On 04/16/2015 02:55 PM, Michael S. Tsirkin wrote:
On Thu, Apr 16, 2015 at 03:35:06PM +0200, Igor Mammedov wrote:
On Wed, 15 Apr 2015 18:38:43 -0400
Stefan Berger <stef...@linux.vnet.ibm.com> wrote:
The following series of patches extends TPM support with an
external TPM that offers a Linux CUSE (character device in userspace)
interface. This TPM lets each VM access its own private vTPM.
The CUSE TPM supports suspend/resume and migration. Much
out-of-band functionality necessary to control the CUSE TPM is
implemented using ioctl's.
The series extends the TPM support so far that most functionality of
TPM support on a physical platform is now available to each x86 VM,
this includes the Physical Presence Interface support that has
its counter-part in the SeaBIOS and is implemented using ACPI.
http://www.seabios.org/pipermail/seabios/2015-March/008978.html
is it already merged?
Is it possible to use MMIO region instead of allocating tpm_ppi_anchor
and tpm_ppi in BIOS memory?
That would simplify BIOS part a bit and significantly simplify ACPI code
as most of it is dealing with figuring out address of tpm_ppi.
Which (if it works) I guess brings us back to the idea of using
a pci device with a bar where we can stick tpm+vm id+whatever?
Well, at least the current implementation works with these patches +
CUSE TPM + patched SeaBIOS .
So the PCI bar does not get reset during a machine reboot and thus
preserves values? I did not model the TPM TIS as a PCI device, since it
typically is not such a device, but a LPC devices (close to ISA type of
device).
If we wanted to achieve that this method also works on real hardware,
with SeaBIOS running piggy-backed on coreboot, then we shouldn't assume
a PCI device, since it won't be. Otherwise, what are we trying to
achieve? Is the ACPI code the problem?
Stefan
