I think it is fair to read the PCRs before performing Deep Quote and after
and
to retry if something changed.
It is an interesting suggestion to extend the tpm character device driver
in order
to obtain atomicity. I will think about it.
Thanks for clarifying.
On Mon, Mar 9, 2015 at 7:26 PM,
On Mon, Mar 9, 2015 at 4:40 PM, Daniel De Graaf dgde...@tycho.nsa.gov
wrote:
On 03/08/2015 07:41 AM, Emil Condrea wrote:
I am trying to validate a Deep Quote request made by domU but I feel that
something is missing. Right now when a domU requests TPM_ORD_DeepQuote:
1. vTPM:
- unpacks the
] *On Behalf Of *Emil Condrea
*Sent:* Sunday, March 08, 2015 7:41 PM
*To:* xen-devel@lists.xen.org
*Cc:* Daniel De Graaf
*Subject:* [Xen-devel] vTPM Deep Quote validation
I am trying to validate a Deep Quote request made by domU but I feel that
something is missing. Right now when a domU requests
[mailto:xen-devel-boun...@lists.xen.org]
On Behalf Of Emil Condrea
Sent: Sunday, March 08, 2015 7:41 PM
To: xen-devel@lists.xen.org
Cc: Daniel De Graaf
Subject: [Xen-devel] vTPM Deep Quote validation
I am trying to validate a Deep Quote request made by domU but I feel that
something is missing. Right now
On 03/08/2015 07:41 AM, Emil Condrea wrote:
I am trying to validate a Deep Quote request made by domU but I feel that
something is missing. Right now when a domU requests TPM_ORD_DeepQuote:
1. vTPM:
- unpacks the params: nonce, vTPM PCR selection and physical PCR selection
- packs PCR_INFO_SHORT
On 03/09/2015 11:58 AM, Emil Condrea wrote:
On Mon, Mar 9, 2015 at 4:40 PM, Daniel De Graaf dgde...@tycho.nsa.gov
wrote:
On 03/08/2015 07:41 AM, Emil Condrea wrote:
I am trying to validate a Deep Quote request made by domU but I feel that
something is missing. Right now when a domU requests