zoukankan      html  css  js  c++  java
  • /xen4.4.2/xen-4.4.2/stubdom/vtpm/README

    Copyright (c) 2010-2012 United States Government, as represented by
    the Secretary of Defense.  All rights reserved.
    November 12 2012
    Authors: Matthew Fioravante (JHUAPL),

    This document describes the operation and command line interface
    of vtpm-stubdom. See docs/misc/vtpm.txt for details on the
    vTPM subsystem as a whole.


    ------------------------------
    OPERATION
    ------------------------------

    The vtpm-stubdom is a mini-OS domain that emulates a TPM for the guest OS to
    use. It is a small wrapper around the Berlios TPM emulator
    version 0.7.4. Commands are passed from the linux guest via the
    mini-os TPM backend driver. vTPM data is encrypted and stored via a disk image
    provided to the virtual machine. The key used to encrypt the data along
    with a hash of the vTPM's data is sent to the vTPM manager for secure storage
    and later retrieval.  The vTPM domain communicates with the manager using a
    mini-os tpm front/back device pair.

    ------------------------------
    COMMAND LINE ARGUMENTS
    ------------------------------

    Command line arguments are passed to the domain via the 'extra'
    parameter in the VM config file. Each parameter is separated
    by white space. For example:

    extra="foo=bar baz"

    List of Arguments:
    ------------------

    loglevel=<LOG>: Controls the amount of logging printed to the console.
        The possible values for <LOG> are:
         error
         info (default)
         debug

    clear: Start the Berlios emulator in "clear" mode. (default)

    save: Start the Berlios emulator in "save" mode.

    deactivated: Start the Berlios emulator in "deactivated" mode.
        See the Berlios TPM emulator documentation for details
        about the startup mode. For all normal use, always use clear
        which is the default. You should not need to specify any of these.

    maintcmds=<1|0>: Enable to disable the TPM maintenance commands.
        These commands are used by tpm manufacturers and thus
        open a security hole. They are disabled by default.

    hwinitpcr=<PCRSPEC>: Initialize the virtual Platform Configuration Registers
        (PCRs) with PCR values from the hardware TPM. Each pcr specified by
        <PCRSPEC> will be initialized with the value of that same PCR in TPM
        once at startup. By default all PCRs are zero initialized.
        Value values of <PCRSPEC> are:
         all: copy all pcrs
         none: copy no pcrs (default)
         <N>: copy pcr n
         <X-Y>: copy pcrs x to y (inclusive)

        These can also be combined by comma separation, for example:
         hwinitpcrs=5,12-16
        will copy pcrs 5, 12, 13, 14, 15, and 16.

    ------------------------------
    REFERENCES
    ------------------------------

    Berlios TPM Emulator:
    http://tpm-emulator.berlios.de/

  • 相关阅读:
    Js获取当前日期时间及其它操作
    Java JDBC 基础知识
    java自动创建多级目录
    [Java]读取文件方法大全
    table固定首行(二)
    table固定首行(一)
    DIV滚动条
    查看本机开放的端口号,查看某个端口号是否被占用,查看被占用的端口号被哪个进程所占用,如何结束该进程
    DWZ SSH2 菜单树--使用Struts2 标签(iterator/set/if 组合使用)
    synchronized与lock,哪个效率更高
  • 原文地址:https://www.cnblogs.com/summer2017/p/7912015.html
Copyright © 2011-2022 走看看