This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] [PATCH 1/7] vtpm Mini-Os domain: vtpm_managerd

To: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] [PATCH 1/7] vtpm Mini-Os domain: vtpm_managerd
From: Matthew Fioravante <matthew.fioravante@xxxxxxxxxx>
Date: Wed, 25 Aug 2010 11:05:23 -0400
Delivery-date: Wed, 25 Aug 2010 08:06:30 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20100720 Lanikai/3.1.1
 Signed-off-by: Matthew Fioravante <Matthew.Fioravante@xxxxxxxxxx>

The following is a major patch to the vtpm_manager. I apologize in advance for submitting such a large patch. Let me know if you'd like me to break it up.

This patch contains the following:
-A new routine to flush all handles from the tpm everytime vtpm_managerd is started. Previously if the manager would crash it would leave stale keys and auth handles in the tpm. After restarting the manager several times and letting it crash, the tpm would run out of memory and the manager would fail to start with a TPM_NO_SPACE error.
-Several memory errors fixed such as uninitialized reads and memory leaks.
-Fixed the signal handler to work with blocking IO and threads correctly. Previously the manager would not shutdown correctly when you tried to Ctrl+C close it on 64 bit. -Removal of VTPM_MULTI_VM #defines. These were supposed to be a partial implementation for a way to run vtpms in multiple domains but it was never finished. It doesn't appear there has been any development on this for several years. Since vtpm-stubdom performs this functionality I removed these #defines and #ifdefs to make the code a little cleaner. -New vTPM ordinals: VTPM_SAVE_KEY and VTPM_LOAD_KEY. The vtpm domains encrypt their persistent state themselves, they only request the manager to store the key.

-#define VTPM_STUBDOM will build the manager in stubdom mode. The manager can only work in either vtpm-stubdom or vtpmd mode. You cannot combine them. Clearing out the manager state will be required.
    # rm /var/vtpm/VTPM /var/vtpm/vtpm_dm*

Attachment: 1-manager.patch
Description: Text Data

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Xen-devel mailing list
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [PATCH 1/7] vtpm Mini-Os domain: vtpm_managerd, Matthew Fioravante <=