Recently I have been doing some research about vTPM specially using Xen, in the System Software Lab. at POSTECH in Korea. In this article I will try to explain how vTPM has been implemented in this Hypervisor.
Xen is a Virtual Machine Monitor (VMM or Hypervisor). It allows to run multiple operating systems on the same computer using one of these two virtualization technology: Paravirtualization (the guest OS must be modified to use the Hypervisor ABI instead of certain architectural features) or Hardware assisted virtualization (HVM, the guest OS runs unmodified if the CPU supports the Intel VT or AMD-V technologies).
Two years ago (2006), several groups of researchers started to work on the virtualization of the TPM (Trusted Platform Module) so that the Virtual Machines (VMs) can use the TPM functionalities. These researches have lead to one fundamental paper from IBM: vTPM: Virtualising the Trusted Platform Module and later on to one from Intel: TPM Virtualization: Building a General Framework. These papers serve as a base for the implementation of the vTPM in Xen, which was jointly developed by the people from IBM and Intel.
Read more... (18157 bytes)
This document could be called "How to install Xen with virtual TPM support on Debian GNU/Linux?". In another blog posts I will write about TPM, Virtual TPM (vTPM) and the current vTPM implementation in Xen. But for now I need to set up a computer to play with vTPM, so I have written this document to be sure that I won't forget the steps I performed. I am sure this documentation will be useful to someone.
To properly understand what I am witting about in this document, make sure to have the minimal background in kernel compilation, and in Xen configuration and usage. I advise you to read the whole document before doing anything to be sure that you understand what you will do.
Read more... (17097 bytes)