WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xense-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xense-devel] [Q] about vTPM

from [Stefan Berger] [Permanent Link][Original]
To: Atsushi SAKAI <sakaia@xxxxxxxxxxxxxx>
Subject: Re: [Xense-devel] [Q] about vTPM
From: Stefan Berger <stefanb@xxxxxxxxxx>
Date: Thu, 29 Jun 2006 07:31:41 -0400
Cc: xense-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 29 Jun 2006 04:31:53 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <200606290551.k5T5pAgM002816@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xense-devel-request@lists.xensource.com?subject=help>
List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>
List-post: <mailto:xense-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx

xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 06/29/2006 01:50:38 AM:

> I have several questions on vTPM implementation on Xen.
> I would be appreciated if you answer the questions.

As you show at the end of your email, there are different ideas about the virtual TPM. IBM's contribution to the Xen repository are the split TPM drivers, vTPM managment scripts and test cases. We have our own virtual TPM implementation as described in the research report, but it is not freely available.

>
> 1.GVTPM is seems like ideal model of current vTPM implementaion.
>   Is this true?
>   (for example, securestorege.c is in vtpm_manager)
>
> 2.I think vTPM key functionality is migration of vTPM instance.
>   But It seems not implemented. Is this true?
>   It seems like the migration key is the builtin HW-TPM function only.
>
> 3.Currently vTPM implementaion is only ParaVM.
>   Is there any plan to support FullVM?

This is likely to be done in the future.

>
> 4.vtpm document(docs/misc/vtpm.txt) is little bit old.
>   So the documentation does not infar the Infineon chip.
>   I think Infineon chip is supported.

Thanks. I will update the document. Although it explicitly mentions some manufacturer's TPMs, it does not mean that the vTPM implementation does not work with other TPMs where drivers are available.

>
> Related Links
>  vTPM: Virtualizing the Trusted Platform Module
> http://domino.research.ibm.com/library/cyberdig.
> nsf/1e4115aea78b6e7c85256b360066f0d4/a0163fff5b1a61fe85257178004eee39?
> OpenDocument&Highlight=0,RC23879
>
> Intel's Presentation on Xen Security
> http://www.xensource.com/files/XenSecurity_Intel_CRozas.pdf
>
>
> Thanks.
>
> Atsushi SAKAI
>

Regards,
   Stefan

>
>
>
> _______________________________________________
> Xense-devel mailing list
> Xense-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xense-devel
_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xense-devel] [Q] about vTPM, Atsushi SAKAI
Next by Date:  Re: [Xense-devel] [Q] about vTPM, Atsushi SAKAI
Previous by Thread:  [Xense-devel] [Q] about vTPM, Atsushi SAKAI
Next by Thread:  Re: [Xense-devel] [Q] about vTPM, Atsushi SAKAI
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy