annotate tools/vtpm/README @ 22848:6341fe0f4e5a

Added tag 4.1.0-rc2 for changeset 9dca60d88c63
author Keir Fraser <>
date Tue Jan 25 14:06:55 2011 +0000 (2011-01-25)
parents 06d84bf87159
rev   line source
shand@6595 1
shand@6595 2 Directory Structure
shand@6595 3 ===================
shand@6595 4 tools/vtpm/tpm_emulator-0.2b.tar.gz -> TPM Emulator downloaded at build time that will
shand@6595 5 be patched and used for our vtpms
shand@6595 6 tools/vtpm/vtpm.patch -> patch applied to tpm_emulator to make vtpm
shand@6595 7 tools/vtpm/vtpm/ -> (created on build) tpm_emulator moved to ring 3,
shand@6595 8 listens on a pair of fifos for TPM commands,
shand@6595 9 persistent state is sent via named fifo to vtpm
shand@6595 10 manager, which encrypts it and protects it.
shand@6595 11 tools/vtpm/tpm_emulator.patch -> To allow for debugging and testing on non-TPM
shand@6595 12 platforms, this patches the emulator to allow
shand@6595 13 it to be inserted into the dom0 kernel
shand@6595 14 tools/vtpm/tpm_emulator-0.2 -> (created on build) directory containing patched emulator
shand@6595 15
shand@6595 16 Compile Flags
shand@6595 17 ===================
shand@6595 18 VTPM_MULTI_VM -> Defined (not finished): VTPMs run in their own VMs
shand@6595 19 Not Defined (default): VTPMs are processes
shand@6595 20
shand@6595 21 Requirements
shand@6595 22 ============
shand@6595 23 - xen-unstable
shand@6595 24 - IBM frontend/backend vtpm driver patch
shand@6595 25 - vtpm_managerd
kaf24@6992 26 - GNU MP Big number library (GMP)
shand@6595 27
shand@6595 28 vtpmd Flow (for vtpm_manager. vtpmd never run by default)
shand@6595 29 ============================
shand@6595 30 - Launch the VTPM manager (vtpm_managerd) which which begins listening to the BE with one thread
shand@6595 31 and listens to a named fifo that is shared by the vtpms to commuincate with the manager.
shand@6595 32 - VTPM Manager listens to TPM BE.
shand@6595 33 - When xend launches a tpm frontend equipped VM it contacts the manager over the vtpm backend.
shand@6595 34 - When the manager receives the open message from the BE, it launches a vtpm
shand@6595 35 - Xend allows the VM to continue booting.
shand@6595 36 - When a TPM request is issued to the front end, the front end transmits the TPM request to the backend.
shand@6595 37 - The manager receives the TPM requests and uses a named fifo to forward the request to the vtpm.
shand@6595 38 - The fifo listener begins listening for the reply from vtpm for the request.
shand@6595 39 - Vtpm processes request and replies to manager over shared named fifo.
shand@6595 40 - If needed, the vtpm may send a request to the vtpm_manager at any time to save it's secrets to disk.
shand@6595 41 - Manager receives response from vtpm and passes it back to backend for forwarding to guest.
shand@6595 42
shand@6595 43 tpm_emulator flow
shand@6595 44 ==================
shand@6595 45 Read documentation in tpm_emulator-0.2 directory