On Mon, 2025-03-31 at 15:23 -0700, Dionna Amalie Glaze wrote:
> On Mon, Mar 31, 2025 at 2:26 PM James Bottomley
> wrote:
> >
> > On Mon, 2025-03-31 at 13:56 -0700, Dionna Amalie Glaze wrote:
> > [...]
> > > I might be unclear on how I should be testing this, but I do see
> > > /dev/tpm0 and /dev/
On Mon, 2025-03-31 at 13:56 -0700, Dionna Amalie Glaze wrote:
[...]
> I might be unclear on how I should be testing this, but I do see
> /dev/tpm0 and /dev/tpmrm0 when I build with CONFIG_TCG_SVSM=y, but I
> don't see the event log in securityfs. What am I missing?
The vtpm driver for EDK2/OVMF I
On Mon, Mar 31, 2025 at 2:26 PM James Bottomley
wrote:
>
> On Mon, 2025-03-31 at 13:56 -0700, Dionna Amalie Glaze wrote:
> [...]
> > I might be unclear on how I should be testing this, but I do see
> > /dev/tpm0 and /dev/tpmrm0 when I build with CONFIG_TCG_SVSM=y, but I
> > don't see the event log
From: Stefano Garzarella
Add driver for the vTPM defined by the AMD SVSM spec [1].
The specification defines a protocol that a SEV-SNP guest OS can use to
discover and talk to a vTPM emulated by the Secure VM Service Module (SVSM)
in the guest context, but at a more privileged level (VMPL0).
Th
From: Stefano Garzarella
SNP platform can provide a vTPM device emulated by SVSM.
The "tpm-svsm" device can be handled by the platform driver added
by the previous commit in drivers/char/tpm/tpm_svsm.c
Register the device unconditionally. The support check (e.g. SVSM, cmd)
is in snp_svsm_vtpm_p
AMD SEV-SNP defined a new mechanism for adding privileged levels (VMPLs)
in the context of a Confidential VM. These levels can be used to run the
guest OS at a lower privilege level than a Secure VM Service Module (SVSM).
In this way SVSM can be used to emulate those devices (such as TPM) that
cann
From: Stefano Garzarella
Helpers for the SVSM_VTPM_CMD calls used by the vTPM protocol defined by
the AMD SVSM spec [1].
The vTPM protocol follows the Official TPM 2.0 Reference Implementation
(originally by Microsoft, now part of the TCG) simulator protocol.
[1] "Secure VM Service Module for S
From: Stefano Garzarella
Add two new functions to probe and send commands to the SVSM vTPM.
They leverage the two calls defined by the AMD SVSM specification [1]
for the vTPM protocol: SVSM_VTPM_QUERY and SVSM_VTPM_CMD.
Expose these functions to be used by other modules such as a tpm
driver.
[1
On 3/31/25 05:38, Stefano Garzarella wrote:
> From: Stefano Garzarella
>
> SNP platform can provide a vTPM device emulated by SVSM.
>
> The "tpm-svsm" device can be handled by the platform driver added
> by the previous commit in drivers/char/tpm/tpm_svsm.c
>
> Register the device unconditional
On Mon, Mar 31, 2025 at 12:38:56PM +0200, Stefano Garzarella wrote:
> From: Stefano Garzarella
>
> Add driver for the vTPM defined by the AMD SVSM spec [1].
>
> The specification defines a protocol that a SEV-SNP guest OS can use to
> discover and talk to a vTPM emulated by the Secure VM Service
On Sun, Mar 30, 2025 at 02:16:49PM +0300, Jarkko Sakkinen wrote:
> Add an isolated list for unreferenced keys. This splits key deletion as
> separate phase, after the key reaper. This makes the whole process more
> rigid, as these two distinct tasks don't intervene each other.
>
> Signed-off-by: J
11 matches
Mail list logo
