[SLOF] [PATCH v2 00/20] Add vTPM support to SLOF
Alexey Kardashevskiy
aik at ozlabs.ru
Thu Nov 19 16:01:26 AEDT 2015
On 11/18/2015 04:02 AM, Stefan Berger wrote:
> The following series of patches adds TPM support to SLOF.
> In particular it adds the following:
>
> - TPM drivers for hardware interface and CRQ interface
> - TPM initialization
> - TPM logging area and firmware API to transfer it to the OS
> (measurements are visible in sysfs)
> - Some measurement code (Static Core Root Of Trust)
> - TPM menu (accessible via 't' key during boot if TPM is available)
> - Firmware API extensions following Power Firmware Doc
> (to make trusted grub work)
>
>
> Having a vTPM attached to a VM provides the following benefits:
>
> - enablement of trusted boot; this allow us to eventually extend the chain
> of trust from the hypervisor to the guests
> - enablement of attestation so that one can verify what software is
> running on a machine
> - provides TPM functionality to VMs, which includes a standardized
> mechanism to store keys and other blobs
> (Linux trusted keys, GNU TLS's TPM extensions)
>
> Necessarily, some of its parts are written in Forth, many are written
> in 'C'. The extensions are known to work with QEMU for ppc64 running Linux.
Please give a working example of the QEMU command line to test the
patchset. Thanks.
--
Alexey
More information about the SLOF
mailing list