Re: [Qemu-devel] vNVRAM / blobstore design

On Tue, Apr 02, 2013 at 09:24:51AM -0400, Kenneth Goldman wrote: > > > You are of course correct. I advised an integrity value just to detect > > > a hardware or software fault. The check value would not protect against > > > an > > > attack. > > > > Fair enough, but why protect these bits speci

Re: [Qemu-devel] vNVRAM / blobstore design

> > You are of course correct. I advised an integrity value just to detect > > a hardware or software fault. The check value would not protect against an > > attack. > > Fair enough, but why protect these bits specifically? > E.g. disk corruption seems more likely (since it's bigger). Add > in

Re: [Qemu-devel] vNVRAM / blobstore design

On Sun, Mar 31, 2013 at 04:48:24PM -0400, Kenneth Goldman wrote: > "Michael S. Tsirkin" wrote on 03/31/2013 04:17:28 AM: > > > > You want to protect against someone who is able to > > manipulate some bits in the file (content) but not others (hash)? > > What's the attack you are trying to protect

Re: [Qemu-devel] vNVRAM / blobstore design

"Michael S. Tsirkin" wrote on 03/31/2013 04:17:28 AM: > > You want to protect against someone who is able to > manipulate some bits in the file (content) but not others (hash)? > What's the attack you are trying to protect against here? > > I'm guessing the only result of extra checksums would b

Re: [Qemu-devel] vNVRAM / blobstore design

On Fri, Mar 29, 2013 at 01:33:01PM -0400, Kenneth Goldman wrote: > > One thing I'd like to get clarity about is the following corner-case. A > > user supplies some VM image as persistent storage for the TPM. It > > contains garbage. How do we handle this case? Does the TPM then just > > start writi

Re: [Qemu-devel] vNVRAM / blobstore design

> One thing I'd like to get clarity about is the following corner-case. A > user supplies some VM image as persistent storage for the TPM. It > contains garbage. How do we handle this case? Does the TPM then just > start writing its state into this image or do we want to have some layer > in p

Re: [Qemu-devel] vNVRAM / blobstore design

Stefan Berger writes: > On 03/28/2013 01:39 PM, Michael S. Tsirkin wrote: >> On Thu, Mar 28, 2013 at 12:27:45PM -0500, Anthony Liguori wrote: >>> Stefan Berger writes: >>> On 03/27/2013 03:12 PM, Stefan Berger wrote: > On 03/27/2013 02:27 PM, Anthony Liguori wrote: >> Stefan Berger

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/28/2013 01:39 PM, Michael S. Tsirkin wrote: On Thu, Mar 28, 2013 at 12:27:45PM -0500, Anthony Liguori wrote: Stefan Berger writes: On 03/27/2013 03:12 PM, Stefan Berger wrote: On 03/27/2013 02:27 PM, Anthony Liguori wrote: Stefan Berger writes: On 03/27/2013 01:14 PM, Anthony Liguo

Re: [Qemu-devel] vNVRAM / blobstore design

On Thu, Mar 28, 2013 at 12:27:45PM -0500, Anthony Liguori wrote: > Stefan Berger writes: > > > On 03/27/2013 03:12 PM, Stefan Berger wrote: > >> On 03/27/2013 02:27 PM, Anthony Liguori wrote: > >>> Stefan Berger writes: > >>> > On 03/27/2013 01:14 PM, Anthony Liguori wrote: > > Stefan B

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/28/2013 01:27 PM, Anthony Liguori wrote: Stefan Berger writes: On 03/27/2013 03:12 PM, Stefan Berger wrote: On 03/27/2013 02:27 PM, Anthony Liguori wrote: Stefan Berger writes: On 03/27/2013 01:14 PM, Anthony Liguori wrote: Stefan Berger writes: What I struggle with is that we're

Re: [Qemu-devel] vNVRAM / blobstore design

Stefan Berger writes: > On 03/27/2013 03:12 PM, Stefan Berger wrote: >> On 03/27/2013 02:27 PM, Anthony Liguori wrote: >>> Stefan Berger writes: >>> On 03/27/2013 01:14 PM, Anthony Liguori wrote: > Stefan Berger writes: > > What I struggle with is that we're calling this a "blo

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/28/2013 12:31 PM, Michael S. Tsirkin wrote: On Thu, Mar 28, 2013 at 12:11:22PM -0400, Stefan Berger wrote: On 03/27/2013 03:12 PM, Stefan Berger wrote: On 03/27/2013 02:27 PM, Anthony Liguori wrote: Stefan Berger writes: On 03/27/2013 01:14 PM, Anthony Liguori wrote: Stefan Berger w

Re: [Qemu-devel] vNVRAM / blobstore design

On Thu, Mar 28, 2013 at 12:11:22PM -0400, Stefan Berger wrote: > On 03/27/2013 03:12 PM, Stefan Berger wrote: > >On 03/27/2013 02:27 PM, Anthony Liguori wrote: > >>Stefan Berger writes: > >> > >>>On 03/27/2013 01:14 PM, Anthony Liguori wrote: > Stefan Berger writes: > > What I strugg

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/27/2013 03:12 PM, Stefan Berger wrote: On 03/27/2013 02:27 PM, Anthony Liguori wrote: Stefan Berger writes: On 03/27/2013 01:14 PM, Anthony Liguori wrote: Stefan Berger writes: What I struggle with is that we're calling this a "blobstore". Using BER to store "blobs" seems kind of po

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/27/2013 02:27 PM, Anthony Liguori wrote: Stefan Berger writes: On 03/27/2013 01:14 PM, Anthony Liguori wrote: Stefan Berger writes: What I struggle with is that we're calling this a "blobstore". Using BER to store "blobs" seems kind of pointless especially when we're talking about ex

Re: [Qemu-devel] vNVRAM / blobstore design

Stefan Berger writes: > On 03/27/2013 01:14 PM, Anthony Liguori wrote: >> Stefan Berger writes: >> >>> >> What I struggle with is that we're calling this a "blobstore". Using >> BER to store "blobs" seems kind of pointless especially when we're >> talking about exactly three blobs. >> >> I susp

Re: [Qemu-devel] vNVRAM / blobstore design

On Wed, Mar 27, 2013 at 12:14:00PM -0500, Anthony Liguori wrote: > Stefan Berger writes: > > > On 03/27/2013 12:12 PM, Joel Schopp wrote: > >> > >>> Yea it's not hard to invent a random format each time we write something > >>> on disk. > >>> > >>> But I think ASN.1 BER will be useful to have in

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/27/2013 01:14 PM, Anthony Liguori wrote: Stefan Berger writes: What I struggle with is that we're calling this a "blobstore". Using BER to store "blobs" seems kind of pointless especially when we're talking about exactly three blobs. I suspect real hardware does something like, flash

Re: [Qemu-devel] vNVRAM / blobstore design

Stefan Berger writes: > On 03/27/2013 12:12 PM, Joel Schopp wrote: >> >>> Yea it's not hard to invent a random format each time we write something >>> on disk. >>> >>> But I think ASN.1 BER will be useful to have in qemu anyway. E.g. it's a >>> better format for migration than what we have now.

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/27/2013 12:12 PM, Joel Schopp wrote: Yea it's not hard to invent a random format each time we write something on disk. But I think ASN.1 BER will be useful to have in qemu anyway. E.g. it's a better format for migration than what we have now. Once we have it in tree re-using it seems cl

Re: [Qemu-devel] vNVRAM / blobstore design

> Yea it's not hard to invent a random format each time we write something > on disk. > But I think ASN.1 BER will be useful to have in qemu anyway. E.g. it's a > better format for migration than what we have now. Once we have it in > tree re-using it seems cleaner than maintaining some per-TPM

Re: [Qemu-devel] vNVRAM / blobstore design

A few comments FWIW When I first did TPM 1.2, I stored different parts of the TPM NV data (permanent data, owner evict keys, defined space) in different files. It got ugly and I eventually changed to one big blob, This was far more portable, worked better for real flash memory, etc. It also h

Re: [Qemu-devel] vNVRAM / blobstore design

Yea it's not hard to invent a random format each time we write something on disk. But I think ASN.1 BER will be useful to have in qemu anyway. E.g. it's a better format for migration than what we have now. Once we have it in tree re-using it seems cleaner than maintaining some per-TPM thing.

Re: [Qemu-devel] vNVRAM / blobstore design

On Wed, Mar 27, 2013 at 05:30:09PM +0200, Michael S. Tsirkin wrote: > On Wed, Mar 27, 2013 at 11:20:43AM -0400, Corey Bryant wrote: > > > > > > On 03/27/2013 11:17 AM, Corey Bryant wrote: > > > > > > > > >On 03/25/2013 06:20 PM, Stefan Berger wrote: > > >>On 03/25/2013 06:05 PM, Anthony Liguori w

Re: [Qemu-devel] vNVRAM / blobstore design

On Wed, Mar 27, 2013 at 11:43:53AM -0400, Kenneth Goldman wrote: > A few comments FWIW > > When I first did TPM 1.2, I stored different parts of the TPM NV data > (permanent data, owner evict keys, defined space) in different files. It got > ugly and I eventually changed to one big blob, This was

Re: [Qemu-devel] vNVRAM / blobstore design

On Wed, Mar 27, 2013 at 11:20:43AM -0400, Corey Bryant wrote: > > > On 03/27/2013 11:17 AM, Corey Bryant wrote: > > > > > >On 03/25/2013 06:20 PM, Stefan Berger wrote: > >>On 03/25/2013 06:05 PM, Anthony Liguori wrote: > >>>Stefan Berger writes: > >>> > [argh, just posted this to qemu-trivia

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/27/2013 11:17 AM, Corey Bryant wrote: On 03/25/2013 06:20 PM, Stefan Berger wrote: On 03/25/2013 06:05 PM, Anthony Liguori wrote: Stefan Berger writes: [argh, just posted this to qemu-trivial -- it's not trivial] Hello! I am posting this message to revive the previous discussion

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/25/2013 06:20 PM, Stefan Berger wrote: On 03/25/2013 06:05 PM, Anthony Liguori wrote: Stefan Berger writes: [argh, just posted this to qemu-trivial -- it's not trivial] Hello! I am posting this message to revive the previous discussions about the design of vNVRAM / blobstore cc'ing

Re: [Qemu-devel] vNVRAM / blobstore design

On 03/25/2013 06:05 PM, Anthony Liguori wrote: Stefan Berger writes: [argh, just posted this to qemu-trivial -- it's not trivial] Hello! I am posting this message to revive the previous discussions about the design of vNVRAM / blobstore cc'ing (at least) those that participated in this disc

Re: [Qemu-devel] vNVRAM / blobstore design

Stefan Berger writes: > [argh, just posted this to qemu-trivial -- it's not trivial] > > > Hello! > > I am posting this message to revive the previous discussions about the > design of vNVRAM / blobstore cc'ing (at least) those that participated > in this discussion 'back then'. > > The first g

[Qemu-devel] vNVRAM / blobstore design

[argh, just posted this to qemu-trivial -- it's not trivial] Hello! I am posting this message to revive the previous discussions about the design of vNVRAM / blobstore cc'ing (at least) those that participated in this discussion 'back then'. The first goal of the implementation is to provid