[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] PKCS#11 passthrough for Smartcards
On Tue, May 17, 2011 at 11:38:56AM +0200, J.Witvliet@xxxxxxxxx wrote:
> Hi all,
> As advised, i'll put the message on the devel-list
How is KVM doing the pass-through? Is it in QEMU? If so, when we switch
over to upstream QEMU (which we are doing now), we should get it
automatically I would think.
> Kind regards, Hans
> -----Original Message-----
> From: Joseph Glanville [mailto:joseph.glanville@xxxxxxxxxxxxxx]
> Sent: woensdag 11 mei 2011 18:01
> To: Witvliet, J, CDC/IVENT/OPS/I&S/HIN
> Cc: xen-users@xxxxxxxxxxxxxxxxxxx; hwit@xxxxxxxxxxx
> Subject: Re: [Xen-users] PKCS#11 passthrough for Smartcards
> As far as I am aware this isn't supported - it would require a
> paravirtualised backend to be possible. I think I have seen you request it a
> few times and noone is yet to reply. You could try the xen-devel list to see
> if anyone has been working on one but once again, I doubt it.
> Have you had any luck with KVM or the other hypervisors? This seems like a
> much more "desktop" feature so you might be better off looking at a less
> server consolidation oriented hypervisor if that makes sense.
> On 11 May 2011 23:34, <J.Witvliet@xxxxxxxxx> wrote:
> > Hi all,
> > Someone mentioned today to me, that the "competing virtualisation product"
> > is capable of doing PKCS-forwarding towards a virtual client.
> > So, my question here, does XEN supports PKCS-passthrough?
> > As i also need my smartcard locally (on the hypervisor), i can not use
> > neither pci nor usb-forwarding....
> > Hans
> Hi Joseph,
> It's strange that in a world that is "conceived as" more insecure, devices
> like tokens and smartcard are not becoming mainstream.
> RedHat can currently do virtualisation af an (USA) CAC-card for their KVM.
What is that?
> And it looks like a business-case is being made to alter their code to
> support generic smartcards.
Uhhh, so not in the upstream kernel then.
Xen-devel mailing list