On Wed, 2017-05-24 at 11:15 -0400, Stefan Berger wrote: > On 05/16/2017 03:58 AM, Amarnath Valluri wrote: > > > > This change introduces a new TPM backend driver that can > > communicate with > > swtpm(software TPM emulator) using unix domain socket interface. > > > > Swtpm uses two unix sockets, one for plain TPM commands and > > responses, and one > > for out-of-band control messages. > > > > The swtpm and associated tools can be found here: > > https://github.com/stefanberger/swtpm > > > > The swtpm's control channel protocol specification can be found > > here: > > https://github.com/stefanberger/swtpm/wiki/Control-Channel-Spe > > cification > > > > Usage: > > # setup TPM state directory > > mkdir /tmp/mytpm > > chown -R tss:root /tmp/mytpm > > /usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek > > > > # Ask qemu to use TPM emulator with given tpm state directory > > qemu-system-x86_64 \ > > [...] \ > > -tpmdev > > emulator,id=tpm0,tpmstatedir=/tmp/mytpm,logfile=/tmp/swtpm.log \ > > -device tpm-tis,tpmdev=tpm0 \ > > [...] > > > > Signed-off-by: Amarnath Valluri <amarnath.vall...@intel.com> > Since you are not supporting migration in this patch, you probably > have > to add a migrate_add_blocker() call somewhere along the lines of this > here: > > https://github.com/stefanberger/qemu-tpm/commit/27d332dc3b2c6bfd0fcd3 > 8e69f5c899651f3a5d8#diff-3a0192eef5d20837af490c32bf396f4eR641 > I need to dig a bit and femiliarize myself about 'migration' support, I guess i can send it as a separate patch ?
- Amarnath
