[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Bug report: vtpmmgr TPM 2.0 implementation

  • To: xen-devel@xxxxxxxxxxxxxxxxxxxx
  • From: Dag Nygren <dag@xxxxxxxxxx>
  • Date: Tue, 23 Oct 2018 10:17:08 +0300
  • Delivery-date: Tue, 23 Oct 2018 07:17:34 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi all!

After a lot of struggle I can now report a pretty serious bug in
the vtpmmgr 2.0 implementation:

- To make a the VTPM contents permenent, surviving a reboot
  you have to seal the contents using the Pearl scripts in the
  source directory calc.pl and manage-vtpmmgr.pl
- If you are using a TPM 2.0 HW TPM these seal operations
  will still try to use TPM 1.2 commands for the seal and
  it will fail

In other words you are not able to create a vtpm/vtpmmgr config that
survives a reboot if your HW is doing TPM 2.0

A showstopper for us..


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.