WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-unstable] vtpm: Upgrade to using tpm_emulator-0.5.1

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] vtpm: Upgrade to using tpm_emulator-0.5.1
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 24 Aug 2009 00:30:33 -0700
Delivery-date: Mon, 24 Aug 2009 00:31:47 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1251097732 -3600
# Node ID 4e67ba3c321affda3f90734ba62ce04b23fce66c
# Parent  dde06d43143b71a72d979d8040a887534e321b32
vtpm: Upgrade to using tpm_emulator-0.5.1

The newer version of the emulator contains several bug fixes, one that
we were seeing in our use of vtpm.

This patch also defines TPM_STRONG_PERSISTENCE for the new emulator.

A couple of important notes about this patch:
-This has only been tested on PVM domU's. In theory it should work for
HVM but I have not tried it at all and can guarantee nothing.
-All the relevant changes in tools/vtpm/vtpm.patch have been ported
to tpm_emulator-0.5.1.
-None of the changes in tpm_emulator.patch have been ported. In
particular this means the BUILD_EMULATOR option, which as I understand
lets you use the tpm_emulator in dom0 for a machine that does
not have a real hardware TPM does not work. This functionality should
be easy to add though because the new emulator already comes with a
kernel module interface.
-No considerations were made for the VTPM_MULTI_VM feature (which is
supposedly unfinished). This patch may or may not break any progress
made on that feature.

Signed-off-by: Matt Fioravante <Matthew.Fioravante@xxxxxxxxxx>
---
 tools/vtpm/Makefile         |   34 ----
 tools/vtpm/vtpm-0.5.1.patch |  301 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 307 insertions(+), 28 deletions(-)

diff -r dde06d43143b -r 4e67ba3c321a tools/vtpm/Makefile
--- a/tools/vtpm/Makefile       Mon Aug 24 08:05:46 2009 +0100
+++ b/tools/vtpm/Makefile       Mon Aug 24 08:08:52 2009 +0100
@@ -10,7 +10,7 @@ ORIG_DIR = orig
 ORIG_DIR = orig
 
 # Emulator tarball name
-TPM_EMULATOR_NAME = tpm_emulator-0.4
+TPM_EMULATOR_NAME = tpm_emulator-0.5.1
 TPM_EMULATOR_TARFILE = $(TPM_EMULATOR_NAME).tar.gz
 
 GMP_HEADER = /usr/include/gmp.h
@@ -19,13 +19,10 @@ all: build
 all: build
 
 .PHONY: build
-build: $(VTPM_DIR) $(TPM_EMULATOR_DIR) build_sub
+build: build_sub
 
 .PHONY: install
 install: build
-       if [ "$(BUILD_EMULATOR)" = "y" ]; then \
-               $(MAKE) -C $(TPM_EMULATOR_DIR) $@ ;\
-       fi 
        $(MAKE) -C $(VTPM_DIR) $@
 
 .PHONY: clean
@@ -46,25 +43,14 @@ mrproper:
 $(TPM_EMULATOR_TARFILE):
        wget http://download.berlios.de/tpm-emulator/$(TPM_EMULATOR_TARFILE)
 
-# Create vtpm and TPM emulator dirs
-# apply patches for 1) used as dom0 tpm driver 2) used as vtpm device instance
-$(TPM_EMULATOR_DIR): $(TPM_EMULATOR_TARFILE) tpm_emulator.patch 
-       set -e; if [ "$(BUILD_EMULATOR)" = "y" ]; then \
-               rm -rf $(TPM_EMULATOR_DIR); \
-               tar -xzf $(TPM_EMULATOR_TARFILE); \
-               mv $(TPM_EMULATOR_NAME) $(TPM_EMULATOR_DIR); \
-               cd $(TPM_EMULATOR_DIR); \
-               patch -p1 <../tpm_emulator.patch; \
-       fi
-
-$(VTPM_DIR): $(TPM_EMULATOR_TARFILE) vtpm.patch
+# Create vtpm dirs
+$(VTPM_DIR)/tpmd/tpmd: $(TPM_EMULATOR_TARFILE) vtpm-0.5.1.patch
        rm -rf $(VTPM_DIR)
        tar -xzf $(TPM_EMULATOR_TARFILE)
        mv $(TPM_EMULATOR_NAME) $(VTPM_DIR)
 
        set -e; cd $(VTPM_DIR); \
-       patch -p1 < ../tpm_emulator.patch; \
-       patch -p1 < ../vtpm.patch
+       patch -p1 < ../vtpm-0.5.1.patch
 
 orig: $(TPM_EMULATOR_TARFILE)
        mkdir $(ORIG_DIR);
@@ -72,22 +58,14 @@ orig: $(TPM_EMULATOR_TARFILE)
        tar -xzf ../$(TPM_EMULATOR_TARFILE);
 
 updatepatches: clean orig
-       set -e; if [ "$(BUILD_EMULATOR)" = "y" ]; then \
-               find $(TPM_EMULATOR_DIR) -name "*.orig" -print | xargs rm -f; \
-               mv tpm_emulator.patch tpm_emulator.patch.old; \
-               diff -uprN orig/$(TPM_EMULATOR_NAME) $(TPM_EMULATOR_DIR) > 
tpm_emulator.patch || true; \
-        fi; 
        find $(VTPM_DIR) -name "*.orig" -print | xargs rm -f; 
        mv vtpm.patch vtpm.patch.old; 
        diff -uprN $(TPM_EMULATOR_DIR) $(VTPM_DIR) > vtpm.patch || true;
 
 .PHONY: build_sub
-build_sub:
+build_sub: $(VTPM_DIR)/tpmd/tpmd
        set -e; if [ -e $(GMP_HEADER) ]; then \
                $(MAKE) -C $(VTPM_DIR); \
-               if [ "$(BUILD_EMULATOR)" = "y" ]; then \
-                       $(MAKE) -C $(TPM_EMULATOR_DIR); \
-               fi \
        else \
                echo "=== Unable to build VTPMs. libgmp could not be found."; \
        fi
diff -r dde06d43143b -r 4e67ba3c321a tools/vtpm/vtpm-0.5.1.patch
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/vtpm/vtpm-0.5.1.patch       Mon Aug 24 08:08:52 2009 +0100
@@ -0,0 +1,766 @@
+diff -Naurp tpm_emulator-0.5.1/Makefile tpm5-test/Makefile
+--- tpm_emulator-0.5.1/Makefile        2008-02-14 03:22:48.000000000 -0500
++++ tpm5-test/Makefile 2009-07-15 09:45:28.000000000 -0400
+@@ -10,7 +10,7 @@ VERSION_MINOR  := 5
+ VERSION_BUILD  := $(shell date +"%s")
+ VERSION_SUFFIX := .1
+ 
+-SUBDIRS := tpmd tpmd_dev tddl
++SUBDIRS := tpmd 
+ 
+ all: version all-recursive
+ 
+@@ -48,12 +48,12 @@ user_install: user
+ modules_install: modules
+       @$(MAKE) -C tpmd_dev install || exit -1
+ 
+-DIRS    := . tpm crypto tpmd tpmd_dev tddl tpmd_dev_openbsd
++DIRS    := . tpm crypto tpmd 
+ DISTSRC := $(foreach dir, $(DIRS), $(wildcard $(dir)/*.c))
+ DISTSRC += $(foreach dir, $(DIRS), $(wildcard $(dir)/*.h))
+-DIRS    := . tpmd tpmd_dev tddl tpmd_dev_openbsd
++DIRS    := . tpmd 
+ DISTSRC += $(foreach dir, $(DIRS), $(dir)/Makefile)
+-DISTSRC += ./README ./AUTHORS ./ChangeLog tpmd_dev/tpmd_dev.rules.in
++DISTSRC += ./README ./AUTHORS ./ChangeLog 
+ DISTDIR := tpm_emulator-$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_SUFFIX)
+ 
+ dist: $(DISTSRC)
+diff -Naurp tpm_emulator-0.5.1/tpm/tpm_capability.c 
tpm5-test/tpm/tpm_capability.c
+--- tpm_emulator-0.5.1/tpm/tpm_capability.c    2008-02-14 03:22:48.000000000 
-0500
++++ tpm5-test/tpm/tpm_capability.c     2009-07-16 12:04:20.000000000 -0400
+@@ -136,8 +136,19 @@ static TPM_RESULT cap_property(UINT32 su
+ 
+     case TPM_CAP_PROP_TIS_TIMEOUT:
+       debug("[TPM_CAP_PROP_TIS_TIMEOUT]");
+-      /* TODO: TPM_CAP_PROP_TIS_TIMEOUT */
+-      return TPM_FAIL;
++      /* TODO: TPM_CAP_PROP_TIS_TIMEOUT: Measure these values and determine 
correct ones */
++      UINT32 len = *respSize = 16;
++      BYTE *ptr = *resp = tpm_malloc(*respSize);
++      if (ptr == NULL || 
++          tpm_marshal_UINT32(&ptr, &len, 200000) ||
++          tpm_marshal_UINT32(&ptr, &len, 200000) ||
++          tpm_marshal_UINT32(&ptr, &len, 200000) ||
++          tpm_marshal_UINT32(&ptr, &len, 200000)) {
++        tpm_free(*resp);
++        return TPM_FAIL;
++      }
++      return TPM_SUCCESS;
++
+ 
+     case TPM_CAP_PROP_STARTUP_EFFECT:
+       debug("[TPM_CAP_PROP_STARTUP_EFFECT]");
+@@ -189,8 +200,12 @@ static TPM_RESULT cap_property(UINT32 su
+ 
+     case TPM_CAP_PROP_DURATION:
+       debug("[TPM_CAP_PROP_DURATION]");
+-      /* TODO: TPM_CAP_PROP_DURATION */
+-      return TPM_FAIL;
++      /* TODO: TPM_CAP_PROP_DURATION: Measure these values and return 
accurate ones */
++      BYTE dur[]= 
{0x0,0x0,0x0,0xc,0x0,0x7,0xa1,0x20,0x0,0x1e,0x84,0x80,0x11,0xe1,0xa3,0x0}; 
++      *respSize = 16;
++      *resp = tpm_malloc(*respSize);
++      memcpy(*resp,dur,16); 
++
+ 
+     case TPM_CAP_PROP_ACTIVE_COUNTER:
+       debug("[TPM_CAP_PROP_ACTIVE_COUNTER]");
+diff -Naurp tpm_emulator-0.5.1/tpmd/Makefile tpm5-test/tpmd/Makefile
+--- tpm_emulator-0.5.1/tpmd/Makefile   2008-02-14 03:22:48.000000000 -0500
++++ tpm5-test/tpmd/Makefile    2009-07-16 12:08:26.000000000 -0400
+@@ -8,9 +8,10 @@ WFLAGS  := -Wall -Wno-unused -Wpointer-a
+            -Wwrite-strings -Wsign-compare -Wno-multichar
+            #WFLAGS  += -Wextra -Wcast-qual -Wmissing-prototypes 
-Wmissing-declarations -Wstrict-aliasing
+ CFLAGS  += $(WFLAGS) -g -I.. -I. -O2 -fno-strict-aliasing
++CFLAGS  += -I../../../../tools/vtpm_manager/manager
+ LDFLAGS += -lgmp
+ 
+-BINDIR  := /usr/sbin/
++BINDIR  := /usr/bin/
+ 
+ TPMD    := tpmd
+ DIRS    := ../tpm ../crypto
+@@ -18,6 +19,8 @@ SRCS    := $(foreach dir, $(DIRS), $(wil
+ OBJS    := $(patsubst %.c, %.o, $(SRCS))
+ OBJS    := $(foreach dir, $(DIRS), $(patsubst $(dir)/%.o, %.o, $(filter 
$(dir)/%.o, $(OBJS))))
+ 
++VTPM_BIN := vtpmd
++
+ vpath %.c $(strip $(DIRS))
+ 
+ all: $(TPMD)
+@@ -32,10 +35,8 @@ TPMD_GROUP ?= tss
+ INSTALL    ?= install
+ 
+ install: $(TPMD)
+-      $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d 
$(DESTDIR)/var/lib/tpm
+-      $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d 
$(DESTDIR)/var/run/tpm
+       $(INSTALL) -D -d $(DESTDIR)/$(BINDIR)
+-      $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR)
++      $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR)/$(VTPM_BIN)
+ 
+ .PHONY: all clean install
+ 
+diff -Naurp tpm_emulator-0.5.1/tpmd/tpmd.c tpm5-test/tpmd/tpmd.c
+--- tpm_emulator-0.5.1/tpmd/tpmd.c     2008-02-14 03:22:48.000000000 -0500
++++ tpm5-test/tpmd/tpmd.c      2009-07-16 11:19:05.000000000 -0400
+@@ -32,6 +32,9 @@
+ #include <grp.h>
+ #include "tpm_emulator_config.h"
+ #include "tpm/tpm_emulator.h"
++#include "tpm/tpm_structures.h"
++#include "tpm/tpm_marshalling.h"
++#include "vtpm_manager.h"
+ 
+ #define TPM_DAEMON_NAME     "tpmd"
+ #define TPM_CMD_BUF_SIZE    4096
+@@ -39,6 +42,24 @@
+ #define TPM_RANDOM_DEVICE   "/dev/urandom"
+ #undef  TPM_MKDIRS
+ 
++#ifdef VTPM_MULTI_VM
++ #define DEV_BE "/dev/vtpm"
++ #define DEV_FE "/dev/tpm"
++#else
++ #define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo"
++ #define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo"
++ #define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket"
++
++ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo"
++ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo"
++
++ static char *vtpm_rx_name=NULL;
++#endif
++
++ static int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
++
++#define BUFFER_SIZE 2048
++
+ static volatile int stopflag = 0;
+ static int is_daemon = 0;
+ static int opt_debug = 0;
+@@ -49,6 +70,8 @@ static const char *opt_storage_file = "/
+ static uid_t opt_uid = 0;
+ static gid_t opt_gid = 0;
+ static int tpm_startup = 2;
++static int vtpm_type = VTPM_TYPE_PVM;
++int dmi_id = 0;
+ static int rand_fh;
+ 
+ void tpm_log(int priority, const char *fmt, ...)
+@@ -90,56 +113,241 @@ uint64_t tpm_get_ticks(void)
+ 
+ int tpm_write_to_file(uint8_t *data, size_t data_length)
+ {
+-    int fh;
+-    ssize_t res;
+-    fh = open(opt_storage_file, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | 
S_IWUSR);
+-    if (fh < 0) return -1;
+-    while (data_length > 0) {
+-        res = write(fh, data, data_length);
+-      if (res < 0) {
+-          close(fh);
+-          return -1;
+-      }
+-      data_length -= res; 
+-      data += res;
++  int res, out_data_size, in_header_size;
++  BYTE *ptr, *out_data, *in_header;
++  UINT32 result, len, in_rsp_size;
++  UINT16 tag = VTPM_TAG_REQ;
++      
++  printf("Saving NVM\n");
++  if (vtpm_tx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++    vtpm_tx_fh = open(DEV_FE, O_RDWR);
++#else
++      vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
++#endif
++  }
++
++  if (vtpm_tx_fh < 0) {
++              return -1;
++  }
++ 
++  // Send request to VTPM Manager to encrypt data
++#ifdef VTPM_MUTLI_VM
++  out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT + data_length;
++#else
++  out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length;
++#endif
++  
++  out_data = ptr = (BYTE *) malloc(len);
++
++  if (ptr == NULL
++#ifndef VTPM_MUTLI_VM
++      || tpm_marshal_UINT32(&ptr, &len, dmi_id)
++#endif
++        || tpm_marshal_UINT16(&ptr, &len, tag)
++#ifdef VTPM_MUTLI_VM
++        || tpm_marshal_UINT32(&ptr, &len, out_data_size)
++#else
++        || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
++#endif  
++        || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM)
++        || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) {
++      free(out_data);
++      return -1;
++  }
++  
++  printf("\tSending SaveNVM Command.\n");
++  res = write(vtpm_tx_fh, out_data, out_data_size);
++  free(out_data);
++  if (res != out_data_size) return -1;
++
++  if (vtpm_rx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++    vtpm_rx_fh = vtpm_tx_fh
++#else
++    if (vtpm_rx_name == NULL) {
++      vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
++      sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
+     }
+-    close(fh);
+-    return 0;
++      vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
++#endif
++  }
++
++  if (vtpm_rx_fh < 0) {
++              return -1;
++  }
++  
++  // Read Header of response so we can get the size & status
++#ifdef VTPM_MUTLI_VM
++  in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
++#else
++  in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
++#endif
++  in_header = ptr = malloc(in_header_size);
++  
++  printf("\tReading SaveNVM header.\n");
++  res = read(vtpm_rx_fh, in_header, in_header_size);
++
++  if ( (res != in_header_size)
++#ifndef VTPM_MUTLI_VM
++       || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
++#endif
++         || tpm_unmarshal_UINT16(&ptr, &len, &tag)
++         || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
++         || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
++        free(in_header);
++        return -1;
++  }
++  free(in_header);
++  
++  if (result != VTPM_SUCCESS) {
++      return -1;  
++  }
++
++#ifdef VTPM_MUTLI_VM
++  close(vtpm_tx_fh); close(vtpm_rx_fh);
++#endif
++        
++  printf("\tFinishing up SaveNVM\n");
++  return (0);
+ }
+ 
+ int tpm_read_from_file(uint8_t **data, size_t *data_length)
+ {
+-    int fh;
+-    ssize_t res;
+-    size_t total_length;
+-    fh = open(opt_storage_file, O_RDONLY);
+-    if (fh < 0) return -1;
+-    total_length = lseek(fh, 0, SEEK_END);
+-    lseek(fh, 0, SEEK_SET);
+-    *data = tpm_malloc(total_length);
+-    if (*data == NULL) {
+-        close(fh);
+-        return -1;
+-    }
+-    *data_length = 0;
+-    while (total_length > 0) {
+-        res = read(fh, &(*data)[*data_length], total_length);
+-      if (res < 0) {
+-          close(fh);
+-          tpm_free(*data);
+-          return -1;
+-      }
+-        *data_length += res;
+-      total_length -= res;
++  int res, out_data_size, in_header_size;
++  uint8_t *ptr, *out_data, *in_header;
++  UINT16 tag = VTPM_TAG_REQ;
++  UINT32 len, in_rsp_size, result;
++#ifdef VTPM_MUTLI_VM
++      int vtpm_rx_fh, vtpm_tx_fh;
++#endif
++      
++  printf("Loading NVM.\n");
++  if (vtpm_tx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++    vtpm_tx_fh = open(DEV_FE, O_RDWR);
++#else
++      vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
++#endif
++  }
++
++  if (vtpm_tx_fh < 0) {
++      printf("Error in read_from_file:301\n");
++              return -1;
++  }
++ 
++  // Send request to VTPM Manager to encrypt data
++#ifdef VTPM_MUTLI_VM
++  out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
++#else
++  out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
++#endif
++  out_data = ptr = (BYTE *) malloc(len);
++
++  if (ptr == NULL
++#ifndef VTPM_MUTLI_VM
++      || tpm_marshal_UINT32(&ptr, &len, dmi_id)
++#endif  
++      || tpm_marshal_UINT16(&ptr, &len, tag)
++#ifdef VTPM_MUTLI_VM
++      || tpm_marshal_UINT32(&ptr, &len, out_data_size)
++#else
++      || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
++#endif
++      || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) {
++    free(out_data);
++    printf("Error in read_from_file:325\n");
++
++    return -1;
++  }
++
++  printf("\tSending LoadNVM command\n");
++  res = write(vtpm_tx_fh, out_data, out_data_size);
++  free(out_data);
++  if (res != out_data_size) 
++    {
++      printf("Error in read_from_file:335\n");
++      return -1;
++    }
++
++    if (vtpm_rx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++    vtpm_rx_fh = vtpm_tx_fh;
++#else
++    if (vtpm_rx_name == NULL) {
++      vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
++      sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
+     }
+-    close(fh);
+-    return 0;
++      vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
++#endif
++  }
++
++  if (vtpm_rx_fh < 0) {
++      printf("Error in read_from_file:352\n");        
++      return -1;
++  }
++  
++  // Read Header of response so we can get the size & status
++#ifdef VTPM_MUTLI_VM
++  in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
++#else
++  in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
++#endif
++  in_header = ptr = malloc(in_header_size);
++  
++  printf("\tReading LoadNVM header\n");
++  res = read(vtpm_rx_fh, in_header, in_header_size);
++
++  if ( (res != in_header_size)
++#ifndef VTPM_MUTLI_VM
++       || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
++#endif
++       || tpm_unmarshal_UINT16(&ptr, &len, &tag)
++       || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
++       || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
++      free(in_header);
++      printf("Error in read_from_file:375\n");     
++      return -1;
++  }
++  free(in_header);
++  
++  if (result != VTPM_SUCCESS) {
++    printf("Error in read_from_file:381\n");
++    return -1;  
++  }
++
++  // Read Encrypted data from VTPM Manager
++  *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT;
++  *data = (uint8_t *) malloc(*data_length);
++
++  printf("\tReading clear data from LoadNVM.\n");
++  res = read(vtpm_rx_fh, *data, *data_length);
++#ifdef VTPM_MUTLI_VM
++  close(vtpm_rx_fh);close(vtpm_tx_fh);
++#endif 
++      
++  printf("\tReturing from loading NVM\n");
++  if (res != (int)*data_length) {
++      free(*data);
++      printf("Error in read_from_file:398\n");
++      return -1;
++  } else {
++      return 0;
++  }
++
++
++    
+ }
+ 
+ static void print_usage(char *name)
+ {
+     printf("usage: %s [-d] [-f] [-s storage file] [-u unix socket name] "
+-           "[-o user name] [-g group name] [-h] [startup mode]\n", name);
++           "[-o user name] [-g group name] [-h]"
++#ifdef VTPM_MULTI_VM
++         "clear|save|deactivated\n", name);
++#else
++         "clear|save|deactivated pvm|hvm vtpmid\n", name);
++#endif
+     printf("  d : enable debug mode\n");
+     printf("  f : forces the application to run in the foreground\n");
+     printf("  s : storage file to use (default: %s)\n", opt_storage_file);
+@@ -205,7 +413,13 @@ static void parse_options(int argc, char
+                 exit(EXIT_SUCCESS);
+         }
+     }
+-    if (optind < argc) {
++    /*Make sure we have all required options*/
++#ifdef VTPM_MULTI_VM
++#define EXTRA_OPTS 0
++#else
++#define EXTRA_OPTS 2
++#endif
++    if (optind < argc - EXTRA_OPTS ) {
+         debug("startup mode = '%s'", argv[optind]);
+         if (!strcmp(argv[optind], "clear")) {
+             tpm_startup = 1;
+@@ -219,6 +433,25 @@ static void parse_options(int argc, char
+             print_usage(argv[0]);
+             exit(EXIT_SUCCESS);
+         }
++#ifndef VTPM_MULTI_VM
++        ++optind;
++      if(!strcmp(argv[optind], "pvm")) {
++              vtpm_type = VTPM_TYPE_PVM;      // Get commands from vTPM 
Manager through fifo
++      } else if (!strcmp(argv[optind], "hvm")) {
++              vtpm_type = VTPM_TYPE_HVM;      // Get commands from qemu via 
socket
++        } else {
++              error("Invalid vm mode '%s'; must be 'pvm', "
++                      "or 'hvm' ", argv[optind]);
++              print_usage(argv[0]);
++              exit(EXIT_SUCCESS);
++      }
++        ++optind;
++      dmi_id = atoi(argv[optind]);
++#endif
++    } else {
++      error("Invalid number of arguments");
++      print_usage(argv[0]);
++      exit(EXIT_SUCCESS);
+     }
+ }
+ 
+@@ -348,93 +581,180 @@ static int init_socket(const char *name)
+ 
+ static void main_loop(void)
+ {
+-    int sock, fh, res;
+-    int32_t in_len;
++    int32_t in_len, written;
+     uint32_t out_len;
+-    uint8_t in[TPM_CMD_BUF_SIZE], *out;
++    uint8_t in[TPM_CMD_BUF_SIZE], *out, *addressed_out;
++    int guest_id=-1;
++    int i;
++    char *vtpm_rx_file=NULL;
++    int res;
++
++#ifndef VTPM_MULTI_VM
++    int sockfd = -1;
+     struct sockaddr_un addr;
+-    socklen_t addr_len;
+-    fd_set rfds;
+-    struct timeval tv;
++    struct sockaddr_un client_addr;
++    unsigned int client_length;
++#endif
++
++    int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
++
++#ifndef VTPM_MULTI_VM
++  if (vtpm_type == VTPM_TYPE_PVM) {
++    vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D));
++    sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id);
++  } else {
++    vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D));
++    sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id);
++
++    if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) {
++          error("Unable to create socket. errno = %d\n", errno);
++      exit (-1);
++    }
++
++    memset(&addr, 0, sizeof(addr));
++    addr.sun_family = AF_UNIX;
++    strcpy(addr.sun_path,vtpm_rx_file );
++    unlink(addr.sun_path);
++  }
++#endif
+ 
+     info("staring main loop");
+-    /* open UNIX socket */
+-    sock = init_socket(opt_socket_name);
+-    if (sock < 0) exit(EXIT_FAILURE);
+     /* init tpm emulator */
+-    debug("initializing TPM emulator: %d", tpm_startup);
++#ifdef VTPM_MULTI_VM
++    debug("initializing TPM emulator: state=%d", tpm_startup);
++#else
++    debug("initializing TPM emulator: state=%d, type=%d, id=%d", tpm_startup, 
vtpm_type, dmi_id);
++#endif
+     tpm_emulator_init(tpm_startup);
+     /* start command processing */
+     while (!stopflag) {
+         /* wait for incomming connections */
+         debug("waiting for connections...");
+-        FD_ZERO(&rfds);
+-        FD_SET(sock, &rfds);
+-        tv.tv_sec = 10;
+-        tv.tv_usec = 0;
+-        res = select(sock + 1, &rfds, NULL, NULL, &tv);
+-        if (res < 0) {
+-            error("select(sock) failed: %s", strerror(errno));
+-            break;
+-        } else if (res == 0) {
+-            continue;
+-        }
+-        addr_len = sizeof(addr);
+-        fh = accept(sock, (struct sockaddr*)&addr, &addr_len);
+-        if (fh < 0) {
+-            error("accept() failed: %s", strerror(errno));
+-            continue;
+-        }
++      if (vtpm_rx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++          vtpm_rx_fh = open(DEV_BE, O_RDWR);
++#else
++          if (vtpm_type == VTPM_TYPE_PVM)
++          {
++              vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY);
++          } else {
++              if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
++                  error("Unable to bind(). errno = %d\n", errno);
++                  exit (-1);
++              }
++
++              if (listen(sockfd, 10) <0) {
++                  error("Unable to listen(). errno = %d\n", errno);
++                  exit (-1);
++              } 
++
++               memset(&client_addr, 0, sizeof(client_addr));
++               client_length = sizeof(client_addr);
++
++               vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct sockaddr 
*)&client_addr, &client_length);
++          }
++#endif
++      }
++      
++      /*Error Checking*/
++      if (vtpm_rx_fh < 0) {
++        error("Failed to open devices to listen to guest.\n");
++        exit(-1);
++      }
++
+         /* receive and handle commands */
+         in_len = 0;
+         do {
+             debug("waiting for commands...");
+-            FD_ZERO(&rfds);
+-            FD_SET(fh, &rfds);
+-            tv.tv_sec = TPM_COMMAND_TIMEOUT;
+-            tv.tv_usec = 0;
+-            res = select(fh + 1, &rfds, NULL, NULL, &tv);
+-            if (res < 0) {
+-                error("select(fh) failed: %s", strerror(errno));
+-                close(fh);
+-                break;
+-            } else if (res == 0) {
+-#ifdef TPMD_DISCONNECT_IDLE_CLIENTS       
+-                info("connection closed due to inactivity");
+-                close(fh);
+-                break;
+-#else         
+-                continue;
+-#endif                
+-            }
+-            in_len = read(fh, in, sizeof(in));
+-            if (in_len > 0) {
++
++            in_len = read(vtpm_rx_fh, in, sizeof(in));
++          /*Magic size of minimum TPM command is 6*/
++              //FIXME Magic size check may not be required anymore
++            if (in_len < 6) {
++              info("Recv incomplete command of %d bytes.", in_len);
++              if (in_len <= 0) {
++                  close(vtpm_rx_fh);
++                  vtpm_rx_fh = -1;
++                  continue;
++                 }
++          } else {
++              /*Debug Printouts*/
+                 debug("received %d bytes", in_len);
++              debug_nostop("Recv[%d]: 0x", in_len);
++              for (i=0; i< in_len; i++) 
++                  debug_more("%x ", in[i]);
++              debug_more("\n");
++              /*Multiple Guest check*/
++              if (guest_id == -1) {
++                  guest_id = *((int32_t *) in);
++              } else {
++                  if (guest_id != *((int32_t *) in) ) {
++                      error("WARNING: More than one guest attached\n");
++                  }
++              }
++
++              /*Open tx handle now*/
++              if (vtpm_tx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++                  vtpm_tx_fh = open(DEV_BE, O_RDWR);
++                  vtpm_rx_fh = vtpm_tx_fh;
++#else
++                  if (vtpm_type == VTPM_TYPE_PVM) {
++                      vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY);
++                  } // No need to open the other direction for HVM
++#endif
++              }
++              if (vtpm_tx_fh < 0) {
++                error("Failed to open devices to respond to guest.\n");
++                exit(-1);
++              }
++
++              /*Handle the TPM command now*/
+                 out = NULL;
+-                res = tpm_handle_command(in, in_len, &out, &out_len);
++                res = tpm_handle_command(in + sizeof(uint32_t), in_len - 
sizeof(uint32_t), &out, &out_len);
+                 if (res < 0) {
+                     error("tpm_handle_command() failed");
+                 } else {
+                     debug("sending %d bytes", out_len);
++                  //FIXME this prepending may or may not be needed
++                  /*Prepend the first 4 bytes of the in buffer.. why?*/
++                  addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + 
out_len);
++                  *(uint32_t *) addressed_out = *(uint32_t *) in;
++                  memcpy(addressed_out + sizeof(uint32_t), out, out_len);
++                  out_len += sizeof(uint32_t);
++                  /*End Prepend*/
++
++                  /*Perform write operation now*/
+                     while (out_len > 0) {
+-                        res = write(fh, out, out_len);
++                        res = write(vtpm_tx_fh, addressed_out, out_len);
++
+                         if (res < 0) {
+                             error("write(%d) failed: %s", out_len, 
strerror(errno));
+                             break;
+-                        }
++                        } else {
++                        debug_nostop("Sent[%Zu]: ", out_len);
++                        for (i=0; (unsigned int)i< out_len; i++)
++                          debug_more("%x ", addressed_out[i]);
++                        debug_more("\n");
++                      }
+                         out_len       -= res;
+                     }
+                     tpm_free(out);
++                  tpm_free(addressed_out);
+                 }
+             }
+         } while (in_len > 0);
+-        close(fh);
++        //close(fh);
+     }
++    
+     /* shutdown tpm emulator */
+     tpm_emulator_shutdown();
+-    /* close socket */
+-    close(sock);
+-    unlink(opt_socket_name);
++    /* Close handles */
++    close(vtpm_tx_fh);
++#ifndef VTPM_MULTI_VM
++    close(vtpm_rx_fh);
++    free(vtpm_rx_file);
++#endif
+     info("main loop stopped");
+ }
+ 
+@@ -450,12 +770,13 @@ int main(int argc, char **argv)
+     /* open random device */
+     init_random();
+     /* init signal handlers */
+-    init_signal_handler();
++    //init_signal_handler();
+     /* unless requested otherwiese, fork and daemonize process */
+-    if (!opt_foreground) daemonize();
++    //if (!opt_foreground) daemonize();
+     /* start main processing loop */
+     main_loop();
+     info("stopping TPM Emulator daemon");
+     closelog();
+     return 0;
+ }
++
+diff -Naurp tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h 
tpm5-test/tpmd/tpm_emulator_config.h
+--- tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h      2008-02-14 
03:22:48.000000000 -0500
++++ tpm5-test/tpmd/tpm_emulator_config.h       2009-07-16 11:25:26.000000000 
-0400
+@@ -29,23 +29,28 @@
+ 
+ /* TPM emulator configuration */
+ 
+-#undef  TPM_STRONG_PERSISTENCE
+-#undef  TPM_GENERATE_EK
++#define  TPM_STRONG_PERSISTENCE
++#define  TPM_GENERATE_EK
+ #undef  TPM_GENERATE_SEED_DAA
+ #undef  TPM_MEMORY_ALIGNMENT_MANDATORY
+ 
++extern int dmi_id;
++
+ /* log macros */
+ 
+ void tpm_log(int priority, const char *fmt, ...);
+ 
+-#define debug(fmt, ...) tpm_log(LOG_DEBUG, "%s:%d: Debug: " fmt "\n", \
+-                                __FILE__, __LINE__, ## __VA_ARGS__)
+-#define info(fmt, ...)  tpm_log(LOG_INFO, "%s:%d: Info: " fmt "\n", \
+-                                __FILE__, __LINE__, ## __VA_ARGS__)
+-#define error(fmt, ...) tpm_log(LOG_ERR, "%s:%d: Error: " fmt "\n", \
+-                                __FILE__, __LINE__, ## __VA_ARGS__)
+-#define alert(fmt, ...) tpm_log(LOG_ALERT, "%s:%d: Alert: " fmt "\n", \
+-                                __FILE__, __LINE__, ## __VA_ARGS__)
++#define debug(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " fmt 
"\n", \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define info(fmt, ...)  tpm_log(LOG_INFO, "VTPMD[%d]: %s:%d: Info: " fmt 
"\n", \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define error(fmt, ...) tpm_log(LOG_ERR, "VTPMD[%d]: %s:%d: Error: " fmt 
"\n", \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define alert(fmt, ...) tpm_log(LOG_ALERT, "VTPMD[%d]: %s:%d: Alert: " fmt 
"\n", \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define debug_nostop(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " 
fmt, \
++                                dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define debug_more(fmt, ...) tpm_log(LOG_DEBUG, fmt, ## __VA_ARGS__)
+ 
+ /*  min/max macros that also do strict type-checking */
+ 

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] vtpm: Upgrade to using tpm_emulator-0.5.1, Xen patchbot-unstable <=