[CentOS-virt] TPM

Wed Aug 29 16:08:47 UTC 2018
Stephen John Smoogen <smooge at gmail.com>

On Wed, 29 Aug 2018 at 11:58, Dag Nygren <dag at newtech.fi> wrote:

> On onsdag 29 augusti 2018 kl. 17:39:18 EEST Stephen John Smoogen wrote:
> > On Wed, 29 Aug 2018 at 10:25, Dag Nygren <dag at newtech.fi> wrote:
> > > Anyone here with an experience in transitioning QEMU -> XEN ?
> > http://www.cse.psu.edu/~pdm12/cse544/slides/cse544-schiffman-vTPM.pdf
> goes
> > through some of the problems.
> Yes, I had a look at that earlier and it seems XEN has solved most
> of the problems
Well it seemed that the people writing the talk had come up with a way it
could be done. That can be it being done in a way that isn't 3/4 bailing
wire and duct tape or it could be that the have a viable set of tools which
can be done cleanly and meet various security uses which require knowing
what the hostility of the environment is. AKA it may work if you expect no
hostile VMs ever to be installed or it may mean it works in a hostile
environment where VM A and VM B are owned by different actors and they are
actively spying on each other. Each of those has different requirements and
outcomes. AKA in one you can expect that secrets in the vTPM may remain
secret while the other they may not. And there may be the case where Dom0
could see any secret in any vTPM so you have to factor in how much you
trust that.

> > You need to be aware of the limitations of
> > the specific TPM your hardware has, and what you are giving up in the
> trust
> > model with any vTPM [aka your virtual machine can't move from its server,
> > your TPM isn't real and can possibly looked at by other guests, etc etc.]
> Couldn't find anything on the issue of migration of the VM, but I thought
> that Xen has that one also taken care of? (Exporting and importing keys)
> Am I completely wrong here?
I don't really know. From the articles.. it is not a 'simple' operation and
you can quite easily get it wrong. Depending on the security arrangements
needed further research than a PDF on the Internet is needed with actual
questions to the writers or talking with a company that does this full time.

> Best
> Dag

Stephen J Smoogen.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20180829/99d7412c/attachment-0006.html>