Subject: |
Re: [PATCH 2/2] tpm: add backend for mssim |
Date: |
Mon, 09 Jan 2023 13:59:33 -0500 |
User-agent: |
Evolution 3.42.4 |
On Mon, 2023-01-09 at 18:54 +0000, Dr. David Alan Gilbert wrote:
> * James Bottomley (jejb@linux.ibm.com) wrote:
> > On Mon, 2023-01-09 at 13:34 -0500, Stefan Berger wrote:
> > >
> > >
> > > On 1/9/23 12:55, James Bottomley wrote:
> > > > On Mon, 2023-01-09 at 17:52 +0000, Dr. David Alan Gilbert
> > > > wrote:
> > > > > * James Bottomley (jejb@linux.ibm.com) wrote:
> > > > [...]
> > > > > > external MSSIM TPM emulator has to be kept running to
> > > > > > preserve
> > > > > > the state. If you restart it, the migration will fail.
> > > > >
> > > > > Document that and we're getting there.
> > > >
> > > >
> > > > The documentation in the current patch series says
> > > >
> > > > ----
> > > > The mssim backend supports snapshotting and migration, but the
> > > > state of the Microsoft Simulator server must be preserved (or
> > > > the
> > > > server kept running) outside of QEMU for restore to be
> > > > successful.
> > > > ----
> > > >
> > > > What, beyond this would you want to see?
> > >
> > > mssim today lacks the functionality of marshalling and
> > > unmarshalling
> > > the permanent and volatile state of the TPM 2, which are both
> > > needed
> > > for snapshot support. How does this work with mssim?
> >
> > You preserve the state by keeping the simulator running as the
> > above
> > says. As long as you can preserve the state, there's no maximum
> > time
> > between snapshots. There's no need of marshal/unmarshal if you do
> > this.
>
> So I think I can understand how that works with a suspend/resume; I'm
> less sure about a live migration.
>
> In a live migration, you normally start up the destination VM
> qemu process and other processes attached to it, prior to the inwards
> live migration of state. Then you live migrate the state, then kill
> the source.
>
> With this mssim setup, will the start up of the destination attempt
> to change the vtpm state during the initialisation?
The backend driver contains state checks to prevent this, so if you
follow the standard migration in
https://www.qemu.org/docs/master/devel/migration.html
it detects that you have done a migration on shutdown and simply closes
the TPM socket. On start up it sees you're in migrate and doesn't do
the power on reset of the TPM.
James
- Re: [PATCH 2/2] tpm: add backend for mssim, Dr. David Alan Gilbert, 2023/01/09
- Re: [PATCH 2/2] tpm: add backend for mssim, James Bottomley, 2023/01/09
- Re: [PATCH 2/2] tpm: add backend for mssim, Dr. David Alan Gilbert, 2023/01/09
- Re: [PATCH 2/2] tpm: add backend for mssim, Stefan Berger, 2023/01/09
- Re: [PATCH 2/2] tpm: add backend for mssim, Stefan Berger, 2023/01/09
- Re: [PATCH 2/2] tpm: add backend for mssim, James Bottomley, 2023/01/10
- Re: [PATCH 2/2] tpm: add backend for mssim, Stefan Berger, 2023/01/10
- Re: [PATCH 2/2] tpm: add backend for mssim, James Bottomley, 2023/01/10
- Re: [PATCH 2/2] tpm: add backend for mssim, Stefan Berger, 2023/01/10