Bug 1327947
Summary: | [RFE] enable TPM passthrough at compile time (qemu-kvm-rhev) | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Shivraj <shipatil> | |
Component: | qemu-kvm-rhev | Assignee: | Marc-Andre Lureau <marcandre.lureau> | |
Status: | CLOSED WONTFIX | QA Contact: | yduan | |
Severity: | medium | Docs Contact: | ||
Priority: | medium | |||
Version: | 7.2 | CC: | areis, chayang, creynold, cww, dzheng, fmartine, jcoscia, jinzhao, juzhang, kchamart, knoel, lersek, marcandre.lureau, michen, mkalinin, mtessun, pgozart, psztoch, rbalakri, rdoty, shipatil, virt-maint, xfu, yuhuang | |
Target Milestone: | rc | Keywords: | FutureFeature, OtherQA | |
Target Release: | 7.5 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Enhancement | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1519013 1654486 (view as bug list) | Environment: | ||
Last Closed: | 2018-05-03 14:03:47 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1298243, 1359862, 1420851, 1431788, 1431790, 1431792, 1473733, 1519016, 1546815, 1558125, 1595018, 1654486, 1654490, 1668199, 1919797 |
Description
Shivraj
2016-04-18 06:39:10 UTC
*** Bug 1427894 has been marked as a duplicate of this bug. *** *** Bug 1314816 has been marked as a duplicate of this bug. *** Updated information: The TPM2 userspace tools as of RHEL 7.5 (Tech Preview in RHEL 7.4) include a resource manager that allows multiple users to interact with a TPM. Multiple keys and key hierarchies can be used. The actual keys are stored on disk as encrypted blobs and loaded and unloaded as needed. It should be possible to design and implement qemu support such that each VM appears to have its own TPM, including unique set of keys and measurements. This is not a straight TPM passthrough for the physical TPM, but would meet the requirements for multiple guests using bitlocker and measured boot. Is this direction worth exploring? |