WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xense-devel

Re: [Xense-devel] [Q] about vTPM

To: Stefan Berger <stefanb@xxxxxxxxxx>
Subject: Re: [Xense-devel] [Q] about vTPM
From: Atsushi SAKAI <sakaia@xxxxxxxxxxxxxx>
Date: Thu, 29 Jun 2006 20:46:18 +0900
Cc: xense-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 29 Jun 2006 04:47:28 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: (Your message of "Thu, 29 Jun 2006 07:31:41 -0400") <OFAD0C5487.01A506AC-ON8525719C.003D7D8F-8525719C.003F51DC@xxxxxxxxxx>
List-help: <mailto:xense-devel-request@lists.xensource.com?subject=help>
List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>
List-post: <mailto:xense-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=unsubscribe>
References: <OFAD0C5487.01A506AC-ON8525719C.003D7D8F-8525719C.003F51DC@xxxxxxxxxx>
Sender: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx
Hello Stefan

 Thank you for answering my questions.
Now I understand the situation on Xen security implementation. 

Thanks 

Atsushi SAKAI

>xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 06/29/2006 01:50:38 AM:
>
>> I have several questions on vTPM implementation on Xen.
>> I would be appreciated if you answer the questions.
>
>As you show at the end of your email, there are different ideas about the
>virtual TPM. IBM's contribution to the Xen repository are the split TPM
>drivers, vTPM managment scripts and test cases. We have our own virtual
>TPM implementation as described in the research report, but it is not
>freely available.
>
>>
>> 1.GVTPM is seems like ideal model of current vTPM implementaion.
>>   Is this true?
>>   (for example, securestorege.c is in vtpm_manager)
>>
>> 2.I think vTPM key functionality is migration of vTPM instance.
>>   But It seems not implemented. Is this true?
>>   It seems like the migration key is the builtin HW-TPM function only.
>>
>> 3.Currently vTPM implementaion is only ParaVM.
>>   Is there any plan to support FullVM?
>
>This is likely to be done in the future.
>
>>
>> 4.vtpm document(docs/misc/vtpm.txt) is little bit old.
>>   So the documentation does not infar the Infineon chip.
>>   I think Infineon chip is supported.
>
>Thanks. I will update the document. Although it explicitly mentions some
>manufacturer's TPMs, it does not mean that the vTPM implementation does
>not work with other TPMs where drivers are available.
>
>>
>> Related Links
>>  vTPM: Virtualizing the Trusted Platform Module
>> http://domino.research.ibm.com/library/cyberdig.
>> nsf/1e4115aea78b6e7c85256b360066f0d4/a0163fff5b1a61fe85257178004eee39?
>> OpenDocument&Highlight=0,RC23879
>>
>> Intel's Presentation on Xen Security
>> http://www.xensource.com/files/XenSecurity_Intel_CRozas.pdf
>>
>>
>> Thanks.
>>
>> Atsushi SAKAI
>>
>
>Regards,
>   Stefan
>
>>
>>
>>
>> _______________________________________________
>> Xense-devel mailing list
>> Xense-devel@xxxxxxxxxxxxxxxxxxx
>> http://lists.xensource.com/xense-devel







_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel

<Prev in Thread] Current Thread [Next in Thread>