|
|
|
|
|
|
|
|
|
|
xen-users
RE: [Xen-users] xen 3.0.3
> -----Original Message-----
> From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
> [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Fong Vang
> Sent: 18 October 2006 17:49
> To: Luke Crawford
> Cc: Xen-users@xxxxxxxxxxxxxxxxxxx; Jaume Sabater
> Subject: Re: [Xen-users] xen 3.0.3
>
> This works! I didn't know it was not needed.
>
> What exactly is vtpm? What is a trusted platform module. I was
> looking for a good definition/description of it on the web but did not
> find any that describes this precisely.
A "real" TPM is a "safe storage module", which means that it's a safe
place where software can't just arbitrarily read the content, and the
data-link from the processor to the TPM is encrypted so that you can't
just hook somehting to it to "listen in". The defition of the TPM is
made by "Trusted Computing Group", if you google that, you should be
able to find some useful info.
Basicly, you need a TPM if you want to be able to run secure software -
because you need some storage that can't be compromized by other
software to verify (for example) that the kernel code you're loading
hasn't been modified since you installed it. Likewise, you may want some
software to check that the web-browser you're loading (including
plug-ins and other additions) haven't been replaced with something that
alters the bank-transactions when you pay your bills over the 'net - for
example someone may add some "spyware" to alter the "to-account" so as
to send the money somewhere completely different. By the time you
discover that your bill wasn't actually paid, your money is probably
long gone...
Of course, if we use regular memory to store check-sums for the
applications, the malware could just alter the content of that memory
too - so you wouldn't know that the web-browser has been altered... This
is where the TPM becomes useful.
--
Mats
>
> Thank you! This will get me going and will investigate vtpm
> problem later.
>
>
> On 10/18/06, Luke Crawford <lsc@xxxxxxxxx> wrote:
> >
> > what do you use vtpm for? does it work if you comment out
> the vtpm stuff?
> >
> > 3.0.3 works for me with rhel 3 and 4 domUs
> >
> >
> > On Wed, 18 Oct 2006, Fong Vang wrote:
> >
> > > Date: Wed, 18 Oct 2006 09:24:26 -0700
> > > From: Fong Vang <sudoyang@xxxxxxxxx>
> > > To: Jaume Sabater <jsabater@xxxxxxxxxxxxx>
> > > Cc: Xen-users@xxxxxxxxxxxxxxxxxxx
> > > Subject: Re: [Xen-users] xen 3.0.3
> > >
> > > On 10/18/06, Jaume Sabater <jsabater@xxxxxxxxxxxxx> wrote:
> > >> Fong Vang wrote:
> > >>
> > >> > I have several systems running Xen 3.0.2 on Fedora Core 5.
> > >> >
> > >> > Today, I started playing with Xen 3.0.3 also on FC5.
> dom0 starts up
> > >> > fine without any problem. However, I cannot create
> any domU's (domU =
> > >> > CentOS 4.4). This is the error being reported:
> > >> >
> > >> >
> > >> > [root@xenmgt ~]# xm create -c meta
> > >> > Using config file "/etc/xen/meta".
> > >> > Error: Device 0 (vtpm) could not be connected. Backend
> device not found.
> > >>
> > >> Same happened to me on Debian with 3.0.3 RCs. Didn't
> manage to fix it,
> > >> so I am still using version 3.0.2.
> > >
> > > Thanks for the input. The list is kinda quiet.
> Unfortunately, with
> > > the newer hardware I've been getting, dom0 running 3.0.2
> kernel panics
> > > all the time (consistently across multiple hardware so
> memory or other
> > > hardware problem is unlikely). The good news is that
> 3.0.3 appears to
> > > be running very stable on the new hardware, except that I cannot
> > > create any domU's.
> > >
> > > _______________________________________________
> > > Xen-users mailing list
> > > Xen-users@xxxxxxxxxxxxxxxxxxx
> > > http://lists.xensource.com/xen-users
> > >
> >
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>
>
>
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|