* [PATCH 09/12] vTPM/TPM2: Support '--tpm2' extra command line.
@ 2014-12-14 12:09 Quan Xu
2014-12-15 15:55 ` Daniel De Graaf
0 siblings, 1 reply; 3+ messages in thread
From: Quan Xu @ 2014-12-14 12:09 UTC (permalink / raw)
To: xen-devel; +Cc: samuel.thibault, dgdegra, Quan Xu, stefano.stabellini
Make vtpm-stubdom domain compatible to launch on TPM 1.x / TPM 2.0.
Add:
..
extra="--tpm2"
..
to launch vtpm-stubdom domain on TPM 2.0, ignore it on TPM 1.x. for
example,
vtpm-stubdom domain configuration on TPM 2.0:
kernel="/usr/lib/xen/boot/vtpmmgr-stubdom.gz"
memory=16
disk=["file:/var/scale/vdisk/vmgr,hda,w"]
name="vtpmmgr"
iomem=["fed40,5"]
extra="--tpm2"
vtpm-stubdom domain configuration on TPM 1.x:
kernel="/usr/lib/xen/boot/vtpmmgr-stubdom.gz"
memory=16
disk=["file:/var/scale/vdisk/vmgr,hda,w"]
name="vtpmmgr"
iomem=["fed40,5"]
Signed-off-by: Quan Xu <quan.xu@intel.com>
---
stubdom/vtpmmgr/vtpmmgr.c | 46 ++++++++++++++++++++++++++++++++++++++++------
stubdom/vtpmmgr/vtpmmgr.h | 14 ++++++++++++++
2 files changed, 54 insertions(+), 6 deletions(-)
diff --git a/stubdom/vtpmmgr/vtpmmgr.c b/stubdom/vtpmmgr/vtpmmgr.c
index 270ca8a..9cf0197 100644
--- a/stubdom/vtpmmgr/vtpmmgr.c
+++ b/stubdom/vtpmmgr/vtpmmgr.c
@@ -45,6 +45,27 @@
#include "vtpmmgr.h"
#include "tcg.h"
+struct tpm_hardware_version hardware_version = {
+ .hw_version = TPM1_HARDWARE,
+};
+
+int parse_cmdline_hw(int argc, char** argv)
+{
+ int i;
+
+ for (i = 1; i < argc; ++i) {
+ if (!strncmp(argv[i], TPM2_EXTRA_OPT, 6)) {
+ hardware_version.hw_version = TPM2_HARDWARE;
+ break;
+ }
+ }
+ return 0;
+}
+
+int hw_is_tpm2(void)
+{
+ return (hardware_version.hw_version == TPM2_HARDWARE) ? 1 : 0;
+}
void main_loop(void) {
tpmcmd_t* tpmcmd;
@@ -74,12 +95,25 @@ int main(int argc, char** argv)
sleep(2);
vtpmloginfo(VTPM_LOG_VTPM, "Starting vTPM manager domain\n");
- /* Initialize the vtpm manager */
- if(vtpmmgr_init(argc, argv) != TPM_SUCCESS) {
- vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize vtpmmgr domain!\n");
- rc = -1;
- goto exit;
- }
+ /*Parse TPM hardware in extra command line*/
+ parse_cmdline_hw(argc, argv);
+
+ /* Initialize the vtpm manager */
+ if (hw_is_tpm2()) {
+ vtpmloginfo(VTPM_LOG_VTPM, "Hardware : --- TPM 2.0 ---\n");
+ if (vtpmmgr2_init(argc, argv) != TPM_SUCCESS) {
+ vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize vtpmmgr domain!\n");
+ rc = -1;
+ goto exit;
+ }
+ }else{
+ vtpmloginfo(VTPM_LOG_VTPM, "Hardware : --- TPM 1.x ---\n");
+ if (vtpmmgr_init(argc, argv) != TPM_SUCCESS) {
+ vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize vtpmmgr domain!\n");
+ rc = -1;
+ goto exit;
+ }
+ }
main_loop();
diff --git a/stubdom/vtpmmgr/vtpmmgr.h b/stubdom/vtpmmgr/vtpmmgr.h
index c479443..37da1f2 100644
--- a/stubdom/vtpmmgr/vtpmmgr.h
+++ b/stubdom/vtpmmgr/vtpmmgr.h
@@ -46,9 +46,21 @@
#include "vtpm_manager.h"
#include "tpm2_types.h"
+#define TPM2_EXTRA_OPT "--tpm2"
#define RSA_KEY_SIZE 0x0800
#define RSA_CIPHER_SIZE (RSA_KEY_SIZE / 8)
+enum {
+ TPM1_HARDWARE = 1,
+ TPM2_HARDWARE,
+} tpm_version;
+
+struct tpm_hardware_version {
+ int hw_version;
+};
+
+extern struct tpm_hardware_version hardware_version;
+
struct vtpm_globals {
int tpm_fd;
TPM_AUTH_SESSION oiap; // OIAP session for storageKey
@@ -97,5 +109,7 @@ inline TPM_RESULT vtpmmgr_rand(unsigned char* bytes, size_t num_bytes) {
TPM_RC tpm2_take_ownership(void);
TPM_RESULT vtpmmgr2_create(void);
TPM_RESULT vtpmmgr2_init(int argc, char** argv);
+int parse_cmdline_hw(int argc, char** argv);
+int hw_is_tpm2(void);
#endif
--
1.8.3.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH 09/12] vTPM/TPM2: Support '--tpm2' extra command line.
2014-12-14 12:09 [PATCH 09/12] vTPM/TPM2: Support '--tpm2' extra command line Quan Xu
@ 2014-12-15 15:55 ` Daniel De Graaf
2014-12-16 2:01 ` Xu, Quan
0 siblings, 1 reply; 3+ messages in thread
From: Daniel De Graaf @ 2014-12-15 15:55 UTC (permalink / raw)
To: Quan Xu, xen-devel; +Cc: samuel.thibault, stefano.stabellini
On 12/14/2014 07:09 AM, Quan Xu wrote:
> Make vtpm-stubdom domain compatible to launch on TPM 1.x / TPM 2.0.
> Add:
> ..
> extra="--tpm2"
> ..
> to launch vtpm-stubdom domain on TPM 2.0, ignore it on TPM 1.x. for
> example,
> vtpm-stubdom domain configuration on TPM 2.0:
>
> kernel="/usr/lib/xen/boot/vtpmmgr-stubdom.gz"
> memory=16
> disk=["file:/var/scale/vdisk/vmgr,hda,w"]
> name="vtpmmgr"
> iomem=["fed40,5"]
> extra="--tpm2"
>
> vtpm-stubdom domain configuration on TPM 1.x:
>
> kernel="/usr/lib/xen/boot/vtpmmgr-stubdom.gz"
> memory=16
> disk=["file:/var/scale/vdisk/vmgr,hda,w"]
> name="vtpmmgr"
> iomem=["fed40,5"]
This would be useful to add to docs/misc/vtpmmgr.txt; it is difficult
to find this documentation later if it is only present the commit
message. Also, existing command line options are of the form "tpm2"
or "tpm2=1" rather than "--tpm2"; it would be nice if new options
remained consistent.
--
Daniel De Graaf
National Security Agency
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 09/12] vTPM/TPM2: Support '--tpm2' extra command line.
2014-12-15 15:55 ` Daniel De Graaf
@ 2014-12-16 2:01 ` Xu, Quan
0 siblings, 0 replies; 3+ messages in thread
From: Xu, Quan @ 2014-12-16 2:01 UTC (permalink / raw)
To: Daniel De Graaf, xen-devel; +Cc: samuel.thibault, stefano.stabellini
> -----Original Message-----
> From: Daniel De Graaf [mailto:dgdegra@tycho.nsa.gov]
> Sent: Monday, December 15, 2014 11:55 PM
> To: Xu, Quan; xen-devel@lists.xen.org
> Cc: stefano.stabellini@eu.citrix.com; samuel.thibault@ens-lyon.org
> Subject: Re: [PATCH 09/12] vTPM/TPM2: Support '--tpm2' extra command
> line.
>
> On 12/14/2014 07:09 AM, Quan Xu wrote:
> > Make vtpm-stubdom domain compatible to launch on TPM 1.x / TPM 2.0.
> > Add:
> > ..
> > extra="--tpm2"
> > ..
> > to launch vtpm-stubdom domain on TPM 2.0, ignore it on TPM 1.x. for
> > example, vtpm-stubdom domain configuration on TPM 2.0:
> >
> > kernel="/usr/lib/xen/boot/vtpmmgr-stubdom.gz"
> > memory=16
> > disk=["file:/var/scale/vdisk/vmgr,hda,w"]
> > name="vtpmmgr"
> > iomem=["fed40,5"]
> > extra="--tpm2"
> >
> > vtpm-stubdom domain configuration on TPM 1.x:
> >
> > kernel="/usr/lib/xen/boot/vtpmmgr-stubdom.gz"
> > memory=16
> > disk=["file:/var/scale/vdisk/vmgr,hda,w"]
> > name="vtpmmgr"
> > iomem=["fed40,5"]
>
> This would be useful to add to docs/misc/vtpmmgr.txt; it is difficult to find
> this documentation later if it is only present the commit message. Also,
> existing command line options are of the form "tpm2"
> or "tpm2=1" rather than "--tpm2"; it would be nice if new options remained
> consistent.
>
Thanks Daniel.
I will add it to docs/misc/vtpmmgr.txt. I prefer 'tpm2=1'.
> --
> Daniel De Graaf
> National Security Agency
Intel
Quan Xu
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-12-16 2:01 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-12-14 12:09 [PATCH 09/12] vTPM/TPM2: Support '--tpm2' extra command line Quan Xu
2014-12-15 15:55 ` Daniel De Graaf
2014-12-16 2:01 ` Xu, Quan
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.