[SLOF] [PATCH v2 00/20] Add vTPM support to SLOF
Thomas Huth
thuth at redhat.com
Thu Nov 19 21:05:19 AEDT 2015
On 17/11/15 18:02, Stefan Berger wrote:
> The following series of patches adds TPM support to SLOF.
> In particular it adds the following:
>
> - TPM drivers for hardware interface and CRQ interface
> - TPM initialization
> - TPM logging area and firmware API to transfer it to the OS
> (measurements are visible in sysfs)
> - Some measurement code (Static Core Root Of Trust)
> - TPM menu (accessible via 't' key during boot if TPM is available)
> - Firmware API extensions following Power Firmware Doc
> (to make trusted grub work)
>
>
> Having a vTPM attached to a VM provides the following benefits:
>
> - enablement of trusted boot; this allow us to eventually extend the chain
> of trust from the hypervisor to the guests
> - enablement of attestation so that one can verify what software is
> running on a machine
> - provides TPM functionality to VMs, which includes a standardized
> mechanism to store keys and other blobs
> (Linux trusted keys, GNU TLS's TPM extensions)
How do I get a vTPM connected to my virtual machine? This needs support
in QEMU, I assume? A pointer to the patches or a git repo would be helpful.
Thomas
More information about the SLOF
mailing list