Re: Sudden need for bhyve TPM Emulation... willing to port swtpm?

Reply: Corvin K�hne : "Re: Sudden need for bhyve TPM Emulation... willing to port swtpm?"
In reply to: Corvin K�hne : "Re: Sudden need for bhyve TPM Emulation... willing to port swtpm?"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Goran_Mekić <meka_at_tilda.center>
Date: Thu, 10 Aug 2023 14:41:56 UTC

On 8/7/23 10:04, Corvin Köhne wrote:
> Hi,
>
> afaik, qemu is making use of the swtpm project too. So, it'd great to 
> implement it in bhyve.
>
> My TPM passthrough emulation is currently under review. See 
> https://reviews.freebsd.org/D32961.
>
> I designed it to easily integrate a swtpm in the future. You  just 
> have to implement a new tpm backend by adding a new TPM_EMUL_SET.
> Take a look at the tpm_emul_passthru.c file.
>
> Btw: We may have to add additional functions to the TPM_EMUL_SET like 
> a "startup_tpm" function. See 
> https://elixir.bootlin.com/qemu/latest/source/include/sysemu/tpm_backend.h#L52

Hello,

I was looking at tpm_emul_passthru.c and I've seen it uses open(2) and 
write(2) for initialization and command execution. From before 
(https://youtu.be/5wDs1K5ppbQ?t=940) I know you planned on adding tpm 
pass-through, which I think was just merged. Anyway, if pass-through 
uses open and write, can it be used together with swtpm, maybe? I can 
successfully run the following command:

swtpm socket --tpmstate dir=/tmp/mytpm1 --ctrl 
type=unixio,path=/tmp/mytpm1/swtpm-sock --tpm2 --log level=20

I can see /tmp/mytpm/swtpm-sock but I don't know how to try to use it 
with pass-through.

Regards,
meka