xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v2 00/13] vtpmmgr: Some fixes - still incomplete
@ 2021-05-06 13:59 Jason Andryuk
  2021-05-06 13:59 ` [PATCH v2 01/13] docs: Warn about incomplete vtpmmgr TPM 2.0 support Jason Andryuk
                   ` (12 more replies)
  0 siblings, 13 replies; 32+ messages in thread
From: Jason Andryuk @ 2021-05-06 13:59 UTC (permalink / raw)
  To: xen-devel
  Cc: Jason Andryuk, Ian Jackson, Wei Liu, Daniel De Graaf, Quan Xu,
	Samuel Thibault

vtpmmgr TPM 2.0 support is incomplete.  There is no code to save the
tpm2 keys generated by the vtpmmgr, so it's impossible to restore vtpm
state with tpm2.  The vtpmmgr also issues TPM 1.2 commands to the TPM
2.0 hardware which naturally fails.  Dag reported this [1][2], and I
independently re-discovered it.

I have not fixed the above issues.  These are some fixes I made while
investigating tpm2 support.  At a minimum, "docs: Warn about incomplete
vtpmmgr TPM 2.0 support" should be applied to warn others.

This is useful for debugging:
vtpmmgr: Print error code to aid debugging

This fixes vtpmmgr output (also noted by Dag [3]):
stubom: newlib: Enable C99 formats for %z

This gives more flexibility if you are already using the TPM2 hardware:
vtpmmgr: Allow specifying srk_handle for TPM2

These are some changes to unload keys from the TPM hardware (so they
are not still loaded for anything that runs afterwards):
vtpmmgr: Move vtpmmgr_shutdown
vtpmmgr: Flush transient keys on shutdown
vtpmmgr: Flush all transient keys
vtpmmgr: Shutdown more gracefully

This lets vtpms initialize their random pools:
vtpmmgr: Support GetRandom passthrough on TPM 2.0

New in v2:
TPM2_GetRandom fix per Samuel:
vtpmmgr: Remove bogus cast from TPM2_GetRandom

Change ":" to "=":
vtpmmgr: Fix owner_auth & srk_auth parsing

Follow on from comments from Samuel
vtpmmgr: Check req_len before unpacking command

Fix for vtpm emulator to work with Linux 5.4
vtpm: Correct timeout units and command duration

Changes in v2:
Added R-by & Ack-by to 1-3,5-8
Updated #4 to use srk_handle=
Updated #7 commit message
Updated #9 per Samuel
Added #10-13

[1] https://lore.kernel.org/xen-devel/8285393.eUs1EhXEQl@eseries.newtech.fi/
[2] https://lore.kernel.org/xen-devel/1615731.eyaQ0j4tC5@eseries.newtech.fi/
[3] https://lore.kernel.org/xen-devel/3151252.0ZAaMuH7Fy@dag.newtech.fi/

Jason Andryuk (13):
  docs: Warn about incomplete vtpmmgr TPM 2.0 support
  vtpmmgr: Print error code to aid debugging
  stubom: newlib: Enable C99 formats for %z
  vtpmmgr: Allow specifying srk_handle for TPM2
  vtpmmgr: Move vtpmmgr_shutdown
  vtpmmgr: Flush transient keys on shutdown
  vtpmmgr: Flush all transient keys
  vtpmmgr: Shutdown more gracefully
  vtpmmgr: Support GetRandom passthrough on TPM 2.0
  vtpmmgr: Remove bogus cast from TPM2_GetRandom
  vtpmmgr: Fix owner_auth & srk_auth parsing
  vtpmmgr: Check req_len before unpacking command
  vtpm: Correct timeout units and command duration

 docs/man/xen-vtpmmgr.7.pod              | 18 +++++++
 stubdom/Makefile                        |  4 +-
 stubdom/vtpm-command-duration.patch     | 52 +++++++++++++++++++
 stubdom/vtpm-microsecond-duration.patch | 52 +++++++++++++++++++
 stubdom/vtpmmgr/init.c                  | 57 +++++++++++++--------
 stubdom/vtpmmgr/marshal.h               | 15 ++++++
 stubdom/vtpmmgr/tpm.c                   |  2 +-
 stubdom/vtpmmgr/tpm2.c                  | 15 ++++--
 stubdom/vtpmmgr/vtpm_cmd_handler.c      | 67 ++++++++++++++++++++++++-
 stubdom/vtpmmgr/vtpmmgr.c               | 12 ++++-
 10 files changed, 266 insertions(+), 28 deletions(-)
 create mode 100644 stubdom/vtpm-command-duration.patch
 create mode 100644 stubdom/vtpm-microsecond-duration.patch

-- 
2.30.2



^ permalink raw reply	[flat|nested] 32+ messages in thread
* Re: [PATCH v2 01/13] docs: Warn about incomplete vtpmmgr TPM 2.0 support
@ 2021-05-08 18:37 Rich Persaud
  0 siblings, 0 replies; 32+ messages in thread
From: Rich Persaud @ 2021-05-08 18:37 UTC (permalink / raw)
  To: Jason Andryuk; +Cc: xen-devel, Ian Jackson, Wei Liu, Andrew Cooper

[-- Attachment #1: Type: text/plain, Size: 1533 bytes --]

On May 6, 2021, at 10:00, Jason Andryuk <jandryuk@gmail.com> wrote:
> The vtpmmgr TPM 2.0 support is incomplete.  Add a warning about that to
> the documentation so others don't have to work through discovering it is
> broken.
> 
> Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
> ---
> docs/man/xen-vtpmmgr.7.pod | 11 +++++++++++
> 1 file changed, 11 insertions(+)
> 
> diff --git a/docs/man/xen-vtpmmgr.7.pod b/docs/man/xen-vtpmmgr.7.pod
> index af825a7ffe..875dcce508 100644
> --- a/docs/man/xen-vtpmmgr.7.pod
> +++ b/docs/man/xen-vtpmmgr.7.pod
> @@ -222,6 +222,17 @@ XSM label, not the kernel.
> 
> =head1 Appendix B: vtpmmgr on TPM 2.0
> 
> +=head2 WARNING: Incomplete - cannot persist data
> +
> +TPM 2.0 support for vTPM manager is incomplete.  There is no support for
> +persisting an encryption key, so vTPM manager regenerates primary and secondary
> +key handles each boot.
> +
> +Also, the vTPM manger group command implementation hardcodes TPM 1.2 commands.
> +This means running manage-vtpmmgr.pl fails when the TPM 2.0 hardware rejects
> +the TPM 1.2 commands.  vTPM manager with TPM 2.0 cannot create groups and
> +therefore cannot persist vTPM contents.
> +
> =head2 Manager disk image setup:
> 
> The vTPM Manager requires a disk image to store its encrypted data. The image
> -- 
> 2.30.2

Should SUPPORT.md also be updated?

https://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md;hb=refs/heads/master

Rich

[-- Attachment #2: Type: text/html, Size: 2423 bytes --]

^ permalink raw reply	[flat|nested] 32+ messages in thread

end of thread, other threads:[~2021-05-10 13:40 UTC | newest]

Thread overview: 32+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-06 13:59 [PATCH v2 00/13] vtpmmgr: Some fixes - still incomplete Jason Andryuk
2021-05-06 13:59 ` [PATCH v2 01/13] docs: Warn about incomplete vtpmmgr TPM 2.0 support Jason Andryuk
2021-05-06 13:59 ` [PATCH v2 02/13] vtpmmgr: Print error code to aid debugging Jason Andryuk
2021-05-06 13:59 ` [PATCH v2 03/13] stubom: newlib: Enable C99 formats for %z Jason Andryuk
2021-05-06 13:59 ` [PATCH v2 04/13] vtpmmgr: Allow specifying srk_handle for TPM2 Jason Andryuk
2021-05-06 21:35   ` Samuel Thibault
2021-05-10 11:56   ` Daniel P. Smith
2021-05-06 13:59 ` [PATCH v2 05/13] vtpmmgr: Move vtpmmgr_shutdown Jason Andryuk
2021-05-07 15:48   ` Daniel P. Smith
2021-05-06 13:59 ` [PATCH v2 06/13] vtpmmgr: Flush transient keys on shutdown Jason Andryuk
2021-05-10 12:12   ` Daniel P. Smith
2021-05-06 13:59 ` [PATCH v2 07/13] vtpmmgr: Flush all transient keys Jason Andryuk
2021-05-10 12:19   ` Daniel P. Smith
2021-05-06 13:59 ` [PATCH v2 08/13] vtpmmgr: Shutdown more gracefully Jason Andryuk
2021-05-06 14:04   ` Jason Andryuk
2021-05-10 12:42   ` Daniel P. Smith
2021-05-06 13:59 ` [PATCH v2 09/13] vtpmmgr: Support GetRandom passthrough on TPM 2.0 Jason Andryuk
2021-05-06 21:40   ` Samuel Thibault
2021-05-10 12:51   ` Daniel P. Smith
2021-05-06 13:59 ` [PATCH v2 10/13] vtpmmgr: Remove bogus cast from TPM2_GetRandom Jason Andryuk
2021-05-06 21:41   ` Samuel Thibault
2021-05-10 13:03   ` Daniel P. Smith
2021-05-06 13:59 ` [PATCH v2 11/13] vtpmmgr: Fix owner_auth & srk_auth parsing Jason Andryuk
2021-05-06 21:41   ` Samuel Thibault
2021-05-10 13:18   ` Daniel P. Smith
2021-05-06 13:59 ` [PATCH v2 12/13] vtpmmgr: Check req_len before unpacking command Jason Andryuk
2021-05-06 21:42   ` Samuel Thibault
2021-05-10 13:32   ` Daniel P. Smith
2021-05-06 13:59 ` [PATCH v2 13/13] vtpm: Correct timeout units and command duration Jason Andryuk
2021-05-06 21:52   ` Samuel Thibault
2021-05-10 13:40   ` Daniel P. Smith
2021-05-08 18:37 [PATCH v2 01/13] docs: Warn about incomplete vtpmmgr TPM 2.0 support Rich Persaud

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).