Re: [PATCH 3/3] x86/sev: add a SVSM vTPM platform device

[Stefano Garzarella]

On Thu, Jan 23, 2025 at 11:50:40AM +0200, Jarkko Sakkinen wrote:
> On Wed Jan 22, 2025 at 11:29 PM EET, Dionna Amalie Glaze wrote:
> > I can appreciate this viewpoint. It even surfaced Microsoft's fTPM
> > paper to me, which solves some interesting problems we need to solve
> > in SVSM too. So thanks for that.
> >
> > Just to clarify, you're not asking for SVSM to implement the TIS-MMIO
> > interface instead, but rather to use the fTPM stack, which could make
> > SVSM calls a TEE device operation?
>
> I don't really know what I'm asking because this is barely even a
> PoC, and I state it like this knowingly.
>
> You should make the argument, and the case for the solution. Then
> it is my turn to comment on that scheme.

I'll check if I can use fTPM, in the meantime I had started to simplify
this series, avoiding the double stack and exposing some APIs from SEV
to probe the vTPM and to send the commands. The final driver in
drivers/char/tpm would be quite simple.

But I'll try to see if reusing fTPM is a feasible way, I like the idea.

> That said, I would not give high odds for acceptance of a duplicate
> TPM stack succeeding.

Got it ;-)

Thanks to everyone for the helpful feedbacks!

I've been a bit messy these days and I'm in FOSDEM next week, so I hope
not to take too long for the v2.

Stefano