[libvirt] [PATCH v9 00/17] Add support for TPM emulator
Stefan Berger
stefanb at linux.vnet.ibm.com
Wed Jun 6 15:36:42 UTC 2018
On 06/04/2018 11:46 AM, Stefan Berger wrote:
> This series of patches adds support for the TPM emulator backend that
> is available in QEMU and based on swtpm + libtpms. It allows to attach a
> TPM 1.2 or 2.0 to a QEMU VM. sVirt labels are used for labeling the swtpm
> process, its Unix socket, and log file with the same label that the
> QEMU process gets. Besides that swtpm is added to the emulator cgroup to
> restrict its CPU usage.
>
> The device XML can be changed from a TPM 1.2 to a TPM 2.0 and back to a
> TPM 1.2. The device state is not removed during those changes but only
> when the domain is undefined.
>
> The swtpm needs persistent storage to store its state. For that I am
> using the uuid of the VM as part of the path since the name of the VM
> can be changed. Logfiles, PID files, and socket names are based on the
> name of the VM, though.
I pushed this series now except for the AppArmor related patch.
Thanks!
Stefan
More information about the libvir-list
mailing list