On Sep 11, 2017, at 10:16, George Dunlap <george.dun...@citrix.com> wrote:
>
>>> +### vTPM Support
>>> +
>>> + Status: Supported, x86 only
>>
>> This should probably be x86/vTPM. TPM, the way we are discussing it, is
>> an x86-only implementation. ARM-based alternatives are not called TPM
>> AFAIK.
>
> Someone said that because this was implemented entirely in userspace,
> there's no reason the PV TPM couldn't work on ARM. OTOH I suppose it
> would be a lot less valuable if there weren't a physical TPM to back it up.
>
> Any thoughts on that?
Physical TPMs are present on both x86 and ARM Chromebooks:
https://www.chromium.org/developers/design-documents/tpm-usage
e.g. see Step 9 in this Samsung Series 3 teardown, "Infineon SLB9635":
https://www.ifixit.com/Teardown/Samsung+Chromebook+Series+3+Teardown/12225
>>> +### Intel/TXT ???
>>
>> Same here
>
> Well unless someone actually says something about this I'm just going go
> delete it.
That's one way to motivate a response :)
Slide 11 of Joe Cihula's 2007 presentation documents the Xen changes for TXT:
http://www-archive.xenproject.org/files/xensummit_fall07/23_JosephCihula.pdf
More info in the 2007 patch and the Linux kernel doc:
http://old-list-archives.xen.org/archives/html/xen-devel/2007-10/msg00897.html
https://www.kernel.org/doc/Documentation/intel_txt.txt
Intel TXT is used with Xen by (at least) Qubes, OpenXT and Skyport Systems.
There was a design discussion at Xen Summit about implementing a
frequently-used subset of tboot logic in Xen. Hopefully Intel TXT will
continue to be a Xen feature with security support.
Rich
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
