Xen project Mailing List

[Xense-devel] RE: [TrouSerS-users] vTPM data seal issue

To: "Hal Finney" <hal.finney@xxxxxxxxx>

From: "Osborn, Justin D." <Justin.Osborn@xxxxxxxxxx>

Date: Thu, 19 Oct 2006 08:30:30 -0400

Cc: xense-devel@xxxxxxxxxxxxxxxxxxx, trousers-users@xxxxxxxxxxxxxxxxxxxxx

Delivery-date: Thu, 19 Oct 2006 05:30:48 -0700

List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>

Thread-index: AcbzIiGSPyNVHCnmT8WP/2wWf9vkNwAVX06g

Thread-topic: [TrouSerS-users] vTPM data seal issue

-----Original Message----- From: Hal Finney [mailto:hal.finney@xxxxxxxxx] Sent: Wednesday, October 18, 2006 9:53 PM To: Osborn, Justin D. Cc: xense-devel@xxxxxxxxxxxxxxxxxxx; trousers-users@xxxxxxxxxxxxxxxxxxxxx; vincent.r.scarlata@xxxxxxxxx Subject: Re: [TrouSerS-users] vTPM data seal issue > That's neat that you got that to work. I've been interested in experimenting with Xen and TPM but I've > had trouble getting Xen to run at all on my Thinkpad. Maybe the xen-unstable version would work better. > What kernel are you using? Xen-unstable works with kernel 2.6.16.29 (which has the tpm_tis driver for TPM v. 1.2 support). > One thing I don't understand is how the PCRs are shared between the various VMs. I wonder if the idea > is that user code doesn't talk to the "real" PCRs, at all, rather Xen makes up a set of fake PCRs for each > VM. The real PCRs are only used to measure Xen. Then I think most TPM operations wouldn't even touch the > real TPM. If you seal and unseal, it is Xen which is maintaining its virtual PCRs, does the crypto, and > decides if the unseal will work. Xen protects the user's secrets using its virtual TPM code, and all of > Xen's secrets are protected by the real TPM. Something like this, anyway. I need to learn more about how > all this will work. Actually, you're right. The vTPM PCRs are just a buffer in the memory of vtpmd. Right now they are just defined to be zero on initialization. The original IBM vTPM paper says that vTPM PCRs 1-8 should be the same as the physical TPM's PCRs, but from what I can tell people were in disagreement on that so right now they're all set to zero. Speaking of which, here's a question for the vTPM developers: Is there code out there to load the vTPM PCRs (1-8) with the values from the physical TPM? I'm about to (attempt to) write that, and it'd be helpful if someone's already done it. Thanks, Justin _______________________________________________ Xense-devel mailing list Xense-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xense-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.