thr3ads.net - Xen devel - [Xen-devel] vTPM on HVM Xen 3.1.2 [Dec 2007]

If this information is useful, please help other people find it:
Share via:

Kuniyasu Suzaki

2007-Dec-10 14:20 UTC

[Xen-devel] vTPM on HVM Xen 3.1.2

Hello.

I tried to use vTPM (tpm_emulator 0.5 on Dom0) for HVM Xen 3.1.2 but
it did not work well.  Please tell me how to set up.

I set up vtpm for HVM Domain and included tpm_tis module on HVM
Domain. It looked work well.
  # modprobe tpm_tis
  # mount -t securityfs none /sys/kernel/security
However there are null files under "/sys/kernel/security/tpm0/".

Please tell me how to setup "vtpm_managerd" on Dom0.

------
suzaki

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Cihula, Joseph

2007-Dec-10 19:24 UTC

head link

RE: [Xen-devel] vTPM on HVM Xen 3.1.2

On Monday, December 10, 2007 6:20 AM, Kuniyasu Suzaki
wrote:> Hello.
> 
> I tried to use vTPM (tpm_emulator 0.5 on Dom0) for HVM Xen 3.1.2 but
> it did not work well.  Please tell me how to set up.
> 
> I set up vtpm for HVM Domain and included tpm_tis module on HVM
> Domain. It looked work well.
>   # modprobe tpm_tis
>   # mount -t securityfs none /sys/kernel/security
> However there are null files under "/sys/kernel/security/tpm0/".
> 
> Please tell me how to setup "vtpm_managerd" on Dom0.
You can find instructions for using the vTPM in docs/misc/vtpm.txt.  The
tools/vtpm_manager/README file gives additional information about the
use and configuration of the vtpm_manager daemon.

Joe

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Kuniyasu Suzaki

2007-Dec-12 09:41 UTC

head link

Re: [Xen-devel] vTPM on HVM Xen 3.1.2

Joe,

 >>From: "Cihula, Joseph" <joseph.cihula@intel.com>
 >>Subject: RE: [Xen-devel] vTPM on HVM Xen 3.1.2
 >>
 >>You can find instructions for using the vTPM in docs/misc/vtpm.txt. 
The
 >>tools/vtpm_manager/README file gives additional information about the
 >>use and configuration of the vtpm_manager daemon.

The files looks to be obsolete. There is no mention about "DUMMY_TPM".
I enabled DUMMY_TPM on Xen3.1.2(stable) but the vTPM don''t work
well. The log of "vtpm_managed" said that it failed to load NVM.
-----------------------------------------------------
TPMD[1]: tpm/tpm_startup.c:45: Info: TPM_Startup(1)
Loading NVM.
	Sending LoadNVM command
ERROR[VTPM]: Failed to load NVM
-----------------------------------------------------

Please tell me how to fix the problem.
I applied the following 2 patches to fix this problem but the situation is not
changed.
   http://xenbits.xensource.com/xen-unstable.hg/rev/da8b8fbe26c2
   http://xenbits.xensource.com/xen-unstable.hg/rev/3ce70f7312d9

------
suzaki

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Kuniyasu Suzaki

2007-Dec-18 11:19 UTC

head link

Re: [Xen-devel] vTPM on HVM Xen 3.1.2

Hello,

I succeeded in using vTPM (TPM Emulator) on HVM Xen (unstable xen 3.2.0 rc2).
I can confirm the working of the IMA-Linux kernel on vTPM.
# I wanted to use vTPM on HVM Xen(STABLE 3.1.2) but it didn''t work
well.
## Special thanks to yasaki@fujitsu. The sucess is owed a lot to him.

However the TCG-BIOS has NOT worked well. I enabled "BX_TCGBIOS" for
"rombios.c" but there was NOT a log in
"/sys/kernel/security/tpm0/".

Please tell me how to enable TCG-BIOS.

I wonder the version of GCC (4.2.3) is correct for the compile, because
the treatment of NULL and 0 looks to be changed.

Our test environment and the change of options are follows.

----------------------------------------------------------------
# Test Enviroment
 - Debian lenny
 - gcc   gcc version 4.2.3 20071123 (prerelease) (Debian 4.2.2-4)
 - libc  libc6 2.7-3
 - Xen unstable xen 3.2.0 rc2

# Change of options
 - Config.mk
    VTPM_TOOLS was enalbed (y)
 - tools/vtpm_manager/Rules.mk
    DUMMY_TPM was enabled
 - tools/firmware/rombios/rombios.c
    BX_TCGBIOS was enabled (1)
 - tools/ioemu/hw/tpm_tis.c
    DEBUG_TPM was defined
 - tools/vtpm/vtpm/tpm/tpm_emulator.h
    TPM_STRONG_PERSISTENCE was defined
----------------------------------------------------------------
------
suzaki


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Stefan Berger

2007-Dec-18 12:32 UTC

head link

Re: [Xen-devel] vTPM on HVM Xen 3.1.2

xen-devel-bounces@lists.xensource.com wrote on 12/18/2007 06:19:38 AM:
> 
> Hello,
> 
> I succeeded in using vTPM (TPM Emulator) on HVM Xen (unstable xen 3.2.0 
rc2).> I can confirm the working of the IMA-Linux kernel on vTPM.
> # I wanted to use vTPM on HVM Xen(STABLE 3.1.2) but it didn''t work
well.
> ## Special thanks to yasaki@fujitsu. The sucess is owed a lot to him.
> 
> However the TCG-BIOS has NOT worked well. I enabled "BX_TCGBIOS"
for
> "rombios.c" but there was NOT a log in
"/sys/kernel/security/tpm0/".
> 
> Please tell me how to enable TCG-BIOS.
If you rebuild the Bochs BIOS with ''make install'', then this
is all you
need to do.

   Stefan
> 
> I wonder the version of GCC (4.2.3) is correct for the compile, because
> the treatment of NULL and 0 looks to be changed.
> 
> Our test environment and the change of options are follows.
> 
> ----------------------------------------------------------------
> # Test Enviroment
>  - Debian lenny
>  - gcc   gcc version 4.2.3 20071123 (prerelease) (Debian 4.2.2-4)
>  - libc  libc6 2.7-3
>  - Xen unstable xen 3.2.0 rc2
> 
> # Change of options
>  - Config.mk
>     VTPM_TOOLS was enalbed (y)
>  - tools/vtpm_manager/Rules.mk
>     DUMMY_TPM was enabled
>  - tools/firmware/rombios/rombios.c
>     BX_TCGBIOS was enabled (1)
>  - tools/ioemu/hw/tpm_tis.c
>     DEBUG_TPM was defined
>  - tools/vtpm/vtpm/tpm/tpm_emulator.h
>     TPM_STRONG_PERSISTENCE was defined
> ----------------------------------------------------------------
> ------
> suzaki
> 
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Kuniyasu Suzaki

2007-Dec-20 03:09 UTC

head link

Re: [Xen-devel] vTPM on HVM Xen 3.1.2

>>From: Stefan Berger <stefanb@us.ibm.com> >>Subject: Re: [Xen-devel] vTPM on HVM Xen 3.1.2
 >>
 >>> However the TCG-BIOS has NOT worked well. I enabled
"BX_TCGBIOS" for
 >>> "rombios.c" but there was NOT a log in
"/sys/kernel/security/tpm0/".
 >>> 
 >>> Please tell me how to enable TCG-BIOS.
 >>
 >>If you rebuild the Bochs BIOS with ''make install'',
then this is all you
 >>need to do.

It was not enough to rebuilt the Bochs BIOS.
The problem was solved by the patch offered by Yasaki.
   [Xen-devel] [PATCH][BIOS]Fix TPMD and QEMU connection
   http://lists.xensource.com/archives/html/xen-devel/2007-12/msg00775.html

I confirmed the working of TCG-BIOS on Xen-HVM.

------
suzaki

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Xen devel - Dec 2007 - vTPM on HVM Xen 3.1.2

[Xen-devel] vTPM on HVM Xen 3.1.2

RE: [Xen-devel] vTPM on HVM Xen 3.1.2

Re: [Xen-devel] vTPM on HVM Xen 3.1.2

Re: [Xen-devel] vTPM on HVM Xen 3.1.2

Re: [Xen-devel] vTPM on HVM Xen 3.1.2

Re: [Xen-devel] vTPM on HVM Xen 3.1.2