From 733766cd37338ea08cb6c22c6e040d55b26f326c Mon Sep 17 00:00:00 2001 From: Vikram Garhwal Date: Wed, 14 Jun 2023 17:03:37 -0700 Subject: hw/arm: introduce xenpvh machine Add a new machine xenpvh which creates a IOREQ server to register/connect with Xen Hypervisor. Optional: When CONFIG_TPM is enabled, it also creates a tpm-tis-device, adds a TPM emulator and connects to swtpm running on host machine via chardev socket and support TPM functionalities for a guest domain. Extra command line for aarch64 xenpvh QEMU to connect to swtpm: -chardev socket,id=chrtpm,path=/tmp/myvtpm2/swtpm-sock \ -tpmdev emulator,id=tpm0,chardev=chrtpm \ -machine tpm-base-addr=0x0c000000 \ swtpm implements a TPM software emulator(TPM 1.2 & TPM 2) built on libtpms and provides access to TPM functionality over socket, chardev and CUSE interface. Github repo: https://github.com/stefanberger/swtpm Example for starting swtpm on host machine: mkdir /tmp/vtpm2 swtpm socket --tpmstate dir=/tmp/vtpm2 \ --ctrl type=unixio,path=/tmp/vtpm2/swtpm-sock & Signed-off-by: Vikram Garhwal Signed-off-by: Stefano Stabellini Reviewed-by: Stefano Stabellini --- docs/system/arm/xenpvh.rst | 34 ++++++++++++++++++++++++++++++++++ docs/system/target-arm.rst | 1 + 2 files changed, 35 insertions(+) create mode 100644 docs/system/arm/xenpvh.rst (limited to 'docs/system') diff --git a/docs/system/arm/xenpvh.rst b/docs/system/arm/xenpvh.rst new file mode 100644 index 0000000000..e1655c7ab8 --- /dev/null +++ b/docs/system/arm/xenpvh.rst @@ -0,0 +1,34 @@ +XENPVH (``xenpvh``) +========================================= +This machine creates a IOREQ server to register/connect with Xen Hypervisor. + +When TPM is enabled, this machine also creates a tpm-tis-device at a user input +tpm base address, adds a TPM emulator and connects to a swtpm application +running on host machine via chardev socket. This enables xenpvh to support TPM +functionalities for a guest domain. + +More information about TPM use and installing swtpm linux application can be +found at: docs/specs/tpm.rst. + +Example for starting swtpm on host machine: +.. code-block:: console + + mkdir /tmp/vtpm2 + swtpm socket --tpmstate dir=/tmp/vtpm2 \ + --ctrl type=unixio,path=/tmp/vtpm2/swtpm-sock & + +Sample QEMU xenpvh commands for running and connecting with Xen: +.. code-block:: console + + qemu-system-aarch64 -xen-domid 1 \ + -chardev socket,id=libxl-cmd,path=qmp-libxl-1,server=on,wait=off \ + -mon chardev=libxl-cmd,mode=control \ + -chardev socket,id=libxenstat-cmd,path=qmp-libxenstat-1,server=on,wait=off \ + -mon chardev=libxenstat-cmd,mode=control \ + -xen-attach -name guest0 -vnc none -display none -nographic \ + -machine xenpvh -m 1301 \ + -chardev socket,id=chrtpm,path=tmp/vtpm2/swtpm-sock \ + -tpmdev emulator,id=tpm0,chardev=chrtpm -machine tpm-base-addr=0x0C000000 + +In above QEMU command, last two lines are for connecting xenpvh QEMU to swtpm +via chardev socket. diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst index a12b6bca05..790ac1b8a2 100644 --- a/docs/system/target-arm.rst +++ b/docs/system/target-arm.rst @@ -107,6 +107,7 @@ undocumented; you can get a complete list by running arm/stm32 arm/virt arm/xlnx-versal-virt + arm/xenpvh Emulated CPU architecture support ================================= -- cgit v1.2.3