From: "Xu, Quan" <quan.xu@intel.com>
To: Emil Condrea <emilcondrea@gmail.com>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
Stefano Stabellini <sstabellini@kernel.org>,
"stefanb@linux.vnet.ibm.com" <stefanb@linux.vnet.ibm.com>
Cc: "wei.liu2@citrix.com" <wei.liu2@citrix.com>,
"stefano.stabellini@eu.citrix.com"
<stefano.stabellini@eu.citrix.com>,
"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>,
"dgdegra@tycho.nsa.gov" <dgdegra@tycho.nsa.gov>,
"eblake@redhat.com" <eblake@redhat.com>,
"quan.xu2@aliyun.com" <quan.xu2@aliyun.com>
Subject: Re: [v9 00/19] QEMU:Xen stubdom vTPM for HVM virtual machine(QEMU Part)
Date: Wed, 13 Jul 2016 02:55:29 +0000 [thread overview]
Message-ID: <945CA011AD5F084CBEA3E851C0AB28894B8FD7C8__13309.5867153772$1468378635$gmane$org@SHSMSX101.ccr.corp.intel.com> (raw)
In-Reply-To: <1468151270-12984-1-git-send-email-emilcondrea@gmail.com>
Emil, Thanks for your effort ( today I just come back to return my laptop).
btw, sstabellini@kernel.org may be the right email.
Stefan / Stefano, could you help us review these patches? Thanks in advance!!
Quan
On July 10, 2016 7:48 PM, Emil Condrea <emilcondrea@gmail.com> wrote:
> *INTRODUCTION*
> The goal of virtual Trusted Platform Module (vTPM) is to provide a TPM
> functionality to virtual machines (Fedora, Ubuntu, Redhat, Windows .etc).
> This allows programs to interact with a TPM in a virtual machine the same way
> they interact with a TPM on the physical system. Each virtual machine gets its
> own unique, emulated, software TPM. Each major component of vTPM is
> implemented as a stubdom, providing secure separation guaranteed by the
> hypervisor.
>
> The vTPM stubdom is a Xen mini-OS domain that emulates a TPM for the
> virtual machine to use. It is a small wrapper around the Berlios TPM emulator.
> TPM commands are passed from mini-os TPM backend driver.
>
> *ARCHITECTURE*
> The architecture of stubdom vTPM for HVM virtual machine:
>
> +--------------------+
> | Windows/Linux DomU | ...
> | | ^ |
> | v | |
> | Qemu tpm1.2 Tis |
> | | ^ |
> | v | |
> | XenStubdoms backend|
> +--------------------+
> | ^
> v |
> +--------------------+
> | XenDevOps |
> +--------------------+
> | ^
> v |
> +--------------------+
> | mini-os/tpmback |
> | | ^ |
> | v | |
> | vtpm-stubdom | ...
> | | ^ |
> | v | |
> | mini-os/tpmfront |
> +--------------------+
> | ^
> v |
> +--------------------+
> | mini-os/tpmback |
> | | ^ |
> | v | |
> | vtpmmgr-stubdom |
> | | ^ |
> | v | |
> | mini-os/tpm_tis |
> +--------------------+
> | ^
> v |
> +--------------------+
> | Hardware TPM |
> +--------------------+
>
> * Windows/Linux DomU:
> The HVM based guest that wants to use a vTPM. There may be
> more than one of these.
>
> * Qemu tpm1.2 Tis:
> Implementation of the tpm1.2 Tis interface for HVM virtual
> machines. It is Qemu emulation device.
>
> * vTPM xenstubdoms driver:
> Qemu vTPM driver. This driver provides vtpm initialization
> and sending data and commends to a para-virtualized vtpm
> stubdom.
>
> * XenDevOps:
> Register Xen stubdom vTPM frontend driver, and transfer any
> request/repond between TPM xenstubdoms driver and Xen vTPM
> stubdom. Facilitate communications between Xen vTPM stubdom
> and vTPM xenstubdoms driver.
>
> * mini-os/tpmback:
> Mini-os TPM backend driver. The Linux frontend driver connects
> to this backend driver to facilitate communications between the
> Linux DomU and its vTPM. This driver is also used by vtpmmgr
> stubdom to communicate with vtpm-stubdom.
>
> * vtpm-stubdom:
> A mini-os stub domain that implements a vTPM. There is a
> one to one mapping between running vtpm-stubdom instances and
> logical vtpms on the system. The vTPM Platform Configuration
> Registers (PCRs) are all initialized to zero.
>
> * mini-os/tpmfront:
> Mini-os TPM frontend driver. The vTPM mini-os domain vtpm
> stubdom uses this driver to communicate with vtpmmgr-stubdom.
> This driver could also be used separately to implement a mini-os
> domain that wishes to use a vTPM of its own.
>
> * vtpmmgr-stubdom:
> A mini-os domain that implements the vTPM manager. There is only
> one vTPM manager and it should be running during the entire lifetime
> of the machine. vtpmmgr domain securely stores encryption keys for
> each of the vtpms and accesses to the hardware TPM to get the root of
> trust for the entire system.
>
> * mini-os/tpm_tis:
> Mini-os TPM version 1.2 TPM Interface Specification (TIS) driver.
> This driver used by vtpmmgr-stubdom to talk directly to the hardware
> TPM. Communication is facilitated by mapping hardware memory pages
> into vtpmmgr stubdom.
>
> * Hardware TPM: The physical TPM 1.2 that is soldered onto the
> motherboard.
>
> ---
> Changes in v9
> High level changes: (each patch has a detailed history versioning)
> * rebase on upstream qemu
> * refactor qemu xendevs, xenstore functions in order to be shared with both
> backend and frontends
> * convert tpm stubdoms to new qapi layout
> * use libxengnttab, libxenevtchn stable API instead of xc_* calls
> * added reset_tpm_established_flag and get_tpm_version for TPMDriverOps
> * instead of xen_frontend.c global variable xenstore_dev, use vtpm specific
> xenstore_vtpm_dev (since it will be needed just for tpm_xenstubdoms qemu
> driver)
>
>
> Emil Condrea (19):
> xen: Create a new file xen_pvdev.c
> xen: Create a new file xen_frontend.c
> xen: Move xenstore_update to xen_pvdev.c
> xen: Move evtchn functions to xen_pvdev.c
> xen: Prepare xendev qtail to be shared with frontends
> xen: Rename xen_be_printf to xen_pv_printf
> xen: Rename xen_be_unbind_evtchn
> xen: Rename xen_be_send_notify
> xen: Rename xen_be_evtchn_event
> xen: Rename xen_be_find_xendev
> xen: Rename xen_be_del_xendev
> xen: Rename xen_be_frontend_changed
> xen: Distinguish between frontend and backend devops
> Qemu-Xen-vTPM: Support for Xen stubdom vTPM command line options
> Qemu-Xen-vTPM: Xen frontend driver infrastructure
> Qemu-Xen-vTPM: Register Xen stubdom vTPM frontend driver
> Qemu-Xen-vTPM: Move tpm_passthrough_is_selftest() into tpm_util.c
> Qemu-Xen-vTPM: Qemu vTPM xenstubdoms backend
> Qemu-Xen-vTPM: QEMU machine class is initialized before tpm_init()
>
> backends/tpm.c | 11 ++
> configure | 14 ++
> hmp.c | 2 +
> hw/block/xen_disk.c | 59 +++---
> hw/char/xen_console.c | 16 +-
> hw/display/xenfb.c | 57 +++---
> hw/net/xen_nic.c | 29 +--
> hw/tpm/Makefile.objs | 3 +-
> hw/tpm/tpm_passthrough.c | 13 +-
> hw/tpm/tpm_util.c | 11 ++
> hw/tpm/tpm_util.h | 1 +
> hw/tpm/tpm_xenstubdoms.c | 284 ++++++++++++++++++++++++++
> hw/tpm/xen_vtpm_frontend.c | 303 ++++++++++++++++++++++++++++
> hw/tpm/xen_vtpm_frontend.h | 10 +
> hw/usb/xen-usb.c | 38 ++--
> hw/xen/Makefile.objs | 2 +-
> hw/xen/xen_backend.c | 378 ++++-------------------------------
> hw/xen/xen_devconfig.c | 4 +-
> hw/xen/xen_frontend.c | 416
> +++++++++++++++++++++++++++++++++++++++
> hw/xen/xen_pvdev.c | 298 ++++++++++++++++++++++++++++
> include/hw/xen/xen_backend.h | 71 +------
> include/hw/xen/xen_frontend.h | 20 ++
> include/hw/xen/xen_pvdev.h | 83 ++++++++
> include/sysemu/tpm_backend_int.h | 2 +
> qapi-schema.json | 16 +-
> qemu-options.hx | 13 +-
> tpm.c | 7 +-
> vl.c | 17 +-
> xen-common.c | 4 +-
> xen-hvm.c | 6 +
> 30 files changed, 1649 insertions(+), 539 deletions(-) create mode 100644
> hw/tpm/tpm_xenstubdoms.c create mode 100644
> hw/tpm/xen_vtpm_frontend.c create mode 100644
> hw/tpm/xen_vtpm_frontend.h create mode 100644 hw/xen/xen_frontend.c
> create mode 100644 hw/xen/xen_pvdev.c create mode 100644
> include/hw/xen/xen_frontend.h create mode 100644
> include/hw/xen/xen_pvdev.h
>
> --
> 1.9.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-07-13 2:55 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1468151270-12984-1-git-send-email-emilcondrea@gmail.com>
2016-07-10 11:47 ` [PATCH 01/19] xen: Create a new file xen_pvdev.c Emil Condrea
2016-07-10 11:47 ` [PATCH 02/19] xen: Create a new file xen_frontend.c Emil Condrea
2016-07-25 13:45 ` Anthony PERARD
2016-07-10 11:47 ` [PATCH 03/19] xen: Move xenstore_update to xen_pvdev.c Emil Condrea
2016-07-10 11:47 ` [PATCH 04/19] xen: Move evtchn functions " Emil Condrea
2016-07-25 13:53 ` Anthony PERARD
[not found] ` <20160725135311.GI1835@perard.uk.xensource.com>
2016-07-27 23:16 ` Eric Blake
2016-07-31 9:47 ` Emil Condrea
2016-07-10 11:47 ` [PATCH 05/19] xen: Prepare xendev qtail to be shared with frontends Emil Condrea
2016-07-10 11:47 ` [PATCH 06/19] xen: Rename xen_be_printf to xen_pv_printf Emil Condrea
2016-07-10 11:47 ` [PATCH 07/19] xen: Rename xen_be_unbind_evtchn Emil Condrea
2016-07-25 13:56 ` Anthony PERARD
2016-07-10 11:47 ` [PATCH 08/19] xen: Rename xen_be_send_notify Emil Condrea
2016-07-25 13:58 ` Anthony PERARD
2016-07-10 11:47 ` [PATCH 09/19] xen: Rename xen_be_evtchn_event Emil Condrea
2016-07-10 11:47 ` [PATCH 10/19] xen: Rename xen_be_find_xendev Emil Condrea
2016-07-10 11:47 ` [PATCH 11/19] xen: Rename xen_be_del_xendev Emil Condrea
2016-07-10 11:47 ` [PATCH 12/19] xen: Rename xen_be_frontend_changed Emil Condrea
2016-07-10 11:47 ` [PATCH 13/19] xen: Distinguish between frontend and backend devops Emil Condrea
2016-07-10 11:47 ` [PATCH 14/19] Qemu-Xen-vTPM: Support for Xen stubdom vTPM command line options Emil Condrea
2016-07-10 11:47 ` [PATCH 15/19] Qemu-Xen-vTPM: Xen frontend driver infrastructure Emil Condrea
2016-07-25 16:01 ` Anthony PERARD
2016-08-07 11:39 ` Emil Condrea
[not found] ` <CAAULxKKk-UiLFPWn8GH4oDEqQEAowBSgdUHCPGvfX_Ubr_rztg@mail.gmail.com>
2016-08-09 11:40 ` Xuquan (Euler)
2016-07-10 11:47 ` [PATCH 16/19] Qemu-Xen-vTPM: Register Xen stubdom vTPM frontend driver Emil Condrea
2016-07-10 11:47 ` [PATCH 17/19] Qemu-Xen-vTPM: Move tpm_passthrough_is_selftest() into tpm_util.c Emil Condrea
2016-07-10 11:47 ` [PATCH 18/19] Qemu-Xen-vTPM: Qemu vTPM xenstubdoms backend Emil Condrea
2016-07-10 11:47 ` [PATCH 19/19] Qemu-Xen-vTPM: QEMU machine class is initialized before tpm_init() Emil Condrea
2016-07-13 2:55 ` Xu, Quan [this message]
[not found] ` <945CA011AD5F084CBEA3E851C0AB28894B8FD7C8@SHSMSX101.ccr.corp.intel.com>
2016-07-14 15:33 ` [v9 00/19] QEMU:Xen stubdom vTPM for HVM virtual machine(QEMU Part) Stefano Stabellini
2016-07-17 6:56 ` Quan Xu
[not found] ` <1468151270-12984-2-git-send-email-emilcondrea@gmail.com>
2016-07-25 13:41 ` [Qemu-devel] [PATCH 01/19] xen: Create a new file xen_pvdev.c Anthony PERARD
2016-07-25 14:09 ` [Qemu-devel] [v9 00/19] QEMU:Xen stubdom vTPM for HVM virtual machine(QEMU Part) Anthony PERARD
[not found] ` <20160725140941.GL1835@perard.uk.xensource.com>
2016-07-31 9:57 ` Emil Condrea
2016-10-04 6:52 ` Emil Condrea
2016-07-10 11:47 Emil Condrea
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='945CA011AD5F084CBEA3E851C0AB28894B8FD7C8__13309.5867153772$1468378635$gmane$org@SHSMSX101.ccr.corp.intel.com' \
--to=quan.xu@intel.com \
--cc=dgdegra@tycho.nsa.gov \
--cc=eblake@redhat.com \
--cc=emilcondrea@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=quan.xu2@aliyun.com \
--cc=sstabellini@kernel.org \
--cc=stefanb@linux.vnet.ibm.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).