From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:52111)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1RAKEa-0001rO-6h
	for qemu-devel@nongnu.org; Sun, 02 Oct 2011 07:29:28 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1RAKEY-00053e-Ry
	for qemu-devel@nongnu.org; Sun, 02 Oct 2011 07:29:28 -0400
Received: from mx1.redhat.com ([209.132.183.28]:41624)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1RAKEY-00053W-JY
	for qemu-devel@nongnu.org; Sun, 02 Oct 2011 07:29:26 -0400
Date: Sun, 2 Oct 2011 13:30:09 +0200
From: "Michael S. Tsirkin" <mst@redhat.com>
Message-ID: <20111002113009.GG30747@redhat.com>
References: <20110928132255.156431784@linux.vnet.ibm.com>
	<20110928132410.489340755@linux.vnet.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20110928132410.489340755@linux.vnet.ibm.com>
Subject: Re: [Qemu-devel] [PATCH V11 5/5] Add a TPM Passthrough backend
 driver implementation
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc: serge@hallyn.com, qemu-devel@nongnu.org, anbang.ruan@cs.ox.ac.uk, andreas.niederl@iaik.tugraz.at

On Wed, Sep 28, 2011 at 09:23:00AM -0400, Stefan Berger wrote:

...

> Some notes about the host TPM:
> The TPM needs to be enabled and activated. If that's not the case one
> has to go through the BIOS/UEFI and enable and activate that TPM for TPM
> commands to work as expected.
> It may be necessary to boot the kernel using tpm_tis.force=1 in the boot
> command line or 'modprobe tpm_tis force=1' in case of using it as a module.

...

> Index: qemu-git.pt/configure
> ===================================================================
> --- qemu-git.pt.orig/configure
> +++ qemu-git.pt/configure
> @@ -3565,6 +3565,9 @@ fi
>  
>  if test "$tpm" = "yes"; then
>    if test "$target_softmmu" = "yes" ; then
> +    if test "$linux" = "yes" ; then
> +      echo "CONFIG_TPM_PASSTHROUGH=y" >> $config_target_mak
> +    fi

I think we might want to make this a configure option
separate from tpm. The number of ways this can fail
might make some vendors want to disable this mode.

>      echo "CONFIG_TPM=y" >> $config_host_mak
>    fi
>  fi