On 12/12/22 09:47, James Bottomley wrote:
On Mon, 2022-12-12 at 09:44 -0500, Stefan Berger wrote:


On 12/12/22 09:32, James Bottomley wrote:
On Mon, 2022-12-12 at 09:27 -0500, Stefan Berger wrote:


On 12/12/22 08:59, James Bottomley wrote:
On Mon, 2022-12-12 at 08:43 -0500, Stefan Berger wrote:


On 12/10/22 12:10, James Bottomley wrote:
The Microsoft Simulator (mssim) is the reference emulation
platform
for the TCG TPM 2.0 specification.

https://github.com/Microsoft/ms-tpm-20-ref.git

It exports a fairly simple network socket baset protocol on
two

baset -> based.

sockets, one for command (default 2321) and one for control
(default 2322).  This patch adds a simple backend that can
speak the mssim protocol over the network.  It also allows
the
host, and two ports to be specified on the qemu command
line.
The benefits are twofold: firstly it gives us a backend
that
actually speaks a standard TPM emulation protocol instead
of
the linux specific TPM driver format of the current
emulated
TPM backend and secondly, using the microsoft protocol, the
end
point of the emulator can be anywhere on the network,
facilitating the cloud use case where a central TPM ervice
can
be used over a control network.

The implementation does basic control commands like power
off/on, but doesn't implement cancellation or startup.  The
former because cancellation is pretty much useless on a
fast
operating TPM emulator and the latter because this emulator
is
designed to be used with OVMF which itself does TPM startup
and
I wanted to validate that.

How did you implement VM suspend/resume and snapshotting
support?

TPM2 doesn't need to.  The mssim follows the reference model
which


You mean TPM2 doesn't need to resume at the point where the VM
resumes (I am not talking about ACPI resume but virsh
save/restore)
after for example a host reboot?
What does this have to do with the mssim reference model and
TPM2_Shutdown protocol?

Running S3 suspend/resume before doing VM save/restore could fix a
lot of issue with passthrough PCI and when QEMU gets around to
doing that a TPM following the standard model should just work.
It's useful to have a driver supporting this work.
Did you test it with virsh save / restore with the mssim TPM? Does it
work? Does it work if you reboot the host in between?

I don't actually use virsh in my harness.  I'm mostly interested in the
running the kernel TPM selftests against the reference model.  But I
anticipate it wouldn't currently work because I don't believe virsh
triggers a S3 event which is why snapshot and migration doesn't always
work with PCI passthrough.

Then I think you should at least add a blocker to your model so that 
suspend/resume/snapshotting/migration are all disabled because the mssim reference 
implementation doesn't support permanent & volatile state suspend/resume (and 
upgrading!) without significant work on it as can be seen in libtpms.

Why would we support another model for the backend that provides no advantages 
over what is there right now?

  Stefan


James





Reply via email to