On Tue, 2017-10-03 at 17:21 -0400, Stefan Berger wrote: > On 09/29/2017 07:10 AM, Amarnath Valluri wrote: > > > > This change introduces a new TPM backend driver that can > > communicate with > > swtpm(software TPM emulator) using unix domain socket interface. > > QEMU talks to > > TPM emulator using QEMU's socket-based chardev backend device. > > > > Swtpm uses two Unix sockets for communications, one for plain TPM > > commands and > > responses, and one for out-of-band control messages. QEMU passes > > data socket to > > be used over the control channel. > > > > The swtpm and associated tools can be found here: > > https://github.com/stefanberger/swtpm > > > > The swtpm's control channel protocol specification can be found > > here: > > https://github.com/stefanberger/swtpm/wiki/Control-Channel-Spe > > cification > > > > Usage: > > # setup TPM state directory > > mkdir /tmp/mytpm > > chown -R tss:root /tmp/mytpm > > /usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek > To run this, one needs the latest version of swtpm that supports the > file descriptor passing. > Then one can start the swtpm like this: > > swtpm socket --tpmstate dir=/tmp/mytpm --ctrl > type=unixio,path=/tmp/swtpm-sock --log level=20 > > I tested the SeaBIOS menu items so far and that works fine, also for > TPM2 (--tpm2).
Greate, Thanks for you feedback. - Amarnath