[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 11/11] add vtpm support to libxl

To: Ian Campbell <Ian.Campbell@xxxxxxxxxx>
From: Matthew Fioravante <matthew.fioravante@xxxxxxxxxx>
Date: Tue, 02 Oct 2012 10:31:04 -0400
Cc: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Tue, 02 Oct 2012 14:32:52 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 10/02/2012 09:44 AM, Ian Campbell wrote:
> On Mon, 2012-10-01 at 19:40 +0100, Matthew Fioravante wrote:
>
>> Actually thinking about it more, uuids have to be attached to the
>> driver. If 2 vtpms connect to the manager, one could send the uuid of
>> the other and get access to someone elses secrets.
>>
>> TL;DR version
>>
>> uuids must remain part of the driver.
> What stops the driver lying about the UUID in a similar way?
The tpm backend driver (in the manager) will read the uuid from
xenstore. So as long as we trust xenstore ( and the entities who created
the entry, named libxl in dom0), we can trust the uuid and thus the
identity of the vtpm connecting to us.
>
> Ian.
>

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 11/11] add vtpm support to libxl
  - From: Ian Campbell

References:
- Re: [Xen-devel] [PATCH 11/11] add vtpm support to libxl
  - From: Matthew Fioravante
- Re: [Xen-devel] [PATCH 11/11] add vtpm support to libxl
  - From: Ian Campbell

Prev by Date: Re: [Xen-devel] Xen 4.3 development update
Next by Date: Re: [Xen-devel] Xen 4.3 development update
Previous by thread: Re: [Xen-devel] [PATCH 11/11] add vtpm support to libxl
Next by thread: Re: [Xen-devel] [PATCH 11/11] add vtpm support to libxl
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.