[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] vtpm: Upgrade to using tpm_emulator-0.5.1



# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1251097732 -3600
# Node ID 4e67ba3c321affda3f90734ba62ce04b23fce66c
# Parent  dde06d43143b71a72d979d8040a887534e321b32
vtpm: Upgrade to using tpm_emulator-0.5.1

The newer version of the emulator contains several bug fixes, one that
we were seeing in our use of vtpm.

This patch also defines TPM_STRONG_PERSISTENCE for the new emulator.

A couple of important notes about this patch:
-This has only been tested on PVM domU's. In theory it should work for
HVM but I have not tried it at all and can guarantee nothing.
-All the relevant changes in tools/vtpm/vtpm.patch have been ported
to tpm_emulator-0.5.1.
-None of the changes in tpm_emulator.patch have been ported. In
particular this means the BUILD_EMULATOR option, which as I understand
lets you use the tpm_emulator in dom0 for a machine that does
not have a real hardware TPM does not work. This functionality should
be easy to add though because the new emulator already comes with a
kernel module interface.
-No considerations were made for the VTPM_MULTI_VM feature (which is
supposedly unfinished). This patch may or may not break any progress
made on that feature.

Signed-off-by: Matt Fioravante <Matthew.Fioravante@xxxxxxxxxx>
---
 tools/vtpm/Makefile         |   34 ----
 tools/vtpm/vtpm-0.5.1.patch |  301 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 307 insertions(+), 28 deletions(-)

diff -r dde06d43143b -r 4e67ba3c321a tools/vtpm/Makefile
--- a/tools/vtpm/Makefile       Mon Aug 24 08:05:46 2009 +0100
+++ b/tools/vtpm/Makefile       Mon Aug 24 08:08:52 2009 +0100
@@ -10,7 +10,7 @@ ORIG_DIR = orig
 ORIG_DIR = orig
 
 # Emulator tarball name
-TPM_EMULATOR_NAME = tpm_emulator-0.4
+TPM_EMULATOR_NAME = tpm_emulator-0.5.1
 TPM_EMULATOR_TARFILE = $(TPM_EMULATOR_NAME).tar.gz
 
 GMP_HEADER = /usr/include/gmp.h
@@ -19,13 +19,10 @@ all: build
 all: build
 
 .PHONY: build
-build: $(VTPM_DIR) $(TPM_EMULATOR_DIR) build_sub
+build: build_sub
 
 .PHONY: install
 install: build
-       if [ "$(BUILD_EMULATOR)" = "y" ]; then \
-               $(MAKE) -C $(TPM_EMULATOR_DIR) $@ ;\
-       fi 
        $(MAKE) -C $(VTPM_DIR) $@
 
 .PHONY: clean
@@ -46,25 +43,14 @@ mrproper:
 $(TPM_EMULATOR_TARFILE):
        wget http://download.berlios.de/tpm-emulator/$(TPM_EMULATOR_TARFILE)
 
-# Create vtpm and TPM emulator dirs
-# apply patches for 1) used as dom0 tpm driver 2) used as vtpm device instance
-$(TPM_EMULATOR_DIR): $(TPM_EMULATOR_TARFILE) tpm_emulator.patch 
-       set -e; if [ "$(BUILD_EMULATOR)" = "y" ]; then \
-               rm -rf $(TPM_EMULATOR_DIR); \
-               tar -xzf $(TPM_EMULATOR_TARFILE); \
-               mv $(TPM_EMULATOR_NAME) $(TPM_EMULATOR_DIR); \
-               cd $(TPM_EMULATOR_DIR); \
-               patch -p1 <../tpm_emulator.patch; \
-       fi
-
-$(VTPM_DIR): $(TPM_EMULATOR_TARFILE) vtpm.patch
+# Create vtpm dirs
+$(VTPM_DIR)/tpmd/tpmd: $(TPM_EMULATOR_TARFILE) vtpm-0.5.1.patch
        rm -rf $(VTPM_DIR)
        tar -xzf $(TPM_EMULATOR_TARFILE)
        mv $(TPM_EMULATOR_NAME) $(VTPM_DIR)
 
        set -e; cd $(VTPM_DIR); \
-       patch -p1 < ../tpm_emulator.patch; \
-       patch -p1 < ../vtpm.patch
+       patch -p1 < ../vtpm-0.5.1.patch
 
 orig: $(TPM_EMULATOR_TARFILE)
        mkdir $(ORIG_DIR);
@@ -72,22 +58,14 @@ orig: $(TPM_EMULATOR_TARFILE)
        tar -xzf ../$(TPM_EMULATOR_TARFILE);
 
 updatepatches: clean orig
-       set -e; if [ "$(BUILD_EMULATOR)" = "y" ]; then \
-               find $(TPM_EMULATOR_DIR) -name "*.orig" -print | xargs rm -f; \
-               mv tpm_emulator.patch tpm_emulator.patch.old; \
-               diff -uprN orig/$(TPM_EMULATOR_NAME) $(TPM_EMULATOR_DIR) > 
tpm_emulator.patch || true; \
-        fi; 
        find $(VTPM_DIR) -name "*.orig" -print | xargs rm -f; 
        mv vtpm.patch vtpm.patch.old; 
        diff -uprN $(TPM_EMULATOR_DIR) $(VTPM_DIR) > vtpm.patch || true;
 
 .PHONY: build_sub
-build_sub:
+build_sub: $(VTPM_DIR)/tpmd/tpmd
        set -e; if [ -e $(GMP_HEADER) ]; then \
                $(MAKE) -C $(VTPM_DIR); \
-               if [ "$(BUILD_EMULATOR)" = "y" ]; then \
-                       $(MAKE) -C $(TPM_EMULATOR_DIR); \
-               fi \
        else \
                echo "=== Unable to build VTPMs. libgmp could not be found."; \
        fi
diff -r dde06d43143b -r 4e67ba3c321a tools/vtpm/vtpm-0.5.1.patch
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/vtpm/vtpm-0.5.1.patch       Mon Aug 24 08:08:52 2009 +0100
@@ -0,0 +1,766 @@
+diff -Naurp tpm_emulator-0.5.1/Makefile tpm5-test/Makefile
+--- tpm_emulator-0.5.1/Makefile        2008-02-14 03:22:48.000000000 -0500
++++ tpm5-test/Makefile 2009-07-15 09:45:28.000000000 -0400
+@@ -10,7 +10,7 @@ VERSION_MINOR  := 5
+ VERSION_BUILD  := $(shell date +"%s")
+ VERSION_SUFFIX := .1
+ 
+-SUBDIRS := tpmd tpmd_dev tddl
++SUBDIRS := tpmd 
+ 
+ all: version all-recursive
+ 
+@@ -48,12 +48,12 @@ user_install: user
+ modules_install: modules
+       @$(MAKE) -C tpmd_dev install || exit -1
+ 
+-DIRS    := . tpm crypto tpmd tpmd_dev tddl tpmd_dev_openbsd
++DIRS    := . tpm crypto tpmd 
+ DISTSRC := $(foreach dir, $(DIRS), $(wildcard $(dir)/*.c))
+ DISTSRC += $(foreach dir, $(DIRS), $(wildcard $(dir)/*.h))
+-DIRS    := . tpmd tpmd_dev tddl tpmd_dev_openbsd
++DIRS    := . tpmd 
+ DISTSRC += $(foreach dir, $(DIRS), $(dir)/Makefile)
+-DISTSRC += ./README ./AUTHORS ./ChangeLog tpmd_dev/tpmd_dev.rules.in
++DISTSRC += ./README ./AUTHORS ./ChangeLog 
+ DISTDIR := tpm_emulator-$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_SUFFIX)
+ 
+ dist: $(DISTSRC)
+diff -Naurp tpm_emulator-0.5.1/tpm/tpm_capability.c 
tpm5-test/tpm/tpm_capability.c
+--- tpm_emulator-0.5.1/tpm/tpm_capability.c    2008-02-14 03:22:48.000000000 
-0500
++++ tpm5-test/tpm/tpm_capability.c     2009-07-16 12:04:20.000000000 -0400
+@@ -136,8 +136,19 @@ static TPM_RESULT cap_property(UINT32 su
+ 
+     case TPM_CAP_PROP_TIS_TIMEOUT:
+       debug("[TPM_CAP_PROP_TIS_TIMEOUT]");
+-      /* TODO: TPM_CAP_PROP_TIS_TIMEOUT */
+-      return TPM_FAIL;
++      /* TODO: TPM_CAP_PROP_TIS_TIMEOUT: Measure these values and determine 
correct ones */
++      UINT32 len = *respSize = 16;
++      BYTE *ptr = *resp = tpm_malloc(*respSize);
++      if (ptr == NULL || 
++          tpm_marshal_UINT32(&ptr, &len, 200000) ||
++          tpm_marshal_UINT32(&ptr, &len, 200000) ||
++          tpm_marshal_UINT32(&ptr, &len, 200000) ||
++          tpm_marshal_UINT32(&ptr, &len, 200000)) {
++        tpm_free(*resp);
++        return TPM_FAIL;
++      }
++      return TPM_SUCCESS;
++
+ 
+     case TPM_CAP_PROP_STARTUP_EFFECT:
+       debug("[TPM_CAP_PROP_STARTUP_EFFECT]");
+@@ -189,8 +200,12 @@ static TPM_RESULT cap_property(UINT32 su
+ 
+     case TPM_CAP_PROP_DURATION:
+       debug("[TPM_CAP_PROP_DURATION]");
+-      /* TODO: TPM_CAP_PROP_DURATION */
+-      return TPM_FAIL;
++      /* TODO: TPM_CAP_PROP_DURATION: Measure these values and return 
accurate ones */
++      BYTE dur[]= 
{0x0,0x0,0x0,0xc,0x0,0x7,0xa1,0x20,0x0,0x1e,0x84,0x80,0x11,0xe1,0xa3,0x0}; 
++      *respSize = 16;
++      *resp = tpm_malloc(*respSize);
++      memcpy(*resp,dur,16); 
++
+ 
+     case TPM_CAP_PROP_ACTIVE_COUNTER:
+       debug("[TPM_CAP_PROP_ACTIVE_COUNTER]");
+diff -Naurp tpm_emulator-0.5.1/tpmd/Makefile tpm5-test/tpmd/Makefile
+--- tpm_emulator-0.5.1/tpmd/Makefile   2008-02-14 03:22:48.000000000 -0500
++++ tpm5-test/tpmd/Makefile    2009-07-16 12:08:26.000000000 -0400
+@@ -8,9 +8,10 @@ WFLAGS  := -Wall -Wno-unused -Wpointer-a
+            -Wwrite-strings -Wsign-compare -Wno-multichar
+            #WFLAGS  += -Wextra -Wcast-qual -Wmissing-prototypes 
-Wmissing-declarations -Wstrict-aliasing
+ CFLAGS  += $(WFLAGS) -g -I.. -I. -O2 -fno-strict-aliasing
++CFLAGS  += -I../../../../tools/vtpm_manager/manager
+ LDFLAGS += -lgmp
+ 
+-BINDIR  := /usr/sbin/
++BINDIR  := /usr/bin/
+ 
+ TPMD    := tpmd
+ DIRS    := ../tpm ../crypto
+@@ -18,6 +19,8 @@ SRCS    := $(foreach dir, $(DIRS), $(wil
+ OBJS    := $(patsubst %.c, %.o, $(SRCS))
+ OBJS    := $(foreach dir, $(DIRS), $(patsubst $(dir)/%.o, %.o, $(filter 
$(dir)/%.o, $(OBJS))))
+ 
++VTPM_BIN := vtpmd
++
+ vpath %.c $(strip $(DIRS))
+ 
+ all: $(TPMD)
+@@ -32,10 +35,8 @@ TPMD_GROUP ?= tss
+ INSTALL    ?= install
+ 
+ install: $(TPMD)
+-      $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d 
$(DESTDIR)/var/lib/tpm
+-      $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d 
$(DESTDIR)/var/run/tpm
+       $(INSTALL) -D -d $(DESTDIR)/$(BINDIR)
+-      $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR)
++      $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR)/$(VTPM_BIN)
+ 
+ .PHONY: all clean install
+ 
+diff -Naurp tpm_emulator-0.5.1/tpmd/tpmd.c tpm5-test/tpmd/tpmd.c
+--- tpm_emulator-0.5.1/tpmd/tpmd.c     2008-02-14 03:22:48.000000000 -0500
++++ tpm5-test/tpmd/tpmd.c      2009-07-16 11:19:05.000000000 -0400
+@@ -32,6 +32,9 @@
+ #include <grp.h>
+ #include "tpm_emulator_config.h"
+ #include "tpm/tpm_emulator.h"
++#include "tpm/tpm_structures.h"
++#include "tpm/tpm_marshalling.h"
++#include "vtpm_manager.h"
+ 
+ #define TPM_DAEMON_NAME     "tpmd"
+ #define TPM_CMD_BUF_SIZE    4096
+@@ -39,6 +42,24 @@
+ #define TPM_RANDOM_DEVICE   "/dev/urandom"
+ #undef  TPM_MKDIRS
+ 
++#ifdef VTPM_MULTI_VM
++ #define DEV_BE "/dev/vtpm"
++ #define DEV_FE "/dev/tpm"
++#else
++ #define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo"
++ #define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo"
++ #define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket"
++
++ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo"
++ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo"
++
++ static char *vtpm_rx_name=NULL;
++#endif
++
++ static int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
++
++#define BUFFER_SIZE 2048
++
+ static volatile int stopflag = 0;
+ static int is_daemon = 0;
+ static int opt_debug = 0;
+@@ -49,6 +70,8 @@ static const char *opt_storage_file = "/
+ static uid_t opt_uid = 0;
+ static gid_t opt_gid = 0;
+ static int tpm_startup = 2;
++static int vtpm_type = VTPM_TYPE_PVM;
++int dmi_id = 0;
+ static int rand_fh;
+ 
+ void tpm_log(int priority, const char *fmt, ...)
+@@ -90,56 +113,241 @@ uint64_t tpm_get_ticks(void)
+ 
+ int tpm_write_to_file(uint8_t *data, size_t data_length)
+ {
+-    int fh;
+-    ssize_t res;
+-    fh = open(opt_storage_file, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | 
S_IWUSR);
+-    if (fh < 0) return -1;
+-    while (data_length > 0) {
+-        res = write(fh, data, data_length);
+-      if (res < 0) {
+-          close(fh);
+-          return -1;
+-      }
+-      data_length -= res; 
+-      data += res;
++  int res, out_data_size, in_header_size;
++  BYTE *ptr, *out_data, *in_header;
++  UINT32 result, len, in_rsp_size;
++  UINT16 tag = VTPM_TAG_REQ;
++      
++  printf("Saving NVM\n");
++  if (vtpm_tx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++    vtpm_tx_fh = open(DEV_FE, O_RDWR);
++#else
++      vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
++#endif
++  }
++
++  if (vtpm_tx_fh < 0) {
++              return -1;
++  }
++ 
++  // Send request to VTPM Manager to encrypt data
++#ifdef VTPM_MUTLI_VM
++  out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT + data_length;
++#else
++  out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length;
++#endif
++  
++  out_data = ptr = (BYTE *) malloc(len);
++
++  if (ptr == NULL
++#ifndef VTPM_MUTLI_VM
++      || tpm_marshal_UINT32(&ptr, &len, dmi_id)
++#endif
++        || tpm_marshal_UINT16(&ptr, &len, tag)
++#ifdef VTPM_MUTLI_VM
++        || tpm_marshal_UINT32(&ptr, &len, out_data_size)
++#else
++        || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
++#endif  
++        || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM)
++        || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) {
++      free(out_data);
++      return -1;
++  }
++  
++  printf("\tSending SaveNVM Command.\n");
++  res = write(vtpm_tx_fh, out_data, out_data_size);
++  free(out_data);
++  if (res != out_data_size) return -1;
++
++  if (vtpm_rx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++    vtpm_rx_fh = vtpm_tx_fh
++#else
++    if (vtpm_rx_name == NULL) {
++      vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
++      sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
+     }
+-    close(fh);
+-    return 0;
++      vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
++#endif
++  }
++
++  if (vtpm_rx_fh < 0) {
++              return -1;
++  }
++  
++  // Read Header of response so we can get the size & status
++#ifdef VTPM_MUTLI_VM
++  in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
++#else
++  in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
++#endif
++  in_header = ptr = malloc(in_header_size);
++  
++  printf("\tReading SaveNVM header.\n");
++  res = read(vtpm_rx_fh, in_header, in_header_size);
++
++  if ( (res != in_header_size)
++#ifndef VTPM_MUTLI_VM
++       || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
++#endif
++         || tpm_unmarshal_UINT16(&ptr, &len, &tag)
++         || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
++         || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
++        free(in_header);
++        return -1;
++  }
++  free(in_header);
++  
++  if (result != VTPM_SUCCESS) {
++      return -1;  
++  }
++
++#ifdef VTPM_MUTLI_VM
++  close(vtpm_tx_fh); close(vtpm_rx_fh);
++#endif
++        
++  printf("\tFinishing up SaveNVM\n");
++  return (0);
+ }
+ 
+ int tpm_read_from_file(uint8_t **data, size_t *data_length)
+ {
+-    int fh;
+-    ssize_t res;
+-    size_t total_length;
+-    fh = open(opt_storage_file, O_RDONLY);
+-    if (fh < 0) return -1;
+-    total_length = lseek(fh, 0, SEEK_END);
+-    lseek(fh, 0, SEEK_SET);
+-    *data = tpm_malloc(total_length);
+-    if (*data == NULL) {
+-        close(fh);
+-        return -1;
+-    }
+-    *data_length = 0;
+-    while (total_length > 0) {
+-        res = read(fh, &(*data)[*data_length], total_length);
+-      if (res < 0) {
+-          close(fh);
+-          tpm_free(*data);
+-          return -1;
+-      }
+-        *data_length += res;
+-      total_length -= res;
++  int res, out_data_size, in_header_size;
++  uint8_t *ptr, *out_data, *in_header;
++  UINT16 tag = VTPM_TAG_REQ;
++  UINT32 len, in_rsp_size, result;
++#ifdef VTPM_MUTLI_VM
++      int vtpm_rx_fh, vtpm_tx_fh;
++#endif
++      
++  printf("Loading NVM.\n");
++  if (vtpm_tx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++    vtpm_tx_fh = open(DEV_FE, O_RDWR);
++#else
++      vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
++#endif
++  }
++
++  if (vtpm_tx_fh < 0) {
++      printf("Error in read_from_file:301\n");
++              return -1;
++  }
++ 
++  // Send request to VTPM Manager to encrypt data
++#ifdef VTPM_MUTLI_VM
++  out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
++#else
++  out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
++#endif
++  out_data = ptr = (BYTE *) malloc(len);
++
++  if (ptr == NULL
++#ifndef VTPM_MUTLI_VM
++      || tpm_marshal_UINT32(&ptr, &len, dmi_id)
++#endif  
++      || tpm_marshal_UINT16(&ptr, &len, tag)
++#ifdef VTPM_MUTLI_VM
++      || tpm_marshal_UINT32(&ptr, &len, out_data_size)
++#else
++      || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
++#endif
++      || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) {
++    free(out_data);
++    printf("Error in read_from_file:325\n");
++
++    return -1;
++  }
++
++  printf("\tSending LoadNVM command\n");
++  res = write(vtpm_tx_fh, out_data, out_data_size);
++  free(out_data);
++  if (res != out_data_size) 
++    {
++      printf("Error in read_from_file:335\n");
++      return -1;
++    }
++
++    if (vtpm_rx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++    vtpm_rx_fh = vtpm_tx_fh;
++#else
++    if (vtpm_rx_name == NULL) {
++      vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
++      sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
+     }
+-    close(fh);
+-    return 0;
++      vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
++#endif
++  }
++
++  if (vtpm_rx_fh < 0) {
++      printf("Error in read_from_file:352\n");        
++      return -1;
++  }
++  
++  // Read Header of response so we can get the size & status
++#ifdef VTPM_MUTLI_VM
++  in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
++#else
++  in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
++#endif
++  in_header = ptr = malloc(in_header_size);
++  
++  printf("\tReading LoadNVM header\n");
++  res = read(vtpm_rx_fh, in_header, in_header_size);
++
++  if ( (res != in_header_size)
++#ifndef VTPM_MUTLI_VM
++       || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
++#endif
++       || tpm_unmarshal_UINT16(&ptr, &len, &tag)
++       || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
++       || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
++      free(in_header);
++      printf("Error in read_from_file:375\n");     
++      return -1;
++  }
++  free(in_header);
++  
++  if (result != VTPM_SUCCESS) {
++    printf("Error in read_from_file:381\n");
++    return -1;  
++  }
++
++  // Read Encrypted data from VTPM Manager
++  *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT;
++  *data = (uint8_t *) malloc(*data_length);
++
++  printf("\tReading clear data from LoadNVM.\n");
++  res = read(vtpm_rx_fh, *data, *data_length);
++#ifdef VTPM_MUTLI_VM
++  close(vtpm_rx_fh);close(vtpm_tx_fh);
++#endif 
++      
++  printf("\tReturing from loading NVM\n");
++  if (res != (int)*data_length) {
++      free(*data);
++      printf("Error in read_from_file:398\n");
++      return -1;
++  } else {
++      return 0;
++  }
++
++
++    
+ }
+ 
+ static void print_usage(char *name)
+ {
+     printf("usage: %s [-d] [-f] [-s storage file] [-u unix socket name] "
+-           "[-o user name] [-g group name] [-h] [startup mode]\n", name);
++           "[-o user name] [-g group name] [-h]"
++#ifdef VTPM_MULTI_VM
++         "clear|save|deactivated\n", name);
++#else
++         "clear|save|deactivated pvm|hvm vtpmid\n", name);
++#endif
+     printf("  d : enable debug mode\n");
+     printf("  f : forces the application to run in the foreground\n");
+     printf("  s : storage file to use (default: %s)\n", opt_storage_file);
+@@ -205,7 +413,13 @@ static void parse_options(int argc, char
+                 exit(EXIT_SUCCESS);
+         }
+     }
+-    if (optind < argc) {
++    /*Make sure we have all required options*/
++#ifdef VTPM_MULTI_VM
++#define EXTRA_OPTS 0
++#else
++#define EXTRA_OPTS 2
++#endif
++    if (optind < argc - EXTRA_OPTS ) {
+         debug("startup mode = '%s'", argv[optind]);
+         if (!strcmp(argv[optind], "clear")) {
+             tpm_startup = 1;
+@@ -219,6 +433,25 @@ static void parse_options(int argc, char
+             print_usage(argv[0]);
+             exit(EXIT_SUCCESS);
+         }
++#ifndef VTPM_MULTI_VM
++        ++optind;
++      if(!strcmp(argv[optind], "pvm")) {
++              vtpm_type = VTPM_TYPE_PVM;      // Get commands from vTPM 
Manager through fifo
++      } else if (!strcmp(argv[optind], "hvm")) {
++              vtpm_type = VTPM_TYPE_HVM;      // Get commands from qemu via 
socket
++        } else {
++              error("Invalid vm mode '%s'; must be 'pvm', "
++                      "or 'hvm' ", argv[optind]);
++              print_usage(argv[0]);
++              exit(EXIT_SUCCESS);
++      }
++        ++optind;
++      dmi_id = atoi(argv[optind]);
++#endif
++    } else {
++      error("Invalid number of arguments");
++      print_usage(argv[0]);
++      exit(EXIT_SUCCESS);
+     }
+ }
+ 
+@@ -348,93 +581,180 @@ static int init_socket(const char *name)
+ 
+ static void main_loop(void)
+ {
+-    int sock, fh, res;
+-    int32_t in_len;
++    int32_t in_len, written;
+     uint32_t out_len;
+-    uint8_t in[TPM_CMD_BUF_SIZE], *out;
++    uint8_t in[TPM_CMD_BUF_SIZE], *out, *addressed_out;
++    int guest_id=-1;
++    int i;
++    char *vtpm_rx_file=NULL;
++    int res;
++
++#ifndef VTPM_MULTI_VM
++    int sockfd = -1;
+     struct sockaddr_un addr;
+-    socklen_t addr_len;
+-    fd_set rfds;
+-    struct timeval tv;
++    struct sockaddr_un client_addr;
++    unsigned int client_length;
++#endif
++
++    int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
++
++#ifndef VTPM_MULTI_VM
++  if (vtpm_type == VTPM_TYPE_PVM) {
++    vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D));
++    sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id);
++  } else {
++    vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D));
++    sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id);
++
++    if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) {
++          error("Unable to create socket. errno = %d\n", errno);
++      exit (-1);
++    }
++
++    memset(&addr, 0, sizeof(addr));
++    addr.sun_family = AF_UNIX;
++    strcpy(addr.sun_path,vtpm_rx_file );
++    unlink(addr.sun_path);
++  }
++#endif
+ 
+     info("staring main loop");
+-    /* open UNIX socket */
+-    sock = init_socket(opt_socket_name);
+-    if (sock < 0) exit(EXIT_FAILURE);
+     /* init tpm emulator */
+-    debug("initializing TPM emulator: %d", tpm_startup);
++#ifdef VTPM_MULTI_VM
++    debug("initializing TPM emulator: state=%d", tpm_startup);
++#else
++    debug("initializing TPM emulator: state=%d, type=%d, id=%d", tpm_startup, 
vtpm_type, dmi_id);
++#endif
+     tpm_emulator_init(tpm_startup);
+     /* start command processing */
+     while (!stopflag) {
+         /* wait for incomming connections */
+         debug("waiting for connections...");
+-        FD_ZERO(&rfds);
+-        FD_SET(sock, &rfds);
+-        tv.tv_sec = 10;
+-        tv.tv_usec = 0;
+-        res = select(sock + 1, &rfds, NULL, NULL, &tv);
+-        if (res < 0) {
+-            error("select(sock) failed: %s", strerror(errno));
+-            break;
+-        } else if (res == 0) {
+-            continue;
+-        }
+-        addr_len = sizeof(addr);
+-        fh = accept(sock, (struct sockaddr*)&addr, &addr_len);
+-        if (fh < 0) {
+-            error("accept() failed: %s", strerror(errno));
+-            continue;
+-        }
++      if (vtpm_rx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++          vtpm_rx_fh = open(DEV_BE, O_RDWR);
++#else
++          if (vtpm_type == VTPM_TYPE_PVM)
++          {
++              vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY);
++          } else {
++              if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
++                  error("Unable to bind(). errno = %d\n", errno);
++                  exit (-1);
++              }
++
++              if (listen(sockfd, 10) <0) {
++                  error("Unable to listen(). errno = %d\n", errno);
++                  exit (-1);
++              } 
++
++               memset(&client_addr, 0, sizeof(client_addr));
++               client_length = sizeof(client_addr);
++
++               vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct sockaddr 
*)&client_addr, &client_length);
++          }
++#endif
++      }
++      
++      /*Error Checking*/
++      if (vtpm_rx_fh < 0) {
++        error("Failed to open devices to listen to guest.\n");
++        exit(-1);
++      }
++
+         /* receive and handle commands */
+         in_len = 0;
+         do {
+             debug("waiting for commands...");
+-            FD_ZERO(&rfds);
+-            FD_SET(fh, &rfds);
+-            tv.tv_sec = TPM_COMMAND_TIMEOUT;
+-            tv.tv_usec = 0;
+-            res = select(fh + 1, &rfds, NULL, NULL, &tv);
+-            if (res < 0) {
+-                error("select(fh) failed: %s", strerror(errno));
+-                close(fh);
+-                break;
+-            } else if (res == 0) {
+-#ifdef TPMD_DISCONNECT_IDLE_CLIENTS       
+-                info("connection closed due to inactivity");
+-                close(fh);
+-                break;
+-#else         
+-                continue;
+-#endif                
+-            }
+-            in_len = read(fh, in, sizeof(in));
+-            if (in_len > 0) {
++
++            in_len = read(vtpm_rx_fh, in, sizeof(in));
++          /*Magic size of minimum TPM command is 6*/
++              //FIXME Magic size check may not be required anymore
++            if (in_len < 6) {
++              info("Recv incomplete command of %d bytes.", in_len);
++              if (in_len <= 0) {
++                  close(vtpm_rx_fh);
++                  vtpm_rx_fh = -1;
++                  continue;
++                 }
++          } else {
++              /*Debug Printouts*/
+                 debug("received %d bytes", in_len);
++              debug_nostop("Recv[%d]: 0x", in_len);
++              for (i=0; i< in_len; i++) 
++                  debug_more("%x ", in[i]);
++              debug_more("\n");
++              /*Multiple Guest check*/
++              if (guest_id == -1) {
++                  guest_id = *((int32_t *) in);
++              } else {
++                  if (guest_id != *((int32_t *) in) ) {
++                      error("WARNING: More than one guest attached\n");
++                  }
++              }
++
++              /*Open tx handle now*/
++              if (vtpm_tx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++                  vtpm_tx_fh = open(DEV_BE, O_RDWR);
++                  vtpm_rx_fh = vtpm_tx_fh;
++#else
++                  if (vtpm_type == VTPM_TYPE_PVM) {
++                      vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY);
++                  } // No need to open the other direction for HVM
++#endif
++              }
++              if (vtpm_tx_fh < 0) {
++                error("Failed to open devices to respond to guest.\n");
++                exit(-1);
++              }
++
++              /*Handle the TPM command now*/
+                 out = NULL;
+-                res = tpm_handle_command(in, in_len, &out, &out_len);
++                res = tpm_handle_command(in + sizeof(uint32_t), in_len - 
sizeof(uint32_t), &out, &out_len);
+                 if (res < 0) {
+                     error("tpm_handle_command() failed");
+                 } else {
+                     debug("sending %d bytes", out_len);
++                  //FIXME this prepending may or may not be needed
++                  /*Prepend the first 4 bytes of the in buffer.. why?*/
++                  addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + 
out_len);
++                  *(uint32_t *) addressed_out = *(uint32_t *) in;
++                  memcpy(addressed_out + sizeof(uint32_t), out, out_len);
++                  out_len += sizeof(uint32_t);
++                  /*End Prepend*/
++
++                  /*Perform write operation now*/
+                     while (out_len > 0) {
+-                        res = write(fh, out, out_len);
++                        res = write(vtpm_tx_fh, addressed_out, out_len);
++
+                         if (res < 0) {
+                             error("write(%d) failed: %s", out_len, 
strerror(errno));
+                             break;
+-                        }
++                        } else {
++                        debug_nostop("Sent[%Zu]: ", out_len);
++                        for (i=0; (unsigned int)i< out_len; i++)
++                          debug_more("%x ", addressed_out[i]);
++                        debug_more("\n");
++                      }
+                         out_len       -= res;
+                     }
+                     tpm_free(out);
++                  tpm_free(addressed_out);
+                 }
+             }
+         } while (in_len > 0);
+-        close(fh);
++        //close(fh);
+     }
++    
+     /* shutdown tpm emulator */
+     tpm_emulator_shutdown();
+-    /* close socket */
+-    close(sock);
+-    unlink(opt_socket_name);
++    /* Close handles */
++    close(vtpm_tx_fh);
++#ifndef VTPM_MULTI_VM
++    close(vtpm_rx_fh);
++    free(vtpm_rx_file);
++#endif
+     info("main loop stopped");
+ }
+ 
+@@ -450,12 +770,13 @@ int main(int argc, char **argv)
+     /* open random device */
+     init_random();
+     /* init signal handlers */
+-    init_signal_handler();
++    //init_signal_handler();
+     /* unless requested otherwiese, fork and daemonize process */
+-    if (!opt_foreground) daemonize();
++    //if (!opt_foreground) daemonize();
+     /* start main processing loop */
+     main_loop();
+     info("stopping TPM Emulator daemon");
+     closelog();
+     return 0;
+ }
++
+diff -Naurp tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h 
tpm5-test/tpmd/tpm_emulator_config.h
+--- tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h      2008-02-14 
03:22:48.000000000 -0500
++++ tpm5-test/tpmd/tpm_emulator_config.h       2009-07-16 11:25:26.000000000 
-0400
+@@ -29,23 +29,28 @@
+ 
+ /* TPM emulator configuration */
+ 
+-#undef  TPM_STRONG_PERSISTENCE
+-#undef  TPM_GENERATE_EK
++#define  TPM_STRONG_PERSISTENCE
++#define  TPM_GENERATE_EK
+ #undef  TPM_GENERATE_SEED_DAA
+ #undef  TPM_MEMORY_ALIGNMENT_MANDATORY
+ 
++extern int dmi_id;
++
+ /* log macros */
+ 
+ void tpm_log(int priority, const char *fmt, ...);
+ 
+-#define debug(fmt, ...) tpm_log(LOG_DEBUG, "%s:%d: Debug: " fmt "\n", \
+-                                __FILE__, __LINE__, ## __VA_ARGS__)
+-#define info(fmt, ...)  tpm_log(LOG_INFO, "%s:%d: Info: " fmt "\n", \
+-                                __FILE__, __LINE__, ## __VA_ARGS__)
+-#define error(fmt, ...) tpm_log(LOG_ERR, "%s:%d: Error: " fmt "\n", \
+-                                __FILE__, __LINE__, ## __VA_ARGS__)
+-#define alert(fmt, ...) tpm_log(LOG_ALERT, "%s:%d: Alert: " fmt "\n", \
+-                                __FILE__, __LINE__, ## __VA_ARGS__)
++#define debug(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " fmt 
"\n", \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define info(fmt, ...)  tpm_log(LOG_INFO, "VTPMD[%d]: %s:%d: Info: " fmt 
"\n", \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define error(fmt, ...) tpm_log(LOG_ERR, "VTPMD[%d]: %s:%d: Error: " fmt 
"\n", \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define alert(fmt, ...) tpm_log(LOG_ALERT, "VTPMD[%d]: %s:%d: Alert: " fmt 
"\n", \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define debug_nostop(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " 
fmt, \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define debug_more(fmt, ...) tpm_log(LOG_DEBUG, fmt, ## __VA_ARGS__)
+ 
+ /*  min/max macros that also do strict type-checking */
+ 

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.