From: "Scarlata, Vincent R" <vincent.r.scarlata@intel.com>
To: Xen devel list <xen-devel@lists.xensource.com>
Subject: [Patch] [VTPM_TOOLS] Add HVM support to vtpm_manager
Date: Fri, 19 Jan 2007 16:09:12 -0800 [thread overview]
Message-ID: <D936D925018D154694D8A362EEB08920010587E9@orsmsx416.amr.corp.intel.com> (raw)
In-Reply-To: <C1D69CCA.7E66%keir@xensource.com>
[-- Attachment #1: Type: text/plain, Size: 160 bytes --]
VTPM_TOOLS: Added support for QEMU to communicate with vTPM over UNIX
socket for HVM guests.
Signed-off-by: Vinnie Scarlata <vincent.r.scarlata@intel.com>
[-- Attachment #2: vtpm_tools-01182007.patch --]
[-- Type: application/octet-stream, Size: 27759 bytes --]
# HG changeset patch
# User root@TPRL-Linux-D2.jf.intel.com
# Node ID 1be602b84f6dba3ea10dabb5da88859410728194
# Parent 003d56dec2ea9ec9c3e2120cabc244d66d56bac6
VTPM_TOOLS: Added support for QEMU to communicate with vTPM over UNIX socket for HVM guests.
diff -r 003d56dec2ea -r 1be602b84f6d tools/vtpm_manager/manager/vtpm_manager.h
--- a/tools/vtpm_manager/manager/vtpm_manager.h Wed Jan 10 00:29:32 2007
+++ b/tools/vtpm_manager/manager/vtpm_manager.h Fri Jan 19 00:19:24 2007
@@ -70,6 +70,10 @@
#define VTPM_ORD_MIGRATE_OUT (VTPM_PRIV_BASE + 5) // migrate VTPM to dest
//************************ Return Codes ****************************
+#define VTPM_TYPE_PVM 1 // Paravirtualized Domain
+#define VTPM_TYPE_HVM 2 // HVM Domain
+
+//************************ Return Codes ****************************
#define VTPM_SUCCESS 0
#define VTPM_FAIL 1
#define VTPM_UNSUPPORTED 2
@@ -104,8 +108,9 @@
VTPM_Open:
Input Parameters:
- Domain_type: 1 byte
+ mig_type: 1 byte
startup_mode: 1 byte // Cold Boot = 1, resume = 2, deactive = 3
+ domain type: 1 byte
instance_id: 4 bytes
Output Parameters:
None
diff -r 003d56dec2ea -r 1be602b84f6d tools/examples/vtpm-impl
--- a/tools/examples/vtpm-impl Wed Jan 10 00:29:32 2007
+++ b/tools/examples/vtpm-impl Fri Jan 19 00:19:24 2007
@@ -32,11 +32,14 @@
# OF THE POSSIBILITY OF SUCH DAMAGE.
# ===================================================================
-# | SRC | TAG | CMD SIZE | ORD | type| mode
-TPM_CMD_OPEN=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x10\\x01\\x00\\x00\\x01\\x01\\x01
-TPM_CMD_RESM=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x10\\x01\\x00\\x00\\x01\\x01\\x02
+# | SRC | TAG | CMD SIZE | ORD |mtype|strt
+TPM_CMD_OPEN=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x11\\x01\\x00\\x00\\x01\\x01\\x01
+TPM_CMD_RESM=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x11\\x01\\x00\\x00\\x01\\x01\\x02
TPM_CMD_CLOS=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x0e\\x01\\x00\\x00\\x02
TPM_CMD_DELE=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x0e\\x01\\x00\\x00\\x03
+
+TPM_TYPE_PVM=\\x01
+TPM_TYPE_HVM=\\x02
TPM_SUCCESS=00000000
@@ -80,11 +83,25 @@
release_lock vtpm_mgr
#return whether the command was successful
- if [ $resp_hex != $TPM_SUCCESS ]; then
+ if [ $resp_hex ne $TPM_SUCCESS ]; then
vtpm_fatal_error=1
false
else
true
+ fi
+}
+
+# Helper to get vm type to pass to vtpm_manager open/resume
+function vtpm_get_type() {
+ local inst=$(xenstore_read $XENBUS_PATH/frontend-id)
+ local vm=$(xenstore_read /local/domain/$inst/vm)
+ if [ "$vm" != "" ]; then
+ local ostype=$(xenstore-read $vm/image/ostype)
+ if [ "$ostype" == "hvm" ]; then
+ echo $TPM_TYPE_HVM;
+ else
+ echo $TPM_TYPE_PVM;
+ fi
fi
}
@@ -99,11 +116,13 @@
# Setup vtpm instance for use.
function vtpm_start() {
- $(vtpm_manager_cmd $TPM_CMD_OPEN $1)
+ local vmtype=$(vtpm_get_type);
+ $(vtpm_manager_cmd $TPM_CMD_OPEN$vmtype $1)
}
function vtpm_resume() {
- $(vtpm_manager_cmd $TPM_CMD_RESM $1)
+ local vmtype=$(vtpm_get_type);
+ $(vtpm_manager_cmd $TPM_CMD_RESM$vmtype $1)
}
# Reset the vtpm AKA clear PCRs
diff -r 003d56dec2ea -r 1be602b84f6d tools/vtpm_manager/manager/vtpm_manager_handler.c
--- a/tools/vtpm_manager/manager/vtpm_manager_handler.c Wed Jan 10 00:29:32 2007
+++ b/tools/vtpm_manager/manager/vtpm_manager_handler.c Fri Jan 19 00:19:24 2007
@@ -40,6 +40,7 @@
#include <stdio.h>
#include <unistd.h>
#include <string.h>
+#include <errno.h>
#include "vtpm_manager.h"
#include "vtpmpriv.h"
@@ -105,7 +106,7 @@
for (i=0; i<size_read; i++)
vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]);
} else {
- vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s can't read from ipc. Aborting... \n", thread_name);
+ vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s can't read from ipc. Errono = %d. Aborting... \n", thread_name, errno);
goto abort_command;
}
diff -r 003d56dec2ea -r 1be602b84f6d tools/vtpm/vtpm.patch
--- a/tools/vtpm/vtpm.patch Wed Jan 10 00:29:32 2007
+++ b/tools/vtpm/vtpm.patch Fri Jan 19 00:19:24 2007
@@ -1,14 +1,14 @@
diff -uprN tpm_emulator/AUTHORS vtpm/AUTHORS
---- tpm_emulator/AUTHORS 2006-07-24 14:35:35.000000000 -0700
-+++ vtpm/AUTHORS 2006-07-24 14:35:35.000000000 -0700
+--- tpm_emulator/AUTHORS 2006-12-08 12:51:29.000000000 -0800
++++ vtpm/AUTHORS 2006-12-13 16:38:52.000000000 -0800
@@ -1,3 +1,3 @@
Mario Strasser <mast@gmx.net>
Heiko Stamer <stamer@gaos.org> [DAA]
-INTEL Corp <> [Dropped to Ring3]
+INTEL Corp <> [VTPM Extensions]
diff -uprN tpm_emulator/ChangeLog vtpm/ChangeLog
---- tpm_emulator/ChangeLog 2006-07-24 14:35:35.000000000 -0700
-+++ vtpm/ChangeLog 2006-07-24 14:35:35.000000000 -0700
+--- tpm_emulator/ChangeLog 2006-12-08 12:51:29.000000000 -0800
++++ vtpm/ChangeLog 2006-12-13 16:38:52.000000000 -0800
@@ -1,5 +1,6 @@
????-??-?? Intel Corp
* Moved module out of kernel to run as a ring 3 app
@@ -17,9 +17,9 @@
2006-06-23 Mario Strasser <mast@gmx.net>
* tpm_startup.c: behaviour of ST_CLEAR and storage of
diff -uprN tpm_emulator/linux_module.h vtpm/linux_module.h
---- tpm_emulator/linux_module.h 2006-07-24 14:35:35.000000000 -0700
-+++ vtpm/linux_module.h 2006-07-24 14:35:35.000000000 -0700
-@@ -44,18 +44,21 @@
+--- tpm_emulator/linux_module.h 2006-12-08 12:51:29.000000000 -0800
++++ vtpm/linux_module.h 2007-01-09 14:49:06.000000000 -0800
+@@ -44,18 +44,26 @@
#define TPM_DEVICE_NAME "tpm"
#define TPM_MODULE_NAME "tpm_emulator"
@@ -31,8 +31,13 @@
- __FILE__, __LINE__, ## __VA_ARGS__)
+#define debug(fmt, ...) printf("TPMD[%d]: %s:%d: Debug: " fmt "\n", \
+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define debug_nostop(fmt, ...) printf("TPMD[%d]: %s:%d: Debug: " fmt, \
++ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
++#define debug_more(fmt, ...) printf( fmt, ## __VA_ARGS__ )
#else
#define debug(fmt, ...)
++#define debug_nostop(fmt, ...)
++#define debug_more(fmt, ...)
#endif
-#define info(fmt, ...) printf("TPMD: %s:%d: Info: " fmt "\n", \
- __FILE__, __LINE__, ## __VA_ARGS__)
@@ -50,8 +55,8 @@
/* memory allocation */
diff -uprN tpm_emulator/Makefile vtpm/Makefile
---- tpm_emulator/Makefile 2006-07-24 14:35:35.000000000 -0700
-+++ vtpm/Makefile 2006-07-24 14:35:35.000000000 -0700
+--- tpm_emulator/Makefile 2006-12-08 12:51:29.000000000 -0800
++++ vtpm/Makefile 2006-12-13 16:38:52.000000000 -0800
@@ -7,7 +7,7 @@
COMPILE_ARCH ?= $(shell uname -m | sed -e s/i.86/x86_32/)
@@ -83,9 +88,46 @@
.PHONY: all install clean dist gmp version
+
+diff -uprN tpm_emulator/tpm/tpm_capability.c vtpm/tpm/tpm_capability.c
+--- tpm_emulator/tpm/tpm_capability.c 2006-06-23 03:37:07.000000000 -0700
++++ vtpm/tpm/tpm_capability.c 2007-01-10 10:00:49.000000000 -0800
+@@ -136,8 +136,18 @@ static TPM_RESULT cap_property(UINT32 su
+
+ case TPM_CAP_PROP_TIS_TIMEOUT:
+ debug("[TPM_CAP_PROP_TIS_TIMEOUT]");
+- /* TODO: TPM_CAP_PROP_TIS_TIMEOUT */
+- return TPM_FAIL;
++ /* TODO: TPM_CAP_PROP_TIS_TIMEOUT: Measure these values and determine correct ones */
++ UINT32 len = *respSize = 16;
++ BYTE *ptr = *resp = tpm_malloc(*respSize);
++ if (ptr == NULL ||
++ tpm_marshal_UINT32(&ptr, &len, 200000) ||
++ tpm_marshal_UINT32(&ptr, &len, 200000) ||
++ tpm_marshal_UINT32(&ptr, &len, 200000) ||
++ tpm_marshal_UINT32(&ptr, &len, 200000)) {
++ tpm_free(*resp);
++ return TPM_FAIL;
++ }
++ return TPM_SUCCESS;
+
+ case TPM_CAP_PROP_STARTUP_EFFECT:
+ debug("[TPM_CAP_PROP_STARTUP_EFFECT]");
+@@ -190,7 +200,11 @@ static TPM_RESULT cap_property(UINT32 su
+
+ case TPM_CAP_PROP_DURATION:
+ debug("[TPM_CAP_PROP_DURATION]");
+- /* TODO: TPM_CAP_PROP_DURATION */
++ /* TODO: TPM_CAP_PROP_DURATION: Measure these values and return accurate ones */
++ BYTE dur[]= {0x0,0x0,0x0,0xc,0x0,0x7,0xa1,0x20,0x0,0x1e,0x84,0x80,0x11,0xe1,0xa3,0x0};
++ *respSize = 16;
++ *resp = tpm_malloc(*respSize);
++ memcpy(*resp,dur,16);
+ return TPM_FAIL;
+
+ case TPM_CAP_PROP_ACTIVE_COUNTER:
diff -uprN tpm_emulator/tpm/tpm_data.c vtpm/tpm/tpm_data.c
---- tpm_emulator/tpm/tpm_data.c 2006-07-24 14:35:35.000000000 -0700
-+++ vtpm/tpm/tpm_data.c 2006-07-24 14:35:35.000000000 -0700
+--- tpm_emulator/tpm/tpm_data.c 2006-12-08 12:51:29.000000000 -0800
++++ vtpm/tpm/tpm_data.c 2006-12-13 16:38:52.000000000 -0800
@@ -1,6 +1,7 @@
/* Software-Based Trusted Platform Module (TPM) Emulator for Linux
* Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
@@ -371,10 +413,15 @@
#else
diff -uprN tpm_emulator/tpmd.c vtpm/tpmd.c
---- tpm_emulator/tpmd.c 2006-07-24 14:35:35.000000000 -0700
-+++ vtpm/tpmd.c 2006-07-24 14:35:35.000000000 -0700
-@@ -23,13 +23,27 @@
+--- tpm_emulator/tpmd.c 2006-12-08 12:51:29.000000000 -0800
++++ vtpm/tpmd.c 2007-01-09 14:48:56.000000000 -0800
+@@ -21,12 +21,24 @@
+ #include <sys/stat.h>
+ #include <fcntl.h>
#include <sys/time.h>
++#include <sys/socket.h>
++#include <sys/un.h>
++#include <errno.h>
#include "tpm_emulator.h"
+#include "vtpm_manager.h"
@@ -384,61 +431,115 @@
+#ifdef VTPM_MULTI_VM
+ #define DEV_BE "/dev/vtpm"
+#else
-+ #define GUEST_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo"
-+ #define GUEST_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo"
-+#endif
-
++ #define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo"
++ #define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo"
+
++ #define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket"
++#endif
++
+ int dmi_id;
+
#define BUFFER_SIZE 2048
-+static uint8_t ctrl_msg[] = { 0, 0, 0, 0, // destination
-+ 1, 193, // VTPM_TAG
-+ 0, 0, 0, 10, // Size
-+ 0, 0, 0, 0}; // TPM_SUCCESS
-+
-+
static int devurandom=0;
-+
-
- void get_random_bytes(void *buf, int nbytes) {
-
-@@ -52,18 +66,26 @@ uint64_t tpm_get_ticks(void)
+@@ -38,7 +50,7 @@ void get_random_bytes(void *buf, int nby
+ }
+
+ if (read(devurandom, buf, nbytes) != nbytes) {
+- printf("Can't get random number.\n");
++ error("Can't get random number.\n");
+ exit(-1);
+ }
+ }
+@@ -52,105 +64,182 @@ uint64_t tpm_get_ticks(void)
int main(int argc, char **argv)
{
- uint8_t in[BUFFER_SIZE], *out;
-+ uint8_t in[BUFFER_SIZE], *out, *addressed_out;
++ uint8_t type, in[BUFFER_SIZE], *out, *addressed_out;
++ char *vtpm_rx_file=NULL;
uint32_t out_size;
int in_size, written;
- int i;
- struct stat file_info;
--
++ int i, guest_id=-1;
+
- int tpm_tx_fh=-1, tpm_rx_fh=-1;
-+ int i, guest_id=-1;
++#ifndef VTPM_MULTI_VM
++ int sockfd = -1;
++ struct sockaddr_un addr;
++ struct sockaddr_un client_addr;
++ unsigned int client_length;
++
++#endif
+
+ int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
+#ifdef VTPM_MULTI_VM
if (argc < 2) {
- printf("Usage: tpmd clear|save|deactivated\n" );
-+#else
-+ if (argc < 3) {
-+ printf("Usage: tpmd clear|save|deactivated vtpmid\n" );
+- printf("Usage: tpmd clear|save|deactivated\n" );
++ error("Usage: tpmd clear|save|deactivated\n" );
++#else
++ if (argc < 4) {
++ error("Usage: tpmd clear|save|deactivated pvm|hvm vtpmid\n" );
+#endif
return -1;
}
+#ifndef VTPM_MULTI_VM
-+ dmi_id = atoi(argv[2]);
++ /* setup type of vm */
++ if (!strcmp(argv[2], "pvm")) {
++ type = VTPM_TYPE_PVM; // Get commands from vTPM Manager through fifo
++ } else if (!strcmp(argv[2], "hvm")) {
++ type = VTPM_TYPE_HVM; // Get commands from qemu via socket
++ } else {
++ error("invalid vTPM type '%s'.\n", argv[2]);
++ }
++
++ dmi_id = atoi(argv[3]);
++
++ if (type == VTPM_TYPE_PVM) {
++ vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D));
++ sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id);
++ } else {
++ vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D));
++ sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id);
++
++ if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) {
++ error("Unable to create socket. errno = %d\n", errno);
++ exit (-1);
++ }
++
++ memset(&addr, 0, sizeof(addr));
++ addr.sun_family = AF_UNIX;
++ strcpy(addr.sun_path,vtpm_rx_file );
++ unlink(addr.sun_path);
++ }
++#endif
++
++#ifdef VTPM_MULTI_VM
++ info("Initializing tpm state: %s\n", argv[1]);
++#else
++ info("Initializing tpm state: %s, type: %s, id: %d\n", argv[1], argv[2], dmi_id);
+#endif
+
/* initialize TPM emulator */
if (!strcmp(argv[1], "clear")) {
- printf("Initializing tpm: %s\n", argv[1]);
-@@ -80,46 +102,30 @@ int main(int argc, char **argv)
+- printf("Initializing tpm: %s\n", argv[1]);
+ tpm_emulator_init(1);
+- } else if (!strcmp(argv[1], "save")) {
+- printf("Initializing tpm: %s\n", argv[1]);
++ } else if (!strcmp(argv[1], "save")) {
+ tpm_emulator_init(2);
+ } else if (!strcmp(argv[1], "deactivated")) {
+- printf("Initializing tpm: %s\n", argv[1]);
+ tpm_emulator_init(3);
+ } else {
+- printf("invalid startup mode '%s'; must be 'clear', "
++ error("invalid startup mode '%s'; must be 'clear', "
+ "'save' (default) or 'deactivated", argv[1]);
return -1;
}
-
+-
- if ( stat(TPM_RX_FNAME, &file_info) == -1) {
- if ( mkfifo(TPM_RX_FNAME, S_IWUSR | S_IRUSR ) ) {
- printf("Failed to create fifo %s.\n", TPM_RX_FNAME);
@@ -453,8 +554,6 @@
- }
- }
-
-+ char *guest_rx_file = malloc(10 + strlen(GUEST_RX_FIFO_D));
-+ sprintf(guest_rx_file, GUEST_RX_FIFO_D, (uint32_t) dmi_id);
+
while (1) {
abort_command:
@@ -462,15 +561,33 @@
- tpm_rx_fh = open(TPM_RX_FNAME, O_RDONLY);
+ if (vtpm_rx_fh < 0) {
+#ifdef VTPM_MUTLI_VM
-+ vtpm_rx_fh = open(DEV_BE, O_RDWR);
-+#else
-+ vtpm_rx_fh = open(guest_rx_file, O_RDONLY);
++ vtpm_rx_fh = open(DEV_BE, O_RDWR);
++#else
++ if (type == VTPM_TYPE_PVM) {
++ vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY);
++ } else {
++ if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
++ error("Unable to bind(). errno = %d\n", errno);
++ exit (-1);
++ }
++
++ if (listen(sockfd, 10) <0) {
++ error("Unable to listen(). errno = %d\n", errno);
++ exit (-1);
++ }
++
++ memset(&client_addr, 0, sizeof(client_addr));
++ client_length = sizeof(client_addr);
++
++ vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, &client_addr, &client_length);
++ }
+#endif
}
- if (tpm_rx_fh < 0) {
+- printf("ERROR: failed to open devices to listen to guest.\n");
+ if (vtpm_rx_fh < 0) {
- printf("ERROR: failed to open devices to listen to guest.\n");
++ error("Failed to open devices to listen to guest.\n");
return -1;
}
@@ -486,7 +603,8 @@
- in_size = read(tpm_rx_fh, in, BUFFER_SIZE);
+ in_size = read(vtpm_rx_fh, in, BUFFER_SIZE);
if (in_size < 6) { // Magic size of minium TPM command
- printf("Recv[%d] to small: 0x", in_size);
+- printf("Recv[%d] to small: 0x", in_size);
++ info("Recv incomplete command of %d bytes.", in_size);
if (in_size <= 0) {
- close(tpm_rx_fh);
- tpm_rx_fh = -1;
@@ -495,8 +613,13 @@
goto abort_command;
}
} else {
-@@ -129,28 +135,73 @@ abort_command:
- printf("\n");
+- printf("Recv[%d]: 0x", in_size);
++ debug_nostop("Recv[%d]: 0x", in_size);
+ for (i=0; i< in_size; i++)
+- printf("%x ", in[i]);
+- printf("\n");
++ debug_more("%x ", in[i]);
++ debug_more("\n");
}
-
@@ -504,71 +627,56 @@
- printf("ERROR: Handler Failed.\n");
+ if (guest_id == -1) {
+ guest_id = *((uint32_t *) in);
-+ *((uint32_t *) ctrl_msg) = *((uint32_t *) in);
+ } else {
+ if (guest_id != *((uint32_t *) in) ) {
-+ printf("WARNING: More than one guest attached\n");
++ error("WARNING: More than one guest attached\n");
+ }
++ }
++
++ if (vtpm_tx_fh < 0) {
++#ifdef VTPM_MUTLI_VM
++ vtpm_tx_fh = open(DEV_BE, O_RDWR);
++ vtpm_rx_fh = vtpm_tx_fh;
++#else
++ if (type == VTPM_TYPE_PVM) {
++ vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY);
++ } // No need to open the other direction for HVM
++#endif
++ }
++
++ if (vtpm_tx_fh < 0) {
++ error("Failed to open devices to respond to guest.\n");
++ return -1;
++ }
++
++ // Handle the command, but skip the domain id header
++ if (tpm_handle_command(in + sizeof(uint32_t), in_size - sizeof(uint32_t), &out, &out_size) != 0) {
++ error("Handler Failed.\n");
}
- written = write(tpm_tx_fh, out, out_size);
-+ if (vtpm_tx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_tx_fh = open(DEV_BE, O_RDWR);
-+ vtpm_rx_fh = vtpm_tx_fh;
-+#else
-+ vtpm_tx_fh = open(GUEST_TX_FIFO, O_WRONLY);
-+#endif
-+ }
++ addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + out_size);
++ *(uint32_t *) addressed_out = *(uint32_t *) in;
++ memcpy(addressed_out + sizeof(uint32_t), out, out_size);
++
++ written = write(vtpm_tx_fh, addressed_out, out_size + sizeof(uint32_t));
- if (written != out_size ) {
- printf("ERROR: Part of response not written %d/%d.\nAttempt: ", written, out_size);
-- } else {
++ if (written != out_size + sizeof(uint32_t)) {
++ error("Part of response not written %d/%d.\n", written, out_size);
+ } else {
- printf("Sent[%Zu]: ", out_size);
-+ if (vtpm_tx_fh < 0) {
-+ printf("ERROR: failed to open devices to respond to guest.\n");
-+ return -1;
-+ }
-+
-+ // Handle command, but we need to skip the identifier
-+ if ( BE16_TO_CPU( ((uint16_t *) in)[2] ) == VTPM_TAG_REQ ) { // Control message from xend
-+ // This DM doesn't really care about ctrl messages. Just ACK the message
-+ written = write(vtpm_tx_fh, ctrl_msg, sizeof(ctrl_msg));
-+
-+ if (written != sizeof(ctrl_msg)) {
-+ printf("ERROR: Part of response not written %d/%Zu.\n", written, sizeof(ctrl_msg));
-+ } else {
-+ printf("Send Ctrl Message confermation\n");
-+ }
-+ } else { // Message from Guest
-+ if (tpm_handle_command(in + sizeof(uint32_t), in_size - sizeof(uint32_t), &out, &out_size) != 0) {
-+ printf("ERROR: Handler Failed.\n");
-+ }
-+
-+ addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + out_size);
-+ *(uint32_t *) addressed_out = *(uint32_t *) in;
-+ memcpy(addressed_out + sizeof(uint32_t), out, out_size);
-+
-+ written = write(vtpm_tx_fh, addressed_out, out_size + sizeof(uint32_t));
-+
-+ if (written != out_size + sizeof(uint32_t)) {
-+ printf("ERROR: Part of response not written %d/%d.\n", written, out_size);
-+ for (i=0; i< out_size+ sizeof(uint32_t); i++)
-+ printf("%x ", addressed_out[i]);
-+ printf("\n");
-+ } else {
-+ printf("Sent[%Zu]: ", out_size + sizeof(uint32_t));
-+ for (i=0; i< out_size+ sizeof(uint32_t); i++)
-+ printf("%x ", addressed_out[i]);
-+ printf("\n");
-+ }
-+ tpm_free(out);
-+ tpm_free(addressed_out);
++ debug_nostop("Sent[%Zu]: ", out_size + sizeof(uint32_t));
++ for (i=0; i< out_size+ sizeof(uint32_t); i++)
++ debug_more("%x ", addressed_out[i]);
++ debug_more("\n");
}
- for (i=0; i< out_size; i++)
- printf("%x ", out[i]);
- printf("\n");
-- tpm_free(out);
+ tpm_free(out);
++ tpm_free(addressed_out);
} // loop
@@ -579,19 +687,7 @@
+ close(vtpm_tx_fh);
+#ifndef VTPM_MUTLI_VM
+ close(vtpm_rx_fh);
-+ free (guest_rx_file);
++ free (vtpm_rx_file);
+#endif
}
-Binary files tpm_emulator/tpm_emulator and vtpm/tpm_emulator differ
-diff -uprN tpm_emulator/tpm_version.h vtpm/tpm_version.h
---- tpm_emulator/tpm_version.h 2006-07-24 14:35:41.000000000 -0700
-+++ vtpm/tpm_version.h 2006-07-24 14:35:35.000000000 -0700
-@@ -2,5 +2,5 @@
- #define _TPM_VERSION_H_
- #define VERSION_MAJOR 0
- #define VERSION_MINOR 4
--#define VERSION_BUILD 1153776940
-+#define VERSION_BUILD 1153776935
- #endif /* _TPM_VERSION_H_ */
-Binary files tpm_emulator/vtpmd and vtpm/vtpmd differ
diff -r 003d56dec2ea -r 1be602b84f6d tools/vtpm_manager/manager/dmictl.c
--- a/tools/vtpm_manager/manager/dmictl.c Wed Jan 10 00:29:32 2007
+++ b/tools/vtpm_manager/manager/dmictl.c Fri Jan 19 00:19:24 2007
@@ -54,7 +54,7 @@
// if dmi_res is non-null, then return a pointer to new object.
// Also, this does not fill in the measurements. They should be filled by
// design dependent code or saveNVM
-TPM_RESULT init_dmi(UINT32 dmi_id, BYTE type, VTPM_DMI_RESOURCE **dmi_res) {
+TPM_RESULT init_dmi(UINT32 dmi_id, BYTE dmi_type, VTPM_DMI_RESOURCE **dmi_res) {
TPM_RESULT status=TPM_SUCCESS;
VTPM_DMI_RESOURCE *new_dmi=NULL;
@@ -66,6 +66,7 @@
}
memset(new_dmi, 0, sizeof(VTPM_DMI_RESOURCE));
new_dmi->dmi_id = dmi_id;
+ new_dmi->dmi_type = dmi_type;
new_dmi->connected = FALSE;
new_dmi->TCSContext = 0;
@@ -120,47 +121,46 @@
VTPM_DMI_RESOURCE *new_dmi=NULL;
TPM_RESULT status=TPM_FAIL;
- BYTE type, startup_mode;
+ BYTE dmi_type, vm_type, startup_mode;
UINT32 dmi_id;
if (param_buf == NULL) { // Assume creation of Dom 0 control
- type = VTPM_TYPE_NON_MIGRATABLE;
+ dmi_type = VTPM_TYPE_NON_MIGRATABLE;
dmi_id = VTPM_CTL_DM;
- } else if (buffer_len(param_buf) != sizeof(BYTE) + sizeof(BYTE) + sizeof(UINT32)) {
+ } else if (buffer_len(param_buf) != sizeof(BYTE) * 3 + sizeof(UINT32)) {
vtpmloginfo(VTPM_LOG_VTPM, "New DMI command wrong length: %d.\n", buffer_len(param_buf));
status = TPM_BAD_PARAMETER;
goto abort_egress;
} else {
vtpm_globals->connected_dmis++; // Put this here so we don't count Dom0
- BSG_UnpackList( param_buf->bytes, 3,
- BSG_TYPE_BYTE, &type,
+ BSG_UnpackList( param_buf->bytes, 4,
+ BSG_TYPE_BYTE, &dmi_type,
BSG_TYPE_BYTE, &startup_mode,
+ BSG_TYPE_BYTE, &vm_type,
BSG_TYPE_UINT32, &dmi_id);
+ }
+
+ if ((dmi_type != VTPM_TYPE_NON_MIGRATABLE) && (dmi_type != VTPM_TYPE_MIGRATABLE)) {
+ vtpmlogerror(VTPM_LOG_VTPM, "Creation of VTPM with illegal type.\n");
+ status = TPM_BAD_PARAMETER;
+ goto abort_egress;
}
new_dmi = (VTPM_DMI_RESOURCE *) hashtable_search(vtpm_globals->dmi_map, &dmi_id);
if (new_dmi == NULL) {
vtpmloginfo(VTPM_LOG_VTPM, "Creating new DMI instance %d attached.\n", dmi_id );
// Brand New DMI. Initialize the persistent pieces
- TPMTRYRETURN(init_dmi(dmi_id, type, &new_dmi) );
+ TPMTRYRETURN(init_dmi(dmi_id, dmi_type, &new_dmi) );
} else
vtpmloginfo(VTPM_LOG_VTPM, "Re-attaching DMI instance %d.\n", dmi_id);
- if (type != VTPM_TYPE_MIGRATED) {
- new_dmi->dmi_type = type;
- } else {
- vtpmlogerror(VTPM_LOG_VTPM, "Creation of VTPM with illegal type.\n");
- status = TPM_BAD_PARAMETER;
- goto abort_egress;
- }
-
if (new_dmi->connected) {
vtpmlogerror(VTPM_LOG_VTPM, "Attempt to re-attach, currently attached instance %d. Ignoring\n", dmi_id);
status = TPM_BAD_PARAMETER;
goto abort_egress;
}
- if (type == VTPM_TYPE_MIGRATED) {
+ if (new_dmi->dmi_type == VTPM_TYPE_MIGRATED) {
vtpmlogerror(VTPM_LOG_VTPM, "Attempt to re-attach previously migrated instance %d without recovering first. Ignoring\n", dmi_id);
status = TPM_BAD_PARAMETER;
goto abort_egress;
@@ -173,7 +173,7 @@
// Design specific new DMI code.
// Includes: create IPCs, Measuring DMI, and maybe launching DMI
- status = VTPM_New_DMI_Extra(new_dmi, startup_mode);
+ TPMTRYRETURN(VTPM_New_DMI_Extra(new_dmi, vm_type, startup_mode) );
goto egress;
abort_egress:
diff -r 003d56dec2ea -r 1be602b84f6d tools/vtpm_manager/manager/vtpmd.c
--- a/tools/vtpm_manager/manager/vtpmd.c Wed Jan 10 00:29:32 2007
+++ b/tools/vtpm_manager/manager/vtpmd.c Fri Jan 19 00:19:24 2007
@@ -63,6 +63,9 @@
#define VTPM_TX_HP_FNAME "/var/vtpm/fifos/to_console.fifo"
#define VTPM_RX_HP_FNAME "/var/vtpm/fifos/from_console.fifo"
+#define VTPM_TYPE_PVM_STRING "pvm"
+#define VTPM_TYPE_HVM_STRING "hvm"
+
struct vtpm_thread_params_s {
vtpm_ipc_handle_t *tx_ipc_h;
vtpm_ipc_handle_t *rx_ipc_h;
@@ -104,12 +107,12 @@
struct sigaction ctl_c_handler;
-TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE startup_mode) {
+TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE vm_type, BYTE startup_mode) {
TPM_RESULT status = TPM_SUCCESS;
int fh;
char dmi_id_str[11]; // UINT32s are up to 10 digits + NULL
- char *tx_vtpm_name, *tx_tpm_name;
+ char *tx_vtpm_name, *tx_tpm_name, *vm_type_string;
struct stat file_info;
if (dmi_res->dmi_id == VTPM_CTL_DM) {
@@ -156,6 +159,10 @@
*/
memset(&dmi_res->DMI_measurement, 0xcc, sizeof(TPM_DIGEST));
+ if (vm_type == VTPM_TYPE_PVM)
+ vm_type_string = (BYTE *)&VTPM_TYPE_PVM_STRING;
+ else
+ vm_type_string = (BYTE *)&VTPM_TYPE_HVM_STRING;
// Launch DMI
sprintf(dmi_id_str, "%d", (int) dmi_res->dmi_id);
@@ -172,13 +179,13 @@
} else if (pid == 0) {
switch (startup_mode) {
case TPM_ST_CLEAR:
- execl (TPM_EMULATOR_PATH, "vtpmd", "clear", dmi_id_str, NULL);
+ execl (TPM_EMULATOR_PATH, "vtpmd", "clear", vm_type_string, dmi_id_str, NULL);
break;
case TPM_ST_STATE:
- execl (TPM_EMULATOR_PATH, "vtpmd", "save", dmi_id_str, NULL);
+ execl (TPM_EMULATOR_PATH, "vtpmd", "save", vm_type_string, dmi_id_str, NULL);
break;
case TPM_ST_DEACTIVATED:
- execl (TPM_EMULATOR_PATH, "vtpmd", "deactivated", dmi_id_str, NULL);
+ execl (TPM_EMULATOR_PATH, "vtpmd", "deactivated", vm_type_string, dmi_id_str, NULL);
break;
default:
status = TPM_BAD_PARAMETER;
diff -r 003d56dec2ea -r 1be602b84f6d tools/vtpm_manager/Rules.mk
--- a/tools/vtpm_manager/Rules.mk Wed Jan 10 00:29:32 2007
+++ b/tools/vtpm_manager/Rules.mk Fri Jan 19 00:19:24 2007
@@ -39,7 +39,7 @@
CFLAGS += -D_GNU_SOURCE
# Logging Level. See utils/tools.h for usage
-CFLAGS += -DLOGGING_MODULES="(BITMASK(VTPM_LOG_TCS)|BITMASK(VTPM_LOG_VTSP)|BITMASK(VTPM_LOG_VTPM)|BITMASK(VTPM_LOG_VTPM_DEEP))"
+CFLAGS += -DLOGGING_MODULES="(BITMASK(VTPM_LOG_TCS)|BITMASK(VTPM_LOG_VTSP)|BITMASK(VTPM_LOG_VTPM))"
# Silent Mode
#CFLAGS += -DLOGGING_MODULES=0x0
diff -r 003d56dec2ea -r 1be602b84f6d tools/vtpm_manager/manager/vtpmpriv.h
--- a/tools/vtpm_manager/manager/vtpmpriv.h Wed Jan 10 00:29:32 2007
+++ b/tools/vtpm_manager/manager/vtpmpriv.h Fri Jan 19 00:19:24 2007
@@ -165,7 +165,7 @@
TPM_RESULT VTPM_SaveManagerData(void);
TPM_RESULT VTPM_LoadManagerData(void);
-TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE startup_mode);
+TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE vm_type, BYTE startup_mode);
TPM_RESULT VTPM_Close_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res);
diff -r 003d56dec2ea -r 1be602b84f6d tools/vtpm_manager/manager/Makefile
--- a/tools/vtpm_manager/manager/Makefile Wed Jan 10 00:29:32 2007
+++ b/tools/vtpm_manager/manager/Makefile Fri Jan 19 00:19:24 2007
@@ -13,6 +13,9 @@
install: build
if [ ! -d "$(DESTDIR)/var/vtpm/fifos" ]; \
then mkdir -p $(DESTDIR)/var/vtpm/fifos; \
+ fi
+ if [ ! -d "$(DESTDIR)/var/vtpm/socks" ]; \
+ then mkdir -p $(DESTDIR)/var/vtpm/socks; \
fi
$(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR)
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
next prev parent reply other threads:[~2007-01-20 0:09 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-18 13:57 32-on-64: pvfb issue Gerd Hoffmann
2007-01-18 14:07 ` Keir Fraser
2007-01-18 15:00 ` Markus Armbruster
2007-01-18 15:35 ` Gerd Hoffmann
2007-01-18 15:53 ` Daniel P. Berrange
2007-01-18 16:34 ` Gerd Hoffmann
2007-01-18 16:55 ` Gerd Hoffmann
2007-01-18 17:05 ` Daniel P. Berrange
2007-01-18 18:31 ` Keir Fraser
2007-01-19 9:46 ` Gerd Hoffmann
2007-01-19 9:54 ` Gerd Hoffmann
2007-01-19 10:31 ` Markus Armbruster
2007-01-19 10:46 ` Gerd Hoffmann
2007-01-19 11:53 ` Markus Armbruster
2007-01-19 11:10 ` Keir Fraser
2007-01-19 11:43 ` Gerd Hoffmann
2007-01-19 12:01 ` Keir Fraser
2007-01-19 12:59 ` Gerd Hoffmann
2007-01-19 13:45 ` Keir Fraser
2007-01-19 15:08 ` Gerd Hoffmann
2007-01-19 15:22 ` Keir Fraser
2007-01-19 15:31 ` Gerd Hoffmann
2007-01-19 16:05 ` Keir Fraser
2007-01-20 0:09 ` Scarlata, Vincent R [this message]
2007-01-22 7:50 ` Gerd Hoffmann
2007-01-22 14:01 ` Gerd Hoffmann
2007-01-22 14:48 ` Keir Fraser
2007-01-23 12:53 ` Gerd Hoffmann
2007-01-23 15:07 ` Keir Fraser
2007-01-23 15:56 ` Gerd Hoffmann
2007-01-24 11:23 ` Gerd Hoffmann
2007-01-24 12:02 ` Keir Fraser
2007-01-24 12:24 ` Markus Armbruster
2007-01-24 12:38 ` Gerd Hoffmann
2007-01-24 14:24 ` Markus Armbruster
2007-01-24 15:25 ` Gerd Hoffmann
2007-01-25 13:16 ` 32-on-64 broken in unstable Gerd Hoffmann
2007-01-25 13:25 ` Keir Fraser
2007-01-25 13:34 ` Gerd Hoffmann
2007-01-22 15:22 ` 32-on-64: pvfb issue Markus Armbruster
2007-01-22 15:33 ` Gerd Hoffmann
2007-01-22 15:40 ` Keir Fraser
2007-01-19 16:06 ` Markus Armbruster
2007-01-22 7:56 ` Gerd Hoffmann
2007-01-19 10:43 ` Ian Campbell
2007-01-19 12:03 ` Markus Armbruster
2007-01-22 18:32 ` Does vt-x itself have perf. impact on Hypervisor w/o considering HVM? Liang Yang
2007-01-23 10:05 ` [Xen-users] " Petersson, Mats
2007-01-23 16:15 ` Liang Yang
2007-01-23 16:33 ` Petersson, Mats
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D936D925018D154694D8A362EEB08920010587E9@orsmsx416.amr.corp.intel.com \
--to=vincent.r.scarlata@intel.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.