Re: [PATCH 0/6] vTPM: Xen stubdom vTPM for HVM virtual machine

From: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
To: "Xu, Quan" <quan.xu@intel.com>
Cc: "keir@xen.org" <keir@xen.org>,
	"ian.campbell@citrix.com" <ian.campbell@citrix.com>,
	Stefano Stabellini <stefano.stabellini@eu.citrix.com>,
	"tim@xen.org" <tim@xen.org>,
	"ian.jackson@eu.citrix.com" <ian.jackson@eu.citrix.com>,
	"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>,
	"jbeulich@suse.com" <jbeulich@suse.com>,
	"wei.liu2@citrix.com" <wei.liu2@citrix.com>,
	Daniel De Graaf <dgdegra@tycho.nsa.gov>
Subject: Re: [PATCH 0/6] vTPM: Xen stubdom vTPM for HVM virtual machine
Date: Wed, 5 Nov 2014 11:01:37 +0000	[thread overview]
Message-ID: <alpine.DEB.2.02.1411051056500.22875@kaball.uk.xensource.com> (raw)
In-Reply-To: <945CA011AD5F084CBEA3E851C0AB28890E81FD36@SHSMSX101.ccr.corp.intel.com>

On Wed, 5 Nov 2014, Xu, Quan wrote:
> > -----Original Message-----
> > From: Stefano Stabellini [mailto:stefano.stabellini@eu.citrix.com]
> > Sent: Monday, November 03, 2014 7:30 PM
> > To: Xu, Quan
> > Cc: xen-devel@lists.xen.org; keir@xen.org; ian.campbell@citrix.com;
> > tim@xen.org; ian.jackson@eu.citrix.com; jbeulich@suse.com
> > Subject: Re: [Xen-devel] [PATCH 0/6] vTPM: Xen stubdom vTPM for HVM
> > virtual machine
> > 
> > On Thu, 30 Oct 2014, Quan Xu wrote:
> > >
> > > Signed-off-by: Quan Xu <quan.xu@intel.com>
> > >
> > > This patch series are only the Xen part to enable stubdom vTPM for HVM
> > virtual machine.
> > > it will work w/ Qemu patch series and seaBios patch series. Change
> > > QEMU_STUBDOM_VTPM compile option from 'n' to 'y', when the
> > Qemu/SeaBios patch series are merged.
> > 
> > Please, could you add more detailed commit messages in your patches?
> > Also spending a few more words here to explain why are you doing this and
> > how would help.
> > 
> The goal of virtual Trusted Platform Module (vTPM) is to provide a TPM functionality
> to virtual machines (Fedora, Ubuntu, Redhat, Windows .etc). This allows programs to
> interact with a TPM in a virtual machine the same way they interact with a TPM on the
> physical system. Each virtual machine gets its own unique, emulated, software TPM.
> Each major component of vTPM is implemented as a stubdom, providing secure separation
> guaranteed by the hypervisor.
> The vTPM stubdom is a Xen mini-OS domain that emulates a TPM for the virtual machine
> to use. It is a small wrapper around the Berlios TPM emulator. TPM commands are passed
> from mini-os TPM backend driver.
> 
> This patch series are to enable Xen stubdom vTPM for HVM virtual machine. his allows 
> programs to interact with a TPM in a HVM virtual machine(Fedora, Ubuntu, Redhat, Windows .etc)
> the same way they interact with a TPM on the physical system.
> 
> 
> > It looks like you are trying to introduce vTPM stubdomains. The QEMU
> > changes have been posted against upstream QEMU, that is good, however as
> > far as I know upstream QEMU doesn't build or work as a stubdomain yet.
> > Where are the changes to make upstream QEMU based stubdoms work?
> > I don't see them neither here nor in the QEMU series.
> > 
> It's Xen stubdom, not QEMU stubdom. Sorry for this confusion. 

What does "Xen stubdom" mean?
I am still a bit confused, I replied to the other email.

> > How are you testing this work?
> 
> 
> The following steps are how to build and test it: 
> 
> 1. SeaBios with my patch against upstream seabios is not submitted. I will submit seabios patch when I 
> finish these questions from review. Now I archive my seabios patch against upstream seabios in 
> Github: https://github.com/virt2x/seabios2 , try to build it for test. 
> 
> Configure it with Xen,
> --- <Xen> Config.mk
> -SEABIOS_UPSTREAM_URL ?= git://xenbits.xen.org/seabios.git
> +SEABIOS_UPSTREAM_URL ?= https://github.com/virt2x/seabios2
> [...]
> -SEABIOS_UPSTREAM_REVISION ?= rel-1.7.5
> +SEABIOS_UPSTREAM_REVISION ?= ea94c083cc15875f46f0bf288b6531154b866f5a
> 
> 2. qemu with my patch against upstream QEMU is not merged. now I archive my 
> qemu patch series again Upstream QEMU in github: https://github.com/virt2x/qemu-xen-unstable2 
> 
> Configure it with Xen, 
> --- <Xen> Config.mk
> 
> -QEMU_UPSTREAM_URL ?= git://xenbits.xen.org/qemu-upstream-unstable.git
> +QEMU_UPSTREAM_URL ?= https://github.com/virt2x/qemu-xen-unstable2
> -QEMU_UPSTREAM_REVISION ?= qemu-xen-4.5.0-rc1
> +QEMU_UPSTREAM_REVISION ?= e867e6cf86c8412ca516cf2d0ccad57130e3388c
> 
> 3. build/install Xen
> Change QEMU_STUBDOM_VTPM option from 'n' to 'y'
>    QEMU_STUBDOM_VTPM ?= y
> ./configure --prefix=/usr
> make dist
> make install 

>From the previous email, it looks like you are running QEMU in a Linux
based stubdom. If so, I don't see where are you creating it.

> 4. try to launch vtpmmgr / vtpm domain via <Xen>/docs/misc/vtpm-platforms.txt.
> The reader is assumed to have familiarity with building and installing Xen, Linux, and a basic 
> understanding of the TPM and vTPM concepts.
> 
> The Linux / Windows HVM guest configuration file needs to be modified to include the following line:
> [..]
> vtpm=["backend=domu-vtpm"]
> device_model_version = 'qemu-xen'
> acpi = 1
> [..]
> 
> ## domu-vtpm is the name vtpm domain, A mini-os stub domain that implements a vTPM. 
> 
> 5. enable native TPM 1.2 drvier in HVM virtual machine. for example enable tpm_tis.ko in Linux 
> HVM virtual machine. 
> If you have trousers and tpm_tools installed on the guest, the tpm_version
> command should return the following:
> 
> The version command should return the following:
>   TPM 1.2 Version Info:
>   Chip Version:        1.2.0.7
>   Spec Level:          2
>   Errata Revision:     1
>   TPM Vendor ID:       ETHZ
>   TPM Version:         01010000
>   Manufacturer Info:   4554485a
> 
> Or check it with sysfs, /sys/class/misc/tpm0
> 
> 
> BTW, Some local ISV are trying to integrate this feature into their cloud service for trusted services, 
> Such as trusted virtual desktop infrastructure(HVM fedora/ubuntu/redhat/windows virtual machine).
> 
> 
> > 
> > 
> > >  Config.mk                             |  4 ++++
> > >  extras/mini-os/include/tpmback.h      |  3 +++
> > >  extras/mini-os/tpmback.c              | 20 +++++++++++++++++---
> > >  tools/Makefile                        |  7 +++++++
> > >  tools/firmware/hvmloader/acpi/build.c |  5 +++--
> > >  tools/libxl/libxl.c                   | 62
> > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > +++
> > >  tools/libxl/libxl_create.c            | 16 +++++++++++++---
> > >  tools/libxl/libxl_dm.c                | 16 ++++++++++++++++
> > >  tools/libxl/libxl_dom.c               |  2 ++
> > >  tools/libxl/libxl_internal.h          |  3 +++
> > >  tools/libxl/libxl_types.idl           |  1 +
> > >  tools/libxl/xl_cmdimpl.c              |  2 ++
> > >  xen/arch/x86/hvm/hvm.c                |  3 +++
> > >  xen/include/public/hvm/params.h       |  1 +
> > >
> > > I've tried to break it down to smaller patches:
> > >
> > >  *(Patch 1/6)*  event channel bind interdomain with para/hvm virtual
> > > machine
> > >
> > >  *(Patch 2/6)*  add HVM_PARAM_STUBDOM_VTPM parameter for HVM
> > virtual
> > > machine
> > >
> > >  *(Patch 3/6)*  limit libxl__add_vtpms() function to para virtual
> > > machine
> > >
> > >  *(Patch 4/6)*  add TPM TCPA and SSDT for HVM virtual machine when
> > > vTPM is added
> > >
> > >  *(Patch 5/6)*  add vTPM device for HVM virtual machine
> > >
> > >  *(Patch 6/6)*  add QEMU_STUBDOM_VTPM compile option
> > >
> > >
> > > _______________________________________________
> > > Xen-devel mailing list
> > > Xen-devel@lists.xen.org
> > > http://lists.xen.org/xen-devel
> > >
> 