zoukankan      html  css  js  c++  java
  • /xen4.4.2/xen-4.4.2/stubdom/vtpm/README

    Copyright (c) 2010-2012 United States Government, as represented by
    the Secretary of Defense.  All rights reserved.
    November 12 2012
    Authors: Matthew Fioravante (JHUAPL),

    This document describes the operation and command line interface
    of vtpm-stubdom. See docs/misc/vtpm.txt for details on the
    vTPM subsystem as a whole.


    ------------------------------
    OPERATION
    ------------------------------

    The vtpm-stubdom is a mini-OS domain that emulates a TPM for the guest OS to
    use. It is a small wrapper around the Berlios TPM emulator
    version 0.7.4. Commands are passed from the linux guest via the
    mini-os TPM backend driver. vTPM data is encrypted and stored via a disk image
    provided to the virtual machine. The key used to encrypt the data along
    with a hash of the vTPM's data is sent to the vTPM manager for secure storage
    and later retrieval.  The vTPM domain communicates with the manager using a
    mini-os tpm front/back device pair.

    ------------------------------
    COMMAND LINE ARGUMENTS
    ------------------------------

    Command line arguments are passed to the domain via the 'extra'
    parameter in the VM config file. Each parameter is separated
    by white space. For example:

    extra="foo=bar baz"

    List of Arguments:
    ------------------

    loglevel=<LOG>: Controls the amount of logging printed to the console.
        The possible values for <LOG> are:
         error
         info (default)
         debug

    clear: Start the Berlios emulator in "clear" mode. (default)

    save: Start the Berlios emulator in "save" mode.

    deactivated: Start the Berlios emulator in "deactivated" mode.
        See the Berlios TPM emulator documentation for details
        about the startup mode. For all normal use, always use clear
        which is the default. You should not need to specify any of these.

    maintcmds=<1|0>: Enable to disable the TPM maintenance commands.
        These commands are used by tpm manufacturers and thus
        open a security hole. They are disabled by default.

    hwinitpcr=<PCRSPEC>: Initialize the virtual Platform Configuration Registers
        (PCRs) with PCR values from the hardware TPM. Each pcr specified by
        <PCRSPEC> will be initialized with the value of that same PCR in TPM
        once at startup. By default all PCRs are zero initialized.
        Value values of <PCRSPEC> are:
         all: copy all pcrs
         none: copy no pcrs (default)
         <N>: copy pcr n
         <X-Y>: copy pcrs x to y (inclusive)

        These can also be combined by comma separation, for example:
         hwinitpcrs=5,12-16
        will copy pcrs 5, 12, 13, 14, 15, and 16.

    ------------------------------
    REFERENCES
    ------------------------------

    Berlios TPM Emulator:
    http://tpm-emulator.berlios.de/

  • 相关阅读:
    TableCellRenderer和TableCellEditor(一)
    python 哔哩哔哩学习
    Pwn_11 Got 劫持
    Pwn_10 Format String Attack
    Pwn_9 作业讲解
    Pwn_8 ROP(3)——Stack Migration
    堆栈是个什么🐴
    pwntools 文档学习
    Pwn_7 ROP (2)
    socket.error: [Errno 98] Address already in use
  • 原文地址:https://www.cnblogs.com/summer2017/p/7912015.html
Copyright © 2011-2022 走看看