On 06/29/2017 07:12 PM, Javier Martinez Canillas wrote:
On 06/29/2017 06:09 PM, Stefan Berger wrote:On 06/29/2017 08:39 AM, Javier Martinez Canillas wrote:[snip]= TPM backend devices = The TPM implementation is split into two parts. The one part is the hardware interface, such as the TPM TIS interface described earlier, and the TPM backend interface. The backend interfaces implement the interaction with a TPM device, which may be a physical or an emulated device. The split between the front- and backend devices allows a frontend to be connected with any available backend. This enables the TIS interface to be used with the passthrough backend or the (future) swtpm backend.So we will need another TPM interface that implements the CRB interface? INo. How did you infer that ?I thought that if the host firmware set the TPM2 Start Method to CRB instead of TIS1.2+cancel, then the guest would have to use the same interface. But now with your patch libvirt doesn't complain anymore about a missing cancel sysfs file and I could access the host TPM2.0 as a pass-through device, even when the host is using the tpm_crb driver while the guest uses the tpm_tis one.
For passthrough really only /dev/tpm0 matters. The rest of the interface and what interface the host device has doesn't matter, at least not with the TPM device.
Regards,
Stefan
