[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4

To: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>
From: Matthew Fioravante <matthew.fioravante@xxxxxxxxxx>
Date: Wed, 26 Sep 2012 10:39:57 -0400
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Ian Campbell <Ian.Campbell@xxxxxxxxxx>
Delivery-date: Wed, 26 Sep 2012 14:41:37 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 09/26/2012 07:46 AM, George Dunlap wrote:
> On Tue, Sep 25, 2012 at 4:50 PM, Matthew Fioravante
> <matthew.fioravante@xxxxxxxxxx> wrote:
>> I don't know if there is anyone who would want to still use vtpms as
>> processes when the stub domains are now available. Security research
>> people like the domain model because it guarantees a better separation
>> of components guaranteed by the hypervisor and doesn't have to trust the
>> dom0 OS.
>>
>> If we got rid of the process and hybrid model, then the
>> tools/vtpm_manager code that is still used could be moved into the
>> vtpmmgrdom stubdom codebase. tools/vtpm could be completely removed
>> along with the --enable-vtpm stuff in the configure script and the cmake
>> dependency.
> I haven't had a chance to look at your patches in detail (because the
> few I've looked at have whitespace damage that Ian mentioned before),
> but I as long as the user interface (via xl, config files, &c) is the
> same, or comparable, I don't see any reason not to move entirely over
> the stubdom model; especially if the process or hybrid models are not
> being tested or maintained.
It would also simplify the whole system quite a bit. If I am to maintain
vtpm I'd like to not have to deal with bugs in the old code.

So how should we proceed with this then? Do you all want to remove the
vtpm process/hybrid model entirely now or just deprecate it for a while?
If we deprecate it do you still want my updates for it?

Let me know and I'll provide patches to make it happen either way.

The last piece of this puzzle that I haven't figured out is the linux
tpm frontend driver. Its not in the main linux tree. Its from the old
2006 vtpm code but it still works. I believe it shipped with the old xen
2.6.18 kernel but now I don't know whats happened to it. I still have a
copy we have been porting to newer kernels internally.

Should we try to get it in mainline linux? Or maybe provide it in the
xen tree as an externally compilable kernel module?

There also exists a linux tpm backend driver, but if were only going to
support the domain model that is no longer needed and can go away.
>  -George

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
  - From: George Dunlap

References:
- [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
  - From: Matthew Fioravante
- Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
  - From: Matthew Fioravante
- Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
  - From: Matthew Fioravante
- Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
  - From: George Dunlap

Prev by Date: Re: [Xen-devel] Xen4.2 S3 regression?
Next by Date: [Xen-devel] [PATCH] Add amd iommu emulation for Xen.
Previous by thread: Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
Next by thread: Re: [Xen-devel] [PATCH] Upgrade vtpmd to berlios version 0.7.4
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.