Copyright (c) 2010-2012 United States Government, as represented by
the Secretary of Defense. All rights reserved.
November 12 2012
Authors: Matthew Fioravante (JHUAPL),
This document describes the operation and command line interface
of vtpmmgr-stubdom. See docs/misc/vtpm.txt for details on the
vTPM subsystem as a whole.
------------------------------
OPERATION
------------------------------
The vtpmmgr-stubdom implements a vTPM manager who has two major functions:
- Securely store encryption keys for each of the vTPMS
- Regulate access to the hardware TPM for the entire system
The manager accepts commands from the vtpm-stubdom domains via the mini-os
TPM backend driver. The vTPM manager communicates directly with hardware TPM
using the mini-os tpm_tis driver.
When the manager starts for the first time it will check if the TPM
has an owner. If the TPM is unowned, it will attempt to take ownership
with the supplied owner_auth (see below) and then create a TPM
storage key which will be used to secure vTPM key data. Currently the
manager only binds vTPM keys to the disk. In the future support
for sealing to PCRs should be added.
------------------------------
COMMAND LINE ARGUMENTS
------------------------------
Command line arguments are passed to the domain via the 'extra'
parameter in the VM config file. Each parameter is separated
by white space. For example:
extra="foo=bar baz"
List of Arguments:
------------------
owner_auth=<AUTHSPEC>: Set the owner auth of the TPM. The default
is the well known owner auth of all ones.
srk_auth=<AUTHSPEC>: Set the SRK auth for the TPM. The default is
the well known srk auth of all zeroes.
The possible values of <AUTHSPEC> are:
well-known: Use the well known auth (default)
random: Randomly generate an auth
hash: <HASH>: Use the given 40 character ASCII hex string
text: <STR>: Use sha1 hash of <STR>.
tpmdriver=<DRIVER>: Which driver to use to talk to the hardware TPM.
Don't change this unless you know what you're doing.
The possible values of <DRIVER> are:
tpm_tis: Use the tpm_tis driver to talk directly to the TPM.
The domain must have access to TPM IO memory. (default)
tpmfront: Use tpmfront to talk to the TPM. The domain must have
a tpmfront device setup to talk to another domain
which provides access to the TPM.
The following options only apply to the tpm_tis driver:
tpmiomem=<ADDR>: The base address of the hardware memory pages of the
TPM (default 0xfed40000).
tpmirq=<IRQ>: The irq of the hardware TPM if using interrupts. A value of
"probe" can be set to probe for the irq. A value of 0
disabled interrupts and uses polling (default 0).
tpmlocality=<LOC>: Attempt to use locality <LOC> of the hardware TPM.
(default 0)