On 05/16/2017 03:58 AM, Amarnath Valluri wrote:
This change introduces a new TPM backend driver that can communicate with swtpm(software TPM emulator) using unix domain socket interface.Swtpm uses two unix sockets, one for plain TPM commands and responses, and one for out-of-band control messages. The swtpm and associated tools can be found here: https://github.com/stefanberger/swtpm The swtpm's control channel protocol specification can be found here: https://github.com/stefanberger/swtpm/wiki/Control-Channel-Specification Usage: # setup TPM state directory mkdir /tmp/mytpm chown -R tss:root /tmp/mytpm /usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek # Ask qemu to use TPM emulator with given tpm state directory qemu-system-x86_64 \ [...] \ -tpmdev emulator,id=tpm0,tpmstatedir=/tmp/mytpm,logfile=/tmp/swtpm.log \ -device tpm-tis,tpmdev=tpm0 \ [...] Signed-off-by: Amarnath Valluri <amarnath.vall...@intel.com>
Since you are not supporting migration in this patch, you probably have to add a migrate_add_blocker() call somewhere along the lines of this here:
https://github.com/stefanberger/qemu-tpm/commit/27d332dc3b2c6bfd0fcd38e69f5c899651f3a5d8#diff-3a0192eef5d20837af490c32bf396f4eR641 Otherwise it looks good to me. Stefan
