diff options
| author | Amarnath Valluri <amarnath.valluri@intel.com> | 2017-09-29 14:10:20 +0300 |
|---|---|---|
| committer | Stefan Berger <stefanb@linux.vnet.ibm.com> | 2017-10-13 07:34:33 -0400 |
| commit | f4ede81eed29e6140374177d1f2808248c5b5650 (patch) | |
| tree | e4d15d8decf07865b35c0ad01e64ef152bcf853f /qapi | |
| parent | 4a3d80980ebf71d8faf9d0ce2e2e23bdda5728df (diff) | |
tpm: Added support for TPM emulator
This change introduces a new TPM backend driver that can communicate with
swtpm(software TPM emulator) using unix domain socket interface. QEMU talks to
the TPM emulator using QEMU's socket-based chardev backend device.
Swtpm uses two Unix sockets for communications, one for plain TPM commands and
responses, and one for out-of-band control messages. QEMU passes the data
socket to be used over the control channel.
The swtpm and associated tools can be found here:
https://github.com/stefanberger/swtpm
The swtpm's control channel protocol specification can be found here:
https://github.com/stefanberger/swtpm/wiki/Control-Channel-Specification
Usage:
# setup TPM state directory
mkdir /tmp/mytpm
chown -R tss:root /tmp/mytpm
/usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek
# Ask qemu to use TPM emulator with given tpm state directory
qemu-system-x86_64 \
[...] \
-chardev socket,id=chrtpm,path=/tmp/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis,tpmdev=tpm0 \
[...]
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Diffstat (limited to 'qapi')
| -rw-r--r-- | qapi/tpm.json | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/qapi/tpm.json b/qapi/tpm.json index e8b2d8dcb7..7093f268fb 100644 --- a/qapi/tpm.json +++ b/qapi/tpm.json @@ -39,10 +39,12 @@ # An enumeration of TPM types # # @passthrough: TPM passthrough type +# @emulator: Software Emulator TPM type +# Since: 2.11 # # Since: 1.5 ## -{ 'enum': 'TpmType', 'data': [ 'passthrough' ] } +{ 'enum': 'TpmType', 'data': [ 'passthrough', 'emulator' ] } ## # @query-tpm-types: @@ -56,7 +58,7 @@ # Example: # # -> { "execute": "query-tpm-types" } -# <- { "return": [ "passthrough" ] } +# <- { "return": [ "passthrough", "emulator" ] } # ## { 'command': 'query-tpm-types', 'returns': ['TpmType'] } @@ -77,16 +79,29 @@ '*cancel-path' : 'str'} } ## +# @TPMEmulatorOptions: +# +# Information about the TPM emulator type +# +# @chardev: Name of a unix socket chardev +# +# Since: 2.11 +## +{ 'struct': 'TPMEmulatorOptions', 'data': { 'chardev' : 'str' } } + +## # @TpmTypeOptions: # # A union referencing different TPM backend types' configuration options # # @type: 'passthrough' The configuration options for the TPM passthrough type +# 'emulator' The configuration options for TPM emulator backend type # # Since: 1.5 ## { 'union': 'TpmTypeOptions', - 'data': { 'passthrough' : 'TPMPassthroughOptions' } } + 'data': { 'passthrough' : 'TPMPassthroughOptions', + 'emulator': 'TPMEmulatorOptions' } } ## # @TPMInfo: |