[nova] TPM passthrough

Jim Rollenhagen jim at jimrollenhagen.com
Thu Jun 20 14:34:24 UTC 2019


Hey y'all,

We have an internal use case which requires a VM with a TPM, to be used to
store a private key. Libvirt has two ways to present a TPM to a VM:
passthrough
or emulated. Per kashyap and the #qemu IRC channel, libvirt stores the TPM's
state on disk, unencrypted. Our risk profile includes "someone walks away
with
a disk", so this won't work for our use case.

The QEMU devs have asked for RFEs to implement vTPMs where the state never
touches the disk, so I have hopes that this will be done eventually.

However, I suspect that this will still take some time, especially as nobody
has volunteered to actually do the work yet. So, I'd like to propose we
implement TPM passthrough in Nova. My team is happy to do the work, but I'd
love some guidance as to the best way to implement this so we can get a spec
done (I assume it's "just another resource class"?).

If Nova doesn't want this feature in, and would rather just wait for the
features in QEMU, we'll carry it downstream, I guess. :)

Thoughts?

// jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190620/6c164a15/attachment.html>


More information about the openstack-discuss mailing list