diff -Naur xen-unstable-trp-sdp-pristine/tools/vtpm/Makefile xen-unstable-trp-sdp/tools/vtpm/Makefile --- xen-unstable-trp-sdp-pristine/tools/vtpm/Makefile 2011-02-23 14:47:26.000000000 -0500 +++ xen-unstable-trp-sdp/tools/vtpm/Makefile 2011-02-23 19:40:48.000000000 -0500 @@ -3,16 +3,21 @@ # Base definitions and rules include $(XEN_ROOT)/tools/vtpm/Rules.mk -# Dir name for emulator (as dom0 tpm driver) -TPM_EMULATOR_DIR = tpm_emulator # Dir name for vtpm instance VTPM_DIR = vtpm ORIG_DIR = orig # Emulator tarball name -TPM_EMULATOR_NAME = tpm_emulator-0.5.1 +ifeq ($(APL_INTERNAL), y) +TPM_EMULATOR_URL = http://msvp-his.jhuapl.edu/xen-extfiles +else +TPM_EMULATOR_URL = http://download.berlios.de/tpm-emulator +endif +TPM_EMULATOR_NAME = tpm_emulator-0.7.2 TPM_EMULATOR_TARFILE = $(TPM_EMULATOR_NAME).tar.gz +VTPM_PATCH = vtpm-0.7.2.patch + GMP_HEADER = /usr/include/gmp.h .PHONY: all @@ -23,50 +28,42 @@ .PHONY: install install: build - $(MAKE) -C $(VTPM_DIR) $@ + install -m 0755 $(VTPM_DIR)/build/tpmd/unix/tpmd $(TOOLS_INSTALL_DIR)/vtpmd .PHONY: clean clean: - @if [ -d $(TPM_EMULATOR_DIR) ]; \ - then $(MAKE) -C $(TPM_EMULATOR_DIR) clean; \ - fi - @if [ -d $(VTPM_DIR) ]; \ - then $(MAKE) -C $(VTPM_DIR) clean; \ + @-if [ -d $(VTPM_DIR)/build ]; \ + then $(MAKE) -C $(VTPM_DIR)/build clean; \ fi .PHONY: mrproper mrproper: - rm -f $(TPM_EMULATOR_TARFILE) tpm_emulator.patch.old vtpm.patch.old - rm -rf $(TPM_EMULATOR_DIR) $(VTPM_DIR) $(ORIG_DIR) + rm -f $(TPM_EMULATOR_TARFILE) + rm -rf $(VTPM_DIR) $(ORIG_DIR) # Download Swiss emulator $(TPM_EMULATOR_TARFILE): - wget http://download.berlios.de/tpm-emulator/$(TPM_EMULATOR_TARFILE) + wget $(TPM_EMULATOR_URL)/$(TPM_EMULATOR_TARFILE) # Create vtpm dirs -$(VTPM_DIR)/tpmd/tpmd: $(TPM_EMULATOR_TARFILE) vtpm-0.5.1.patch +$(VTPM_DIR)/build: $(TPM_EMULATOR_TARFILE) $(VTPM_PATCH) + @if ! which cmake &>/dev/null; then echo "cmake not found in PATH. Please install cmake!"; false; fi rm -rf $(VTPM_DIR) tar -xzf $(TPM_EMULATOR_TARFILE) mv $(TPM_EMULATOR_NAME) $(VTPM_DIR) set -e; cd $(VTPM_DIR); \ - patch -p1 < ../vtpm-0.5.1.patch + patch -p1 < ../$(VTPM_PATCH); \ + mkdir build; cd build; cmake -DCMAKE_INSTALL_PREFIX=/usr .. + touch $@ orig: $(TPM_EMULATOR_TARFILE) mkdir $(ORIG_DIR); set -e; cd $(ORIG_DIR); \ tar -xzf ../$(TPM_EMULATOR_TARFILE); -updatepatches: clean orig - find $(VTPM_DIR) -name "*.orig" -print | xargs rm -f; - mv vtpm.patch vtpm.patch.old; - diff -uprN $(TPM_EMULATOR_DIR) $(VTPM_DIR) > vtpm.patch || true; - .PHONY: build_sub -build_sub: $(VTPM_DIR)/tpmd/tpmd - set -e; if [ -e $(GMP_HEADER) ]; then \ - $(MAKE) -C $(VTPM_DIR); \ - else \ - echo "=== Unable to build VTPMs. libgmp could not be found."; \ - fi +build_sub: $(VTPM_DIR)/build + set -e; \ + cd $<; $(MAKE) tpmd diff -Naur xen-unstable-trp-sdp-pristine/tools/vtpm/Rules.mk xen-unstable-trp-sdp/tools/vtpm/Rules.mk --- xen-unstable-trp-sdp-pristine/tools/vtpm/Rules.mk 2011-02-23 14:47:10.000000000 -0500 +++ xen-unstable-trp-sdp/tools/vtpm/Rules.mk 2011-02-23 19:40:48.000000000 -0500 @@ -23,7 +23,5 @@ -include $(DEPS) -BUILD_EMULATOR = y - # Make sure these are just rules .PHONY : all build install clean diff -Naur xen-unstable-trp-sdp-pristine/tools/vtpm/tpm_emulator.patch xen-unstable-trp-sdp/tools/vtpm/tpm_emulator.patch --- xen-unstable-trp-sdp-pristine/tools/vtpm/tpm_emulator.patch 2011-02-23 14:47:26.000000000 -0500 +++ xen-unstable-trp-sdp/tools/vtpm/tpm_emulator.patch 1969-12-31 19:00:00.000000000 -0500 @@ -1,1919 +0,0 @@ -diff -uprN orig/tpm_emulator-0.4/AUTHORS tpm_emulator/AUTHORS ---- orig/tpm_emulator-0.4/AUTHORS 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/AUTHORS 2006-07-24 14:35:35.000000000 -0700 -@@ -1,2 +1,3 @@ - Mario Strasser - Heiko Stamer [DAA] -+INTEL Corp <> [Dropped to Ring3] -diff -uprN orig/tpm_emulator-0.4/ChangeLog tpm_emulator/ChangeLog ---- orig/tpm_emulator-0.4/ChangeLog 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/ChangeLog 2006-07-24 14:35:35.000000000 -0700 -@@ -1,3 +1,6 @@ -+????-??-?? Intel Corp -+ * Moved module out of kernel to run as a ring 3 app -+ - 2006-06-23 Mario Strasser - * tpm_startup.c: behaviour of ST_CLEAR and storage of - persistent data adapted -diff -uprN orig/tpm_emulator-0.4/crypto/gmp_kernel_wrapper.c tpm_emulator/crypto/gmp_kernel_wrapper.c ---- orig/tpm_emulator-0.4/crypto/gmp_kernel_wrapper.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/crypto/gmp_kernel_wrapper.c 2006-07-24 14:35:35.000000000 -0700 -@@ -1,5 +1,6 @@ - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux - * Copyright (C) 2004 Mario Strasser , -+ * Copyright (C) 2005 INTEL Corp - * - * This module is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published -@@ -24,15 +25,10 @@ int __gmp_junk; - void __attribute__ ((regparm(0))) __gmp_assert_fail(const char *filename, - int linenum, const char *expr) - { -- panic(KERN_CRIT TPM_MODULE_NAME "%s:%d: GNU MP assertion failed: %s\n", -+ error("%s:%d: GNU MP assertion failed: %s\n", - filename, linenum, expr); - } - --void __attribute__ ((regparm(0))) abort(void) --{ -- panic(KERN_CRIT TPM_MODULE_NAME "GNU MP abort() was called\n"); --} -- - /* overwrite GNU MP random functions (used by mpz/millerrabin.c) */ - - void __attribute__ ((regparm(0))) gmp_randinit(gmp_randstate_t rstate, -@@ -77,20 +73,19 @@ void __attribute__ ((regparm(0))) mpz_ur - - void __attribute__ ((regparm(0))) *kernel_allocate(size_t size) - { -- void *ret = (void*)kmalloc(size, GFP_KERNEL); -- if (!ret) panic(KERN_CRIT TPM_MODULE_NAME -- "GMP: cannot allocate memory (size=%u)\n", size); -+ void *ret = (void*)malloc(size); -+ if (!ret) error("GMP: cannot allocate memory (size=%Zu)\n", size); - return ret; - } - - void __attribute__ ((regparm(0))) *kernel_reallocate(void *oldptr, - size_t old_size, size_t new_size) - { -- void *ret = (void*)kmalloc(new_size, GFP_KERNEL); -- if (!ret) panic(KERN_CRIT TPM_MODULE_NAME "GMP: Cannot reallocate memory " -- "(old_size=%u new_size=%u)\n", old_size, new_size); -+ void *ret = (void*)malloc(new_size); -+ if (!ret) error("GMP: Cannot reallocate memory " -+ "(old_size=%Zu new_size=%Zu)\n", old_size, new_size); - memcpy(ret, oldptr, old_size); -- kfree(oldptr); -+ free(oldptr); - return ret; - } - -@@ -99,7 +94,7 @@ void __attribute__ ((regparm(0))) kernel - /* overwrite used memory */ - if (blk_ptr != NULL) { - memset(blk_ptr, 0, blk_size); -- kfree(blk_ptr); -+ free(blk_ptr); - } - } - -diff -uprN orig/tpm_emulator-0.4/crypto/rsa.c tpm_emulator/crypto/rsa.c ---- orig/tpm_emulator-0.4/crypto/rsa.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/crypto/rsa.c 2006-07-24 14:35:35.000000000 -0700 -@@ -1,5 +1,6 @@ - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux - * Copyright (C) 2004 Mario Strasser , -+ * Copyright (C) 2005 INTEL Corp - * - * This module is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published -@@ -381,7 +382,7 @@ static int encode_message(int type, uint - msg[0] = 0x00; - get_random_bytes(&msg[1], SHA1_DIGEST_LENGTH); - sha1_init(&ctx); -- sha1_update(&ctx, "TCPA", 4); -+ sha1_update(&ctx, (uint8_t *) "TCPA", 4); - sha1_final(&ctx, &msg[1 + SHA1_DIGEST_LENGTH]); - memset(&msg[1 + 2 * SHA1_DIGEST_LENGTH], 0x00, - msg_len - data_len - 2 * SHA1_DIGEST_LENGTH - 2); -@@ -429,7 +430,7 @@ static int decode_message(int type, uint - mask_generation(&msg[1], SHA1_DIGEST_LENGTH, - &msg[1 + SHA1_DIGEST_LENGTH], msg_len - SHA1_DIGEST_LENGTH - 1); - sha1_init(&ctx); -- sha1_update(&ctx, "TCPA", 4); -+ sha1_update(&ctx, (uint8_t *) "TCPA", 4); - sha1_final(&ctx, &msg[1]); - if (memcmp(&msg[1], &msg[1 + SHA1_DIGEST_LENGTH], - SHA1_DIGEST_LENGTH) != 0) return -1; -diff -uprN orig/tpm_emulator-0.4/linux_module.c tpm_emulator/linux_module.c ---- orig/tpm_emulator-0.4/linux_module.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/linux_module.c 1969-12-31 16:00:00.000000000 -0800 -@@ -1,195 +0,0 @@ --/* Software-Based Trusted Platform Module (TPM) Emulator for Linux -- * Copyright (C) 2004 Mario Strasser , -- * -- * This module is free software; you can redistribute it and/or modify -- * it under the terms of the GNU General Public License as published -- * by the Free Software Foundation; either version 2 of the License, -- * or (at your option) any later version. -- * -- * This module is distributed in the hope that it will be useful, -- * but WITHOUT ANY WARRANTY; without even the implied warranty of -- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- * GNU General Public License for more details. -- * -- * $Id: linux_module.c 91 2006-03-13 13:51:41Z mast $ -- */ -- --#include --#include --#include --#include --#include --#include "linux_module.h" --#include "tpm/tpm_emulator.h" -- --MODULE_LICENSE("GPL"); --MODULE_AUTHOR("Mario Strasser "); --MODULE_DESCRIPTION("Trusted Platform Module (TPM) Emulator"); --MODULE_SUPPORTED_DEVICE(TPM_DEVICE_NAME); -- --/* module startup parameters */ --char *startup = "save"; --module_param(startup, charp, 0444); --MODULE_PARM_DESC(startup, " Sets the startup mode of the TPM. " -- "Possible values are 'clear', 'save' (default) and 'deactivated."); --char *storage_file = "/var/tpm/tpm_emulator-1.2.0.2"; --module_param(storage_file, charp, 0644); --MODULE_PARM_DESC(storage_file, " Sets the persistent-data storage " -- "file of the TPM."); -- --/* TPM lock */ --static struct semaphore tpm_mutex; -- --/* TPM command response */ --static struct { -- uint8_t *data; -- uint32_t size; --} tpm_response; -- --/* module state */ --#define STATE_IS_OPEN 0 --static uint32_t module_state; --static struct timespec old_time; -- --static int tpm_open(struct inode *inode, struct file *file) --{ -- debug("%s()", __FUNCTION__); -- if (test_and_set_bit(STATE_IS_OPEN, (void*)&module_state)) return -EBUSY; -- return 0; --} -- --static int tpm_release(struct inode *inode, struct file *file) --{ -- debug("%s()", __FUNCTION__); -- clear_bit(STATE_IS_OPEN, (void*)&module_state); -- down(&tpm_mutex); -- if (tpm_response.data != NULL) { -- kfree(tpm_response.data); -- tpm_response.data = NULL; -- } -- up(&tpm_mutex); -- return 0; --} -- --static ssize_t tpm_read(struct file *file, char *buf, size_t count, loff_t *ppos) --{ -- debug("%s(%d)", __FUNCTION__, count); -- down(&tpm_mutex); -- if (tpm_response.data != NULL) { -- count = min(count, (size_t)tpm_response.size - (size_t)*ppos); -- count -= copy_to_user(buf, &tpm_response.data[*ppos], count); -- *ppos += count; -- if ((size_t)tpm_response.size == (size_t)*ppos) { -- kfree(tpm_response.data); -- tpm_response.data = NULL; -- } -- } else { -- count = 0; -- } -- up(&tpm_mutex); -- return count; --} -- --static ssize_t tpm_write(struct file *file, const char *buf, size_t count, loff_t *ppos) --{ -- debug("%s(%d)", __FUNCTION__, count); -- down(&tpm_mutex); -- *ppos = 0; -- if (tpm_response.data != NULL) kfree(tpm_response.data); -- if (tpm_handle_command(buf, count, &tpm_response.data, -- &tpm_response.size) != 0) { -- count = -EILSEQ; -- tpm_response.data = NULL; -- } -- up(&tpm_mutex); -- return count; --} -- --#define TPMIOC_CANCEL _IO('T', 0x00) --#define TPMIOC_TRANSMIT _IO('T', 0x01) -- --static int tpm_ioctl(struct inode *inode, struct file *file, unsigned int cmd, unsigned long arg) --{ -- debug("%s(%d, %p)", __FUNCTION__, cmd, (char*)arg); -- if (cmd == TPMIOC_TRANSMIT) { -- uint32_t count = ntohl(*(uint32_t*)(arg + 2)); -- down(&tpm_mutex); -- if (tpm_response.data != NULL) kfree(tpm_response.data); -- if (tpm_handle_command((char*)arg, count, &tpm_response.data, -- &tpm_response.size) == 0) { -- tpm_response.size -= copy_to_user((char*)arg, tpm_response.data, -- tpm_response.size); -- kfree(tpm_response.data); -- tpm_response.data = NULL; -- } else { -- tpm_response.size = 0; -- tpm_response.data = NULL; -- } -- up(&tpm_mutex); -- return tpm_response.size; -- } -- return -1; --} -- --struct file_operations fops = { -- .owner = THIS_MODULE, -- .open = tpm_open, -- .release = tpm_release, -- .read = tpm_read, -- .write = tpm_write, -- .ioctl = tpm_ioctl, --}; -- --static struct miscdevice tpm_dev = { -- .minor = TPM_DEVICE_MINOR, -- .name = TPM_DEVICE_NAME, -- .fops = &fops, --}; -- --int __init init_tpm_module(void) --{ -- int res = misc_register(&tpm_dev); -- if (res != 0) { -- error("misc_register() failed for minor %d\n", TPM_DEVICE_MINOR); -- return res; -- } -- /* initialize variables */ -- sema_init(&tpm_mutex, 1); -- module_state = 0; -- tpm_response.data = NULL; -- old_time = current_kernel_time(); -- /* initialize TPM emulator */ -- if (!strcmp(startup, "clear")) { -- tpm_emulator_init(1); -- } else if (!strcmp(startup, "save")) { -- tpm_emulator_init(2); -- } else if (!strcmp(startup, "deactivated")) { -- tpm_emulator_init(3); -- } else { -- error("invalid startup mode '%s'; must be 'clear', " -- "'save' (default) or 'deactivated", startup); -- misc_deregister(&tpm_dev); -- return -EINVAL; -- } -- return 0; --} -- --void __exit cleanup_tpm_module(void) --{ -- tpm_emulator_shutdown(); -- misc_deregister(&tpm_dev); -- if (tpm_response.data != NULL) kfree(tpm_response.data); --} -- --module_init(init_tpm_module); --module_exit(cleanup_tpm_module); -- --uint64_t tpm_get_ticks(void) --{ -- struct timespec new_time = current_kernel_time(); -- uint64_t ticks = (uint64_t)(new_time.tv_sec - old_time.tv_sec) * 1000000 -- + (new_time.tv_nsec - old_time.tv_nsec) / 1000; -- old_time = new_time; -- return (ticks > 0) ? ticks : 1; --} -- -diff -uprN orig/tpm_emulator-0.4/linux_module.h tpm_emulator/linux_module.h ---- orig/tpm_emulator-0.4/linux_module.h 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/linux_module.h 2006-07-24 14:35:35.000000000 -0700 -@@ -1,5 +1,6 @@ - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux - * Copyright (C) 2004 Mario Strasser , -+ * Copyright (C) 2005 INTEL Corp - * - * This module is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published -@@ -17,54 +18,62 @@ - #ifndef _LINUX_MODULE_H_ - #define _LINUX_MODULE_H_ - --#include --#include --#include -+#include -+#include -+#include -+#include - #include --#include --#include --#include --#include - --/* module settings */ -+#include -+#define __BYTEORDER_HAS_U64__ -+#ifdef LITTLE_ENDIAN -+ #include -+#else -+ #include -+#endif - -+/* module settings */ -+#define min(A,B) ((A)<(B)?(A):(B)) -+#ifndef STR - #define STR(s) __STR__(s) - #define __STR__(s) #s -+#endif - #include "tpm_version.h" - - #define TPM_DEVICE_MINOR 224 - #define TPM_DEVICE_NAME "tpm" - #define TPM_MODULE_NAME "tpm_emulator" - --/* debug and log output functions */ -- - #ifdef DEBUG --#define debug(fmt, ...) printk(KERN_DEBUG "%s %s:%d: Debug: " fmt "\n", \ -- TPM_MODULE_NAME, __FILE__, __LINE__, ## __VA_ARGS__) -+#define debug(fmt, ...) printf("TPMD: %s:%d: Debug: " fmt "\n", \ -+ __FILE__, __LINE__, ## __VA_ARGS__) - #else - #define debug(fmt, ...) - #endif --#define info(fmt, ...) printk(KERN_INFO "%s %s:%d: Info: " fmt "\n", \ -- TPM_MODULE_NAME, __FILE__, __LINE__, ## __VA_ARGS__) --#define error(fmt, ...) printk(KERN_ERR "%s %s:%d: Error: " fmt "\n", \ -- TPM_MODULE_NAME, __FILE__, __LINE__, ## __VA_ARGS__) --#define alert(fmt, ...) printk(KERN_ALERT "%s %s:%d: Alert: " fmt "\n", \ -- TPM_MODULE_NAME, __FILE__, __LINE__, ## __VA_ARGS__) -+#define info(fmt, ...) printf("TPMD: %s:%d: Info: " fmt "\n", \ -+ __FILE__, __LINE__, ## __VA_ARGS__) -+#define error(fmt, ...) printf("TPMD: %s:%d: Error: " fmt "\n", \ -+ __FILE__, __LINE__, ## __VA_ARGS__) -+#define alert(fmt, ...) printf("TPMD: %s:%d: Alert: " fmt "\n", \ -+ __FILE__, __LINE__, ## __VA_ARGS__) - - /* memory allocation */ - - static inline void *tpm_malloc(size_t size) - { -- return kmalloc(size, GFP_KERNEL); -+ return malloc(size); - } - - static inline void tpm_free(const void *ptr) - { -- if (ptr != NULL) kfree(ptr); -+ if (ptr != NULL) free( (void *) ptr); - } - - /* random numbers */ - -+//FIXME; -+void get_random_bytes(void *buf, int nbytes); -+ - static inline void tpm_get_random_bytes(void *buf, int nbytes) - { - get_random_bytes(buf, nbytes); -@@ -84,9 +93,9 @@ uint64_t tpm_get_ticks(void); - #define CPU_TO_LE16(x) __cpu_to_le16(x) - - #define BE64_TO_CPU(x) __be64_to_cpu(x) --#define LE64_TO_CPU(x) __be64_to_cpu(x) -+#define LE64_TO_CPU(x) __le64_to_cpu(x) - #define BE32_TO_CPU(x) __be32_to_cpu(x) --#define LE32_TO_CPU(x) __be32_to_cpu(x) -+#define LE32_TO_CPU(x) __le32_to_cpu(x) - #define BE16_TO_CPU(x) __be16_to_cpu(x) - #define LE16_TO_CPU(x) __le16_to_cpu(x) - -diff -uprN orig/tpm_emulator-0.4/Makefile tpm_emulator/Makefile ---- orig/tpm_emulator-0.4/Makefile 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/Makefile 2006-07-24 14:35:35.000000000 -0700 -@@ -1,24 +1,40 @@ - # Software-Based Trusted Platform Module (TPM) Emulator for Linux - # Copyright (C) 2004 Mario Strasser -+# Copyright (C) 2006 INTEL Corp. - # - # $Id: Makefile 115 2006-06-23 10:36:44Z mast $ - --# kernel settings --KERNEL_RELEASE := $(shell uname -r) --KERNEL_BUILD := /lib/modules/$(KERNEL_RELEASE)/build --MOD_SUBDIR := misc -+COMPILE_ARCH ?= $(shell uname -m | sed -e s/i.86/x86_32/) - - # module settings --MODULE_NAME := tpm_emulator -+BIN := tpm_emulator - VERSION_MAJOR := 0 - VERSION_MINOR := 4 - VERSION_BUILD := $(shell date +"%s") - --# enable/disable DEBUG messages --EXTRA_CFLAGS += -Wall -DDEBUG -g -+# Installation program and options -+INSTALL = install -+INSTALL_PROG = $(INSTALL) -m0755 -+INSTALL_DIR = $(INSTALL) -d -m0755 -+ -+# Xen tools installation directory -+TOOLS_INSTALL_DIR = $(DESTDIR)/usr/bin -+ -+CC := gcc -+CFLAGS += -g -Wall $(INCLUDE) -DDEBUG -+CFLAGS += -I. -Itpm -+ -+# Is the simulator running in it's own vm? -+#CFLAGS += -DVTPM_MULTI_VM -+ -+ifeq ($(COMPILE_ARCH),x86_64) -+LIBDIR = lib64 -+else -+LIBDIR = lib -+endif - - # GNU MP configuration --GMP_LIB := /usr/lib/libgmp.a -+GMP_LIB := /usr/$(LIBDIR)/libgmp.a - GMP_HEADER := /usr/include/gmp.h - - # sources and objects -@@ -27,38 +43,32 @@ DIRS := . crypto tpm - SRCS := $(foreach dir, $(DIRS), $(wildcard $(src)/$(dir)/*.c)) - OBJS := $(patsubst %.c, %.o, $(SRCS)) - SRCS += $(foreach dir, $(DIRS), $(wildcard $(src)/$(dir)/*.h)) --DISTSRC := ./README ./AUTHORS ./ChangeLog ./Makefile $(SRCS) --DISTDIR := tpm_emulator-$(VERSION_MAJOR).$(VERSION_MINOR) - --obj-m := $(MODULE_NAME).o --$(MODULE_NAME)-objs := $(patsubst $(src)/%.o, %.o, $(OBJS)) crypto/libgmp.a -+obj-m := $(BIN) -+$(BIN)-objs := $(patsubst $(src)/%.o, %.o, $(OBJS)) crypto/libgmp.a - - EXTRA_CFLAGS += -I$(src) -I$(src)/crypto -I$(src)/tpm - - # do not print "Entering directory ..." - MAKEFLAGS += --no-print-directory - --all: $(src)/crypto/gmp.h $(src)/crypto/libgmp.a version -- @$(MAKE) -C $(KERNEL_BUILD) M=$(CURDIR) modules -+all: $(BIN) - --install: -- @$(MAKE) -C $(KERNEL_BUILD) M=$(CURDIR) modules_install -- test -d /var/tpm || mkdir /var/tpm -- test -c /dev/tpm || mknod /dev/tpm c 10 224 -- chmod 666 /dev/tpm -- depmod -a -+$(BIN): $(src)/crypto/gmp.h $(src)/crypto/libgmp.a version $(SRCS) $(OBJS) -+ $(CC) $(CFLAGS) $(OBJS) $(src)/crypto/libgmp.a -o $(BIN) -+ -+%.o: %.c -+ $(CC) $(CFLAGS) -c $< -o $@ -+ -+install: $(BIN) -+ $(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR) -+ @if [ ! -d "/var/tpm" ]; then mkdir /var/tpm; fi - - clean: -- @$(MAKE) -C $(KERNEL_BUILD) M=$(CURDIR) clean -- rm -f $(src)/crypto/gmp.h $(src)/crypto/libgmp.a -+ rm -f $(src)/crypto/gmp.h $(src)/crypto/libgmp.a $(OBJS) - --dist: $(DISTSRC) -- rm -rf $(DISTDIR) -- mkdir $(DISTDIR) -- cp --parents $(DISTSRC) $(DISTDIR)/ -- rm -f $(DISTDIR)/crypto/gmp.h -- tar -chzf $(DISTDIR).tar.gz $(DISTDIR) -- rm -rf $(DISTDIR) -+mrproper: clean -+ rm -f $(BIN) tpm_version.h - - $(src)/crypto/libgmp.a: - test -f $(src)/crypto/libgmp.a || ln -s $(GMP_LIB) $(src)/crypto/libgmp.a -@@ -88,4 +98,3 @@ version: - @echo "#endif /* _TPM_VERSION_H_ */" >> $(src)/tpm_version.h - - .PHONY: all install clean dist gmp version -- -diff -uprN orig/tpm_emulator-0.4/README tpm_emulator/README ---- orig/tpm_emulator-0.4/README 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/README 2006-07-24 14:35:35.000000000 -0700 -@@ -13,7 +13,8 @@ $Id: README 113 2006-06-18 12:38:13Z hst - Copyright - -------------------------------------------------------------------------- - Copyright (C) 2004 Mario Strasser and Swiss Federal --Institute of Technology (ETH) Zurich. -+ Institute of Technology (ETH) Zurich. -+Copyright (C) 2005 INTEL Corp - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by -@@ -43,6 +44,12 @@ Example: - GMP_LIB := /usr/lib/libgmp.a - GMP_HEADER := /usr/include/gmp.h - -+GNU MP Library on 64 bit Systems -+-------------------------------------------------------------------------- -+Some 64-bit kernels have problems with importing the user-space gmp -+library (/usr/lib*/libgmp.a) into kernel space. These kernels will require -+that the gmp library be recompiled for kernel space with -mcmodel=kernel. -+ - Installation - -------------------------------------------------------------------------- - The compilation and installation process uses the build environment for -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_capability.c tpm_emulator/tpm/tpm_capability.c ---- orig/tpm_emulator-0.4/tpm/tpm_capability.c 2006-06-23 19:37:07.000000000 +0900 -+++ tpm_emulator/tpm/tpm_capability.c 2007-12-28 22:50:19.000000000 +0900 -@@ -701,7 +701,10 @@ TPM_RESULT TPM_GetCapabilityOwner(TPM_VE - TPM_RESULT res; - - info("TPM_GetCapabilityOwner()"); -- -+ -+ if (!tpmData.permanent.flags.owned) { -+ return TPM_NOSRK; -+ } - /* Verify owner authorization */ - res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); - if (res != TPM_SUCCESS) return res; -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_cmd_handler.c tpm_emulator/tpm/tpm_cmd_handler.c ---- orig/tpm_emulator-0.4/tpm/tpm_cmd_handler.c 2006-06-23 19:37:07.000000000 +0900 -+++ tpm_emulator/tpm/tpm_cmd_handler.c 2007-09-12 20:23:00.000000000 +0900 -@@ -565,7 +565,7 @@ static TPM_RESULT execute_TPM_Seal(TPM_R - if (tpm_unmarshal_TPM_KEY_HANDLE(&ptr, &len, &keyHandle) - || tpm_unmarshal_TPM_ENCAUTH(&ptr, &len, &encAuth) - || tpm_unmarshal_UINT32(&ptr, &len, &pcrInfoSize) -- || tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, &pcrInfo) -+ || (pcrInfoSize >0 && tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, &pcrInfo)) - || tpm_unmarshal_UINT32(&ptr, &len, &inDataSize) - || tpm_unmarshal_BLOB(&ptr, &len, &inData, inDataSize) - || len != 0) return TPM_BAD_PARAMETER; -@@ -798,7 +798,7 @@ static TPM_RESULT execute_TPM_Sealx(TPM_ - if (tpm_unmarshal_TPM_KEY_HANDLE(&ptr, &len, &keyHandle) - || tpm_unmarshal_TPM_ENCAUTH(&ptr, &len, &encAuth) - || tpm_unmarshal_UINT32(&ptr, &len, &pcrInfoSize) -- || tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, &pcrInfo) -+ || (pcrInfoSize > 0 && tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, &pcrInfo)) - || tpm_unmarshal_UINT32(&ptr, &len, &inDataSize) - || tpm_unmarshal_BLOB(&ptr, &len, &inData, inDataSize) - || len != 0) return TPM_BAD_PARAMETER; -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_credentials.c tpm_emulator/tpm/tpm_credentials.c ---- orig/tpm_emulator-0.4/tpm/tpm_credentials.c 2006-06-23 19:37:07.000000000 +0900 -+++ tpm_emulator/tpm/tpm_credentials.c 2007-09-12 20:23:30.000000000 +0900 -@@ -47,20 +47,20 @@ int tpm_compute_pubkey_checksum(TPM_NONC - - TPM_RESULT tpm_get_pubek(TPM_PUBKEY *pubEndorsementKey) - { -- UINT32 key_length; -+ size_t key_length; - if (!tpmData.permanent.data.endorsementKey.size) return TPM_NO_ENDORSEMENT; - /* setup TPM_PUBKEY structure */ -- key_length = tpmData.permanent.data.endorsementKey.size; -- pubEndorsementKey->pubKey.keyLength = key_length >> 3; -+ pubEndorsementKey->pubKey.keyLength = tpmData.permanent.data.endorsementKey.size >> 3; - pubEndorsementKey->pubKey.key = tpm_malloc(pubEndorsementKey->pubKey.keyLength); - if (pubEndorsementKey->pubKey.key == NULL) return TPM_FAIL; - rsa_export_modulus(&tpmData.permanent.data.endorsementKey, -- pubEndorsementKey->pubKey.key, -- &pubEndorsementKey->pubKey.keyLength); -+ pubEndorsementKey->pubKey.key, -+ &key_length); -+ pubEndorsementKey->pubKey.keyLength = key_length; - pubEndorsementKey->algorithmParms.algorithmID = TPM_ALG_RSA; - pubEndorsementKey->algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; - pubEndorsementKey->algorithmParms.sigScheme = TPM_SS_NONE; -- pubEndorsementKey->algorithmParms.parms.rsa.keyLength = key_length; -+ pubEndorsementKey->algorithmParms.parms.rsa.keyLength = key_length << 3; - pubEndorsementKey->algorithmParms.parms.rsa.numPrimes = 2; - pubEndorsementKey->algorithmParms.parms.rsa.exponentSize = 0; - pubEndorsementKey->algorithmParms.parms.rsa.exponent = NULL; -@@ -175,6 +175,7 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_ - { - TPM_RESULT res; - TPM_KEY_DATA *srk = &tpmData.permanent.data.srk; -+ size_t key_length; - info("TPM_OwnerReadInternalPub()"); - /* verify authorization */ - res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); -@@ -186,7 +187,8 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_ - publicPortion->pubKey.key = tpm_malloc(publicPortion->pubKey.keyLength); - if (publicPortion->pubKey.key == NULL) return TPM_FAIL; - rsa_export_modulus(&srk->key, publicPortion->pubKey.key, -- &publicPortion->pubKey.keyLength); -+ &key_length); -+ publicPortion->pubKey.keyLength = key_length; - publicPortion->algorithmParms.algorithmID = TPM_ALG_RSA; - publicPortion->algorithmParms.encScheme = srk->encScheme; - publicPortion->algorithmParms.sigScheme = srk->sigScheme; -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_crypto.c tpm_emulator/tpm/tpm_crypto.c ---- orig/tpm_emulator-0.4/tpm/tpm_crypto.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_crypto.c 2006-07-24 14:35:35.000000000 -0700 -@@ -182,7 +182,8 @@ TPM_RESULT TPM_CertifyKey(TPM_KEY_HANDLE - TPM_KEY_DATA *cert, *key; - sha1_ctx_t sha1_ctx; - BYTE *buf, *p; -- UINT32 length; -+ UINT32 length32; -+ size_t length; - info("TPM_CertifyKey()"); - /* get keys */ - cert = tpm_get_key(certHandle); -@@ -264,14 +265,15 @@ TPM_RESULT TPM_CertifyKey(TPM_KEY_HANDLE - /* compute the digest of the CERTIFY_INFO[2] structure and sign it */ - length = sizeof_TPM_CERTIFY_INFO((*certifyInfo)); - p = buf = tpm_malloc(length); -+ length32=(UINT32) length; - if (buf == NULL -- || tpm_marshal_TPM_CERTIFY_INFO(&p, &length, certifyInfo)) { -+ || tpm_marshal_TPM_CERTIFY_INFO(&p, &length32, certifyInfo)) { - free_TPM_KEY_PARMS(certifyInfo->algorithmParms); - return TPM_FAIL; - } - length = sizeof_TPM_CERTIFY_INFO((*certifyInfo)); - sha1_init(&sha1_ctx); -- sha1_update(&sha1_ctx, buf, length); -+ sha1_update(&sha1_ctx, buf, (size_t) length); - sha1_final(&sha1_ctx, buf); - res = tpm_sign(cert, auth1, FALSE, buf, SHA1_DIGEST_LENGTH, outData, outDataSize); - tpm_free(buf); -@@ -292,7 +294,8 @@ TPM_RESULT TPM_CertifyKey2(TPM_KEY_HANDL - TPM_KEY_DATA *cert, *key; - sha1_ctx_t sha1_ctx; - BYTE *buf, *p; -- UINT32 length; -+ size_t length; -+ UINT32 length32; - info("TPM_CertifyKey2()"); - /* get keys */ - cert = tpm_get_key(certHandle); -@@ -362,8 +365,9 @@ TPM_RESULT TPM_CertifyKey2(TPM_KEY_HANDL - /* compute the digest of the CERTIFY_INFO[2] structure and sign it */ - length = sizeof_TPM_CERTIFY_INFO((*certifyInfo)); - p = buf = tpm_malloc(length); -+ length32 = (UINT32) length; - if (buf == NULL -- || tpm_marshal_TPM_CERTIFY_INFO(&p, &length, certifyInfo)) { -+ || tpm_marshal_TPM_CERTIFY_INFO(&p, &length32, certifyInfo)) { - free_TPM_KEY_PARMS(certifyInfo->algorithmParms); - return TPM_FAIL; - } -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_daa.c tpm_emulator/tpm/tpm_daa.c ---- orig/tpm_emulator-0.4/tpm/tpm_daa.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_daa.c 2006-07-24 14:35:35.000000000 -0700 -@@ -716,14 +716,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x00", 1); -+ sha1_update(&sha1, (BYTE *) "\x00", 1); - sha1_final(&sha1, scratch); - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x01", 1); -+ sha1_update(&sha1, (BYTE *) "\x01", 1); - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); - mpz_init(f), mpz_init(q); - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); -@@ -805,14 +805,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x00", 1); -+ sha1_update(&sha1, (BYTE *) "\x00", 1); - sha1_final(&sha1, scratch); - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x01", 1); -+ sha1_update(&sha1, (BYTE *) "\x01", 1); - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); - mpz_init(f), mpz_init(q); - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); -@@ -1489,14 +1489,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x00", 1); -+ sha1_update(&sha1, (BYTE *) "\x00", 1); - sha1_final(&sha1, scratch); - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x01", 1); -+ sha1_update(&sha1, (BYTE *) "\x01", 1); - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); - mpz_init(f), mpz_init(q); - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); -@@ -1712,14 +1712,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x00", 1); -+ sha1_update(&sha1, (BYTE *) "\x00", 1); - sha1_final(&sha1, scratch); - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x01", 1); -+ sha1_update(&sha1, (BYTE *) "\x01", 1); - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); - mpz_init(f), mpz_init(q); - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); -@@ -1793,14 +1793,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x00", 1); -+ sha1_update(&sha1, (BYTE *) "\x00", 1); - sha1_final(&sha1, scratch); - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x01", 1); -+ sha1_update(&sha1, (BYTE *) "\x01", 1); - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); - mpz_init(f), mpz_init(q); - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); -@@ -2918,14 +2918,14 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x00", 1); -+ sha1_update(&sha1, (BYTE *) "\x00", 1); - sha1_final(&sha1, scratch); - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x01", 1); -+ sha1_update(&sha1, (BYTE *) "\x01", 1); - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); - mpz_init(f), mpz_init(q); - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); -@@ -3143,7 +3143,7 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_session.DAA_digest, - sizeof(session->DAA_session.DAA_digest)); -- sha1_update(&sha1, "\x01", 1); -+ sha1_update(&sha1, (BYTE *) "\x01", 1); - sha1_update(&sha1, inputData1, inputSize1); - sha1_final(&sha1, (BYTE*) &session->DAA_session.DAA_digest); - } -@@ -3172,7 +3172,7 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_session.DAA_digest, - sizeof(session->DAA_session.DAA_digest)); -- sha1_update(&sha1, "\x00", 1); -+ sha1_update(&sha1, (BYTE*) "\x00", 1); - rsa_export_modulus(&aikData->key, scratch, &size); - sha1_update(&sha1, scratch, size); - sha1_final(&sha1, (BYTE*) &session->DAA_session.DAA_digest); -@@ -3229,14 +3229,14 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x00", 1); -+ sha1_update(&sha1, (BYTE *) "\x00", 1); - sha1_final(&sha1, scratch); - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x01", 1); -+ sha1_update(&sha1, (BYTE *) "\x01", 1); - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); - mpz_init(f), mpz_init(q); - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); -@@ -3309,14 +3309,14 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x00", 1); -+ sha1_update(&sha1, (BYTE *) "\x00", 1); - sha1_final(&sha1, scratch); - sha1_init(&sha1); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, - sizeof(session->DAA_tpmSpecific.DAA_rekey)); - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, - sizeof(session->DAA_tpmSpecific.DAA_count)); -- sha1_update(&sha1, "\x01", 1); -+ sha1_update(&sha1, (BYTE *) "\x01", 1); - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); - mpz_init(f), mpz_init(q); - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_data.c tpm_emulator/tpm/tpm_data.c ---- orig/tpm_emulator-0.4/tpm/tpm_data.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_data.c 2006-07-24 14:35:35.000000000 -0700 -@@ -40,6 +40,7 @@ static inline void init_pcr_attr(int pcr - void tpm_init_data(void) - { - /* endorsement key */ -+#ifndef TPM_GENERATE_EK - uint8_t ek_n[] = "\xa8\xdb\xa9\x42\xa8\xf3\xb8\x06\x85\x90\x76\x93\xad\xf7" - "\x74\xec\x3f\xd3\x3d\x9d\xe8\x2e\xff\x15\xed\x0e\xce\x5f\x93" - "\x92\xeb\xd1\x96\x2b\x72\x18\x81\x79\x12\x9d\x9c\x40\xd7\x1a" -@@ -77,6 +78,8 @@ void tpm_init_data(void) - "\xd1\xc0\x8b\x5b\xa2\x2e\xa7\x15\xca\x50\x75\x10\x48\x9c\x2b" - "\x18\xb9\x67\x8f\x5d\x64\xc3\x28\x9f\x2f\x16\x2f\x08\xda\x47" - "\xec\x86\x43\x0c\x80\x99\x07\x34\x0f"; -+#endif -+ - int i; - /* reset all data to NULL, FALSE or 0 */ - memset(&tpmData, 0, sizeof(tpmData)); -@@ -152,44 +155,43 @@ void tpm_release_data(void) - - #ifdef TPM_STORE_TO_FILE - --#include --#include --#include -+#include -+#include -+#include -+#include - - #define TPM_STORAGE_FILE "/var/tpm/tpm_emulator-1.2." STR(VERSION_MAJOR) "." STR(VERSION_MINOR) - - static int write_to_file(uint8_t *data, size_t data_length) - { - int res; -- struct file *fp; -- mm_segment_t old_fs = get_fs(); -- fp = filp_open(TPM_STORAGE_FILE, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR); -- if (IS_ERR(fp)) return -1; -- set_fs(get_ds()); -- res = fp->f_op->write(fp, data, data_length, &fp->f_pos); -- set_fs(old_fs); -- filp_close(fp, NULL); -+ int fp; -+ fp = open(TPM_STORAGE_FILE, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR); -+ res = write(fp, data, data_length); -+ close(fp); - return (res == data_length) ? 0 : -1; - } - - static int read_from_file(uint8_t **data, size_t *data_length) - { - int res; -- struct file *fp; -- mm_segment_t old_fs = get_fs(); -- fp = filp_open(TPM_STORAGE_FILE, O_RDONLY, 0); -- if (IS_ERR(fp)) return -1; -- *data_length = (size_t)fp->f_dentry->d_inode->i_size; -- /* *data_length = i_size_read(fp->f_dentry->d_inode); */ -+ int fp, file_status; -+ struct stat file_info; -+ fp = open(TPM_STORAGE_FILE, O_RDONLY, 0); -+ file_status = fstat(fp, &file_info); -+ if (file_status < 0) { -+ close(fp); -+ return -1; -+ } -+ -+ *data_length = file_info.st_size; - *data = tpm_malloc(*data_length); - if (*data == NULL) { -- filp_close(fp, NULL); -+ close(fp); - return -1; - } -- set_fs(get_ds()); -- res = fp->f_op->read(fp, *data, *data_length, &fp->f_pos); -- set_fs(old_fs); -- filp_close(fp, NULL); -+ res = read(fp, *data, *data_length); -+ close(fp); - if (res != *data_length) { - tpm_free(*data); - return -1; -@@ -216,23 +218,30 @@ static int read_from_file(uint8_t **data - int tpm_store_permanent_data(void) - { - uint8_t *buf, *ptr; -- size_t buf_length, len; -+ UINT32 buf_length, len; - - /* marshal data */ -- buf_length = len = sizeof_TPM_STCLEAR_FLAGS(tpmData.stclear.flags) -- + sizeof_TPM_PERMANENT_FLAGS(tpmData.permanent.flags) + 2 -- + sizeof_TPM_PERMANENT_DATA(tpmData.permanent.data); -+ buf_length = len = 4 + sizeof_TPM_STCLEAR_FLAGS(tpmData.stclear.flags) -+ + sizeof_TPM_PERMANENT_FLAGS(tpmData.permanent.flags) -+ + sizeof_TPM_STANY_FLAGS(tpmData.stany.flags) + 2 -+ + sizeof_TPM_STCLEAR_DATA(tpmData.stclear.data) -+ + sizeof_TPM_PERMANENT_DATA(tpmData.permanent.data) -+ + sizeof_TPM_STANY_DATA(tpmData.stany.data); - buf = ptr = tpm_malloc(buf_length); - if (buf == NULL - || tpm_marshal_TPM_VERSION(&ptr, &len, &tpmData.permanent.data.version) - || tpm_marshal_TPM_STCLEAR_FLAGS(&ptr, &len, &tpmData.stclear.flags) - || tpm_marshal_TPM_PERMANENT_FLAGS(&ptr, &len, &tpmData.permanent.flags) -+ || tpm_marshal_TPM_STANY_FLAGS(&ptr, &len, &tpmData.stany.flags) - || tpm_marshal_BOOL(&ptr, &len, tpmData.permanent.flags.selfTestSucceeded) - || tpm_marshal_BOOL(&ptr, &len, tpmData.permanent.flags.owned) -- || tpm_marshal_TPM_PERMANENT_DATA(&ptr, &len, &tpmData.permanent.data)) { -+ || tpm_marshal_TPM_STCLEAR_DATA(&ptr, &len, &tpmData.stclear.data) -+ || tpm_marshal_TPM_PERMANENT_DATA(&ptr, &len, &tpmData.permanent.data) -+ || tpm_marshal_TPM_STANY_DATA(&ptr, &len, &tpmData.stany.data)) { - tpm_free(buf); - return -1; - } -+ - if (write_to_file(buf, buf_length - len)) { - tpm_free(buf); - return -1; -@@ -244,31 +253,36 @@ int tpm_store_permanent_data(void) - int tpm_restore_permanent_data(void) - { - uint8_t *buf, *ptr; -- size_t buf_length, len; -+ size_t buf_length; -+ UINT32 len; - TPM_VERSION ver; - - /* read data */ - if (read_from_file(&buf, &buf_length)) return -1; - ptr = buf; -- len = buf_length; -+ len = (uint32_t) buf_length; - /* unmarshal data */ - if (tpm_unmarshal_TPM_VERSION(&ptr, &len, &ver) - || memcmp(&ver, &tpmData.permanent.data.version, sizeof(TPM_VERSION)) - || tpm_unmarshal_TPM_STCLEAR_FLAGS(&ptr, &len, &tpmData.stclear.flags) - || tpm_unmarshal_TPM_PERMANENT_FLAGS(&ptr, &len, &tpmData.permanent.flags) -+ || tpm_unmarshal_TPM_STANY_FLAGS(&ptr, &len, &tpmData.stany.flags) - || tpm_unmarshal_BOOL(&ptr, &len, &tpmData.permanent.flags.selfTestSucceeded) - || tpm_unmarshal_BOOL(&ptr, &len, &tpmData.permanent.flags.owned) -- || tpm_unmarshal_TPM_PERMANENT_DATA(&ptr, &len, &tpmData.permanent.data)) { -+ || tpm_unmarshal_TPM_STCLEAR_DATA(&ptr, &len, &tpmData.stclear.data) -+ || tpm_unmarshal_TPM_PERMANENT_DATA(&ptr, &len, &tpmData.permanent.data) -+ || tpm_unmarshal_TPM_STANY_DATA(&ptr, &len, &tpmData.stany.data)) { - tpm_free(buf); - return -1; - } -+ - tpm_free(buf); - return 0; - } - - int tpm_erase_permanent_data(void) - { -- int res = write_to_file("", 0); -+ int res = write_to_file((uint8_t *) "", 0); - return res; - } - -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_deprecated.c tpm_emulator/tpm/tpm_deprecated.c ---- orig/tpm_emulator-0.4/tpm/tpm_deprecated.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_deprecated.c 2006-07-24 14:35:35.000000000 -0700 -@@ -1,6 +1,7 @@ - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux - * Copyright (C) 2004 Mario Strasser , - * Swiss Federal Institute of Technology (ETH) Zurich -+ * Copyright (C) 2005 INTEL Corp - * - * This module is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published -@@ -50,7 +51,7 @@ TPM_RESULT TPM_SaveKeyContext(TPM_KEY_HA - BYTE *ptr; - UINT32 len; - info("TPM_SaveKeyContext()"); -- res = TPM_SaveContext(keyHandle, TPM_RT_KEY, "SaveKeyContext..", -+ res = TPM_SaveContext(keyHandle, TPM_RT_KEY, (BYTE*)"SaveKeyContext..", - keyContextSize, &contextBlob); - if (res != TPM_SUCCESS) return res; - len = *keyContextSize; -@@ -82,7 +83,7 @@ TPM_RESULT TPM_SaveAuthContext(TPM_AUTHH - BYTE *ptr; - UINT32 len; - info("TPM_SaveAuthContext()"); -- res = TPM_SaveContext(authHandle, TPM_RT_KEY, "SaveAuthContext.", -+ res = TPM_SaveContext(authHandle, TPM_RT_KEY, (BYTE*)"SaveAuthContext.", - authContextSize, &contextBlob); - if (res != TPM_SUCCESS) return res; - len = *authContextSize; -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_emulator.h tpm_emulator/tpm/tpm_emulator.h ---- orig/tpm_emulator-0.4/tpm/tpm_emulator.h 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_emulator.h 2006-07-24 14:35:35.000000000 -0700 -@@ -1,5 +1,6 @@ - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux - * Copyright (C) 2004 Mario Strasser , -+ * Copyright (C) 2005 INTEL Corp - * - * This module is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published -@@ -22,7 +23,8 @@ - /* TPM configuration */ - #define TPM_STORE_TO_FILE 1 - #undef TPM_STRONG_PERSISTENCE --#undef TPM_GENERATE_EK -+//#undef TPM_GENERATE_EK -+#define TPM_GENERATE_EK - #undef TPM_GENERATE_SEED_DAA - - #define TPM_MANUFACTURER 0x4554485A /* 'ETHZ' */ -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_marshalling.c tpm_emulator/tpm/tpm_marshalling.c ---- orig/tpm_emulator-0.4/tpm/tpm_marshalling.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_marshalling.c 2006-07-24 14:35:35.000000000 -0700 -@@ -1312,7 +1312,7 @@ int tpm_unmarshal_TPM_STANY_FLAGS(BYTE * - - int tpm_marshal_RSA(BYTE **ptr, UINT32 *length, rsa_private_key_t *v) - { -- UINT32 m_len, e_len, q_len; -+ size_t m_len, e_len, q_len; - if (*length < sizeof_RSA((*v))) return -1; - if (v->size > 0) { - rsa_export_modulus(v, &(*ptr)[6], &m_len); -@@ -1460,6 +1460,66 @@ int tpm_unmarshal_TPM_PERMANENT_DATA(BYT - return 0; - } - -+int tpm_marshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length, TPM_STCLEAR_DATA *v) -+{ -+ if (tpm_marshal_TPM_STRUCTURE_TAG(ptr, length, v->tag) -+ || tpm_marshal_TPM_NONCE(ptr, length, &v->contextNonceKey) -+ || tpm_marshal_TPM_COUNT_ID(ptr, length, v->countID) ) return -1; -+ -+ return 0; -+} -+ -+int tpm_unmarshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length, TPM_STCLEAR_DATA *v) -+{ -+ if (tpm_unmarshal_TPM_STRUCTURE_TAG(ptr, length, &v->tag) -+ || tpm_unmarshal_TPM_NONCE(ptr, length, &v->contextNonceKey) -+ || tpm_unmarshal_TPM_COUNT_ID(ptr, length, &v->countID) ) return -1; -+ -+ return 0; -+} -+ -+int tpm_marshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length, TPM_STANY_DATA *v) -+{ -+ UINT32 i; -+ if (tpm_marshal_TPM_STRUCTURE_TAG(ptr, length, v->tag) -+ || tpm_marshal_TPM_NONCE(ptr, length, &v->contextNonceSession) -+ || tpm_marshal_TPM_DIGEST(ptr, length, &v->auditDigest) -+ || tpm_marshal_BOOL(ptr, length, v->auditSession) -+ || tpm_marshal_TPM_CURRENT_TICKS(ptr, length, &v->currentTicks) -+ || tpm_marshal_UINT32(ptr, length, v->contextCount) -+ || tpm_marshal_UINT32_ARRAY(ptr, length, v->contextList, TPM_MAX_SESSION_LIST)) return -1; -+ for (i = 0; i < TPM_MAX_SESSIONS; i++) { -+ if (tpm_marshal_TPM_SESSION_DATA(ptr, length, &v->sessions[i])) return -1; -+ } -+ for (i = 0; i < TPM_MAX_SESSIONS_DAA; i++) { -+ if (tpm_marshal_TPM_DAA_SESSION_DATA(ptr, length, &v->sessionsDAA[i])) return -1; -+ } -+ if (tpm_marshal_TPM_TRANSHANDLE(ptr, length, v->transExclusive)) return -1; -+ -+ return 0; -+} -+ -+int tpm_unmarshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length, TPM_STANY_DATA *v) -+{ -+ UINT32 i; -+ if (tpm_unmarshal_TPM_STRUCTURE_TAG(ptr, length, &v->tag) -+ || tpm_unmarshal_TPM_NONCE(ptr, length, &v->contextNonceSession) -+ || tpm_unmarshal_TPM_DIGEST(ptr, length, &v->auditDigest) -+ || tpm_unmarshal_BOOL(ptr, length, &v->auditSession) -+ || tpm_unmarshal_TPM_CURRENT_TICKS(ptr, length, &v->currentTicks) -+ || tpm_unmarshal_UINT32(ptr, length, &v->contextCount) -+ || tpm_unmarshal_UINT32_ARRAY(ptr, length, v->contextList, TPM_MAX_SESSION_LIST)) return -1; -+ for (i = 0; i < TPM_MAX_SESSIONS; i++) { -+ if (tpm_unmarshal_TPM_SESSION_DATA(ptr, length, &v->sessions[i])) return -1; -+ } -+ for (i = 0; i < TPM_MAX_SESSIONS_DAA; i++) { -+ if (tpm_unmarshal_TPM_DAA_SESSION_DATA(ptr, length, &v->sessionsDAA[i])) return -1; -+ } -+ if (tpm_unmarshal_TPM_TRANSHANDLE(ptr, length, &v->transExclusive)) return -1; -+ -+ return 0; -+} -+ - int tpm_marshal_TPM_SESSION_DATA(BYTE **ptr, UINT32 *length, TPM_SESSION_DATA *v) - { - if (tpm_marshal_BYTE(ptr, length, v->type) -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_marshalling.h tpm_emulator/tpm/tpm_marshalling.h ---- orig/tpm_emulator-0.4/tpm/tpm_marshalling.h 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_marshalling.h 2006-07-24 14:35:35.000000000 -0700 -@@ -432,6 +432,12 @@ int tpm_unmarshal_TPM_KEY_DATA(BYTE **pt - int tpm_marshal_TPM_PERMANENT_DATA(BYTE **ptr, UINT32 *length, TPM_PERMANENT_DATA *); - int tpm_unmarshal_TPM_PERMANENT_DATA(BYTE **ptr, UINT32 *length, TPM_PERMANENT_DATA *); - -+int tpm_marshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length, TPM_STCLEAR_DATA *v); -+int tpm_unmarshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length, TPM_STCLEAR_DATA *v); -+ -+int tpm_marshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length, TPM_STANY_DATA *v); -+int tpm_unmarshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length, TPM_STANY_DATA *v); -+ - int tpm_marshal_TPM_SESSION_DATA(BYTE **ptr, UINT32 *length, TPM_SESSION_DATA *v); - int tpm_unmarshal_TPM_SESSION_DATA(BYTE **ptr, UINT32 *length, TPM_SESSION_DATA *v); - -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_owner.c tpm_emulator/tpm/tpm_owner.c ---- orig/tpm_emulator-0.4/tpm/tpm_owner.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_owner.c 2006-07-24 14:35:35.000000000 -0700 -@@ -108,7 +108,7 @@ TPM_RESULT TPM_TakeOwnership(TPM_PROTOCO - TPM_RESULT res; - rsa_private_key_t *ek = &tpmData.permanent.data.endorsementKey; - TPM_KEY_DATA *srk = &tpmData.permanent.data.srk; -- UINT32 buf_size = ek->size >> 3; -+ size_t buf_size = ek->size >> 3, key_length; - BYTE buf[buf_size]; - - info("TPM_TakeOwnership()"); -@@ -173,7 +173,8 @@ TPM_RESULT TPM_TakeOwnership(TPM_PROTOCO - return TPM_FAIL; - } - rsa_export_modulus(&srk->key, srkPub->pubKey.key, -- &srkPub->pubKey.keyLength); -+ &key_length); -+ srkPub->pubKey.keyLength = (UINT32) key_length; - /* setup tpmProof and set state to owned */ - tpm_get_random_bytes(tpmData.permanent.data.tpmProof.nonce, - sizeof(tpmData.permanent.data.tpmProof.nonce)); -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_startup.c tpm_emulator/tpm/tpm_startup.c ---- orig/tpm_emulator-0.4/tpm/tpm_startup.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_startup.c 2006-07-24 14:35:35.000000000 -0700 -@@ -41,26 +41,29 @@ void TPM_Init(TPM_STARTUP_TYPE startupTy - TPM_RESULT TPM_Startup(TPM_STARTUP_TYPE startupType) - { - int i; -+ int restore_fail; - info("TPM_Startup(%d)", startupType); - if (tpmData.stany.flags.postInitialise == FALSE) return TPM_INVALID_POSTINIT; -- /* reset STANY_FLAGS */ -- SET_TO_ZERO(&tpmData.stany.flags); -- tpmData.stany.flags.tag = TPM_TAG_STANY_FLAGS; -- /* reset STANY_DATA (invalidates ALL sessions) */ -- SET_TO_ZERO(&tpmData.stany.data); -- tpmData.stany.data.tag = TPM_TAG_STANY_DATA; -- /* init session-context nonce */ -- SET_TO_RAND(&tpmData.stany.data.contextNonceSession); -+ -+ /* try and restore state to get EK, SRK, etc */ -+ restore_fail = tpm_restore_permanent_data(); -+ - /* set data and flags according to the given startup type */ - if (startupType == TPM_ST_CLEAR) { -- /* if available, restore permanent data */ -- tpm_restore_permanent_data(); -+ /* reset STANY_FLAGS */ -+ SET_TO_ZERO(&tpmData.stany.flags); -+ tpmData.stany.flags.tag = TPM_TAG_STANY_FLAGS; -+ /* reset STANY_DATA (invalidates ALL sessions) */ -+ SET_TO_ZERO(&tpmData.stany.data); -+ tpmData.stany.data.tag = TPM_TAG_STANY_DATA; -+ /* init session-context nonce */ -+ SET_TO_RAND(&tpmData.stany.data.contextNonceSession); - /* reset PCR values */ - for (i = 0; i < TPM_NUM_PCR; i++) { -- if (tpmData.permanent.data.pcrAttrib[i].pcrReset) -- SET_TO_ZERO(tpmData.permanent.data.pcrValue[i].digest); -+ if (!tpmData.permanent.data.pcrAttrib[i].pcrReset) -+ SET_TO_ZERO(&tpmData.permanent.data.pcrValue[i].digest); - else -- SET_TO_0xFF(tpmData.permanent.data.pcrValue[i].digest); -+ SET_TO_0xFF(&tpmData.permanent.data.pcrValue[i].digest); - } - /* reset STCLEAR_FLAGS */ - SET_TO_ZERO(&tpmData.stclear.flags); -@@ -79,7 +82,8 @@ TPM_RESULT TPM_Startup(TPM_STARTUP_TYPE - /* init key-context nonce */ - SET_TO_RAND(&tpmData.stclear.data.contextNonceKey); - } else if (startupType == TPM_ST_STATE) { -- if (tpm_restore_permanent_data()) { -+ /* restore must have been successful for TPM_ST_STATE */ -+ if (restore_fail) { - error("restoring permanent data failed"); - tpmData.permanent.data.testResult = "tpm_restore_permanent_data() failed"; - tpmData.permanent.flags.selfTestSucceeded = FALSE; -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_storage.c tpm_emulator/tpm/tpm_storage.c ---- orig/tpm_emulator-0.4/tpm/tpm_storage.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_storage.c 2006-07-24 14:35:35.000000000 -0700 -@@ -58,6 +58,7 @@ int encrypt_sealed_data(TPM_KEY_DATA *ke - BYTE *enc, UINT32 *enc_size) - { - UINT32 len; -+ size_t enc_size32 = *enc_size; - BYTE *buf, *ptr; - rsa_public_key_t pub_key; - int scheme; -@@ -72,7 +73,7 @@ int encrypt_sealed_data(TPM_KEY_DATA *ke - if (buf == NULL - || tpm_marshal_TPM_SEALED_DATA(&ptr, &len, seal) - || rsa_encrypt(&pub_key, scheme, buf, sizeof_TPM_SEALED_DATA((*seal)), -- enc, enc_size)) { -+ enc, &enc_size32)) { - tpm_free(buf); - rsa_release_public_key(&pub_key); - return -1; -@@ -85,7 +86,8 @@ int encrypt_sealed_data(TPM_KEY_DATA *ke - int decrypt_sealed_data(TPM_KEY_DATA *key, BYTE *enc, UINT32 enc_size, - TPM_SEALED_DATA *seal, BYTE **buf) - { -- UINT32 len; -+ size_t len; -+ UINT32 len32; - BYTE *ptr; - int scheme; - switch (key->encScheme) { -@@ -96,8 +98,12 @@ int decrypt_sealed_data(TPM_KEY_DATA *ke - len = enc_size; - *buf = ptr = tpm_malloc(len); - if (*buf == NULL -- || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) -- || tpm_unmarshal_TPM_SEALED_DATA(&ptr, &len, seal)) { -+ || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) ){ -+ tpm_free(*buf); -+ return -1; -+ } -+ len32 = len; -+ if (tpm_unmarshal_TPM_SEALED_DATA(&ptr, &len32, seal)) { - tpm_free(*buf); - return -1; - } -@@ -240,11 +246,12 @@ TPM_RESULT TPM_Unseal(TPM_KEY_HANDLE par - - TPM_RESULT TPM_UnBind(TPM_KEY_HANDLE keyHandle, UINT32 inDataSize, - BYTE *inData, TPM_AUTH *auth1, -- UINT32 *outDataSize, BYTE **outData) -+ UINT32 *outDataSize32, BYTE **outData) - { - TPM_RESULT res; - TPM_KEY_DATA *key; - int scheme; -+ size_t outDataSize; - - info("TPM_UnBind()"); - /* get key */ -@@ -262,8 +269,8 @@ TPM_RESULT TPM_UnBind(TPM_KEY_HANDLE key - /* the size of the input data muss be greater than zero */ - if (inDataSize == 0) return TPM_BAD_PARAMETER; - /* decrypt data */ -- *outDataSize = inDataSize; -- *outData = tpm_malloc(*outDataSize); -+ outDataSize = inDataSize; -+ *outData = tpm_malloc(outDataSize); - if (*outData == NULL) return TPM_NOSPACE; - switch (key->encScheme) { - case TPM_ES_RSAESOAEP_SHA1_MGF1: scheme = RSA_ES_OAEP_SHA1; break; -@@ -271,20 +278,21 @@ TPM_RESULT TPM_UnBind(TPM_KEY_HANDLE key - default: tpm_free(*outData); return TPM_DECRYPT_ERROR; - } - if (rsa_decrypt(&key->key, scheme, inData, inDataSize, -- *outData, outDataSize)) { -+ *outData, &outDataSize)) { - tpm_free(*outData); - return TPM_DECRYPT_ERROR; - } - /* verify data if it is of type TPM_BOUND_DATA */ - if (key->encScheme == TPM_ES_RSAESOAEP_SHA1_MGF1 - || key->keyUsage != TPM_KEY_LEGACY) { -- if (*outDataSize < 5 || memcmp(*outData, "\x01\x01\00\x00\x02", 5) != 0) { -+ if (outDataSize < 5 || memcmp(*outData, "\x01\x01\00\x00\x02", 5) != 0) { - tpm_free(*outData); - return TPM_DECRYPT_ERROR; - } -- *outDataSize -= 5; -- memmove(*outData, &(*outData)[5], *outDataSize); -+ outDataSize -= 5; -+ memmove(*outData, &(*outData)[5], outDataSize); - } -+ *outDataSize32 = (UINT32) outDataSize; - return TPM_SUCCESS; - } - -@@ -334,12 +342,13 @@ int compute_pubkey_digest(TPM_PUBKEY *ke - } - - int encrypt_private_key(TPM_KEY_DATA *key, TPM_STORE_ASYMKEY *store, -- BYTE *enc, UINT32 *enc_size) -+ BYTE *enc, UINT32 *enc_size32) - { - UINT32 len; - BYTE *buf, *ptr; - rsa_public_key_t pub_key; - int scheme; -+ size_t enc_size; - switch (key->encScheme) { - case TPM_ES_RSAESOAEP_SHA1_MGF1: scheme = RSA_ES_OAEP_SHA1; break; - case TPM_ES_RSAESPKCSv15: scheme = RSA_ES_PKCSV15; break; -@@ -351,11 +360,12 @@ int encrypt_private_key(TPM_KEY_DATA *ke - if (buf == NULL - || tpm_marshal_TPM_STORE_ASYMKEY(&ptr, &len, store) - || rsa_encrypt(&pub_key, scheme, buf, sizeof_TPM_STORE_ASYMKEY((*store)), -- enc, enc_size)) { -+ enc, &enc_size)) { - tpm_free(buf); - rsa_release_public_key(&pub_key); - return -1; - } -+ *enc_size32 = (UINT32) enc_size; - tpm_free(buf); - rsa_release_public_key(&pub_key); - return 0; -@@ -364,7 +374,8 @@ int encrypt_private_key(TPM_KEY_DATA *ke - int decrypt_private_key(TPM_KEY_DATA *key, BYTE *enc, UINT32 enc_size, - TPM_STORE_ASYMKEY *store, BYTE **buf) - { -- UINT32 len; -+ UINT32 len32; -+ size_t len; - BYTE *ptr; - int scheme; - switch (key->encScheme) { -@@ -375,8 +386,12 @@ int decrypt_private_key(TPM_KEY_DATA *ke - len = enc_size; - *buf = ptr = tpm_malloc(len); - if (*buf == NULL -- || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) -- || tpm_unmarshal_TPM_STORE_ASYMKEY(&ptr, &len, store)) { -+ || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) ) { -+ tpm_free(*buf); -+ return -1; -+ } -+ len32 = (UINT32) len; -+ if (tpm_unmarshal_TPM_STORE_ASYMKEY(&ptr, &len32, store)) { - tpm_free(*buf); - return -1; - } -@@ -394,7 +409,7 @@ TPM_RESULT TPM_CreateWrapKey(TPM_KEY_HAN - TPM_SESSION_DATA *session; - TPM_STORE_ASYMKEY store; - rsa_private_key_t rsa; -- UINT32 key_length; -+ size_t key_length; - - info("TPM_CreateWrapKey()"); - /* get parent key */ -@@ -450,11 +465,11 @@ TPM_RESULT TPM_CreateWrapKey(TPM_KEY_HAN - } - } - /* generate key and store it */ -- key_length = keyInfo->algorithmParms.parms.rsa.keyLength; -- if (rsa_generate_key(&rsa, key_length)) return TPM_FAIL; -- wrappedKey->pubKey.keyLength = key_length >> 3; -+ if (rsa_generate_key(&rsa, keyInfo->algorithmParms.parms.rsa.keyLength)) -+ return TPM_FAIL; -+ wrappedKey->pubKey.keyLength = keyInfo->algorithmParms.parms.rsa.keyLength >> 3; - wrappedKey->pubKey.key = tpm_malloc(wrappedKey->pubKey.keyLength); -- store.privKey.keyLength = key_length >> 4; -+ store.privKey.keyLength = keyInfo->algorithmParms.parms.rsa.keyLength >> 4; - store.privKey.key = tpm_malloc(store.privKey.keyLength); - wrappedKey->encDataSize = parent->key.size >> 3; - wrappedKey->encData = tpm_malloc(wrappedKey->encDataSize); -@@ -466,9 +481,11 @@ TPM_RESULT TPM_CreateWrapKey(TPM_KEY_HAN - tpm_free(wrappedKey->encData); - return TPM_NOSPACE; - } -- rsa_export_modulus(&rsa, wrappedKey->pubKey.key, -- &wrappedKey->pubKey.keyLength); -- rsa_export_prime1(&rsa, store.privKey.key, &store.privKey.keyLength); -+ rsa_export_modulus(&rsa, wrappedKey->pubKey.key, -+ &key_length); -+ wrappedKey->pubKey.keyLength = (UINT32) key_length; -+ rsa_export_prime1(&rsa, store.privKey.key, &key_length); -+ store.privKey.keyLength = (UINT32) key_length; - rsa_release_private_key(&rsa); - /* compute the digest of the wrapped key (without encData) */ - if (compute_key_digest(wrappedKey, &store.pubDataDigest)) { -@@ -602,6 +619,7 @@ TPM_RESULT TPM_LoadKey2(TPM_KEY_HANDLE p - - int tpm_setup_key_parms(TPM_KEY_DATA *key, TPM_KEY_PARMS *parms) - { -+ size_t key_length; - parms->algorithmID = TPM_ALG_RSA; - parms->encScheme = key->encScheme; - parms->sigScheme = key->sigScheme; -@@ -611,7 +629,8 @@ int tpm_setup_key_parms(TPM_KEY_DATA *ke - parms->parms.rsa.exponent = tpm_malloc(parms->parms.rsa.exponentSize); - if (parms->parms.rsa.exponent == NULL) return -1; - rsa_export_exponent(&key->key, parms->parms.rsa.exponent, -- &parms->parms.rsa.exponentSize); -+ &key_length); -+ parms->parms.rsa.exponentSize = (UINT32) key_length; - parms->parmSize = 12 + parms->parms.rsa.exponentSize; - return 0; - } -@@ -622,6 +641,7 @@ TPM_RESULT TPM_GetPubKey(TPM_KEY_HANDLE - TPM_RESULT res; - TPM_KEY_DATA *key; - TPM_DIGEST digest; -+ size_t key_length; - info("TPM_GetPubKey()"); - /* get key */ - if (keyHandle == TPM_KH_SRK -@@ -650,8 +670,8 @@ TPM_RESULT TPM_GetPubKey(TPM_KEY_HANDLE - pubKey->pubKey.keyLength = key->key.size >> 3; - pubKey->pubKey.key = tpm_malloc(pubKey->pubKey.keyLength); - if (pubKey->pubKey.key == NULL) return TPM_NOSPACE; -- rsa_export_modulus(&key->key, pubKey->pubKey.key, -- &pubKey->pubKey.keyLength); -+ rsa_export_modulus(&key->key, pubKey->pubKey.key, &key_length); -+ pubKey->pubKey.keyLength = (UINT32) key_length; - if (tpm_setup_key_parms(key, &pubKey->algorithmParms) != 0) { - error("TPM_GetPubKey(): tpm_setup_key_parms() failed."); - tpm_free(pubKey->pubKey.key); -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_structures.h tpm_emulator/tpm/tpm_structures.h ---- orig/tpm_emulator-0.4/tpm/tpm_structures.h 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_structures.h 2006-07-24 14:35:35.000000000 -0700 -@@ -1958,6 +1958,7 @@ typedef struct tdTPM_DAA_ISSUER { - TPM_DIGEST DAA_digest_gamma; - BYTE DAA_generic_q[26]; - } TPM_DAA_ISSUER; -+#define sizeof_TPM_DAA_ISSUER(s) (2 + (20 * 6) + 26 ) - - /* - * TPM_DAA_TPM ([TPM_Part2], Section 22.4) -@@ -1973,6 +1974,7 @@ typedef struct tdTPM_DAA_TPM { - TPM_DIGEST DAA_rekey; - UINT32 DAA_count; - } TPM_DAA_TPM; -+#define sizeof_TPM_DAA_TPM(s) (2 + (4 * 20) + 4) - - /* - * TPM_DAA_CONTEXT ([TPM_Part2], Section 22.5) -@@ -1987,6 +1989,7 @@ typedef struct tdTPM_DAA_CONTEXT { - BYTE DAA_scratch[256]; - BYTE DAA_stage; - } TPM_DAA_CONTEXT; -+#define sizeof_TPM_DAA_CONTEXT(s) (2 + (3 * 20) + 256 + 1) - - /* - * TPM_DAA_JOINDATA ([TPM_Part2], Section 22.6) -@@ -1998,6 +2001,7 @@ typedef struct tdTPM_DAA_JOINDATA { - BYTE DAA_join_u1[138]; - TPM_DIGEST DAA_digest_n0; - } TPM_DAA_JOINDATA; -+#define sizeof_TPM_DAA_JOINDATA(s) (1 + 1 + 20) - - /* - * TPM_DAA_BLOB ([TPM_Part2], Section 22.8) -@@ -2202,6 +2206,7 @@ typedef struct tdTPM_STCLEAR_DATA { - //UINT32 ownerReference; - //BOOL disableResetLock; - } TPM_STCLEAR_DATA; -+#define sizeof_TPM_STCLEAR_DATA(s) (2 + 20 + 4) - - /* - * TPM_SESSION_DATA -@@ -2238,6 +2243,11 @@ typedef struct tdTPM_DAA_SESSION_DATA { - TPM_DAA_JOINDATA DAA_joinSession; - TPM_HANDLE handle; - } TPM_DAA_SESSION_DATA; -+#define sizeof_TPM_DAA_SESSION_DATA(s) ( 1 \ -+ + sizeof_TPM_DAA_ISSUER(s.DAA_issuerSettings) \ -+ + sizeof_TPM_DAA_TPM(s.DAA_tpmSpecific) \ -+ + sizeof_TPM_DAA_CONTEXT(s.DAA_session) \ -+ + sizeof_TPM_DAA_JOINDATA(s.DAA_joinSession) + 4) - - /* - * TPM_STANY_DATA ([TPM_Part2], Section 7.6) -@@ -2262,6 +2272,11 @@ typedef struct tdTPM_STANY_DATA { - TPM_DAAHANDLE currentDAA; - TPM_TRANSHANDLE transExclusive; - } TPM_STANY_DATA; -+#define sizeof_TPM_STANY_DATA(s) (2 + 20 + 20 + 1 \ -+ + sizeof_TPM_CURRENT_TICKS(s.currentTicks) \ -+ + 4 + (4 * TPM_MAX_SESSION_LIST) \ -+ + (sizeof_TPM_SESSION_DATA(s.sessions[0]) * TPM_MAX_SESSION_LIST) \ -+ + (sizeof_TPM_DAA_SESSION_DATA(s.sessionsDAA[0]) * TPM_MAX_SESSIONS_DAA) + 4) - - /* - * TPM_DATA -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_testing.c tpm_emulator/tpm/tpm_testing.c ---- orig/tpm_emulator-0.4/tpm/tpm_testing.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_testing.c 2006-07-24 14:35:35.000000000 -0700 -@@ -1,6 +1,7 @@ - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux - * Copyright (C) 2004 Mario Strasser , - * Swiss Federal Institute of Technology (ETH) Zurich -+ * Copyright (C) 2005 INTEL Corp - * - * This module is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published -@@ -95,24 +96,24 @@ static int tpm_test_sha1(void) - struct { - uint8_t *data; uint32_t repetitions; uint8_t *digest; - } test_cases[] = {{ -- "abc", 1, -- "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" -+ (uint8_t*)"abc", 1, -+ (uint8_t*)"\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" - }, { -- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1, -- "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1" -+ (uint8_t*)"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1, -+ (uint8_t*)"\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1" - }, { -- "a", 1000000, -- "\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F" -+ (uint8_t*)"a", 1000000, -+ (uint8_t*)"\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F" - }, { -- "0123456701234567012345670123456701234567012345670123456701234567", 10, -- "\xDE\xA3\x56\xA2\xCD\xDD\x90\xC7\xA7\xEC\xED\xC5\xEB\xB5\x63\x93\x4F\x46\x04\x52" -+ (uint8_t*)"0123456701234567012345670123456701234567012345670123456701234567", 10, -+ (uint8_t*)"\xDE\xA3\x56\xA2\xCD\xDD\x90\xC7\xA7\xEC\xED\xC5\xEB\xB5\x63\x93\x4F\x46\x04\x52" - }}; - - debug("tpm_test_sha1()"); - for (i = 0; i < sizeof(test_cases) / sizeof(test_cases[0]); i++) { - sha1_init(&ctx); - for (j = 0; j < test_cases[i].repetitions; j++) -- sha1_update(&ctx, test_cases[i].data, strlen(test_cases[i].data)); -+ sha1_update(&ctx, test_cases[i].data, strlen((char*)test_cases[i].data)); - sha1_final(&ctx, digest); - if (memcmp(digest, test_cases[i].digest, SHA1_DIGEST_LENGTH) != 0) return -1; - } -@@ -128,41 +129,41 @@ static int tpm_test_hmac(void) - struct { - uint8_t *key, key_len, *data, data_len, *digest; - } test_cases[] = {{ -- "\x0b", 20, "Hi There", 8, -- "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00" -+ (uint8_t*)"\x0b", 20, (uint8_t*)"Hi There", 8, -+ (uint8_t*)"\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00" - }, { -- "Jefe", 4, "what do ya want for nothing?", 28, -- "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79" -+ (uint8_t*)"Jefe", 4, (uint8_t*)"what do ya want for nothing?", 28, -+ (uint8_t*)"\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79" - }, { -- "\xaa", 20, "\xdd", 50, -- "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f\x63\xf1\x75\xd3" -+ (uint8_t*)"\xaa", 20, (uint8_t*)"\xdd", 50, -+ (uint8_t*)"\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f\x63\xf1\x75\xd3" - }, { -- "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14" -- "\x15\x16\x17\x18\x19", 25, "\xcd", 50, -- "\x4c\x90\x07\xf4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c\x2d\x72\x35\xda" -+ (uint8_t*)"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14" -+ "\x15\x16\x17\x18\x19", 25, (uint8_t*)"\xcd", 50, -+ (uint8_t*)"\x4c\x90\x07\xf4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c\x2d\x72\x35\xda" - }, { -- "\x0c", 20, "Test With Truncation", 20, -- "\x4c\x1a\x03\x42\x4b\x55\xe0\x7f\xe7\xf2\x7b\xe1\xd5\x8b\xb9\x32\x4a\x9a\x5a\x04" -+ (uint8_t*)"\x0c", 20, (uint8_t*)"Test With Truncation", 20, -+ (uint8_t*)"\x4c\x1a\x03\x42\x4b\x55\xe0\x7f\xe7\xf2\x7b\xe1\xd5\x8b\xb9\x32\x4a\x9a\x5a\x04" - }, { -- "\xaa", 80, "Test Using Larger Than Block-Size Key - Hash Key First", 54, -- "\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55\xed\x40\x21\x12" -+ (uint8_t*)"\xaa", 80, (uint8_t*)"Test Using Larger Than Block-Size Key - Hash Key First", 54, -+ (uint8_t*)"\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55\xed\x40\x21\x12" - }, { -- "\xaa", 80, -- "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", 73, -- "\xe8\xe9\x9d\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08\xbb\xff\x1a\x91" -+ (uint8_t*)"\xaa", 80, -+ (uint8_t*)"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", 73, -+ (uint8_t*)"\xe8\xe9\x9d\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08\xbb\xff\x1a\x91" - }}; - - debug("tpm_test_hmac()"); - for (i = 0; i < sizeof(test_cases) / sizeof(test_cases[0]); i++) { -- if (strlen(test_cases[i].key) < test_cases[i].key_len) { -+ if (strlen((char*)test_cases[i].key) < test_cases[i].key_len) { - uint8_t key[test_cases[i].key_len]; - memset(key, test_cases[i].key[0], test_cases[i].key_len); - hmac_init(&ctx, key, test_cases[i].key_len); - } else { - hmac_init(&ctx, test_cases[i].key, test_cases[i].key_len); - } -- for (j = 0; j < test_cases[i].data_len; j += strlen(test_cases[i].data)) { -- hmac_update(&ctx, test_cases[i].data, strlen(test_cases[i].data)); -+ for (j = 0; j < test_cases[i].data_len; j += strlen((char*)test_cases[i].data)) { -+ hmac_update(&ctx, test_cases[i].data, strlen((char*)test_cases[i].data)); - } - hmac_final(&ctx, digest); - if (memcmp(digest, test_cases[i].digest, SHA1_DIGEST_LENGTH) != 0) return -1; -@@ -173,9 +174,9 @@ static int tpm_test_hmac(void) - static int tpm_test_rsa_EK(void) - { - int res = 0; -- char *data = "RSA PKCS #1 v1.5 Test-String"; -+ uint8_t *data = (uint8_t*)"RSA PKCS #1 v1.5 Test-String"; - uint8_t buf[256]; -- size_t buf_len, data_len = strlen(data); -+ size_t buf_len, data_len = strlen((char*)data); - rsa_private_key_t priv_key; - rsa_public_key_t pub_key; - -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_ticks.c tpm_emulator/tpm/tpm_ticks.c ---- orig/tpm_emulator-0.4/tpm/tpm_ticks.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_ticks.c 2006-07-24 14:35:35.000000000 -0700 -@@ -1,6 +1,7 @@ - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux - * Copyright (C) 2004 Mario Strasser , - * Swiss Federal Institute of Technology (ETH) Zurich -+ * Copyright (C) 2005 INTEL Corp - * - * This module is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published -@@ -39,9 +40,7 @@ TPM_RESULT TPM_SetTickType(TPM_TICKTYPE - TPM_RESULT TPM_GetTicks(TPM_CURRENT_TICKS *currentTime) - { - info("TPM_GetTicks()"); -- memcpy(currentTime, &tpmData.stany.data.currentTicks, -- sizeof(TPM_CURRENT_TICKS)); -- return TPM_SUCCESS; -+ return TPM_DISABLED_CMD; - } - - TPM_RESULT TPM_TickStampBlob(TPM_KEY_HANDLE keyHandle, TPM_NONCE *antiReplay, -@@ -49,64 +48,11 @@ TPM_RESULT TPM_TickStampBlob(TPM_KEY_HAN - TPM_CURRENT_TICKS *currentTicks, - UINT32 *sigSize, BYTE **sig) - { -- TPM_RESULT res; -- TPM_KEY_DATA *key; -- BYTE *info, *p; -- UINT32 info_length, length; - info("TPM_TickStampBlob()"); -- /* get key */ -- key = tpm_get_key(keyHandle); -- if (key == NULL) return TPM_INVALID_KEYHANDLE; -- /* verify authorization */ -- res = tpm_verify_auth(auth1, key->usageAuth, keyHandle); -- if (res != TPM_SUCCESS) return res; -- if (key->keyUsage != TPM_KEY_SIGNING && key->keyUsage != TPM_KEY_LEGACY -- && key->keyUsage != TPM_KEY_IDENTITY) return TPM_INVALID_KEYUSAGE; -- /* get current ticks */ -- TPM_GetTicks(currentTicks); -- /* sign data using signature scheme PKCS1_SHA1 and TPM_SIGN_INFO container */ -- *sigSize = key->key.size >> 3; -- *sig = tpm_malloc(*sigSize); -- if (*sig == NULL) return TPM_FAIL; -- /* setup TPM_SIGN_INFO structure */ -- info_length = 30 + sizeof(TPM_DIGEST) + sizeof_TPM_CURRENT_TICKS(currentTicks); -- info = tpm_malloc(info_length); -- if (info == NULL) { -- tpm_free(*sig); -- return TPM_FAIL; -- } -- memcpy(&info[0], "\x05\x00TSTP", 6); -- memcpy(&info[6], antiReplay->nonce, 20); -- *(UINT32*)&info[26] = CPU_TO_BE32(20 -- + sizeof_TPM_CURRENT_TICKS(currentTicks)); -- memcpy(&info[30], digestToStamp->digest, sizeof(TPM_DIGEST)); -- p = &info[30 + sizeof(TPM_DIGEST)]; -- length = sizeof_TPM_CURRENT_TICKS(currentTicks); -- if (tpm_marshal_TPM_CURRENT_TICKS(&p, &length, currentTicks) -- || rsa_sign(&key->key, RSA_SSA_PKCS1_SHA1, info, info_length, *sig)) { -- tpm_free(*sig); -- tpm_free(info); -- return TPM_FAIL; -- } -- return TPM_SUCCESS; -+ return TPM_DISABLED_CMD; - } - - void tpm_update_ticks(void) - { -- if (tpmData.stany.data.currentTicks.tag == 0) { -- tpmData.stany.data.currentTicks.tag = TPM_TAG_CURRENT_TICKS; -- tpmData.stany.data.currentTicks.currentTicks += tpm_get_ticks(); --/* removed since v1.2 rev 94 -- tpmData.stany.data.currentTicks.tickType = tpmData.permanent.data.tickType; --*/ -- tpm_get_random_bytes(tpmData.stany.data.currentTicks.tickNonce.nonce, -- sizeof(TPM_NONCE)); -- tpmData.stany.data.currentTicks.tickRate = 1; --/* removed since v1.2 rev 94 -- tpmData.stany.data.currentTicks.tickSecurity = TICK_SEC_NO_CHECK; --*/ -- } else { -- tpmData.stany.data.currentTicks.currentTicks += tpm_get_ticks(); -- } - } - -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_transport.c tpm_emulator/tpm/tpm_transport.c ---- orig/tpm_emulator-0.4/tpm/tpm_transport.c 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm/tpm_transport.c 2006-07-24 14:35:35.000000000 -0700 -@@ -189,7 +189,7 @@ static void decrypt_wrapped_command(BYTE - sha1_init(&sha1); - sha1_update(&sha1, auth->nonceEven.nonce, sizeof(auth->nonceEven.nonce)); - sha1_update(&sha1, auth->nonceOdd.nonce, sizeof(auth->nonceOdd.nonce)); -- sha1_update(&sha1, "in", 2); -+ sha1_update(&sha1, (BYTE*)"in", 2); - sha1_update(&sha1, secret, sizeof(TPM_SECRET)); - j = CPU_TO_BE32(i); - sha1_update(&sha1, (BYTE*)&j, 4); -@@ -211,7 +211,7 @@ static void encrypt_wrapped_command(BYTE - sha1_init(&sha1); - sha1_update(&sha1, auth->nonceEven.nonce, sizeof(auth->nonceEven.nonce)); - sha1_update(&sha1, auth->nonceOdd.nonce, sizeof(auth->nonceOdd.nonce)); -- sha1_update(&sha1, "out", 3); -+ sha1_update(&sha1, (BYTE*)"out", 3); - sha1_update(&sha1, secret, sizeof(TPM_SECRET)); - j = CPU_TO_BE32(i); - sha1_update(&sha1, (BYTE*)&j, 4); -diff -uprN orig/tpm_emulator-0.4/tpmd.c tpm_emulator/tpmd.c ---- orig/tpm_emulator-0.4/tpmd.c 1969-12-31 16:00:00.000000000 -0800 -+++ tpm_emulator/tpmd.c 2006-07-24 14:35:35.000000000 -0700 -@@ -0,0 +1,156 @@ -+/* Software-Based Trusted Platform Module (TPM) Emulator for Linux -+ * Copyright (C) 2005 INTEL Corp -+ * -+ * This module is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published -+ * by the Free Software Foundation; either version 2 of the License, -+ * or (at your option) any later version. -+ * -+ * This module is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "tpm_emulator.h" -+ -+#define TPM_RX_FNAME "/var/tpm/tpm_in.fifo" -+#define TPM_TX_FNAME "/var/tpm/tpm_out.fifo" -+ -+#define BUFFER_SIZE 2048 -+ -+static int devurandom=0; -+ -+void get_random_bytes(void *buf, int nbytes) { -+ -+ if (devurandom == 0) { -+ devurandom = open("/dev/urandom", O_RDONLY); -+ } -+ -+ if (read(devurandom, buf, nbytes) != nbytes) { -+ printf("Can't get random number.\n"); -+ exit(-1); -+ } -+} -+ -+uint64_t tpm_get_ticks(void) -+{ -+ //struct timeval tv; -+ //int gettimeofday(&tv, struct timezone *tz); -+ return 0; -+} -+ -+int main(int argc, char **argv) -+{ -+ uint8_t in[BUFFER_SIZE], *out; -+ uint32_t out_size; -+ int in_size, written; -+ int i; -+ struct stat file_info; -+ -+ int tpm_tx_fh=-1, tpm_rx_fh=-1; -+ if (argc < 2) { -+ printf("Usage: tpmd clear|save|deactivated\n" ); -+ return -1; -+ } -+ -+ /* initialize TPM emulator */ -+ if (!strcmp(argv[1], "clear")) { -+ printf("Initializing tpm: %s\n", argv[1]); -+ tpm_emulator_init(1); -+ } else if (!strcmp(argv[1], "save")) { -+ printf("Initializing tpm: %s\n", argv[1]); -+ tpm_emulator_init(2); -+ } else if (!strcmp(argv[1], "deactivated")) { -+ printf("Initializing tpm: %s\n", argv[1]); -+ tpm_emulator_init(3); -+ } else { -+ printf("invalid startup mode '%s'; must be 'clear', " -+ "'save' (default) or 'deactivated", argv[1]); -+ return -1; -+ } -+ -+ if ( stat(TPM_RX_FNAME, &file_info) == -1) { -+ if ( mkfifo(TPM_RX_FNAME, S_IWUSR | S_IRUSR ) ) { -+ printf("Failed to create fifo %s.\n", TPM_RX_FNAME); -+ return -1; -+ } -+ } -+ -+ if ( stat(TPM_TX_FNAME, &file_info) == -1) { -+ if ( mkfifo(TPM_TX_FNAME, S_IWUSR | S_IRUSR ) ) { -+ printf("Failed to create fifo %s.\n", TPM_TX_FNAME); -+ return -1; -+ } -+ } -+ -+ while (1) { -+abort_command: -+ if (tpm_rx_fh < 0) { -+ tpm_rx_fh = open(TPM_RX_FNAME, O_RDONLY); -+ } -+ -+ if (tpm_rx_fh < 0) { -+ printf("ERROR: failed to open devices to listen to guest.\n"); -+ return -1; -+ } -+ -+ if (tpm_tx_fh < 0) { -+ tpm_tx_fh = open(TPM_TX_FNAME, O_WRONLY); -+ } -+ -+ if (tpm_tx_fh < 0) { -+ printf("ERROR: failed to open devices to respond to guest.\n"); -+ return -1; -+ } -+ -+ in_size = read(tpm_rx_fh, in, BUFFER_SIZE); -+ if (in_size < 6) { // Magic size of minium TPM command -+ printf("Recv[%d] to small: 0x", in_size); -+ if (in_size <= 0) { -+ close(tpm_rx_fh); -+ tpm_rx_fh = -1; -+ goto abort_command; -+ } -+ } else { -+ printf("Recv[%d]: 0x", in_size); -+ for (i=0; i< in_size; i++) -+ printf("%x ", in[i]); -+ printf("\n"); -+ } -+ -+ -+ if (tpm_handle_command(in, in_size, &out, &out_size) != 0) { -+ printf("ERROR: Handler Failed.\n"); -+ } -+ -+ written = write(tpm_tx_fh, out, out_size); -+ -+ if (written != out_size ) { -+ printf("ERROR: Part of response not written %d/%d.\nAttempt: ", written, out_size); -+ } else { -+ printf("Sent[%Zu]: ", out_size); -+ } -+ for (i=0; i< out_size; i++) -+ printf("%x ", out[i]); -+ printf("\n"); -+ tpm_free(out); -+ -+ } // loop -+ -+ tpm_emulator_shutdown(); -+ -+ close(tpm_tx_fh); -+ close(tpm_rx_fh); -+ -+} -Binary files orig/tpm_emulator-0.4/tpm_emulator and tpm_emulator/tpm_emulator differ -diff -uprN orig/tpm_emulator-0.4/tpm_version.h tpm_emulator/tpm_version.h ---- orig/tpm_emulator-0.4/tpm_version.h 2006-06-23 03:37:07.000000000 -0700 -+++ tpm_emulator/tpm_version.h 2006-07-24 14:35:41.000000000 -0700 -@@ -2,5 +2,5 @@ - #define _TPM_VERSION_H_ - #define VERSION_MAJOR 0 - #define VERSION_MINOR 4 --#define VERSION_BUILD 1151058734 -+#define VERSION_BUILD 1153776940 - #endif /* _TPM_VERSION_H_ */ diff -Naur xen-unstable-trp-sdp-pristine/tools/vtpm/vtpm-0.5.1.patch xen-unstable-trp-sdp/tools/vtpm/vtpm-0.5.1.patch --- xen-unstable-trp-sdp-pristine/tools/vtpm/vtpm-0.5.1.patch 2011-02-23 14:47:26.000000000 -0500 +++ xen-unstable-trp-sdp/tools/vtpm/vtpm-0.5.1.patch 1969-12-31 19:00:00.000000000 -0500 @@ -1,766 +0,0 @@ -diff -Naurp tpm_emulator-0.5.1/Makefile tpm5-test/Makefile ---- tpm_emulator-0.5.1/Makefile 2008-02-14 03:22:48.000000000 -0500 -+++ tpm5-test/Makefile 2009-07-15 09:45:28.000000000 -0400 -@@ -10,7 +10,7 @@ VERSION_MINOR := 5 - VERSION_BUILD := $(shell date +"%s") - VERSION_SUFFIX := .1 - --SUBDIRS := tpmd tpmd_dev tddl -+SUBDIRS := tpmd - - all: version all-recursive - -@@ -48,12 +48,12 @@ user_install: user - modules_install: modules - @$(MAKE) -C tpmd_dev install || exit -1 - --DIRS := . tpm crypto tpmd tpmd_dev tddl tpmd_dev_openbsd -+DIRS := . tpm crypto tpmd - DISTSRC := $(foreach dir, $(DIRS), $(wildcard $(dir)/*.c)) - DISTSRC += $(foreach dir, $(DIRS), $(wildcard $(dir)/*.h)) --DIRS := . tpmd tpmd_dev tddl tpmd_dev_openbsd -+DIRS := . tpmd - DISTSRC += $(foreach dir, $(DIRS), $(dir)/Makefile) --DISTSRC += ./README ./AUTHORS ./ChangeLog tpmd_dev/tpmd_dev.rules.in -+DISTSRC += ./README ./AUTHORS ./ChangeLog - DISTDIR := tpm_emulator-$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_SUFFIX) - - dist: $(DISTSRC) -diff -Naurp tpm_emulator-0.5.1/tpm/tpm_capability.c tpm5-test/tpm/tpm_capability.c ---- tpm_emulator-0.5.1/tpm/tpm_capability.c 2008-02-14 03:22:48.000000000 -0500 -+++ tpm5-test/tpm/tpm_capability.c 2009-07-16 12:04:20.000000000 -0400 -@@ -136,8 +136,19 @@ static TPM_RESULT cap_property(UINT32 su - - case TPM_CAP_PROP_TIS_TIMEOUT: - debug("[TPM_CAP_PROP_TIS_TIMEOUT]"); -- /* TODO: TPM_CAP_PROP_TIS_TIMEOUT */ -- return TPM_FAIL; -+ /* TODO: TPM_CAP_PROP_TIS_TIMEOUT: Measure these values and determine correct ones */ -+ UINT32 len = *respSize = 16; -+ BYTE *ptr = *resp = tpm_malloc(*respSize); -+ if (ptr == NULL || -+ tpm_marshal_UINT32(&ptr, &len, 200000) || -+ tpm_marshal_UINT32(&ptr, &len, 200000) || -+ tpm_marshal_UINT32(&ptr, &len, 200000) || -+ tpm_marshal_UINT32(&ptr, &len, 200000)) { -+ tpm_free(*resp); -+ return TPM_FAIL; -+ } -+ return TPM_SUCCESS; -+ - - case TPM_CAP_PROP_STARTUP_EFFECT: - debug("[TPM_CAP_PROP_STARTUP_EFFECT]"); -@@ -189,8 +200,12 @@ static TPM_RESULT cap_property(UINT32 su - - case TPM_CAP_PROP_DURATION: - debug("[TPM_CAP_PROP_DURATION]"); -- /* TODO: TPM_CAP_PROP_DURATION */ -- return TPM_FAIL; -+ /* TODO: TPM_CAP_PROP_DURATION: Measure these values and return accurate ones */ -+ BYTE dur[]= {0x0,0x0,0x0,0xc,0x0,0x7,0xa1,0x20,0x0,0x1e,0x84,0x80,0x11,0xe1,0xa3,0x0}; -+ *respSize = 16; -+ *resp = tpm_malloc(*respSize); -+ memcpy(*resp,dur,16); -+ - - case TPM_CAP_PROP_ACTIVE_COUNTER: - debug("[TPM_CAP_PROP_ACTIVE_COUNTER]"); -diff -Naurp tpm_emulator-0.5.1/tpmd/Makefile tpm5-test/tpmd/Makefile ---- tpm_emulator-0.5.1/tpmd/Makefile 2008-02-14 03:22:48.000000000 -0500 -+++ tpm5-test/tpmd/Makefile 2009-07-16 12:08:26.000000000 -0400 -@@ -8,9 +8,10 @@ WFLAGS := -Wall -Wno-unused -Wpointer-a - -Wwrite-strings -Wsign-compare -Wno-multichar - #WFLAGS += -Wextra -Wcast-qual -Wmissing-prototypes -Wmissing-declarations -Wstrict-aliasing - CFLAGS += $(WFLAGS) -g -I.. -I. -O2 -fno-strict-aliasing -+CFLAGS += -I../../../../tools/vtpm_manager/manager - LDFLAGS += -lgmp - --BINDIR := /usr/sbin/ -+BINDIR := /usr/bin/ - - TPMD := tpmd - DIRS := ../tpm ../crypto -@@ -18,6 +19,8 @@ SRCS := $(foreach dir, $(DIRS), $(wil - OBJS := $(patsubst %.c, %.o, $(SRCS)) - OBJS := $(foreach dir, $(DIRS), $(patsubst $(dir)/%.o, %.o, $(filter $(dir)/%.o, $(OBJS)))) - -+VTPM_BIN := vtpmd -+ - vpath %.c $(strip $(DIRS)) - - all: $(TPMD) -@@ -32,10 +35,8 @@ TPMD_GROUP ?= tss - INSTALL ?= install - - install: $(TPMD) -- $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d $(DESTDIR)/var/lib/tpm -- $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d $(DESTDIR)/var/run/tpm - $(INSTALL) -D -d $(DESTDIR)/$(BINDIR) -- $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR) -+ $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR)/$(VTPM_BIN) - - .PHONY: all clean install - -diff -Naurp tpm_emulator-0.5.1/tpmd/tpmd.c tpm5-test/tpmd/tpmd.c ---- tpm_emulator-0.5.1/tpmd/tpmd.c 2008-02-14 03:22:48.000000000 -0500 -+++ tpm5-test/tpmd/tpmd.c 2009-07-16 11:19:05.000000000 -0400 -@@ -32,6 +32,9 @@ - #include - #include "tpm_emulator_config.h" - #include "tpm/tpm_emulator.h" -+#include "tpm/tpm_structures.h" -+#include "tpm/tpm_marshalling.h" -+#include "vtpm_manager.h" - - #define TPM_DAEMON_NAME "tpmd" - #define TPM_CMD_BUF_SIZE 4096 -@@ -39,6 +42,24 @@ - #define TPM_RANDOM_DEVICE "/dev/urandom" - #undef TPM_MKDIRS - -+#ifdef VTPM_MULTI_VM -+ #define DEV_BE "/dev/vtpm" -+ #define DEV_FE "/dev/tpm" -+#else -+ #define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo" -+ #define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo" -+ #define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket" -+ -+ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo" -+ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo" -+ -+ static char *vtpm_rx_name=NULL; -+#endif -+ -+ static int vtpm_tx_fh=-1, vtpm_rx_fh=-1; -+ -+#define BUFFER_SIZE 2048 -+ - static volatile int stopflag = 0; - static int is_daemon = 0; - static int opt_debug = 0; -@@ -49,6 +70,8 @@ static const char *opt_storage_file = "/ - static uid_t opt_uid = 0; - static gid_t opt_gid = 0; - static int tpm_startup = 2; -+static int vtpm_type = VTPM_TYPE_PVM; -+int dmi_id = 0; - static int rand_fh; - - void tpm_log(int priority, const char *fmt, ...) -@@ -90,56 +113,241 @@ uint64_t tpm_get_ticks(void) - - int tpm_write_to_file(uint8_t *data, size_t data_length) - { -- int fh; -- ssize_t res; -- fh = open(opt_storage_file, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR); -- if (fh < 0) return -1; -- while (data_length > 0) { -- res = write(fh, data, data_length); -- if (res < 0) { -- close(fh); -- return -1; -- } -- data_length -= res; -- data += res; -+ int res, out_data_size, in_header_size; -+ BYTE *ptr, *out_data, *in_header; -+ UINT32 result, len, in_rsp_size; -+ UINT16 tag = VTPM_TAG_REQ; -+ -+ printf("Saving NVM\n"); -+ if (vtpm_tx_fh < 0) { -+#ifdef VTPM_MUTLI_VM -+ vtpm_tx_fh = open(DEV_FE, O_RDWR); -+#else -+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); -+#endif -+ } -+ -+ if (vtpm_tx_fh < 0) { -+ return -1; -+ } -+ -+ // Send request to VTPM Manager to encrypt data -+#ifdef VTPM_MUTLI_VM -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT + data_length; -+#else -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length; -+#endif -+ -+ out_data = ptr = (BYTE *) malloc(len); -+ -+ if (ptr == NULL -+#ifndef VTPM_MUTLI_VM -+ || tpm_marshal_UINT32(&ptr, &len, dmi_id) -+#endif -+ || tpm_marshal_UINT16(&ptr, &len, tag) -+#ifdef VTPM_MUTLI_VM -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size) -+#else -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) -+#endif -+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM) -+ || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) { -+ free(out_data); -+ return -1; -+ } -+ -+ printf("\tSending SaveNVM Command.\n"); -+ res = write(vtpm_tx_fh, out_data, out_data_size); -+ free(out_data); -+ if (res != out_data_size) return -1; -+ -+ if (vtpm_rx_fh < 0) { -+#ifdef VTPM_MUTLI_VM -+ vtpm_rx_fh = vtpm_tx_fh -+#else -+ if (vtpm_rx_name == NULL) { -+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); -+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); - } -- close(fh); -- return 0; -+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); -+#endif -+ } -+ -+ if (vtpm_rx_fh < 0) { -+ return -1; -+ } -+ -+ // Read Header of response so we can get the size & status -+#ifdef VTPM_MUTLI_VM -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; -+#else -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; -+#endif -+ in_header = ptr = malloc(in_header_size); -+ -+ printf("\tReading SaveNVM header.\n"); -+ res = read(vtpm_rx_fh, in_header, in_header_size); -+ -+ if ( (res != in_header_size) -+#ifndef VTPM_MUTLI_VM -+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) -+#endif -+ || tpm_unmarshal_UINT16(&ptr, &len, &tag) -+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) -+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { -+ free(in_header); -+ return -1; -+ } -+ free(in_header); -+ -+ if (result != VTPM_SUCCESS) { -+ return -1; -+ } -+ -+#ifdef VTPM_MUTLI_VM -+ close(vtpm_tx_fh); close(vtpm_rx_fh); -+#endif -+ -+ printf("\tFinishing up SaveNVM\n"); -+ return (0); - } - - int tpm_read_from_file(uint8_t **data, size_t *data_length) - { -- int fh; -- ssize_t res; -- size_t total_length; -- fh = open(opt_storage_file, O_RDONLY); -- if (fh < 0) return -1; -- total_length = lseek(fh, 0, SEEK_END); -- lseek(fh, 0, SEEK_SET); -- *data = tpm_malloc(total_length); -- if (*data == NULL) { -- close(fh); -- return -1; -- } -- *data_length = 0; -- while (total_length > 0) { -- res = read(fh, &(*data)[*data_length], total_length); -- if (res < 0) { -- close(fh); -- tpm_free(*data); -- return -1; -- } -- *data_length += res; -- total_length -= res; -+ int res, out_data_size, in_header_size; -+ uint8_t *ptr, *out_data, *in_header; -+ UINT16 tag = VTPM_TAG_REQ; -+ UINT32 len, in_rsp_size, result; -+#ifdef VTPM_MUTLI_VM -+ int vtpm_rx_fh, vtpm_tx_fh; -+#endif -+ -+ printf("Loading NVM.\n"); -+ if (vtpm_tx_fh < 0) { -+#ifdef VTPM_MUTLI_VM -+ vtpm_tx_fh = open(DEV_FE, O_RDWR); -+#else -+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); -+#endif -+ } -+ -+ if (vtpm_tx_fh < 0) { -+ printf("Error in read_from_file:301\n"); -+ return -1; -+ } -+ -+ // Send request to VTPM Manager to encrypt data -+#ifdef VTPM_MUTLI_VM -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; -+#else -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; -+#endif -+ out_data = ptr = (BYTE *) malloc(len); -+ -+ if (ptr == NULL -+#ifndef VTPM_MUTLI_VM -+ || tpm_marshal_UINT32(&ptr, &len, dmi_id) -+#endif -+ || tpm_marshal_UINT16(&ptr, &len, tag) -+#ifdef VTPM_MUTLI_VM -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size) -+#else -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) -+#endif -+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) { -+ free(out_data); -+ printf("Error in read_from_file:325\n"); -+ -+ return -1; -+ } -+ -+ printf("\tSending LoadNVM command\n"); -+ res = write(vtpm_tx_fh, out_data, out_data_size); -+ free(out_data); -+ if (res != out_data_size) -+ { -+ printf("Error in read_from_file:335\n"); -+ return -1; -+ } -+ -+ if (vtpm_rx_fh < 0) { -+#ifdef VTPM_MUTLI_VM -+ vtpm_rx_fh = vtpm_tx_fh; -+#else -+ if (vtpm_rx_name == NULL) { -+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); -+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); - } -- close(fh); -- return 0; -+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); -+#endif -+ } -+ -+ if (vtpm_rx_fh < 0) { -+ printf("Error in read_from_file:352\n"); -+ return -1; -+ } -+ -+ // Read Header of response so we can get the size & status -+#ifdef VTPM_MUTLI_VM -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; -+#else -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; -+#endif -+ in_header = ptr = malloc(in_header_size); -+ -+ printf("\tReading LoadNVM header\n"); -+ res = read(vtpm_rx_fh, in_header, in_header_size); -+ -+ if ( (res != in_header_size) -+#ifndef VTPM_MUTLI_VM -+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) -+#endif -+ || tpm_unmarshal_UINT16(&ptr, &len, &tag) -+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) -+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { -+ free(in_header); -+ printf("Error in read_from_file:375\n"); -+ return -1; -+ } -+ free(in_header); -+ -+ if (result != VTPM_SUCCESS) { -+ printf("Error in read_from_file:381\n"); -+ return -1; -+ } -+ -+ // Read Encrypted data from VTPM Manager -+ *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT; -+ *data = (uint8_t *) malloc(*data_length); -+ -+ printf("\tReading clear data from LoadNVM.\n"); -+ res = read(vtpm_rx_fh, *data, *data_length); -+#ifdef VTPM_MUTLI_VM -+ close(vtpm_rx_fh);close(vtpm_tx_fh); -+#endif -+ -+ printf("\tReturing from loading NVM\n"); -+ if (res != (int)*data_length) { -+ free(*data); -+ printf("Error in read_from_file:398\n"); -+ return -1; -+ } else { -+ return 0; -+ } -+ -+ -+ - } - - static void print_usage(char *name) - { - printf("usage: %s [-d] [-f] [-s storage file] [-u unix socket name] " -- "[-o user name] [-g group name] [-h] [startup mode]\n", name); -+ "[-o user name] [-g group name] [-h]" -+#ifdef VTPM_MULTI_VM -+ "clear|save|deactivated\n", name); -+#else -+ "clear|save|deactivated pvm|hvm vtpmid\n", name); -+#endif - printf(" d : enable debug mode\n"); - printf(" f : forces the application to run in the foreground\n"); - printf(" s : storage file to use (default: %s)\n", opt_storage_file); -@@ -205,7 +413,13 @@ static void parse_options(int argc, char - exit(EXIT_SUCCESS); - } - } -- if (optind < argc) { -+ /*Make sure we have all required options*/ -+#ifdef VTPM_MULTI_VM -+#define EXTRA_OPTS 0 -+#else -+#define EXTRA_OPTS 2 -+#endif -+ if (optind < argc - EXTRA_OPTS ) { - debug("startup mode = '%s'", argv[optind]); - if (!strcmp(argv[optind], "clear")) { - tpm_startup = 1; -@@ -219,6 +433,25 @@ static void parse_options(int argc, char - print_usage(argv[0]); - exit(EXIT_SUCCESS); - } -+#ifndef VTPM_MULTI_VM -+ ++optind; -+ if(!strcmp(argv[optind], "pvm")) { -+ vtpm_type = VTPM_TYPE_PVM; // Get commands from vTPM Manager through fifo -+ } else if (!strcmp(argv[optind], "hvm")) { -+ vtpm_type = VTPM_TYPE_HVM; // Get commands from qemu via socket -+ } else { -+ error("Invalid vm mode '%s'; must be 'pvm', " -+ "or 'hvm' ", argv[optind]); -+ print_usage(argv[0]); -+ exit(EXIT_SUCCESS); -+ } -+ ++optind; -+ dmi_id = atoi(argv[optind]); -+#endif -+ } else { -+ error("Invalid number of arguments"); -+ print_usage(argv[0]); -+ exit(EXIT_SUCCESS); - } - } - -@@ -348,93 +581,180 @@ static int init_socket(const char *name) - - static void main_loop(void) - { -- int sock, fh, res; -- int32_t in_len; -+ int32_t in_len, written; - uint32_t out_len; -- uint8_t in[TPM_CMD_BUF_SIZE], *out; -+ uint8_t in[TPM_CMD_BUF_SIZE], *out, *addressed_out; -+ int guest_id=-1; -+ int i; -+ char *vtpm_rx_file=NULL; -+ int res; -+ -+#ifndef VTPM_MULTI_VM -+ int sockfd = -1; - struct sockaddr_un addr; -- socklen_t addr_len; -- fd_set rfds; -- struct timeval tv; -+ struct sockaddr_un client_addr; -+ unsigned int client_length; -+#endif -+ -+ int vtpm_tx_fh=-1, vtpm_rx_fh=-1; -+ -+#ifndef VTPM_MULTI_VM -+ if (vtpm_type == VTPM_TYPE_PVM) { -+ vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D)); -+ sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id); -+ } else { -+ vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D)); -+ sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id); -+ -+ if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) { -+ error("Unable to create socket. errno = %d\n", errno); -+ exit (-1); -+ } -+ -+ memset(&addr, 0, sizeof(addr)); -+ addr.sun_family = AF_UNIX; -+ strcpy(addr.sun_path,vtpm_rx_file ); -+ unlink(addr.sun_path); -+ } -+#endif - - info("staring main loop"); -- /* open UNIX socket */ -- sock = init_socket(opt_socket_name); -- if (sock < 0) exit(EXIT_FAILURE); - /* init tpm emulator */ -- debug("initializing TPM emulator: %d", tpm_startup); -+#ifdef VTPM_MULTI_VM -+ debug("initializing TPM emulator: state=%d", tpm_startup); -+#else -+ debug("initializing TPM emulator: state=%d, type=%d, id=%d", tpm_startup, vtpm_type, dmi_id); -+#endif - tpm_emulator_init(tpm_startup); - /* start command processing */ - while (!stopflag) { - /* wait for incomming connections */ - debug("waiting for connections..."); -- FD_ZERO(&rfds); -- FD_SET(sock, &rfds); -- tv.tv_sec = 10; -- tv.tv_usec = 0; -- res = select(sock + 1, &rfds, NULL, NULL, &tv); -- if (res < 0) { -- error("select(sock) failed: %s", strerror(errno)); -- break; -- } else if (res == 0) { -- continue; -- } -- addr_len = sizeof(addr); -- fh = accept(sock, (struct sockaddr*)&addr, &addr_len); -- if (fh < 0) { -- error("accept() failed: %s", strerror(errno)); -- continue; -- } -+ if (vtpm_rx_fh < 0) { -+#ifdef VTPM_MUTLI_VM -+ vtpm_rx_fh = open(DEV_BE, O_RDWR); -+#else -+ if (vtpm_type == VTPM_TYPE_PVM) -+ { -+ vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY); -+ } else { -+ if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) { -+ error("Unable to bind(). errno = %d\n", errno); -+ exit (-1); -+ } -+ -+ if (listen(sockfd, 10) <0) { -+ error("Unable to listen(). errno = %d\n", errno); -+ exit (-1); -+ } -+ -+ memset(&client_addr, 0, sizeof(client_addr)); -+ client_length = sizeof(client_addr); -+ -+ vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct sockaddr *)&client_addr, &client_length); -+ } -+#endif -+ } -+ -+ /*Error Checking*/ -+ if (vtpm_rx_fh < 0) { -+ error("Failed to open devices to listen to guest.\n"); -+ exit(-1); -+ } -+ - /* receive and handle commands */ - in_len = 0; - do { - debug("waiting for commands..."); -- FD_ZERO(&rfds); -- FD_SET(fh, &rfds); -- tv.tv_sec = TPM_COMMAND_TIMEOUT; -- tv.tv_usec = 0; -- res = select(fh + 1, &rfds, NULL, NULL, &tv); -- if (res < 0) { -- error("select(fh) failed: %s", strerror(errno)); -- close(fh); -- break; -- } else if (res == 0) { --#ifdef TPMD_DISCONNECT_IDLE_CLIENTS -- info("connection closed due to inactivity"); -- close(fh); -- break; --#else -- continue; --#endif -- } -- in_len = read(fh, in, sizeof(in)); -- if (in_len > 0) { -+ -+ in_len = read(vtpm_rx_fh, in, sizeof(in)); -+ /*Magic size of minimum TPM command is 6*/ -+ //FIXME Magic size check may not be required anymore -+ if (in_len < 6) { -+ info("Recv incomplete command of %d bytes.", in_len); -+ if (in_len <= 0) { -+ close(vtpm_rx_fh); -+ vtpm_rx_fh = -1; -+ continue; -+ } -+ } else { -+ /*Debug Printouts*/ - debug("received %d bytes", in_len); -+ debug_nostop("Recv[%d]: 0x", in_len); -+ for (i=0; i< in_len; i++) -+ debug_more("%x ", in[i]); -+ debug_more("\n"); -+ /*Multiple Guest check*/ -+ if (guest_id == -1) { -+ guest_id = *((int32_t *) in); -+ } else { -+ if (guest_id != *((int32_t *) in) ) { -+ error("WARNING: More than one guest attached\n"); -+ } -+ } -+ -+ /*Open tx handle now*/ -+ if (vtpm_tx_fh < 0) { -+#ifdef VTPM_MUTLI_VM -+ vtpm_tx_fh = open(DEV_BE, O_RDWR); -+ vtpm_rx_fh = vtpm_tx_fh; -+#else -+ if (vtpm_type == VTPM_TYPE_PVM) { -+ vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY); -+ } // No need to open the other direction for HVM -+#endif -+ } -+ if (vtpm_tx_fh < 0) { -+ error("Failed to open devices to respond to guest.\n"); -+ exit(-1); -+ } -+ -+ /*Handle the TPM command now*/ - out = NULL; -- res = tpm_handle_command(in, in_len, &out, &out_len); -+ res = tpm_handle_command(in + sizeof(uint32_t), in_len - sizeof(uint32_t), &out, &out_len); - if (res < 0) { - error("tpm_handle_command() failed"); - } else { - debug("sending %d bytes", out_len); -+ //FIXME this prepending may or may not be needed -+ /*Prepend the first 4 bytes of the in buffer.. why?*/ -+ addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + out_len); -+ *(uint32_t *) addressed_out = *(uint32_t *) in; -+ memcpy(addressed_out + sizeof(uint32_t), out, out_len); -+ out_len += sizeof(uint32_t); -+ /*End Prepend*/ -+ -+ /*Perform write operation now*/ - while (out_len > 0) { -- res = write(fh, out, out_len); -+ res = write(vtpm_tx_fh, addressed_out, out_len); -+ - if (res < 0) { - error("write(%d) failed: %s", out_len, strerror(errno)); - break; -- } -+ } else { -+ debug_nostop("Sent[%Zu]: ", out_len); -+ for (i=0; (unsigned int)i< out_len; i++) -+ debug_more("%x ", addressed_out[i]); -+ debug_more("\n"); -+ } - out_len -= res; - } - tpm_free(out); -+ tpm_free(addressed_out); - } - } - } while (in_len > 0); -- close(fh); -+ //close(fh); - } -+ - /* shutdown tpm emulator */ - tpm_emulator_shutdown(); -- /* close socket */ -- close(sock); -- unlink(opt_socket_name); -+ /* Close handles */ -+ close(vtpm_tx_fh); -+#ifndef VTPM_MULTI_VM -+ close(vtpm_rx_fh); -+ free(vtpm_rx_file); -+#endif - info("main loop stopped"); - } - -@@ -450,12 +770,13 @@ int main(int argc, char **argv) - /* open random device */ - init_random(); - /* init signal handlers */ -- init_signal_handler(); -+ //init_signal_handler(); - /* unless requested otherwiese, fork and daemonize process */ -- if (!opt_foreground) daemonize(); -+ //if (!opt_foreground) daemonize(); - /* start main processing loop */ - main_loop(); - info("stopping TPM Emulator daemon"); - closelog(); - return 0; - } -+ -diff -Naurp tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h tpm5-test/tpmd/tpm_emulator_config.h ---- tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h 2008-02-14 03:22:48.000000000 -0500 -+++ tpm5-test/tpmd/tpm_emulator_config.h 2009-07-16 11:25:26.000000000 -0400 -@@ -29,23 +29,28 @@ - - /* TPM emulator configuration */ - --#undef TPM_STRONG_PERSISTENCE --#undef TPM_GENERATE_EK -+#define TPM_STRONG_PERSISTENCE -+#define TPM_GENERATE_EK - #undef TPM_GENERATE_SEED_DAA - #undef TPM_MEMORY_ALIGNMENT_MANDATORY - -+extern int dmi_id; -+ - /* log macros */ - - void tpm_log(int priority, const char *fmt, ...); - --#define debug(fmt, ...) tpm_log(LOG_DEBUG, "%s:%d: Debug: " fmt "\n", \ -- __FILE__, __LINE__, ## __VA_ARGS__) --#define info(fmt, ...) tpm_log(LOG_INFO, "%s:%d: Info: " fmt "\n", \ -- __FILE__, __LINE__, ## __VA_ARGS__) --#define error(fmt, ...) tpm_log(LOG_ERR, "%s:%d: Error: " fmt "\n", \ -- __FILE__, __LINE__, ## __VA_ARGS__) --#define alert(fmt, ...) tpm_log(LOG_ALERT, "%s:%d: Alert: " fmt "\n", \ -- __FILE__, __LINE__, ## __VA_ARGS__) -+#define debug(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " fmt "\n", \ -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) -+#define info(fmt, ...) tpm_log(LOG_INFO, "VTPMD[%d]: %s:%d: Info: " fmt "\n", \ -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) -+#define error(fmt, ...) tpm_log(LOG_ERR, "VTPMD[%d]: %s:%d: Error: " fmt "\n", \ -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) -+#define alert(fmt, ...) tpm_log(LOG_ALERT, "VTPMD[%d]: %s:%d: Alert: " fmt "\n", \ -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) -+#define debug_nostop(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " fmt, \ -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) -+#define debug_more(fmt, ...) tpm_log(LOG_DEBUG, fmt, ## __VA_ARGS__) - - /* min/max macros that also do strict type-checking */ - diff -Naur xen-unstable-trp-sdp-pristine/tools/vtpm/vtpm-0.7.2.patch xen-unstable-trp-sdp/tools/vtpm/vtpm-0.7.2.patch --- xen-unstable-trp-sdp-pristine/tools/vtpm/vtpm-0.7.2.patch 1969-12-31 19:00:00.000000000 -0500 +++ xen-unstable-trp-sdp/tools/vtpm/vtpm-0.7.2.patch 2011-02-23 19:40:48.000000000 -0500 @@ -0,0 +1,647 @@ +diff -Naur tpm_emulator-0.7.1/CMakeLists.txt vtpm/CMakeLists.txt +--- tpm_emulator-0.7.1/CMakeLists.txt 2010-07-05 17:21:20.000000000 -0400 ++++ vtpm/CMakeLists.txt 2010-08-12 13:01:31.000000000 -0400 +@@ -51,6 +51,7 @@ + # include root directories + include_directories(${CMAKE_SOURCE_DIR}) + include_directories(${CMAKE_BINARY_DIR}) ++include_directories(../../vtpm_manager/manager) + + # add internal libraries + add_subdirectory(tpm) +diff -Naur tpm_emulator-0.7.1/tpm/tpm_emulator_extern.h vtpm/tpm/tpm_emulator_extern.h +--- tpm_emulator-0.7.1/tpm/tpm_emulator_extern.h 2010-07-05 17:21:20.000000000 -0400 ++++ vtpm/tpm/tpm_emulator_extern.h 2010-08-12 13:01:31.000000000 -0400 +@@ -29,6 +29,8 @@ + TPM_LOG_ERROR + }; + ++extern int dmi_id; ++ + void (*tpm_log)(int priority, const char *fmt, ...); + + #if defined(_WIN32) || defined(_WIN64) +@@ -37,12 +39,16 @@ + #define __BFILE__ ((strrchr(__FILE__, '/') ? : __FILE__ - 1) + 1) + #endif + +-#define debug(fmt, ...) tpm_log(TPM_LOG_DEBUG, "%s:%d: Debug: " fmt "\n", \ +- __BFILE__, __LINE__, ## __VA_ARGS__) +-#define info(fmt, ...) tpm_log(TPM_LOG_INFO, "%s:%d: Info: " fmt "\n", \ +- __BFILE__, __LINE__, ## __VA_ARGS__) +-#define error(fmt, ...) tpm_log(TPM_LOG_ERROR, "%s:%d: Error: " fmt "\n", \ +- __BFILE__, __LINE__, ## __VA_ARGS__) ++#define debug(fmt, ...) tpm_log(TPM_LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " fmt "\n", \ ++ dmi_id, __BFILE__, __LINE__, ## __VA_ARGS__) ++#define info(fmt, ...) tpm_log(TPM_LOG_INFO, "VTPMD[%d]: %s:%d: Info: " fmt "\n", \ ++ dmi_id, __BFILE__, __LINE__, ## __VA_ARGS__) ++#define error(fmt, ...) tpm_log(TPM_LOG_ERROR, "VTPMD[%d]: %s:%d: Error: " fmt "\n", \ ++ dmi_id, __BFILE__, __LINE__, ## __VA_ARGS__) ++#define debug_nostop(fmt, ...) tpm_log(TPM_LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " fmt, \ ++ dmi_id, __BFILE__, __LINE__, ## __VA_ARGS__) ++#define debug_more(fmt, ...) tpm_log(TPM_LOG_DEBUG, fmt, ## __VA_ARGS__) ++ + /* initialization */ + int (*tpm_extern_init)(void); + void (*tpm_extern_release)(void); +diff -Naur tpm_emulator-0.7.1/tpmd/unix/tpmd.c vtpm/tpmd/unix/tpmd.c +--- tpm_emulator-0.7.1/tpmd/unix/tpmd.c 2010-07-05 17:21:20.000000000 -0400 ++++ vtpm/tpmd/unix/tpmd.c 2010-08-12 14:07:53.000000000 -0400 +@@ -30,9 +30,31 @@ + #include + #include "config.h" + #include "tpm/tpm_emulator.h" ++#include "tpm/tpm_structures.h" ++#include "tpm/tpm_marshalling.h" ++#include "vtpm_manager.h" + + #define TPM_COMMAND_TIMEOUT 30 + ++#define TPM_DAEMON_NAME "tpmd" ++#define TPM_CMD_BUF_SIZE 4096 ++#define TPM_RANDOM_DEVICE "/dev/urandom" ++#undef TPM_MKDIRS ++ ++#define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo" ++#define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo" ++#define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket" ++ ++#define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo" ++#define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo" ++ ++static char *vtpm_rx_name=NULL; ++ ++static int vtpm_tx_fh=-1, vtpm_rx_fh=-1; ++ ++#define BUFFER_SIZE 2048 ++ ++ + static volatile int stopflag = 0; + static int is_daemon = 0; + static int opt_debug = 0; +@@ -44,6 +66,9 @@ + static uint32_t tpm_config = 0; + extern const char *tpm_storage_file; + ++static int vtpm_type = VTPM_TYPE_PVM; ++int dmi_id; ++ + void my_log(int priority, const char *fmt, ...) + { + va_list ap, bp; +@@ -155,35 +180,218 @@ + exit(EXIT_SUCCESS); + } + } else { +- /* if no startup mode is given assume save if a configuration +- file is available, clear otherwise */ +- int fh = open(tpm_storage_file, O_RDONLY); +- if (fh < 0) { +- tpm_startup = 1; +- info("no startup mode was specified; asuming 'clear'"); +- } else { +- tpm_startup = 2; +- close(fh); +- } ++ tpm_startup = 1; ++ info("no startup mode was specified; asuming 'clear'"); ++ } ++ /* GET VM TYPE */ ++ ++optind; ++ if (optind < argc) { ++ if(!strcmp(argv[optind], "pvm")) { ++ vtpm_type = VTPM_TYPE_PVM; // Get commands from vTPM Manager through fifo ++ } else if (!strcmp(argv[optind], "hvm")) { ++ vtpm_type = VTPM_TYPE_HVM; // Get commands from qemu via socket ++ } else { ++ error("Invalid vm mode '%s'; must be 'pvm', " ++ "or 'hvm' ", argv[optind]); ++ print_usage(argv[0]); ++ exit(EXIT_SUCCESS); ++ } ++ } else { ++ vtpm_type = VTPM_TYPE_PVM; ++ info("no vm mode specified; assuming 'pvm'"); + } ++ /* GET DMI ID */ ++ ++optind; ++ if(optind >= argc || sscanf(argv[optind], "%d", &dmi_id) != 1) { ++ error("Missing or non-integer dmi_id specified!"); ++ print_usage(argv[0]); ++ exit(EXIT_SUCCESS); ++ } ++} ++ ++int vtpm_write_to_file(uint8_t *data, size_t data_length) ++{ ++ int res, out_data_size, in_header_size; ++ BYTE *ptr, *out_data, *in_header; ++ UINT32 result, len, in_rsp_size; ++ UINT16 tag = VTPM_TAG_REQ; ++ ++ printf("Saving NVM\n"); ++ if (vtpm_tx_fh < 0) { ++ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); ++ } ++ ++ if (vtpm_tx_fh < 0) { ++ return -1; ++ } ++ ++ // Send request to VTPM Manager to encrypt data ++ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length; ++ ++ out_data = ptr = (BYTE *) malloc(len); ++ ++ if (ptr == NULL ++ || tpm_marshal_UINT32(&ptr, &len, dmi_id) ++ || tpm_marshal_UINT16(&ptr, &len, tag) ++ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) ++ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM) ++ || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) { ++ free(out_data); ++ return -1; ++ } ++ ++ printf("\tSending SaveNVM Command.\n"); ++ res = write(vtpm_tx_fh, out_data, out_data_size); ++ free(out_data); ++ if (res != out_data_size) return -1; ++ ++ if (vtpm_rx_fh < 0) { ++ if (vtpm_rx_name == NULL) { ++ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); ++ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); ++ } ++ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); ++ } ++ ++ if (vtpm_rx_fh < 0) { ++ return -1; ++ } ++ ++ // Read Header of response so we can get the size & status ++ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; ++ in_header = ptr = malloc(in_header_size); ++ ++ printf("\tReading SaveNVM header.\n"); ++ res = read(vtpm_rx_fh, in_header, in_header_size); ++ ++ if ( (res != in_header_size) ++ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) ++ || tpm_unmarshal_UINT16(&ptr, &len, &tag) ++ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) ++ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { ++ free(in_header); ++ return -1; ++ } ++ free(in_header); ++ ++ if (result != VTPM_SUCCESS) { ++ return -1; ++ } ++ ++ printf("\tFinishing up SaveNVM\n"); ++ return (0); ++} ++ ++int vtpm_read_from_file(uint8_t **data, size_t *data_length) ++{ ++ int res, out_data_size, in_header_size; ++ uint8_t *ptr, *out_data, *in_header; ++ UINT16 tag = VTPM_TAG_REQ; ++ UINT32 len, in_rsp_size, result; ++ ++ printf("Loading NVM.\n"); ++ if (vtpm_tx_fh < 0) { ++ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); ++ } ++ ++ if (vtpm_tx_fh < 0) { ++ printf("Error in read_from_file:301\n"); ++ return -1; ++ } ++ ++ // Send request to VTPM Manager to encrypt data ++ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; ++ out_data = ptr = (BYTE *) malloc(len); ++ ++ if (ptr == NULL ++ || tpm_marshal_UINT32(&ptr, &len, dmi_id) ++ || tpm_marshal_UINT16(&ptr, &len, tag) ++ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) ++ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) { ++ free(out_data); ++ printf("Error in read_from_file:325\n"); ++ ++ return -1; ++ } ++ ++ printf("\tSending LoadNVM command\n"); ++ res = write(vtpm_tx_fh, out_data, out_data_size); ++ free(out_data); ++ if (res != out_data_size) ++ { ++ printf("Error in read_from_file:335\n"); ++ return -1; ++ } ++ ++ if (vtpm_rx_fh < 0) { ++ if (vtpm_rx_name == NULL) { ++ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); ++ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); ++ } ++ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); ++ } ++ ++ if (vtpm_rx_fh < 0) { ++ printf("Error in read_from_file:352\n"); ++ return -1; ++ } ++ ++ // Read Header of response so we can get the size & status ++ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; ++ in_header = ptr = malloc(in_header_size); ++ ++ printf("\tReading LoadNVM header\n"); ++ res = read(vtpm_rx_fh, in_header, in_header_size); ++ ++ if ( (res != in_header_size) ++ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) ++ || tpm_unmarshal_UINT16(&ptr, &len, &tag) ++ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) ++ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { ++ free(in_header); ++ printf("Error in read_from_file:375\n"); ++ return -1; ++ } ++ free(in_header); ++ ++ if (result != VTPM_SUCCESS) { ++ printf("Error in read_from_file:381\n"); ++ return -1; ++ } ++ ++ // Read Encrypted data from VTPM Manager ++ *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT; ++ *data = (uint8_t *) malloc(*data_length); ++ ++ printf("\tReading clear data from LoadNVM.\n"); ++ res = read(vtpm_rx_fh, *data, *data_length); ++ ++ printf("\tReturing from loading NVM\n"); ++ if (res != (int)*data_length) { ++ free(*data); ++ printf("Error in read_from_file:398\n"); ++ return -1; ++ } else { ++ return 0; ++ } + } + + static void switch_uid_gid(void) + { +- if (opt_gid != getgid()) { +- info("switching effective group ID to %d", opt_gid); +- if (setgid(opt_gid) == -1) { +- error("switching effective group ID to %d failed: %s", opt_gid, strerror(errno)); +- exit(EXIT_FAILURE); +- } +- } +- if (opt_uid != getuid()) { +- info("switching effective user ID to %d", opt_uid); +- if (setuid(opt_uid) == -1) { +- error("switching effective user ID to %d failed: %s", opt_uid, strerror(errno)); +- exit(EXIT_FAILURE); +- } +- } ++ if (opt_gid != getgid()) { ++ info("switching effective group ID to %d", opt_gid); ++ if (setgid(opt_gid) == -1) { ++ error("switching effective group ID to %d failed: %s", opt_gid, strerror(errno)); ++ exit(EXIT_FAILURE); ++ } ++ } ++ if (opt_uid != getuid()) { ++ info("switching effective user ID to %d", opt_uid); ++ if (setuid(opt_uid) == -1) { ++ error("switching effective user ID to %d failed: %s", opt_uid, strerror(errno)); ++ exit(EXIT_FAILURE); ++ } ++ } + } + + static void signal_handler(int sig) +@@ -213,174 +421,175 @@ + } + } + +-static void daemonize(void) +-{ +- pid_t sid, pid; +- info("daemonizing process"); +- pid = fork(); +- if (pid < 0) { +- error("fork() failed: %s", strerror(errno)); +- exit(EXIT_FAILURE); +- } +- if (pid > 0) exit(EXIT_SUCCESS); +- pid = getpid(); +- sid = setsid(); +- if (sid < 0) { +- error("setsid() failed: %s", strerror(errno)); +- exit(EXIT_FAILURE); +- } +- if (chdir("/") < 0) { +- error("chdir() failed: %s", strerror(errno)); +- exit(EXIT_FAILURE); +- } +- close(STDIN_FILENO); +- close(STDOUT_FILENO); +- close(STDERR_FILENO); +- is_daemon = 1; +- info("process was successfully daemonized: pid=%d sid=%d", pid, sid); +-} +- +-static int mkdirs(const char *path) +-{ +- char *copy = strdup(path); +- char *p = strchr(copy + 1, '/'); +- while (p != NULL) { +- *p = '\0'; +- if ((mkdir(copy, 0755) == -1) && (errno != EEXIST)) { +- free(copy); +- return errno; +- } +- *p = '/'; +- p = strchr(p + 1, '/'); +- } +- free(copy); +- return 0; +-} +- +-static int init_socket(const char *name) +-{ +- int sock; +- struct sockaddr_un addr; +- info("initializing socket %s", name); +- sock = socket(AF_UNIX, SOCK_STREAM, 0); +- if (sock < 0) { +- error("socket(AF_UNIX) failed: %s", strerror(errno)); +- return -1; +- } +- mkdirs(name); +- addr.sun_family = AF_UNIX; +- strncpy(addr.sun_path, name, sizeof(addr.sun_path)); +- umask(0177); +- if (bind(sock, (struct sockaddr*)&addr, sizeof(addr)) < 0) { +- error("bind(%s) failed: %s", addr.sun_path, strerror(errno)); +- close(sock); +- return -1; +- } +- listen(sock, 1); +- return sock; +-} +- + static void main_loop(void) + { +- int sock, fh, res; + int32_t in_len; + uint32_t out_len; +- uint8_t in[TPM_CMD_BUF_SIZE], *out; ++ uint8_t in[TPM_CMD_BUF_SIZE], *out, *addressed_out; ++ int guest_id=-1; ++ int i; ++ char *vtpm_rx_file=NULL; ++ int res; ++ ++ int sockfd = -1; + struct sockaddr_un addr; +- socklen_t addr_len; +- fd_set rfds; +- struct timeval tv; ++ struct sockaddr_un client_addr; ++ unsigned int client_length; ++ ++ int vtpm_tx_fh=-1, vtpm_rx_fh=-1; ++ ++ if (vtpm_type == VTPM_TYPE_PVM) { ++ vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D)); ++ sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id); ++ } else { ++ vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D)); ++ sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id); ++ ++ if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) { ++ error("Unable to create socket. errno = %d\n", errno); ++ exit (-1); ++ } ++ ++ memset(&addr, 0, sizeof(addr)); ++ addr.sun_family = AF_UNIX; ++ strcpy(addr.sun_path,vtpm_rx_file ); ++ unlink(addr.sun_path); ++ } + + info("staring main loop"); +- /* open UNIX socket */ +- sock = init_socket(opt_socket_name); +- if (sock < 0) exit(EXIT_FAILURE); + /* init tpm emulator */ +- debug("initializing TPM emulator"); +- if (tpm_emulator_init(tpm_startup, tpm_config) != 0) { +- error("tpm_emulator_init() failed"); +- close(sock); +- unlink(opt_socket_name); +- exit(EXIT_FAILURE); +- } ++ debug("initializing TPM emulator: state=%d, type=%d, id=%d", tpm_startup, vtpm_type, dmi_id); ++ /* Set config flags that must be on for vtpm operation */ ++ tpm_config |= TPM_CONF_STRONG_PERSISTENCE; ++ tpm_config &= ~TPM_CONF_USE_INTERNAL_PRNG; ++ tpm_config |= TPM_CONF_GENERATE_EK; ++ tpm_config |= TPM_CONF_GENERATE_SEED_DAA; ++ /*Start the emulator */ ++ tpm_emulator_init(tpm_startup, tpm_config); + /* start command processing */ + while (!stopflag) { + /* wait for incomming connections */ + debug("waiting for connections..."); +- FD_ZERO(&rfds); +- FD_SET(sock, &rfds); +- tv.tv_sec = 10; +- tv.tv_usec = 0; +- res = select(sock + 1, &rfds, NULL, NULL, &tv); +- if (res < 0) { +- error("select(sock) failed: %s", strerror(errno)); +- break; +- } else if (res == 0) { +- continue; ++ if (vtpm_rx_fh < 0) { ++ if (vtpm_type == VTPM_TYPE_PVM) ++ { ++ vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY); ++ } else { ++ if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) { ++ error("Unable to bind(). errno = %d\n", errno); ++ exit (-1); ++ } ++ ++ if (listen(sockfd, 10) <0) { ++ error("Unable to listen(). errno = %d\n", errno); ++ exit (-1); ++ } ++ ++ memset(&client_addr, 0, sizeof(client_addr)); ++ client_length = sizeof(client_addr); ++ ++ vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct sockaddr *)&client_addr, &client_length); ++ } + } +- addr_len = sizeof(addr); +- fh = accept(sock, (struct sockaddr*)&addr, &addr_len); +- if (fh < 0) { +- error("accept() failed: %s", strerror(errno)); +- continue; ++ ++ /*Error Checking*/ ++ if (vtpm_rx_fh < 0) { ++ error("Failed to open devices to listen to guest.\n"); ++ exit(-1); + } ++ + /* receive and handle commands */ + in_len = 0; + do { + debug("waiting for commands..."); +- FD_ZERO(&rfds); +- FD_SET(fh, &rfds); +- tv.tv_sec = TPM_COMMAND_TIMEOUT; +- tv.tv_usec = 0; +- res = select(fh + 1, &rfds, NULL, NULL, &tv); +- if (res < 0) { +- error("select(fh) failed: %s", strerror(errno)); +- close(fh); +- break; +- } else if (res == 0) { +-#ifdef TPMD_DISCONNECT_IDLE_CLIENTS +- info("connection closed due to inactivity"); +- close(fh); +- break; +-#else +- continue; +-#endif +- } +- in_len = read(fh, in, sizeof(in)); +- if (in_len > 0) { ++ ++ in_len = read(vtpm_rx_fh, in, sizeof(in)); ++ /*Magic size of minimum TPM command is 6*/ ++ if (in_len < 6) { ++ info("Recv incomplete command of %d bytes.", in_len); ++ if (in_len <= 0) { ++ close(vtpm_rx_fh); ++ vtpm_rx_fh = -1; ++ continue; ++ } ++ } else { ++ /*Debug Printouts*/ + debug("received %d bytes", in_len); ++ debug_nostop("Recv[%d]: 0x", in_len); ++ for (i=0; i< in_len; i++) ++ debug_more("%02x ", in[i]); ++ debug_more("\n"); ++ /*Multiple Guest check*/ ++ if (guest_id == -1) { ++ guest_id = *((int32_t *) in); ++ } else { ++ if (guest_id != *((int32_t *) in) ) { ++ error("WARNING: More than one guest attached\n"); ++ } ++ } ++ ++ /*Open tx handle now*/ ++ if (vtpm_tx_fh < 0) { ++ if (vtpm_type == VTPM_TYPE_PVM) { ++ vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY); ++ } // No need to open the other direction for HVM ++ } ++ if (vtpm_tx_fh < 0) { ++ error("Failed to open devices to respond to guest.\n"); ++ exit(-1); ++ } ++ ++ /*Handle the TPM command now*/ + out = NULL; +- res = tpm_handle_command(in, in_len, &out, &out_len); ++ res = tpm_handle_command(in + sizeof(uint32_t), in_len - sizeof(uint32_t), &out, &out_len); + if (res < 0) { + error("tpm_handle_command() failed"); + } else { + debug("sending %d bytes", out_len); +- uint32_t len = 0; +- while (len < out_len) { +- res = write(fh, &out[len], out_len - len); ++ //Prepend the dmi_id ++ addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + out_len); ++ *(uint32_t *) addressed_out = *(uint32_t *) in; ++ memcpy(addressed_out + sizeof(uint32_t), out, out_len); ++ out_len += sizeof(uint32_t); ++ /*End Prepend*/ ++ ++ /*Perform write operation now*/ ++ while (out_len > 0) { ++ res = write(vtpm_tx_fh, addressed_out, out_len); ++ + if (res < 0) { +- error("write(%d) failed: %s", +- out_len - len, strerror(errno)); ++ error("write(%d) failed: %s", out_len, strerror(errno)); + break; ++ } else { ++ debug_nostop("Sent[%Zu]: ", out_len); ++ for (i=0; (unsigned int)i< out_len; i++) ++ debug_more("%02x ", addressed_out[i]); ++ debug_more("\n"); + } +- len += res; ++ out_len -= res; + } + tpm_free(out); ++ tpm_free(addressed_out); + } + } + } while (in_len > 0); +- close(fh); + } ++ + /* shutdown tpm emulator */ + tpm_emulator_shutdown(); +- /* close socket */ +- close(sock); +- unlink(opt_socket_name); ++ /* Close handles */ ++ close(vtpm_tx_fh); ++ close(vtpm_rx_fh); ++ free(vtpm_rx_file); + info("main loop stopped"); + } + + int main(int argc, char **argv) + { ++ //Set load/store functions ++ tpm_write_to_storage = vtpm_write_to_file; ++ tpm_read_from_storage = vtpm_read_from_file; ++ + openlog(argv[0], 0, LOG_DAEMON); + setlogmask(~LOG_MASK(LOG_DEBUG)); + syslog(LOG_INFO, "--- separator ---\n"); +@@ -392,8 +601,6 @@ + switch_uid_gid(); + /* init signal handlers */ + init_signal_handler(); +- /* unless requested otherwiese, fork and daemonize process */ +- if (!opt_foreground) daemonize(); + /* start main processing loop */ + main_loop(); + info("stopping TPM Emulator daemon");