Do you refer to the patches that add TPM support to the SeaBIOS?
If this is the case, this is just a completely virtual TPM without any
link with the TPM of the physical machine, right?
Jordi.
On 08/30/2012 04:50 PM, Stefan Berger wrote:
On 08/30/2012 10:21 AM, Jordi Cucurull Juan wrote:
Dear Stefan,
What does it mean that the patches with the VTPM functionality exist
but they are behind the regular ones? Does it mean that they are not
currently updated? That they have less priority?
It means that in my patch queue they are 'behind' the ones I posted
over the last few months.
Stefan
Best regards,
Jordi.
On 08/29/2012 02:57 PM, Stefan Berger wrote:
On 08/23/2012 04:05 PM, Corey Bryant wrote:
On 08/21/2012 06:31 AM, Jordi Cucurull Juan wrote:
Dear all,
After applying the TPM patches to QEMU, I was wondering if it is
possible to simultaneously use the TPM in more than one virtual
machine,
i.e. virtualisation of the TPM.
According to the paper "Stefan Berger, Ramón Cáceres, Kenneth A.
Goldman, Ronald Perez, Reiner Sailer, Leendert van Doorn. vTPM:
Virtualizing the Trusted Platform Module" this seems to be
possible in
Xen. Is not possible in QEMU?
Thanks!
Jordi.
I don't think the pass-through driver supports use by multiple VMs.
Stefan Berger should be able to answer better so I'm adding him to
the thread.
The pass-through driver cannot provide access for multiple VMs to
the single hardware TPM on the host. The usage model and the
statefulness of the TPM (SRK password, owner password, keys)
basically prevent/complicate this. The implementation for Xen was
indep. of the Qemu code base today and there we used a software
implementation of the TPM that provided a private TPm instance to
each VM. I have patches for this for Qemu but due to an IRC chat in
Sept. 2011 they are 'behind' the pass-through driver patches.
Stefan