[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] vtpm: Upgrade to using tpm_emulator-0.5.1
# HG changeset patch # User Keir Fraser <keir.fraser@xxxxxxxxxx> # Date 1251097732 -3600 # Node ID 4e67ba3c321affda3f90734ba62ce04b23fce66c # Parent dde06d43143b71a72d979d8040a887534e321b32 vtpm: Upgrade to using tpm_emulator-0.5.1 The newer version of the emulator contains several bug fixes, one that we were seeing in our use of vtpm. This patch also defines TPM_STRONG_PERSISTENCE for the new emulator. A couple of important notes about this patch: -This has only been tested on PVM domU's. In theory it should work for HVM but I have not tried it at all and can guarantee nothing. -All the relevant changes in tools/vtpm/vtpm.patch have been ported to tpm_emulator-0.5.1. -None of the changes in tpm_emulator.patch have been ported. In particular this means the BUILD_EMULATOR option, which as I understand lets you use the tpm_emulator in dom0 for a machine that does not have a real hardware TPM does not work. This functionality should be easy to add though because the new emulator already comes with a kernel module interface. -No considerations were made for the VTPM_MULTI_VM feature (which is supposedly unfinished). This patch may or may not break any progress made on that feature. Signed-off-by: Matt Fioravante <Matthew.Fioravante@xxxxxxxxxx> --- tools/vtpm/Makefile | 34 ---- tools/vtpm/vtpm-0.5.1.patch | 301 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 307 insertions(+), 28 deletions(-) diff -r dde06d43143b -r 4e67ba3c321a tools/vtpm/Makefile --- a/tools/vtpm/Makefile Mon Aug 24 08:05:46 2009 +0100 +++ b/tools/vtpm/Makefile Mon Aug 24 08:08:52 2009 +0100 @@ -10,7 +10,7 @@ ORIG_DIR = orig ORIG_DIR = orig # Emulator tarball name -TPM_EMULATOR_NAME = tpm_emulator-0.4 +TPM_EMULATOR_NAME = tpm_emulator-0.5.1 TPM_EMULATOR_TARFILE = $(TPM_EMULATOR_NAME).tar.gz GMP_HEADER = /usr/include/gmp.h @@ -19,13 +19,10 @@ all: build all: build .PHONY: build -build: $(VTPM_DIR) $(TPM_EMULATOR_DIR) build_sub +build: build_sub .PHONY: install install: build - if [ "$(BUILD_EMULATOR)" = "y" ]; then \ - $(MAKE) -C $(TPM_EMULATOR_DIR) $@ ;\ - fi $(MAKE) -C $(VTPM_DIR) $@ .PHONY: clean @@ -46,25 +43,14 @@ mrproper: $(TPM_EMULATOR_TARFILE): wget http://download.berlios.de/tpm-emulator/$(TPM_EMULATOR_TARFILE) -# Create vtpm and TPM emulator dirs -# apply patches for 1) used as dom0 tpm driver 2) used as vtpm device instance -$(TPM_EMULATOR_DIR): $(TPM_EMULATOR_TARFILE) tpm_emulator.patch - set -e; if [ "$(BUILD_EMULATOR)" = "y" ]; then \ - rm -rf $(TPM_EMULATOR_DIR); \ - tar -xzf $(TPM_EMULATOR_TARFILE); \ - mv $(TPM_EMULATOR_NAME) $(TPM_EMULATOR_DIR); \ - cd $(TPM_EMULATOR_DIR); \ - patch -p1 <../tpm_emulator.patch; \ - fi - -$(VTPM_DIR): $(TPM_EMULATOR_TARFILE) vtpm.patch +# Create vtpm dirs +$(VTPM_DIR)/tpmd/tpmd: $(TPM_EMULATOR_TARFILE) vtpm-0.5.1.patch rm -rf $(VTPM_DIR) tar -xzf $(TPM_EMULATOR_TARFILE) mv $(TPM_EMULATOR_NAME) $(VTPM_DIR) set -e; cd $(VTPM_DIR); \ - patch -p1 < ../tpm_emulator.patch; \ - patch -p1 < ../vtpm.patch + patch -p1 < ../vtpm-0.5.1.patch orig: $(TPM_EMULATOR_TARFILE) mkdir $(ORIG_DIR); @@ -72,22 +58,14 @@ orig: $(TPM_EMULATOR_TARFILE) tar -xzf ../$(TPM_EMULATOR_TARFILE); updatepatches: clean orig - set -e; if [ "$(BUILD_EMULATOR)" = "y" ]; then \ - find $(TPM_EMULATOR_DIR) -name "*.orig" -print | xargs rm -f; \ - mv tpm_emulator.patch tpm_emulator.patch.old; \ - diff -uprN orig/$(TPM_EMULATOR_NAME) $(TPM_EMULATOR_DIR) > tpm_emulator.patch || true; \ - fi; find $(VTPM_DIR) -name "*.orig" -print | xargs rm -f; mv vtpm.patch vtpm.patch.old; diff -uprN $(TPM_EMULATOR_DIR) $(VTPM_DIR) > vtpm.patch || true; .PHONY: build_sub -build_sub: +build_sub: $(VTPM_DIR)/tpmd/tpmd set -e; if [ -e $(GMP_HEADER) ]; then \ $(MAKE) -C $(VTPM_DIR); \ - if [ "$(BUILD_EMULATOR)" = "y" ]; then \ - $(MAKE) -C $(TPM_EMULATOR_DIR); \ - fi \ else \ echo "=== Unable to build VTPMs. libgmp could not be found."; \ fi diff -r dde06d43143b -r 4e67ba3c321a tools/vtpm/vtpm-0.5.1.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tools/vtpm/vtpm-0.5.1.patch Mon Aug 24 08:08:52 2009 +0100 @@ -0,0 +1,766 @@ +diff -Naurp tpm_emulator-0.5.1/Makefile tpm5-test/Makefile +--- tpm_emulator-0.5.1/Makefile 2008-02-14 03:22:48.000000000 -0500 ++++ tpm5-test/Makefile 2009-07-15 09:45:28.000000000 -0400 +@@ -10,7 +10,7 @@ VERSION_MINOR := 5 + VERSION_BUILD := $(shell date +"%s") + VERSION_SUFFIX := .1 + +-SUBDIRS := tpmd tpmd_dev tddl ++SUBDIRS := tpmd + + all: version all-recursive + +@@ -48,12 +48,12 @@ user_install: user + modules_install: modules + @$(MAKE) -C tpmd_dev install || exit -1 + +-DIRS := . tpm crypto tpmd tpmd_dev tddl tpmd_dev_openbsd ++DIRS := . tpm crypto tpmd + DISTSRC := $(foreach dir, $(DIRS), $(wildcard $(dir)/*.c)) + DISTSRC += $(foreach dir, $(DIRS), $(wildcard $(dir)/*.h)) +-DIRS := . tpmd tpmd_dev tddl tpmd_dev_openbsd ++DIRS := . tpmd + DISTSRC += $(foreach dir, $(DIRS), $(dir)/Makefile) +-DISTSRC += ./README ./AUTHORS ./ChangeLog tpmd_dev/tpmd_dev.rules.in ++DISTSRC += ./README ./AUTHORS ./ChangeLog + DISTDIR := tpm_emulator-$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_SUFFIX) + + dist: $(DISTSRC) +diff -Naurp tpm_emulator-0.5.1/tpm/tpm_capability.c tpm5-test/tpm/tpm_capability.c +--- tpm_emulator-0.5.1/tpm/tpm_capability.c 2008-02-14 03:22:48.000000000 -0500 ++++ tpm5-test/tpm/tpm_capability.c 2009-07-16 12:04:20.000000000 -0400 +@@ -136,8 +136,19 @@ static TPM_RESULT cap_property(UINT32 su + + case TPM_CAP_PROP_TIS_TIMEOUT: + debug("[TPM_CAP_PROP_TIS_TIMEOUT]"); +- /* TODO: TPM_CAP_PROP_TIS_TIMEOUT */ +- return TPM_FAIL; ++ /* TODO: TPM_CAP_PROP_TIS_TIMEOUT: Measure these values and determine correct ones */ ++ UINT32 len = *respSize = 16; ++ BYTE *ptr = *resp = tpm_malloc(*respSize); ++ if (ptr == NULL || ++ tpm_marshal_UINT32(&ptr, &len, 200000) || ++ tpm_marshal_UINT32(&ptr, &len, 200000) || ++ tpm_marshal_UINT32(&ptr, &len, 200000) || ++ tpm_marshal_UINT32(&ptr, &len, 200000)) { ++ tpm_free(*resp); ++ return TPM_FAIL; ++ } ++ return TPM_SUCCESS; ++ + + case TPM_CAP_PROP_STARTUP_EFFECT: + debug("[TPM_CAP_PROP_STARTUP_EFFECT]"); +@@ -189,8 +200,12 @@ static TPM_RESULT cap_property(UINT32 su + + case TPM_CAP_PROP_DURATION: + debug("[TPM_CAP_PROP_DURATION]"); +- /* TODO: TPM_CAP_PROP_DURATION */ +- return TPM_FAIL; ++ /* TODO: TPM_CAP_PROP_DURATION: Measure these values and return accurate ones */ ++ BYTE dur[]= {0x0,0x0,0x0,0xc,0x0,0x7,0xa1,0x20,0x0,0x1e,0x84,0x80,0x11,0xe1,0xa3,0x0}; ++ *respSize = 16; ++ *resp = tpm_malloc(*respSize); ++ memcpy(*resp,dur,16); ++ + + case TPM_CAP_PROP_ACTIVE_COUNTER: + debug("[TPM_CAP_PROP_ACTIVE_COUNTER]"); +diff -Naurp tpm_emulator-0.5.1/tpmd/Makefile tpm5-test/tpmd/Makefile +--- tpm_emulator-0.5.1/tpmd/Makefile 2008-02-14 03:22:48.000000000 -0500 ++++ tpm5-test/tpmd/Makefile 2009-07-16 12:08:26.000000000 -0400 +@@ -8,9 +8,10 @@ WFLAGS := -Wall -Wno-unused -Wpointer-a + -Wwrite-strings -Wsign-compare -Wno-multichar + #WFLAGS += -Wextra -Wcast-qual -Wmissing-prototypes -Wmissing-declarations -Wstrict-aliasing + CFLAGS += $(WFLAGS) -g -I.. -I. -O2 -fno-strict-aliasing ++CFLAGS += -I../../../../tools/vtpm_manager/manager + LDFLAGS += -lgmp + +-BINDIR := /usr/sbin/ ++BINDIR := /usr/bin/ + + TPMD := tpmd + DIRS := ../tpm ../crypto +@@ -18,6 +19,8 @@ SRCS := $(foreach dir, $(DIRS), $(wil + OBJS := $(patsubst %.c, %.o, $(SRCS)) + OBJS := $(foreach dir, $(DIRS), $(patsubst $(dir)/%.o, %.o, $(filter $(dir)/%.o, $(OBJS)))) + ++VTPM_BIN := vtpmd ++ + vpath %.c $(strip $(DIRS)) + + all: $(TPMD) +@@ -32,10 +35,8 @@ TPMD_GROUP ?= tss + INSTALL ?= install + + install: $(TPMD) +- $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d $(DESTDIR)/var/lib/tpm +- $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d $(DESTDIR)/var/run/tpm + $(INSTALL) -D -d $(DESTDIR)/$(BINDIR) +- $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR) ++ $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR)/$(VTPM_BIN) + + .PHONY: all clean install + +diff -Naurp tpm_emulator-0.5.1/tpmd/tpmd.c tpm5-test/tpmd/tpmd.c +--- tpm_emulator-0.5.1/tpmd/tpmd.c 2008-02-14 03:22:48.000000000 -0500 ++++ tpm5-test/tpmd/tpmd.c 2009-07-16 11:19:05.000000000 -0400 +@@ -32,6 +32,9 @@ + #include <grp.h> + #include "tpm_emulator_config.h" + #include "tpm/tpm_emulator.h" ++#include "tpm/tpm_structures.h" ++#include "tpm/tpm_marshalling.h" ++#include "vtpm_manager.h" + + #define TPM_DAEMON_NAME "tpmd" + #define TPM_CMD_BUF_SIZE 4096 +@@ -39,6 +42,24 @@ + #define TPM_RANDOM_DEVICE "/dev/urandom" + #undef TPM_MKDIRS + ++#ifdef VTPM_MULTI_VM ++ #define DEV_BE "/dev/vtpm" ++ #define DEV_FE "/dev/tpm" ++#else ++ #define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo" ++ #define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo" ++ #define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket" ++ ++ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo" ++ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo" ++ ++ static char *vtpm_rx_name=NULL; ++#endif ++ ++ static int vtpm_tx_fh=-1, vtpm_rx_fh=-1; ++ ++#define BUFFER_SIZE 2048 ++ + static volatile int stopflag = 0; + static int is_daemon = 0; + static int opt_debug = 0; +@@ -49,6 +70,8 @@ static const char *opt_storage_file = "/ + static uid_t opt_uid = 0; + static gid_t opt_gid = 0; + static int tpm_startup = 2; ++static int vtpm_type = VTPM_TYPE_PVM; ++int dmi_id = 0; + static int rand_fh; + + void tpm_log(int priority, const char *fmt, ...) +@@ -90,56 +113,241 @@ uint64_t tpm_get_ticks(void) + + int tpm_write_to_file(uint8_t *data, size_t data_length) + { +- int fh; +- ssize_t res; +- fh = open(opt_storage_file, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR); +- if (fh < 0) return -1; +- while (data_length > 0) { +- res = write(fh, data, data_length); +- if (res < 0) { +- close(fh); +- return -1; +- } +- data_length -= res; +- data += res; ++ int res, out_data_size, in_header_size; ++ BYTE *ptr, *out_data, *in_header; ++ UINT32 result, len, in_rsp_size; ++ UINT16 tag = VTPM_TAG_REQ; ++ ++ printf("Saving NVM\n"); ++ if (vtpm_tx_fh < 0) { ++#ifdef VTPM_MUTLI_VM ++ vtpm_tx_fh = open(DEV_FE, O_RDWR); ++#else ++ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); ++#endif ++ } ++ ++ if (vtpm_tx_fh < 0) { ++ return -1; ++ } ++ ++ // Send request to VTPM Manager to encrypt data ++#ifdef VTPM_MUTLI_VM ++ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT + data_length; ++#else ++ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length; ++#endif ++ ++ out_data = ptr = (BYTE *) malloc(len); ++ ++ if (ptr == NULL ++#ifndef VTPM_MUTLI_VM ++ || tpm_marshal_UINT32(&ptr, &len, dmi_id) ++#endif ++ || tpm_marshal_UINT16(&ptr, &len, tag) ++#ifdef VTPM_MUTLI_VM ++ || tpm_marshal_UINT32(&ptr, &len, out_data_size) ++#else ++ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) ++#endif ++ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM) ++ || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) { ++ free(out_data); ++ return -1; ++ } ++ ++ printf("\tSending SaveNVM Command.\n"); ++ res = write(vtpm_tx_fh, out_data, out_data_size); ++ free(out_data); ++ if (res != out_data_size) return -1; ++ ++ if (vtpm_rx_fh < 0) { ++#ifdef VTPM_MUTLI_VM ++ vtpm_rx_fh = vtpm_tx_fh ++#else ++ if (vtpm_rx_name == NULL) { ++ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); ++ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); + } +- close(fh); +- return 0; ++ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); ++#endif ++ } ++ ++ if (vtpm_rx_fh < 0) { ++ return -1; ++ } ++ ++ // Read Header of response so we can get the size & status ++#ifdef VTPM_MUTLI_VM ++ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; ++#else ++ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; ++#endif ++ in_header = ptr = malloc(in_header_size); ++ ++ printf("\tReading SaveNVM header.\n"); ++ res = read(vtpm_rx_fh, in_header, in_header_size); ++ ++ if ( (res != in_header_size) ++#ifndef VTPM_MUTLI_VM ++ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) ++#endif ++ || tpm_unmarshal_UINT16(&ptr, &len, &tag) ++ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) ++ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { ++ free(in_header); ++ return -1; ++ } ++ free(in_header); ++ ++ if (result != VTPM_SUCCESS) { ++ return -1; ++ } ++ ++#ifdef VTPM_MUTLI_VM ++ close(vtpm_tx_fh); close(vtpm_rx_fh); ++#endif ++ ++ printf("\tFinishing up SaveNVM\n"); ++ return (0); + } + + int tpm_read_from_file(uint8_t **data, size_t *data_length) + { +- int fh; +- ssize_t res; +- size_t total_length; +- fh = open(opt_storage_file, O_RDONLY); +- if (fh < 0) return -1; +- total_length = lseek(fh, 0, SEEK_END); +- lseek(fh, 0, SEEK_SET); +- *data = tpm_malloc(total_length); +- if (*data == NULL) { +- close(fh); +- return -1; +- } +- *data_length = 0; +- while (total_length > 0) { +- res = read(fh, &(*data)[*data_length], total_length); +- if (res < 0) { +- close(fh); +- tpm_free(*data); +- return -1; +- } +- *data_length += res; +- total_length -= res; ++ int res, out_data_size, in_header_size; ++ uint8_t *ptr, *out_data, *in_header; ++ UINT16 tag = VTPM_TAG_REQ; ++ UINT32 len, in_rsp_size, result; ++#ifdef VTPM_MUTLI_VM ++ int vtpm_rx_fh, vtpm_tx_fh; ++#endif ++ ++ printf("Loading NVM.\n"); ++ if (vtpm_tx_fh < 0) { ++#ifdef VTPM_MUTLI_VM ++ vtpm_tx_fh = open(DEV_FE, O_RDWR); ++#else ++ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); ++#endif ++ } ++ ++ if (vtpm_tx_fh < 0) { ++ printf("Error in read_from_file:301\n"); ++ return -1; ++ } ++ ++ // Send request to VTPM Manager to encrypt data ++#ifdef VTPM_MUTLI_VM ++ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; ++#else ++ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; ++#endif ++ out_data = ptr = (BYTE *) malloc(len); ++ ++ if (ptr == NULL ++#ifndef VTPM_MUTLI_VM ++ || tpm_marshal_UINT32(&ptr, &len, dmi_id) ++#endif ++ || tpm_marshal_UINT16(&ptr, &len, tag) ++#ifdef VTPM_MUTLI_VM ++ || tpm_marshal_UINT32(&ptr, &len, out_data_size) ++#else ++ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) ++#endif ++ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) { ++ free(out_data); ++ printf("Error in read_from_file:325\n"); ++ ++ return -1; ++ } ++ ++ printf("\tSending LoadNVM command\n"); ++ res = write(vtpm_tx_fh, out_data, out_data_size); ++ free(out_data); ++ if (res != out_data_size) ++ { ++ printf("Error in read_from_file:335\n"); ++ return -1; ++ } ++ ++ if (vtpm_rx_fh < 0) { ++#ifdef VTPM_MUTLI_VM ++ vtpm_rx_fh = vtpm_tx_fh; ++#else ++ if (vtpm_rx_name == NULL) { ++ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); ++ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); + } +- close(fh); +- return 0; ++ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); ++#endif ++ } ++ ++ if (vtpm_rx_fh < 0) { ++ printf("Error in read_from_file:352\n"); ++ return -1; ++ } ++ ++ // Read Header of response so we can get the size & status ++#ifdef VTPM_MUTLI_VM ++ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; ++#else ++ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; ++#endif ++ in_header = ptr = malloc(in_header_size); ++ ++ printf("\tReading LoadNVM header\n"); ++ res = read(vtpm_rx_fh, in_header, in_header_size); ++ ++ if ( (res != in_header_size) ++#ifndef VTPM_MUTLI_VM ++ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) ++#endif ++ || tpm_unmarshal_UINT16(&ptr, &len, &tag) ++ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) ++ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { ++ free(in_header); ++ printf("Error in read_from_file:375\n"); ++ return -1; ++ } ++ free(in_header); ++ ++ if (result != VTPM_SUCCESS) { ++ printf("Error in read_from_file:381\n"); ++ return -1; ++ } ++ ++ // Read Encrypted data from VTPM Manager ++ *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT; ++ *data = (uint8_t *) malloc(*data_length); ++ ++ printf("\tReading clear data from LoadNVM.\n"); ++ res = read(vtpm_rx_fh, *data, *data_length); ++#ifdef VTPM_MUTLI_VM ++ close(vtpm_rx_fh);close(vtpm_tx_fh); ++#endif ++ ++ printf("\tReturing from loading NVM\n"); ++ if (res != (int)*data_length) { ++ free(*data); ++ printf("Error in read_from_file:398\n"); ++ return -1; ++ } else { ++ return 0; ++ } ++ ++ ++ + } + + static void print_usage(char *name) + { + printf("usage: %s [-d] [-f] [-s storage file] [-u unix socket name] " +- "[-o user name] [-g group name] [-h] [startup mode]\n", name); ++ "[-o user name] [-g group name] [-h]" ++#ifdef VTPM_MULTI_VM ++ "clear|save|deactivated\n", name); ++#else ++ "clear|save|deactivated pvm|hvm vtpmid\n", name); ++#endif + printf(" d : enable debug mode\n"); + printf(" f : forces the application to run in the foreground\n"); + printf(" s : storage file to use (default: %s)\n", opt_storage_file); +@@ -205,7 +413,13 @@ static void parse_options(int argc, char + exit(EXIT_SUCCESS); + } + } +- if (optind < argc) { ++ /*Make sure we have all required options*/ ++#ifdef VTPM_MULTI_VM ++#define EXTRA_OPTS 0 ++#else ++#define EXTRA_OPTS 2 ++#endif ++ if (optind < argc - EXTRA_OPTS ) { + debug("startup mode = '%s'", argv[optind]); + if (!strcmp(argv[optind], "clear")) { + tpm_startup = 1; +@@ -219,6 +433,25 @@ static void parse_options(int argc, char + print_usage(argv[0]); + exit(EXIT_SUCCESS); + } ++#ifndef VTPM_MULTI_VM ++ ++optind; ++ if(!strcmp(argv[optind], "pvm")) { ++ vtpm_type = VTPM_TYPE_PVM; // Get commands from vTPM Manager through fifo ++ } else if (!strcmp(argv[optind], "hvm")) { ++ vtpm_type = VTPM_TYPE_HVM; // Get commands from qemu via socket ++ } else { ++ error("Invalid vm mode '%s'; must be 'pvm', " ++ "or 'hvm' ", argv[optind]); ++ print_usage(argv[0]); ++ exit(EXIT_SUCCESS); ++ } ++ ++optind; ++ dmi_id = atoi(argv[optind]); ++#endif ++ } else { ++ error("Invalid number of arguments"); ++ print_usage(argv[0]); ++ exit(EXIT_SUCCESS); + } + } + +@@ -348,93 +581,180 @@ static int init_socket(const char *name) + + static void main_loop(void) + { +- int sock, fh, res; +- int32_t in_len; ++ int32_t in_len, written; + uint32_t out_len; +- uint8_t in[TPM_CMD_BUF_SIZE], *out; ++ uint8_t in[TPM_CMD_BUF_SIZE], *out, *addressed_out; ++ int guest_id=-1; ++ int i; ++ char *vtpm_rx_file=NULL; ++ int res; ++ ++#ifndef VTPM_MULTI_VM ++ int sockfd = -1; + struct sockaddr_un addr; +- socklen_t addr_len; +- fd_set rfds; +- struct timeval tv; ++ struct sockaddr_un client_addr; ++ unsigned int client_length; ++#endif ++ ++ int vtpm_tx_fh=-1, vtpm_rx_fh=-1; ++ ++#ifndef VTPM_MULTI_VM ++ if (vtpm_type == VTPM_TYPE_PVM) { ++ vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D)); ++ sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id); ++ } else { ++ vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D)); ++ sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id); ++ ++ if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) { ++ error("Unable to create socket. errno = %d\n", errno); ++ exit (-1); ++ } ++ ++ memset(&addr, 0, sizeof(addr)); ++ addr.sun_family = AF_UNIX; ++ strcpy(addr.sun_path,vtpm_rx_file ); ++ unlink(addr.sun_path); ++ } ++#endif + + info("staring main loop"); +- /* open UNIX socket */ +- sock = init_socket(opt_socket_name); +- if (sock < 0) exit(EXIT_FAILURE); + /* init tpm emulator */ +- debug("initializing TPM emulator: %d", tpm_startup); ++#ifdef VTPM_MULTI_VM ++ debug("initializing TPM emulator: state=%d", tpm_startup); ++#else ++ debug("initializing TPM emulator: state=%d, type=%d, id=%d", tpm_startup, vtpm_type, dmi_id); ++#endif + tpm_emulator_init(tpm_startup); + /* start command processing */ + while (!stopflag) { + /* wait for incomming connections */ + debug("waiting for connections..."); +- FD_ZERO(&rfds); +- FD_SET(sock, &rfds); +- tv.tv_sec = 10; +- tv.tv_usec = 0; +- res = select(sock + 1, &rfds, NULL, NULL, &tv); +- if (res < 0) { +- error("select(sock) failed: %s", strerror(errno)); +- break; +- } else if (res == 0) { +- continue; +- } +- addr_len = sizeof(addr); +- fh = accept(sock, (struct sockaddr*)&addr, &addr_len); +- if (fh < 0) { +- error("accept() failed: %s", strerror(errno)); +- continue; +- } ++ if (vtpm_rx_fh < 0) { ++#ifdef VTPM_MUTLI_VM ++ vtpm_rx_fh = open(DEV_BE, O_RDWR); ++#else ++ if (vtpm_type == VTPM_TYPE_PVM) ++ { ++ vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY); ++ } else { ++ if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) { ++ error("Unable to bind(). errno = %d\n", errno); ++ exit (-1); ++ } ++ ++ if (listen(sockfd, 10) <0) { ++ error("Unable to listen(). errno = %d\n", errno); ++ exit (-1); ++ } ++ ++ memset(&client_addr, 0, sizeof(client_addr)); ++ client_length = sizeof(client_addr); ++ ++ vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct sockaddr *)&client_addr, &client_length); ++ } ++#endif ++ } ++ ++ /*Error Checking*/ ++ if (vtpm_rx_fh < 0) { ++ error("Failed to open devices to listen to guest.\n"); ++ exit(-1); ++ } ++ + /* receive and handle commands */ + in_len = 0; + do { + debug("waiting for commands..."); +- FD_ZERO(&rfds); +- FD_SET(fh, &rfds); +- tv.tv_sec = TPM_COMMAND_TIMEOUT; +- tv.tv_usec = 0; +- res = select(fh + 1, &rfds, NULL, NULL, &tv); +- if (res < 0) { +- error("select(fh) failed: %s", strerror(errno)); +- close(fh); +- break; +- } else if (res == 0) { +-#ifdef TPMD_DISCONNECT_IDLE_CLIENTS +- info("connection closed due to inactivity"); +- close(fh); +- break; +-#else +- continue; +-#endif +- } +- in_len = read(fh, in, sizeof(in)); +- if (in_len > 0) { ++ ++ in_len = read(vtpm_rx_fh, in, sizeof(in)); ++ /*Magic size of minimum TPM command is 6*/ ++ //FIXME Magic size check may not be required anymore ++ if (in_len < 6) { ++ info("Recv incomplete command of %d bytes.", in_len); ++ if (in_len <= 0) { ++ close(vtpm_rx_fh); ++ vtpm_rx_fh = -1; ++ continue; ++ } ++ } else { ++ /*Debug Printouts*/ + debug("received %d bytes", in_len); ++ debug_nostop("Recv[%d]: 0x", in_len); ++ for (i=0; i< in_len; i++) ++ debug_more("%x ", in[i]); ++ debug_more("\n"); ++ /*Multiple Guest check*/ ++ if (guest_id == -1) { ++ guest_id = *((int32_t *) in); ++ } else { ++ if (guest_id != *((int32_t *) in) ) { ++ error("WARNING: More than one guest attached\n"); ++ } ++ } ++ ++ /*Open tx handle now*/ ++ if (vtpm_tx_fh < 0) { ++#ifdef VTPM_MUTLI_VM ++ vtpm_tx_fh = open(DEV_BE, O_RDWR); ++ vtpm_rx_fh = vtpm_tx_fh; ++#else ++ if (vtpm_type == VTPM_TYPE_PVM) { ++ vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY); ++ } // No need to open the other direction for HVM ++#endif ++ } ++ if (vtpm_tx_fh < 0) { ++ error("Failed to open devices to respond to guest.\n"); ++ exit(-1); ++ } ++ ++ /*Handle the TPM command now*/ + out = NULL; +- res = tpm_handle_command(in, in_len, &out, &out_len); ++ res = tpm_handle_command(in + sizeof(uint32_t), in_len - sizeof(uint32_t), &out, &out_len); + if (res < 0) { + error("tpm_handle_command() failed"); + } else { + debug("sending %d bytes", out_len); ++ //FIXME this prepending may or may not be needed ++ /*Prepend the first 4 bytes of the in buffer.. why?*/ ++ addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + out_len); ++ *(uint32_t *) addressed_out = *(uint32_t *) in; ++ memcpy(addressed_out + sizeof(uint32_t), out, out_len); ++ out_len += sizeof(uint32_t); ++ /*End Prepend*/ ++ ++ /*Perform write operation now*/ + while (out_len > 0) { +- res = write(fh, out, out_len); ++ res = write(vtpm_tx_fh, addressed_out, out_len); ++ + if (res < 0) { + error("write(%d) failed: %s", out_len, strerror(errno)); + break; +- } ++ } else { ++ debug_nostop("Sent[%Zu]: ", out_len); ++ for (i=0; (unsigned int)i< out_len; i++) ++ debug_more("%x ", addressed_out[i]); ++ debug_more("\n"); ++ } + out_len -= res; + } + tpm_free(out); ++ tpm_free(addressed_out); + } + } + } while (in_len > 0); +- close(fh); ++ //close(fh); + } ++ + /* shutdown tpm emulator */ + tpm_emulator_shutdown(); +- /* close socket */ +- close(sock); +- unlink(opt_socket_name); ++ /* Close handles */ ++ close(vtpm_tx_fh); ++#ifndef VTPM_MULTI_VM ++ close(vtpm_rx_fh); ++ free(vtpm_rx_file); ++#endif + info("main loop stopped"); + } + +@@ -450,12 +770,13 @@ int main(int argc, char **argv) + /* open random device */ + init_random(); + /* init signal handlers */ +- init_signal_handler(); ++ //init_signal_handler(); + /* unless requested otherwiese, fork and daemonize process */ +- if (!opt_foreground) daemonize(); ++ //if (!opt_foreground) daemonize(); + /* start main processing loop */ + main_loop(); + info("stopping TPM Emulator daemon"); + closelog(); + return 0; + } ++ +diff -Naurp tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h tpm5-test/tpmd/tpm_emulator_config.h +--- tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h 2008-02-14 03:22:48.000000000 -0500 ++++ tpm5-test/tpmd/tpm_emulator_config.h 2009-07-16 11:25:26.000000000 -0400 +@@ -29,23 +29,28 @@ + + /* TPM emulator configuration */ + +-#undef TPM_STRONG_PERSISTENCE +-#undef TPM_GENERATE_EK ++#define TPM_STRONG_PERSISTENCE ++#define TPM_GENERATE_EK + #undef TPM_GENERATE_SEED_DAA + #undef TPM_MEMORY_ALIGNMENT_MANDATORY + ++extern int dmi_id; ++ + /* log macros */ + + void tpm_log(int priority, const char *fmt, ...); + +-#define debug(fmt, ...) tpm_log(LOG_DEBUG, "%s:%d: Debug: " fmt "\n", \ +- __FILE__, __LINE__, ## __VA_ARGS__) +-#define info(fmt, ...) tpm_log(LOG_INFO, "%s:%d: Info: " fmt "\n", \ +- __FILE__, __LINE__, ## __VA_ARGS__) +-#define error(fmt, ...) tpm_log(LOG_ERR, "%s:%d: Error: " fmt "\n", \ +- __FILE__, __LINE__, ## __VA_ARGS__) +-#define alert(fmt, ...) tpm_log(LOG_ALERT, "%s:%d: Alert: " fmt "\n", \ +- __FILE__, __LINE__, ## __VA_ARGS__) ++#define debug(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " fmt "\n", \ ++ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) ++#define info(fmt, ...) tpm_log(LOG_INFO, "VTPMD[%d]: %s:%d: Info: " fmt "\n", \ ++ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) ++#define error(fmt, ...) tpm_log(LOG_ERR, "VTPMD[%d]: %s:%d: Error: " fmt "\n", \ ++ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) ++#define alert(fmt, ...) tpm_log(LOG_ALERT, "VTPMD[%d]: %s:%d: Alert: " fmt "\n", \ ++ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) ++#define debug_nostop(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " fmt, \ ++ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) ++#define debug_more(fmt, ...) tpm_log(LOG_DEBUG, fmt, ## __VA_ARGS__) + + /* min/max macros that also do strict type-checking */ + _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |