Date: Thu, 10 Aug 2023 16:41:56 +0200 From: =?UTF-8?Q?Goran_Meki=c4=87?= <meka@tilda.center> To: "freebsd-virtualization@freebsd.org" <freebsd-virtualization@freebsd.org> Subject: Re: Sudden need for bhyve TPM Emulation... willing to port swtpm? Message-ID: <2f1539fc-f8b2-2ec5-9c68-c60f68e66c0e@tilda.center> In-Reply-To: <85ee3beda055c5bc9fae26c07247fe0cea1458e9.camel@FreeBSD.org> References: <662af723-de9f-36d9-c960-ef08379ca26e@callfortesting.org> <1d4e6558-0c56-5758-d87e-e9bf4aacc0a5@tilda.center> <85ee3beda055c5bc9fae26c07247fe0cea1458e9.camel@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------5JEomuJTZc5jI8v1L0YC1pHY Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit On 8/7/23 10:04, Corvin Köhne wrote: > Hi, > > afaik, qemu is making use of the swtpm project too. So, it'd great to > implement it in bhyve. > > My TPM passthrough emulation is currently under review. See > https://reviews.freebsd.org/D32961. > > I designed it to easily integrate a swtpm in the future. You just > have to implement a new tpm backend by adding a new TPM_EMUL_SET. > Take a look at the tpm_emul_passthru.c file. > > Btw: We may have to add additional functions to the TPM_EMUL_SET like > a "startup_tpm" function. See > https://elixir.bootlin.com/qemu/latest/source/include/sysemu/tpm_backend.h#L52 Hello, I was looking at tpm_emul_passthru.c and I've seen it uses open(2) and write(2) for initialization and command execution. From before (https://youtu.be/5wDs1K5ppbQ?t=940) I know you planned on adding tpm pass-through, which I think was just merged. Anyway, if pass-through uses open and write, can it be used together with swtpm, maybe? I can successfully run the following command: swtpm socket --tpmstate dir=/tmp/mytpm1 --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock --tpm2 --log level=20 I can see /tmp/mytpm/swtpm-sock but I don't know how to try to use it with pass-through. Regards, meka --------------5JEomuJTZc5jI8v1L0YC1pHY Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> </head> <body> <div class="moz-cite-prefix">On 8/7/23 10:04, Corvin Köhne wrote:<br> </div> <blockquote type="cite" cite="mid:85ee3beda055c5bc9fae26c07247fe0cea1458e9.camel@FreeBSD.org"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <style>pre,code,address { margin: 0px; }h1,h2,h3,h4,h5,h6 { margin-top: 0.2em; margin-bottom: 0.2em; }ol,ul { margin-top: 0em; margin-bottom: 0em; }blockquote { margin-top: 0em; margin-bottom: 0em; }</style> <div>Hi,</div> <div><br> </div> <div>afaik, qemu is making use of the swtpm project too. So, it'd great to implement it in bhyve.</div> <div><br> </div> <div>My TPM passthrough emulation is currently under review. See <a href="https://reviews.freebsd.org/D32961" moz-do-not-send="true" class="moz-txt-link-freetext">https://reviews.freebsd.org/D32961</a>.</div>; <div><br> </div> <div>I designed it to easily integrate a swtpm in the future. You just have to implement a new tpm backend by adding a new TPM_EMUL_SET.</div> <div>Take a look at the tpm_emul_passthru.c file.</div> <div><br> </div> <div>Btw: We may have to add additional functions to the TPM_EMUL_SET like a "startup_tpm" function. See <a href="https://elixir.bootlin.com/qemu/latest/source/include/sysemu/tpm_backend.h#L52" moz-do-not-send="true" class="moz-txt-link-freetext">https://elixir.bootlin.com/qemu/latest/source/include/sysemu/tpm_backend.h#L52</a></div>; </blockquote> <p>Hello,</p> <p>I was looking at tpm_emul_passthru.c and I've seen it uses open(2) and write(2) for initialization and command execution. From before (<a class="moz-txt-link-freetext" href="https://youtu.be/5wDs1K5ppbQ?t=940">https://youtu.be/5wDs1K5ppbQ?t=940</a>) I know you planned on adding tpm pass-through, which I think was just merged. Anyway, if pass-through uses open and write, can it be used together with swtpm, maybe? I can successfully run the following command:</p> <p>swtpm socket --tpmstate dir=/tmp/mytpm1 --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock --tpm2 --log level=20</p> <p>I can see /tmp/mytpm/swtpm-sock but I don't know how to try to use it with pass-through.</p> <p>Regards,<br> meka<br> </p> </body> </html> --------------5JEomuJTZc5jI8v1L0YC1pHY--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2f1539fc-f8b2-2ec5-9c68-c60f68e66c0e>