ia64/xen-unstable

view tools/examples/vtpm-impl @ 11424:536c25a9654d

The attached patch prevents a domain with an attached vTPM from doing
local migration since this does not seem to work correctly (see tests in
xm test suite). If no vTPM has been attached, the local migration
proceeds as usual.

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
author Ewan Mellor <ewan@xensource.com>
date Tue Sep 05 14:17:49 2006 +0100 (2006-09-05)
parents 28b766e3bcca
children a02622437e07
line source
1 #!/bin/bash
2 # ===================================================================
3 #
4 # Copyright (c) 2005, Intel Corp.
5 # All rights reserved.
6 #
7 # Redistribution and use in source and binary forms, with or without
8 # modification, are permitted provided that the following conditions
9 # are met:
10 #
11 # * Redistributions of source code must retain the above copyright
12 # notice, this list of conditions and the following disclaimer.
13 # * Redistributions in binary form must reproduce the above
14 # copyright notice, this list of conditions and the following
15 # disclaimer in the documentation and/or other materials provided
16 # with the distribution.
17 # * Neither the name of Intel Corporation nor the names of its
18 # contributors may be used to endorse or promote products derived
19 # from this software without specific prior written permission.
20 #
21 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 # FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 # COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
27 # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
28 # SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
30 # STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
32 # OF THE POSSIBILITY OF SUCH DAMAGE.
33 # ===================================================================
35 # | SRC | TAG | CMD SIZE | ORD | type| mode
36 TPM_CMD_OPEN=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x10\\x01\\x00\\x00\\x01\\x01\\x01
37 TPM_CMD_RESM=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x10\\x01\\x00\\x00\\x01\\x01\\x02
38 TPM_CMD_CLOS=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x0e\\x01\\x00\\x00\\x02
39 TPM_CMD_DELE=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x0e\\x01\\x00\\x00\\x03
41 TPM_SUCCESS=00000000
43 TX_VTPM_MANAGER=/var/vtpm/fifos/from_console.fifo
44 RX_VTPM_MANAGER=/var/vtpm/fifos/to_console.fifo
46 VTPM_MIG=/usr/bin/vtpm_migrator
48 # -------------------- Helpers for binary streams -----------
50 function str_to_hex32() {
51 printf "%0.8x" $1
52 }
54 function hex32_to_bin() {
55 local inst=$(str_to_hex32 $1);
57 local n1=`echo $inst | sed 's/\(..\)....../\\\\x\1/'`
58 local n2=`echo $inst | sed 's/..\(..\)..../\\\\x\1/'`
59 local n3=`echo $inst | sed 's/....\(..\)../\\\\x\1/'`
60 local n4=`echo $inst | sed 's/......\(..\)/\\\\x\1/'`
62 echo "$n1$n2$n3$n4"
63 }
65 function vtpm_manager_cmd() {
66 local cmd=$1;
67 local inst=$2;
68 local inst_bin=$(hex32_to_bin $inst);
70 claim_lock vtpm_mgr
72 #send cmd to vtpm_manager
73 printf "$cmd$inst_bin" > $TX_VTPM_MANAGER
75 #recv response
76 set +e
77 local resp_hex=`dd skip=10 bs=1 count=4 if=$RX_VTPM_MANAGER 2> /dev/null | xxd -ps`
78 set -e
80 release_lock vtpm_mgr
82 #return whether the command was successful
83 if [ $resp_hex != $TPM_SUCCESS ]; then
84 vtpm_fatal_error=1
85 false
86 else
87 true
88 fi
89 }
91 # ------------------ Command handlers -----------------
93 # Create new vtpm instance & set it up for use
94 function vtpm_create () {
95 # Creation is handled implicitly by the manager on first setup
96 # so just set it up for use
97 $(vtpm_start $1)
98 }
100 # Setup vtpm instance for use.
101 function vtpm_start() {
102 $(vtpm_manager_cmd $TPM_CMD_OPEN $1)
103 }
105 function vtpm_resume() {
106 $(vtpm_manager_cmd $TPM_CMD_RESM $1)
107 }
109 # Reset the vtpm AKA clear PCRs
110 function vtpm_reset() {
111 #not used by current implemenation
112 true
113 }
115 # Shutdown the vtpm while the vm is down
116 # This could be a suspend of shutdown
117 # we cannot distinquish, so save the state
118 # and decide on startup if we should keep is
119 function vtpm_suspend() {
120 $(vtpm_manager_cmd $TPM_CMD_CLOS $1)
121 }
124 function vtpm_delete() {
125 local inst=$1
126 if $(vtpm_manager_cmd $TPM_CMD_DELE $inst); then
127 rm -f /var/vtpm/vtpm_dm_$1.data
128 true
129 else
130 vtpm_fatal_error=1
131 false
132 fi
133 }
135 # Perform a migration step. This function differentiates between migration
136 # to the local host or to a remote machine.
137 # Parameters:
138 # 1st: destination host to migrate to
139 # 2nd: name of the domain to migrate
140 # 3rd: the migration step to perform
141 function vtpm_migrate() {
142 local instance res
144 instance=$(vtpmdb_find_instance $2)
145 if [ "$instance" == "" ]; then
146 log err "VTPM Migratoin failed. Unable to translation of domain name"
147 echo "Error: VTPM Migration failed while looking up instance number"
148 fi
150 case "$3" in
151 0)
152 #Incicate migration supported
153 echo "0"
154 ;;
156 1)
157 # Get Public Key from Destination
158 # Call vtpm_manager's migration part 1
159 claim_lock vtpm_mgr
160 $VTPM_MIG $1 $2 $instance $3
161 release_lock vtpm_mgr
162 ;;
164 2)
165 # Call manager's migration step 2 and send result to destination
166 # If successful remove from db
167 claim_lock vtpm_mgr
168 $VTPM_MIG $1 $2 $instance $3
169 release_lock vtpm_mgr
170 ;;
172 3)
173 if `ps x | grep "$VTPM_MIG $1"`; then
174 log err "VTPM Migration failed to complete."
175 echo "Error: VTPM Migration failed to complete."
176 fi
177 ;;
178 esac
180 }
183 function vtpm_migrate_recover() {
184 echo "Error: Recovery not supported yet"
185 }
187 function vtpm_migrate_local() {
188 echo "Error: local vTPM migration not supported"
189 }