ia64/xen-unstable

changeset 10616:5d565bb12783

[TPM] Update the current virtual TPM documentation in misc/docs/vtpm.txt
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
author kaf24@firebug.cl.cam.ac.uk
date Fri Jun 30 10:14:36 2006 +0100 (2006-06-30)
parents 784961057338
children d095e99392ac
files docs/misc/vtpm.txt
line diff
     1.1 --- a/docs/misc/vtpm.txt	Fri Jun 30 10:13:17 2006 +0100
     1.2 +++ b/docs/misc/vtpm.txt	Fri Jun 30 10:14:36 2006 +0100
     1.3 @@ -1,5 +1,5 @@
     1.4  Copyright: IBM Corporation (C), Intel Corporation
     1.5 -17 August 2005
     1.6 +29 June 2006
     1.7  Authors: Stefan Berger <stefanb@us.ibm.com> (IBM), 
     1.8           Employees of Intel Corp
     1.9  
    1.10 @@ -9,24 +9,34 @@ instance and doing a short test to verif
    1.11  that the user is fairly familiar with compiling and installing XEN
    1.12  and Linux on a machine. 
    1.13   
    1.14 -Production Prerequisites: An x86-based machine machine with an ATMEL or
    1.15 -National Semiconductor (NSC) TPM on the motherboard.
    1.16 +Production Prerequisites: An x86-based machine machine with a
    1.17 +Linux-supported TPM on the motherboard (NSC, Atmel, Infineon, TPM V1.2).
    1.18  Development Prerequisites: An emulator for TESTING ONLY is provided
    1.19  
    1.20  
    1.21 -Compiling XEN tree:
    1.22 --------------------
    1.23 +Compiling the XEN tree:
    1.24 +-----------------------
    1.25  
    1.26  Compile the XEN tree as usual after the following lines set in the
    1.27  linux-2.6.??-xen/.config file:
    1.28  
    1.29 -CONFIG_XEN_TPMDEV_BACKEND=y
    1.30 +CONFIG_XEN_TPMDEV_BACKEND=m
    1.31 +
    1.32 +CONFIG_TCG_TPM=m
    1.33 +CONFIG_TCG_TIS=m      (supported after 2.6.17-rc4)
    1.34 +CONFIG_TCG_NSC=m
    1.35 +CONFIG_TCG_ATMEL=m
    1.36 +CONFIG_TCG_INFINEON=m
    1.37 +CONFIG_TCG_XEN=m
    1.38 +<possible other TPM drivers supported by Linux>
    1.39 +
    1.40 +If the frontend driver needs to be compiled into the user domain
    1.41 +kernel, then the following two lines should be changed.
    1.42  
    1.43  CONFIG_TCG_TPM=y
    1.44 -CONFIG_TCG_NSC=m
    1.45 -CONFIG_TCG_ATMEL=m
    1.46  CONFIG_TCG_XEN=y
    1.47  
    1.48 +
    1.49  You must also enable the virtual TPM to be built:
    1.50  
    1.51  In Config.mk in the Xen root directory set the line
    1.52 @@ -63,7 +73,7 @@ an example of how a user domain can be c
    1.53  available. It works similar to making a network interface
    1.54  available to a domain.
    1.55  
    1.56 -kernel = "/boot/vmlinuz-2.6.12-xenU"
    1.57 +kernel = "/boot/vmlinuz-2.6.x"
    1.58  ramdisk = "/xen/initrd_domU/U1_ramdisk.img"
    1.59  memory = 32
    1.60  name = "TPMUserDomain0"
    1.61 @@ -92,7 +102,7 @@ leave out the 'vtpm' line in the configu
    1.62  Running the TPM:
    1.63  ----------------
    1.64  
    1.65 -To run the vTPM, dev device /dev/vtpm must be available.
    1.66 +To run the vTPM, the device /dev/vtpm must be available.
    1.67  Verify that 'ls -l /dev/vtpm' shows the following output:
    1.68  
    1.69  crw-------  1 root root 10, 225 Aug 11 06:58 /dev/vtpm
    1.70 @@ -101,16 +111,26 @@ If it is not available, run the followin
    1.71  mknod /dev/vtpm c 10 225
    1.72  
    1.73  Make sure that the vTPM is running in domain 0. To do this run the
    1.74 -following
    1.75 +following:
    1.76 +
    1.77 +modprobe tpmbk
    1.78  
    1.79  /usr/bin/vtpm_managerd
    1.80  
    1.81  Start a user domain using the 'xm create' command. Once you are in the
    1.82 -shell of the user domain, you should be able to do the following:
    1.83 +shell of the user domain, you should be able to do the following as
    1.84 +user 'root':
    1.85  
    1.86 -> cd /sys/devices/vtpm
    1.87 +Insert the TPM frontend into the kernel if it has been compiled as a
    1.88 +kernel module.
    1.89 +
    1.90 +> modprobe tpm_xenu
    1.91 +
    1.92 +Check the status of the TPM
    1.93 +
    1.94 +> cd /sys/devices/xen/vtpm-0
    1.95  > ls
    1.96 -cancel  caps   pcrs    pubek
    1.97 +[...]  cancel  caps   pcrs    pubek   [...]
    1.98  > cat pcrs
    1.99  PCR-00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
   1.100  PCR-01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00