Matthew Fioravante
2011-Mar-11 23:26 UTC
[Xen-devel] [PATCH 11/12] VTPM mini-os: vtpmmgrdom
This patch provides a mini-os domain for the vtpm manager. It links in parts of the original vtpm_managerd code, openssl ported to mini-os, and implements the rest of the functionality itself. All data and keys are stored in a disk image with a custom format which must be created and provided through the domain config file. This disk image is encrypted using TPM keys. The vtpm manager requires access to the hardware tpm. This can be facilitated in 2 ways: 1. Direct access (default). To use this method, provide an io memory region to the domain using the vtpm managers domain config file. mmio = [''fed40'',5] 2. Passthrough dom0: To use this method, use the paravirtualized tpm driver and set its backend to dom0. vtpm = [''backend=0''] Since hardware access is the default, you will also have tell the manager to use the paravirtualized driver extra = ''tpmdriver=tpmfront'' Install the vtpm connection daemon in dom0 $ cd /tools/vtpm_manager/vtpmconnd # make install Finally run the connection daemon before booting the domain. Make sure tpmbk and tpm_tis are loaded in dom0. # vtpmconnd Further and more complete documentation is forthcoming Signed off by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel