[PATCH v7 01/10] docs: documentation and schema for the new TPM Proxy model
Ján Tomko
jtomko at redhat.com
Tue Jun 23 12:53:35 UTC 2020
On a Wednesday in 2020, Daniel Henrique Barboza wrote:
>QEMU 4.1.0 introduced a new device type called TPM Proxy, currently
>implemented by PPC64 guests via a new virtual device called
>'spapr-tpm-proxy' (see QEMU 0fb6bd073230 for more info).
>
>The TPM Proxy device interacts with a TPM Resource Manager, a host
>device capable of multiplexing the host TPM with multiple processes.
>This allows multiple guests to access some TPM features at the
>same time. Note that this mode of operation does not provide
>full TPM features to be available for the guest - for that case
>the guest still needs to assign a vTPM device (tpm-spapr for
>PPC64 guests). Although redundant, there is currently no technical
>limitation for a guest to assign both a vTPM and a TPM Proxy at the
>same time.
>
>This patch adds documentation and schema for a new TPM model
>type called 'spapr-tpm-proxy' that creates this new TPM Proxy
>device. This model is valid only for the 'passthrough' backend.
>An example of a TPM Proxy device connected to a TPM Resource Manager
>'/dev/tpmrm0' will look like this:
>
><tpm model='spapr-tpm-proxy'>
> <backend type='passthrough'>
> <device path='/dev/tpmrm0'/>
> </backend>
></tpm>
>
>Tested-by: Satheesh Rajendran <sathnaga at linux.vnet.ibm.com>
>Reviewed-by: Stefan Berger <stefanb at linux.ibm.com>
>Signed-off-by: Daniel Henrique Barboza <danielhb413 at gmail.com>
>---
> docs/formatdomain.html.in | 19 ++++++++++++++++++-
> docs/schemas/domaincommon.rng | 1 +
> 2 files changed, 19 insertions(+), 1 deletion(-)
>
>diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
>index 20c28a47e3..f538c3ff1a 100644
>--- a/docs/formatdomain.html.in
>+++ b/docs/formatdomain.html.in
>@@ -8840,6 +8840,18 @@ qemu-kvm -net nic,model=? /dev/null
> backend device is a TPM 2.0. <span class="since">Since 6.1.0</span>,
> pSeries guests on PPC64 are supported and the default is
> <code>tpm-spapr</code>.
>+
>+ <span class="since">Since 6.4.0</span>, a new model called
6.5.0
>+ <code>spapr-tpm-proxy</code> was added for pSeries guests. This model
>+ only works with the <code>passthrough</code> backend. It creates a
>+ TPM Proxy device that communicates with an existing TPM Resource Manager
>+ in the host, for example <code>/dev/tpmrm0</code>, enabling the guest to
>+ run in secure virtual machine mode with the help of an Ultravisor. Adding
>+ a TPM Proxy to a pSeries guest brings no security benefits unless the guest
>+ is running on a PPC64 host that has an Ultravisor and a TPM Resource Manager.
>+ Only one TPM Proxy device is allowed per guest, but a TPM Proxy device can
>+ be added together with
>+ other TPM devices.
> </p>
> </dd>
> <dt><code>backend</code></dt>
>@@ -8852,7 +8864,7 @@ qemu-kvm -net nic,model=? /dev/null
> <dt><code>passthrough</code></dt>
> <dd>
> <p>
>- Use the host's TPM device.
>+ Use the host's TPM or TPM Resource Manager device.
> </p>
> <p>
> This backend type requires exclusive access to a TPM device on
>@@ -8860,6 +8872,11 @@ qemu-kvm -net nic,model=? /dev/null
> qualified file name is specified by path attribute of the
> <code>source</code> element. If no file name is specified then
> /dev/tpm0 is automatically used.
>+
>+ <span class="since">Since 6.4.0</span>, when choosing the
6.5.0
>+ <code>spapr-tpm-proxy</code> model, the file name specified is
>+ expected to be a TPM Resource Manager device, e.g.
>+ <code>/dev/tpmrm0</code>.
> </p>
> </dd>
> </dl>
Reviewed-by: Ján Tomko <jtomko at redhat.com>
Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20200623/e69db846/attachment-0001.sig>
More information about the libvir-list
mailing list