view tools/vtpm/README @ 22906:700ac6445812

Now add KDB to the non-kdb tree
author Mukesh Rathor
date Thu Feb 03 15:42:41 2011 -0800 (2011-02-03)
parents 06d84bf87159
line source
2 Directory Structure
3 ===================
4 tools/vtpm/tpm_emulator-0.2b.tar.gz -> TPM Emulator downloaded at build time that will
5 be patched and used for our vtpms
6 tools/vtpm/vtpm.patch -> patch applied to tpm_emulator to make vtpm
7 tools/vtpm/vtpm/ -> (created on build) tpm_emulator moved to ring 3,
8 listens on a pair of fifos for TPM commands,
9 persistent state is sent via named fifo to vtpm
10 manager, which encrypts it and protects it.
11 tools/vtpm/tpm_emulator.patch -> To allow for debugging and testing on non-TPM
12 platforms, this patches the emulator to allow
13 it to be inserted into the dom0 kernel
14 tools/vtpm/tpm_emulator-0.2 -> (created on build) directory containing patched emulator
16 Compile Flags
17 ===================
18 VTPM_MULTI_VM -> Defined (not finished): VTPMs run in their own VMs
19 Not Defined (default): VTPMs are processes
21 Requirements
22 ============
23 - xen-unstable
24 - IBM frontend/backend vtpm driver patch
25 - vtpm_managerd
26 - GNU MP Big number library (GMP)
28 vtpmd Flow (for vtpm_manager. vtpmd never run by default)
29 ============================
30 - Launch the VTPM manager (vtpm_managerd) which which begins listening to the BE with one thread
31 and listens to a named fifo that is shared by the vtpms to commuincate with the manager.
32 - VTPM Manager listens to TPM BE.
33 - When xend launches a tpm frontend equipped VM it contacts the manager over the vtpm backend.
34 - When the manager receives the open message from the BE, it launches a vtpm
35 - Xend allows the VM to continue booting.
36 - When a TPM request is issued to the front end, the front end transmits the TPM request to the backend.
37 - The manager receives the TPM requests and uses a named fifo to forward the request to the vtpm.
38 - The fifo listener begins listening for the reply from vtpm for the request.
39 - Vtpm processes request and replies to manager over shared named fifo.
40 - If needed, the vtpm may send a request to the vtpm_manager at any time to save it's secrets to disk.
41 - Manager receives response from vtpm and passes it back to backend for forwarding to guest.
43 tpm_emulator flow
44 ==================
45 Read documentation in tpm_emulator-0.2 directory