Xen project Mailing List

Re: [Xen-devel] [PATCH] docs/vtpm: fix auto-shutdown reference

To: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

From: Ian Campbell <Ian.Campbell@xxxxxxxxxx>

Date: Wed, 12 Feb 2014 17:22:37 +0000

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Jordi Cucurull Juan <jordi.cucurull@xxxxxxxxx>

Delivery-date: Wed, 12 Feb 2014 17:22:54 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Tue, 2014-02-11 at 10:25 -0500, Daniel De Graaf wrote: > On 02/11/2014 04:37 AM, Ian Campbell wrote: > > On Mon, 2014-02-10 at 14:40 -0500, Daniel De Graaf wrote: > >> On 02/05/2014 11:52 AM, Jordi Cucurull Juan wrote: > >>> Dear all, > >>> > >>> I have recently configured a Xen 4.3 server with the vTPM enabled and a > >>> guest virtual machine that takes advantage of it. After playing a bit > >>> with it, I have a few questions: > >>> > >>> 1.According to the documentation, to shutdown the vTPM stubdom it is > >>> only needed to normally shutdown the guest VM. Theoretically, the vTPM > >>> stubdom automatically shuts down after this. Nevertheless, if I shutdown > >>> the guest the vTPM stubdom continues active and, moreover, I can start > >>> the machine again and the values of the vTPM are the last ones there > >>> were in the previous instance of the guest. Is this normal? > >> > >> The documentation is in error here; > > > > Can you send a patch please. > > > > Ian. > > > Patch below. Thanks. > ------------------------->8-------------------------------------- > > The automatic shutdown feature of the vTPM was removed because it > interfered with pv-grub measurement support and was also not triggered > if the guest did not use the vTPM. Virtual TPM domains will need to be > shut down or destroyed on guest shutdown via a script or other user > action. > > This also fixes an incorrect reference to the vTPM being PV-only. > > Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> I'm holding off committing while preparations are made for another rc, but once that is out the way I see no reason to hold off on this. > --- > docs/misc/vtpm.txt | 12 +++--------- > 1 file changed, 3 insertions(+), 9 deletions(-) > > diff --git a/docs/misc/vtpm.txt b/docs/misc/vtpm.txt > index b8979a3..df1dfae 100644 > --- a/docs/misc/vtpm.txt > +++ b/docs/misc/vtpm.txt > @@ -234,7 +234,7 @@ the Linux tpmfront driver. Add the following line: > > vtpm=["backend=domu-vtpm"] > > -Currently only paravirtualized guests are supported. > +Currently only Linux guests are supported (PV or HVM with PV drivers). > > Launching and shut down: > ------------------------ > @@ -280,14 +280,8 @@ You should also see the command being sent to the vtpm > console as well > as the vtpm saving its state. You should see the vtpm key being > encrypted and stored on the vtpmmgr console. > > -To shutdown the guest and its vtpm, you just have to shutdown the guest > -normally. As soon as the guest vm disconnects, the vtpm will shut itself > -down automatically. > - > -On guest: > -# shutdown -h now > - > -You may wish to write a script to start your vtpm and guest together. > +You may wish to write a script to start your vtpm and guest together and > +to destroy the vtpm when the guest shuts down. > > ------------------------------ > INTEGRATION WITH PV-GRUB _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.