mirror of
https://github.com/Motorhead1991/qemu.git
synced 2025-08-19 16:12:40 -06:00
f4ede81eed
This change introduces a new TPM backend driver that can communicate with
swtpm(software TPM emulator) using unix domain socket interface. QEMU talks to
the TPM emulator using QEMU's socket-based chardev backend device.
Swtpm uses two Unix sockets for communications, one for plain TPM commands and
responses, and one for out-of-band control messages. QEMU passes the data
socket to be used over the control channel.
The swtpm and associated tools can be found here:
https://github.com/stefanberger/swtpm
The swtpm's control channel protocol specification can be found here:
https://github.com/stefanberger/swtpm/wiki/Control-Channel-Specification
Usage:
# setup TPM state directory
mkdir /tmp/mytpm
chown -R tss:root /tmp/mytpm
/usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek
# Ask qemu to use TPM emulator with given tpm state directory
qemu-system-x86_64 \
[...] \
-chardev socket,id=chrtpm,path=/tmp/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis,tpmdev=tpm0 \
[...]
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
||
|---|---|---|
| .. | ||
| block-core.json | ||
| block.json | ||
| char.json | ||
| common.json | ||
| crypto.json | ||
| introspect.json | ||
| Makefile.objs | ||
| migration.json | ||
| net.json | ||
| opts-visitor.c | ||
| qapi-clone-visitor.c | ||
| qapi-dealloc-visitor.c | ||
| qapi-util.c | ||
| qapi-visit-core.c | ||
| qmp-dispatch.c | ||
| qmp-event.c | ||
| qmp-registry.c | ||
| qobject-input-visitor.c | ||
| qobject-output-visitor.c | ||
| rocker.json | ||
| run-state.json | ||
| sockets.json | ||
| string-input-visitor.c | ||
| string-output-visitor.c | ||
| tpm.json | ||
| trace-events | ||
| trace.json | ||
| transaction.json | ||
| ui.json | ||