From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: Matthew Garrett <mjg59@google.com>
Cc: David Tolnay <dtolnay@gmail.com>, Peter Huewe <peterhuewe@gmx.de>,
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
Jason Gunthorpe <jgg@ziepe.ca>,
linux-integrity <linux-integrity@vger.kernel.org>,
"Michael S. Tsirkin" <mst@redhat.com>,
Jason Wang <jasowang@redhat.com>,
virtualization@lists.linux-foundation.org, dgreid@chromium.org,
apronin@chromium.org
Subject: Re: [PATCH] tpm: Add driver for TPM over virtio
Date: Mon, 25 Feb 2019 14:32:07 -0800 [thread overview]
Message-ID: <1551133927.3226.81.camel@HansenPartnership.com> (raw)
In-Reply-To: <CACdnJuus3yOcNy-uKWh_Mt-eDfP8xePize572jg92a5zkuECrA@mail.gmail.com>
On Mon, 2019-02-25 at 14:24 -0800, Matthew Garrett wrote:
> On Mon, Feb 25, 2019 at 2:14 PM James Bottomley
> <James.Bottomley@hansenpartnership.com> wrote:
> > > Being able to get away without any LPC support code at all seems
> > > like
> > > a win, as does not having any ACPI or DeviceTree parsing code.
> > > Injecting the hardware information via the kernel command line
> > > isn't
> > > impossible, but it's not an attractive solution.
> >
> > Heh, but isn't that exactly what crosvm did for usb:
> >
> > https://chromium.googlesource.com/chromiumos/overlays/chromiumos-ov
> > erlay/+/add5a4c3751778e5380f00b2ee6cebcb6bda48fc
>
> My understanding is that the crosvm USB code is intended to allow
> arbitrary USB hardware to be passed through to the guest - doing this
> via virtio sounds complicated (you'd need a virtio driver that
> covered every USB class, and how would you manage that for devices
> that are handled in userland at the moment),
I think you'd need a virtio equivalent of the host driver, say
xhci_virtio ... you could still use the in-kernel USB class drivers
> whereas the virtio TPM support is intended to pass through a
> software TPM rather than grant access to the host TPM.
>
> > Effectively it bypasses the hypervisor altogether and simply makes
> > a direct connection to the host devices. The TPM could actually
> > work in exactly the same way, except you'd have to use the socsim
> > IP connection (which all TSSs support) rather than a file
> > descriptor.
>
> I don't really follow - how would in-kernel TPM features work then?
If you do it at the TSS layer, then, of course, the kernel wouldn't
participate. If you used the proposed in-kernel socsim driver, I
suppose it could ... not that I'm advocating this, I'm saying if you
want to minimise hypervisor code for attack surface reduction, this
would be the way to do it because this solution requires no in-
hypervisor code at all.
James
next prev parent reply other threads:[~2019-02-25 22:32 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-22 2:14 [PATCH] tpm: Add driver for TPM over virtio David Tolnay
2019-02-22 5:51 ` Michael S. Tsirkin
2019-02-22 21:40 ` David Tolnay
2019-02-22 22:24 ` Michael S. Tsirkin
2019-02-23 1:23 ` David Tolnay
2019-02-25 9:58 ` Jarkko Sakkinen
2019-02-22 10:26 ` Jarkko Sakkinen
2019-02-22 15:23 ` Michael S. Tsirkin
2019-02-22 19:31 ` Jarkko Sakkinen
2019-02-22 19:33 ` Jarkko Sakkinen
2019-02-22 21:25 ` Michael S. Tsirkin
2019-02-22 21:50 ` Jarkko Sakkinen
2019-02-22 22:24 ` David Tolnay
2019-02-22 22:36 ` Jarkko Sakkinen
2019-02-22 23:05 ` Michael S. Tsirkin
2019-02-24 9:33 ` Jarkko Sakkinen
2019-02-22 20:55 ` Michael S. Tsirkin
2019-02-22 21:30 ` Jarkko Sakkinen
2019-02-22 10:30 ` Jarkko Sakkinen
2019-02-22 15:30 ` James Bottomley
2019-02-22 21:16 ` Michael S. Tsirkin
2019-02-22 21:31 ` Jason Gunthorpe
2019-02-22 21:59 ` Jarkko Sakkinen
2019-02-22 22:07 ` Michael S. Tsirkin
2019-02-22 22:14 ` Jarkko Sakkinen
2019-02-22 22:00 ` David Tolnay
2019-02-22 22:18 ` James Bottomley
2019-02-23 0:45 ` David Tolnay
2019-02-23 1:34 ` James Bottomley
2019-02-23 2:41 ` David Tolnay
2019-02-24 16:30 ` James Bottomley
2019-02-24 17:51 ` Jarkko Sakkinen
2019-02-24 22:12 ` David Tolnay
2019-02-25 9:55 ` Jarkko Sakkinen
2019-02-25 15:36 ` James Bottomley
2019-02-25 19:17 ` Matthew Garrett
2019-02-25 19:54 ` Jarkko Sakkinen
2019-02-25 20:20 ` James Bottomley
2019-02-25 21:00 ` Matthew Garrett
2019-02-25 21:02 ` Matthew Garrett
2019-02-25 22:14 ` James Bottomley
2019-02-25 22:24 ` Matthew Garrett
2019-02-25 22:32 ` James Bottomley [this message]
2019-02-25 22:43 ` Matthew Garrett
2019-02-25 22:51 ` James Bottomley
2019-02-25 23:02 ` Matthew Garrett
2019-02-25 23:09 ` James Bottomley
2019-02-25 21:05 ` Jarkko Sakkinen
2019-02-25 22:24 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1551133927.3226.81.camel@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=apronin@chromium.org \
--cc=dgreid@chromium.org \
--cc=dtolnay@gmail.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jasowang@redhat.com \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=mjg59@google.com \
--cc=mst@redhat.com \
--cc=peterhuewe@gmx.de \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).