ia64/xen-unstable
changeset 10075:72ef14e79cc0
VTPM_TOOLS: Restructured handlers for better clearity and created an ipc
abstraction needed for expansion to hot plug and migration support. Also
fixed a bug in savestate.
Signed-off-by: Vinnie Scarlata <Vincent.r.scarlata@intel.com>
abstraction needed for expansion to hot plug and migration support. Also
fixed a bug in savestate.
Signed-off-by: Vinnie Scarlata <Vincent.r.scarlata@intel.com>
line diff
1.1 --- a/tools/vtpm/Makefile Wed May 17 23:19:18 2006 +0100 1.2 +++ b/tools/vtpm/Makefile Wed May 17 23:23:26 2006 +0100 1.3 @@ -21,7 +21,9 @@ build: $(TPM_EMULATOR_DIR) $(VTPM_DIR) b 1.4 1.5 .PHONY: install 1.6 install: build 1.7 - $(MAKE) -C $(TPM_EMULATOR_DIR) $@ 1.8 + if [ "$(BUILD_EMULATOR)" = "y" ]; then \ 1.9 + $(MAKE) -C $(TPM_EMULATOR_DIR) $@ ;\ 1.10 + fi 1.11 $(MAKE) -C $(VTPM_DIR) $@ 1.12 1.13 .PHONY: clean 1.14 @@ -46,20 +48,21 @@ mrproper: 1.15 # Create vtpm and TPM emulator dirs 1.16 # apply patches for 1) used as dom0 tpm driver 2) used as vtpm device instance 1.17 $(TPM_EMULATOR_DIR): $(TPM_EMULATOR_TARFILE) tpm_emulator.patch tpm_emulator-0.2b-x86_64.patch 1.18 - tar -xzf $(TPM_EMULATOR_TARFILE); 1.19 - rm -rf $(TPM_EMULATOR_DIR) 1.20 - mv tpm_emulator-0.2 $(TPM_EMULATOR_DIR); 1.21 - 1.22 - -cd $(TPM_EMULATOR_DIR); \ 1.23 - patch -p1 < ../tpm_emulator-0.2b-x86_64.patch; \ 1.24 - patch -p1 <../tpm_emulator.patch 1.25 + if [ "$(BUILD_EMULATOR)" = "y" ]; then \ 1.26 + tar -xzf $(TPM_EMULATOR_TARFILE); \ 1.27 + rm -rf $(TPM_EMULATOR_DIR); \ 1.28 + mv tpm_emulator-0.2 $(TPM_EMULATOR_DIR); \ 1.29 + cd $(TPM_EMULATOR_DIR); \ 1.30 + patch -p1 < ../tpm_emulator-0.2b-x86_64.patch; \ 1.31 + patch -p1 <../tpm_emulator.patch; \ 1.32 + fi 1.33 1.34 $(VTPM_DIR): $(TPM_EMULATOR_TARFILE) tpm_emulator-0.2b-x86_64.patch vtpm.patch 1.35 tar -xzf $(TPM_EMULATOR_TARFILE); 1.36 rm -rf $(VTPM_DIR) 1.37 mv tpm_emulator-0.2 $(VTPM_DIR); 1.38 1.39 - -cd $(VTPM_DIR); \ 1.40 + cd $(VTPM_DIR); \ 1.41 patch -p1 < ../tpm_emulator-0.2b-x86_64.patch; \ 1.42 patch -p1 <../vtpm.patch 1.43
2.1 --- a/tools/vtpm/tpm_emulator.patch Wed May 17 23:19:18 2006 +0100 2.2 +++ b/tools/vtpm/tpm_emulator.patch Wed May 17 23:23:26 2006 +0100 2.3 @@ -52,7 +52,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 2.4 -KERNEL_BUILD := /lib/modules/$(KERNEL_RELEASE)/build 2.5 +CUR_DIR := $(shell pwd) 2.6 +LINUX_VERSION := $(shell cat $(CUR_DIR)/$(XEN_ROOT)/buildconfigs/mk.linux-2.6-xen | grep "LINUX_VER" | grep "2.6" | gawk '{ print $$3 }' ) 2.7 -+KERNEL_BUILD := $(XEN_ROOT)/linux-$(LINUX_VERSION)-xen0 2.8 ++KERNEL_BUILD := $(XEN_ROOT)/linux-$(LINUX_VERSION)-xen 2.9 MOD_SUBDIR := misc 2.10 COMPILE_ARCH ?= $(shell uname -m | sed -e s/i.86/x86_32/) 2.11
3.1 --- a/tools/vtpm/vtpm.patch Wed May 17 23:19:18 2006 +0100 3.2 +++ b/tools/vtpm/vtpm.patch Wed May 17 23:23:26 2006 +0100 3.3 @@ -1,12 +1,12 @@ 3.4 diff -uprN orig/tpm_emulator-0.2-x86_64/AUTHORS vtpm/AUTHORS 3.5 --- orig/tpm_emulator-0.2-x86_64/AUTHORS 2005-08-15 00:58:57.000000000 -0700 3.6 -+++ vtpm/AUTHORS 2005-09-14 20:27:22.000000000 -0700 3.7 ++++ vtpm/AUTHORS 2006-05-17 09:31:11.000000000 -0700 3.8 @@ -1 +1,2 @@ 3.9 Mario Strasser <mast@gmx.net> 3.10 +INTEL Corp <> 3.11 diff -uprN orig/tpm_emulator-0.2-x86_64/ChangeLog vtpm/ChangeLog 3.12 --- orig/tpm_emulator-0.2-x86_64/ChangeLog 2005-08-15 00:58:57.000000000 -0700 3.13 -+++ vtpm/ChangeLog 2005-09-14 20:27:22.000000000 -0700 3.14 ++++ vtpm/ChangeLog 2006-05-17 09:31:11.000000000 -0700 3.15 @@ -1,3 +1,7 @@ 3.16 +2005-08-16 Intel Corp 3.17 + Moved module out of kernel to run as a ring 3 app 3.18 @@ -16,8 +16,8 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.19 * all: some typos corrected 3.20 * tpm_integrity.c: bug in TPM_Extend fixed 3.21 diff -uprN orig/tpm_emulator-0.2-x86_64/crypto/gmp_kernel_wrapper.c vtpm/crypto/gmp_kernel_wrapper.c 3.22 ---- orig/tpm_emulator-0.2-x86_64/crypto/gmp_kernel_wrapper.c 2005-09-15 19:21:42.508873032 -0700 3.23 -+++ vtpm/crypto/gmp_kernel_wrapper.c 2005-09-15 19:25:37.319176440 -0700 3.24 +--- orig/tpm_emulator-0.2-x86_64/crypto/gmp_kernel_wrapper.c 2006-05-17 09:34:13.000000000 -0700 3.25 ++++ vtpm/crypto/gmp_kernel_wrapper.c 2006-05-17 09:31:11.000000000 -0700 3.26 @@ -1,5 +1,6 @@ 3.27 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.28 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.29 @@ -59,10 +59,9 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.30 { 3.31 - void *ret = (void*)kmalloc(new_size, GFP_KERNEL); 3.32 - if (!ret) panic(KERN_CRIT TPM_MODULE_NAME "GMP: Cannot reallocate memory " 3.33 -- "(old_size=%Zu new_size=%Zu)\n", old_size, new_size); 3.34 + void *ret = (void*)malloc(new_size); 3.35 + if (!ret) error("GMP: Cannot reallocate memory " 3.36 -+ "(old_size=%Zu new_size=%Zu)\n", old_size, new_size); 3.37 + "(old_size=%Zu new_size=%Zu)\n", old_size, new_size); 3.38 memcpy(ret, oldptr, old_size); 3.39 - kfree(oldptr); 3.40 + free(oldptr); 3.41 @@ -80,7 +79,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.42 3.43 diff -uprN orig/tpm_emulator-0.2-x86_64/crypto/rsa.c vtpm/crypto/rsa.c 3.44 --- orig/tpm_emulator-0.2-x86_64/crypto/rsa.c 2005-08-15 00:58:57.000000000 -0700 3.45 -+++ vtpm/crypto/rsa.c 2005-09-14 20:27:22.000000000 -0700 3.46 ++++ vtpm/crypto/rsa.c 2006-05-17 09:31:11.000000000 -0700 3.47 @@ -1,5 +1,6 @@ 3.48 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.49 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.50 @@ -107,7 +106,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.51 if (memcmp(&msg[1], &msg[1 + SHA1_DIGEST_LENGTH], 3.52 SHA1_DIGEST_LENGTH) != 0) return -1; 3.53 diff -uprN orig/tpm_emulator-0.2-x86_64/linux_module.c vtpm/linux_module.c 3.54 ---- orig/tpm_emulator-0.2-x86_64/linux_module.c 2005-09-15 19:22:40.343080896 -0700 3.55 +--- orig/tpm_emulator-0.2-x86_64/linux_module.c 2006-05-17 09:34:13.000000000 -0700 3.56 +++ vtpm/linux_module.c 1969-12-31 16:00:00.000000000 -0800 3.57 @@ -1,163 +0,0 @@ 3.58 -/* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.59 @@ -274,8 +273,8 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.60 -} 3.61 - 3.62 diff -uprN orig/tpm_emulator-0.2-x86_64/linux_module.h vtpm/linux_module.h 3.63 ---- orig/tpm_emulator-0.2-x86_64/linux_module.h 2005-09-15 19:21:14.844078720 -0700 3.64 -+++ vtpm/linux_module.h 2005-09-14 20:27:22.000000000 -0700 3.65 +--- orig/tpm_emulator-0.2-x86_64/linux_module.h 2006-05-17 09:34:13.000000000 -0700 3.66 ++++ vtpm/linux_module.h 2006-05-17 09:31:11.000000000 -0700 3.67 @@ -1,5 +1,6 @@ 3.68 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.69 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.70 @@ -376,8 +375,8 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.71 #define LE16_TO_CPU(x) __le16_to_cpu(x) 3.72 3.73 diff -uprN orig/tpm_emulator-0.2-x86_64/Makefile vtpm/Makefile 3.74 ---- orig/tpm_emulator-0.2-x86_64/Makefile 2005-09-15 19:21:14.845078568 -0700 3.75 -+++ vtpm/Makefile 2005-09-14 20:27:22.000000000 -0700 3.76 +--- orig/tpm_emulator-0.2-x86_64/Makefile 2006-05-17 09:34:13.000000000 -0700 3.77 ++++ vtpm/Makefile 2006-05-17 09:31:11.000000000 -0700 3.78 @@ -1,22 +1,31 @@ 3.79 # Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.80 # Copyright (C) 2004 Mario Strasser <mast@gmx.net> 3.81 @@ -410,7 +409,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.82 + 3.83 +CC := gcc 3.84 +CFLAGS += -g -Wall $(INCLUDE) -DDEBUG 3.85 -+CFLAGS += -I. -Itpm 3.86 ++CFLAGS += -I. -Itpm -I../../vtpm_manager/manager 3.87 + 3.88 +# Is the simulator running in it's own vm? 3.89 +#CFLAGS += -DVTPM_MULTI_VM 3.90 @@ -470,8 +469,8 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.91 $(src)/crypto/libgmp.a: 3.92 test -f $(src)/crypto/libgmp.a || ln -s $(GMP_LIB) $(src)/crypto/libgmp.a 3.93 diff -uprN orig/tpm_emulator-0.2-x86_64/README vtpm/README 3.94 ---- orig/tpm_emulator-0.2-x86_64/README 2005-08-15 00:58:57.000000000 -0700 3.95 -+++ vtpm/README 2005-09-14 20:27:22.000000000 -0700 3.96 +--- orig/tpm_emulator-0.2-x86_64/README 2006-05-17 09:34:13.000000000 -0700 3.97 ++++ vtpm/README 2006-05-17 09:31:11.000000000 -0700 3.98 @@ -13,7 +13,8 @@ $Id: README 8 2005-01-25 21:11:45Z jmoli 3.99 Copyright 3.100 -------------------------------------------------------------------------- 3.101 @@ -484,7 +483,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.102 it under the terms of the GNU General Public License as published by 3.103 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_audit.c vtpm/tpm/tpm_audit.c 3.104 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_audit.c 2005-08-15 00:58:57.000000000 -0700 3.105 -+++ vtpm/tpm/tpm_audit.c 2005-09-14 20:27:22.000000000 -0700 3.106 ++++ vtpm/tpm/tpm_audit.c 2006-05-17 09:31:11.000000000 -0700 3.107 @@ -1,6 +1,7 @@ 3.108 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.109 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.110 @@ -549,7 +548,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.111 - 3.112 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_authorization.c vtpm/tpm/tpm_authorization.c 3.113 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_authorization.c 2005-08-15 00:58:57.000000000 -0700 3.114 -+++ vtpm/tpm/tpm_authorization.c 2005-09-14 20:27:22.000000000 -0700 3.115 ++++ vtpm/tpm/tpm_authorization.c 2006-05-17 09:31:11.000000000 -0700 3.116 @@ -1,6 +1,7 @@ 3.117 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.118 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.119 @@ -575,7 +574,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.120 - 3.121 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_capability.c vtpm/tpm/tpm_capability.c 3.122 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_capability.c 2005-08-15 00:58:57.000000000 -0700 3.123 -+++ vtpm/tpm/tpm_capability.c 2005-09-14 20:27:22.000000000 -0700 3.124 ++++ vtpm/tpm/tpm_capability.c 2006-05-17 09:31:11.000000000 -0700 3.125 @@ -1,6 +1,7 @@ 3.126 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.127 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.128 @@ -600,7 +599,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.129 - 3.130 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_cmd_handler.c vtpm/tpm/tpm_cmd_handler.c 3.131 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_cmd_handler.c 2005-08-15 00:58:57.000000000 -0700 3.132 -+++ vtpm/tpm/tpm_cmd_handler.c 2005-09-14 20:27:22.000000000 -0700 3.133 ++++ vtpm/tpm/tpm_cmd_handler.c 2006-05-17 09:31:11.000000000 -0700 3.134 @@ -1,6 +1,7 @@ 3.135 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.136 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.137 @@ -664,8 +663,8 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.138 } 3.139 - 3.140 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_crypto.c vtpm/tpm/tpm_crypto.c 3.141 ---- orig/tpm_emulator-0.2-x86_64/tpm/tpm_crypto.c 2005-09-15 19:21:14.846078416 -0700 3.142 -+++ vtpm/tpm/tpm_crypto.c 2005-09-14 20:27:22.000000000 -0700 3.143 +--- orig/tpm_emulator-0.2-x86_64/tpm/tpm_crypto.c 2006-05-17 09:34:13.000000000 -0700 3.144 ++++ vtpm/tpm/tpm_crypto.c 2006-05-17 09:31:11.000000000 -0700 3.145 @@ -1,6 +1,7 @@ 3.146 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.147 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.148 @@ -689,8 +688,8 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.149 } 3.150 - 3.151 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_data.c vtpm/tpm/tpm_data.c 3.152 ---- orig/tpm_emulator-0.2-x86_64/tpm/tpm_data.c 2005-09-15 19:21:14.847078264 -0700 3.153 -+++ vtpm/tpm/tpm_data.c 2005-09-14 20:27:22.000000000 -0700 3.154 +--- orig/tpm_emulator-0.2-x86_64/tpm/tpm_data.c 2006-05-17 09:34:13.000000000 -0700 3.155 ++++ vtpm/tpm/tpm_data.c 2006-05-17 09:31:11.000000000 -0700 3.156 @@ -1,6 +1,7 @@ 3.157 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.158 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.159 @@ -760,8 +759,8 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.160 +#ifdef VTPM_MUTLI_VM 3.161 + #define DEV_FE "/dev/tpm" 3.162 +#else 3.163 -+ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm-to-%d.fifo" 3.164 -+ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm-from-all.fifo" 3.165 ++ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo" 3.166 ++ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo" 3.167 + 3.168 + extern int dmi_id; 3.169 + static char *vtpm_rx_name=NULL; 3.170 @@ -1021,7 +1020,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.171 - 3.172 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_deprecated.c vtpm/tpm/tpm_deprecated.c 3.173 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_deprecated.c 2005-08-15 00:58:57.000000000 -0700 3.174 -+++ vtpm/tpm/tpm_deprecated.c 2005-09-14 20:27:22.000000000 -0700 3.175 ++++ vtpm/tpm/tpm_deprecated.c 2006-05-17 09:31:11.000000000 -0700 3.176 @@ -1,6 +1,7 @@ 3.177 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.178 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.179 @@ -1050,7 +1049,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.180 len = *authContextSize; 3.181 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_emulator.h vtpm/tpm/tpm_emulator.h 3.182 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_emulator.h 2005-08-15 00:58:57.000000000 -0700 3.183 -+++ vtpm/tpm/tpm_emulator.h 2005-09-14 20:27:22.000000000 -0700 3.184 ++++ vtpm/tpm/tpm_emulator.h 2006-05-17 09:31:11.000000000 -0700 3.185 @@ -1,5 +1,6 @@ 3.186 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.187 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.188 @@ -1070,7 +1069,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.189 * tpm_emulator_init - initialises and starts the TPM emulator 3.190 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_integrity.c vtpm/tpm/tpm_integrity.c 3.191 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_integrity.c 2005-08-15 00:58:57.000000000 -0700 3.192 -+++ vtpm/tpm/tpm_integrity.c 2005-09-14 20:27:22.000000000 -0700 3.193 ++++ vtpm/tpm/tpm_integrity.c 2006-05-17 09:31:11.000000000 -0700 3.194 @@ -1,6 +1,7 @@ 3.195 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.196 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.197 @@ -1086,7 +1085,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.198 - 3.199 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_structures.h vtpm/tpm/tpm_structures.h 3.200 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_structures.h 2005-08-15 00:58:57.000000000 -0700 3.201 -+++ vtpm/tpm/tpm_structures.h 2005-09-14 20:27:22.000000000 -0700 3.202 ++++ vtpm/tpm/tpm_structures.h 2006-05-17 09:31:11.000000000 -0700 3.203 @@ -1,6 +1,7 @@ 3.204 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.205 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.206 @@ -1106,7 +1105,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.207 /* 3.208 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_testing.c vtpm/tpm/tpm_testing.c 3.209 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_testing.c 2005-08-15 00:58:57.000000000 -0700 3.210 -+++ vtpm/tpm/tpm_testing.c 2005-09-14 20:27:22.000000000 -0700 3.211 ++++ vtpm/tpm/tpm_testing.c 2006-05-17 09:31:11.000000000 -0700 3.212 @@ -1,6 +1,7 @@ 3.213 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.214 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.215 @@ -1224,7 +1223,7 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.216 3.217 diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/tpm_ticks.c vtpm/tpm/tpm_ticks.c 3.218 --- orig/tpm_emulator-0.2-x86_64/tpm/tpm_ticks.c 2005-08-15 00:58:57.000000000 -0700 3.219 -+++ vtpm/tpm/tpm_ticks.c 2005-09-14 20:27:22.000000000 -0700 3.220 ++++ vtpm/tpm/tpm_ticks.c 2006-05-17 09:31:11.000000000 -0700 3.221 @@ -1,6 +1,7 @@ 3.222 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.223 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, 3.224 @@ -1307,139 +1306,9 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.225 } 3.226 3.227 3.228 -diff -uprN orig/tpm_emulator-0.2-x86_64/tpm/vtpm_manager.h vtpm/tpm/vtpm_manager.h 3.229 ---- orig/tpm_emulator-0.2-x86_64/tpm/vtpm_manager.h 1969-12-31 16:00:00.000000000 -0800 3.230 -+++ vtpm/tpm/vtpm_manager.h 2005-09-14 20:27:22.000000000 -0700 3.231 -@@ -0,0 +1,126 @@ 3.232 -+// =================================================================== 3.233 -+// 3.234 -+// Copyright (c) 2005, Intel Corp. 3.235 -+// All rights reserved. 3.236 -+// 3.237 -+// Redistribution and use in source and binary forms, with or without 3.238 -+// modification, are permitted provided that the following conditions 3.239 -+// are met: 3.240 -+// 3.241 -+// * Redistributions of source code must retain the above copyright 3.242 -+// notice, this list of conditions and the following disclaimer. 3.243 -+// * Redistributions in binary form must reproduce the above 3.244 -+// copyright notice, this list of conditions and the following 3.245 -+// disclaimer in the documentation and/or other materials provided 3.246 -+// with the distribution. 3.247 -+// * Neither the name of Intel Corporation nor the names of its 3.248 -+// contributors may be used to endorse or promote products derived 3.249 -+// from this software without specific prior written permission. 3.250 -+// 3.251 -+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 3.252 -+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 3.253 -+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 3.254 -+// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 3.255 -+// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 3.256 -+// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 3.257 -+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 3.258 -+// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 3.259 -+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 3.260 -+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 3.261 -+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 3.262 -+// OF THE POSSIBILITY OF SUCH DAMAGE. 3.263 -+// =================================================================== 3.264 -+// 3.265 -+// vtpm_manager.h 3.266 -+// 3.267 -+// Public Interface header for VTPM Manager 3.268 -+// 3.269 -+// ================================================================== 3.270 -+ 3.271 -+#ifndef __VTPM_MANAGER_H__ 3.272 -+#define __VTPM_MANAGER_H__ 3.273 -+ 3.274 -+#define VTPM_TAG_REQ 0x01c1 3.275 -+#define VTPM_TAG_RSP 0x01c4 3.276 -+#define COMMAND_BUFFER_SIZE 4096 3.277 -+ 3.278 -+// Header sizes. Note Header MAY include the DMI 3.279 -+#define VTPM_COMMAND_HEADER_SIZE_SRV ( sizeof(UINT32) + sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE)) 3.280 -+#define VTPM_COMMAND_HEADER_SIZE_CLT ( sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE)) 3.281 -+ 3.282 -+//************************ Command Codes **************************** 3.283 -+#define VTPM_ORD_OPEN 1 // ULM Creates New DMI 3.284 -+#define VTPM_ORD_CLOSE 2 // ULM Closes a DMI 3.285 -+#define VTPM_ORD_DELETE 3 // ULM Permemently Deletes DMI 3.286 -+#define VTPM_ORD_SAVENVM 4 // DMI requests Secrets Unseal 3.287 -+#define VTPM_ORD_LOADNVM 5 // DMI requests Secrets Saved 3.288 -+#define VTPM_ORD_TPMCOMMAND 6 // DMI issues HW TPM Command 3.289 -+ 3.290 -+//************************ Return Codes **************************** 3.291 -+#define VTPM_SUCCESS 0 3.292 -+#define VTPM_FAIL 1 3.293 -+#define VTPM_UNSUPPORTED 2 3.294 -+#define VTPM_FORBIDDEN 3 3.295 -+#define VTPM_RESTORE_CONTEXT_FAILED 4 3.296 -+#define VTPM_INVALID_REQUEST 5 3.297 -+ 3.298 -+/******************* Command Parameter API ************************* 3.299 -+ 3.300 -+VTPM Command Format 3.301 -+ dmi: 4 bytes // Source of message. 3.302 -+ // WARNING: This is prepended by the channel. 3.303 -+ // Thus it is received by VTPM Manager, 3.304 -+ // but not sent by DMI 3.305 -+ tpm tag: 2 bytes 3.306 -+ command size: 4 bytes // Size of command including header but not DMI 3.307 -+ ord: 4 bytes // Command ordinal above 3.308 -+ parameters: size - 10 bytes // Command Parameter 3.309 -+ 3.310 -+VTPM Response Format 3.311 -+ tpm tag: 2 bytes 3.312 -+ response_size: 4 bytes 3.313 -+ status: 4 bytes 3.314 -+ parameters: size - 10 bytes 3.315 -+ 3.316 -+ 3.317 -+VTPM_Open: 3.318 -+ Input Parameters: 3.319 -+ Domain_type: 1 byte 3.320 -+ domain_id: 4 bytes 3.321 -+ instance_id: 4 bytes 3.322 -+ Output Parameters: 3.323 -+ None 3.324 -+ 3.325 -+VTPM_Close 3.326 -+ Input Parameters: 3.327 -+ instance_id: 4 bytes 3.328 -+ Output Parameters: 3.329 -+ None 3.330 -+ 3.331 -+VTPM_Delete 3.332 -+ Input Parameters: 3.333 -+ instance_id: 4 bytes 3.334 -+ Output Parameters: 3.335 -+ None 3.336 -+ 3.337 -+VTPM_SaveNVM 3.338 -+ Input Parameters: 3.339 -+ data: n bytes (Header indicates size of data) 3.340 -+ Output Parameters: 3.341 -+ None 3.342 -+ 3.343 -+VTPM_LoadNVM 3.344 -+ Input Parameters: 3.345 -+ None 3.346 -+ Output Parameters: 3.347 -+ data: n bytes (Header indicates size of data) 3.348 -+ 3.349 -+VTPM_TPMCommand 3.350 -+ Input Parameters: 3.351 -+ TPM Command Byte Stream: n bytes 3.352 -+ Output Parameters: 3.353 -+ TPM Reponse Byte Stream: n bytes 3.354 -+ 3.355 -+*********************************************************************/ 3.356 -+ 3.357 -+#endif //_VTPM_MANAGER_H_ 3.358 diff -uprN orig/tpm_emulator-0.2-x86_64/tpmd.c vtpm/tpmd.c 3.359 --- orig/tpm_emulator-0.2-x86_64/tpmd.c 1969-12-31 16:00:00.000000000 -0800 3.360 -+++ vtpm/tpmd.c 2005-09-15 19:28:55.783005352 -0700 3.361 ++++ vtpm/tpmd.c 2006-05-17 09:31:11.000000000 -0700 3.362 @@ -0,0 +1,207 @@ 3.363 +/* Software-Based Trusted Platform Module (TPM) Emulator for Linux 3.364 + * Copyright (C) 2005 INTEL Corp 3.365 @@ -1471,8 +1340,8 @@ diff -uprN orig/tpm_emulator-0.2-x86_64/ 3.366 +#ifdef VTPM_MULTI_VM 3.367 + #define DEV_BE "/dev/vtpm" 3.368 +#else 3.369 -+ #define GUEST_RX_FIFO_D "/var/vtpm/fifos/guest-to-%d.fifo" 3.370 -+ #define GUEST_TX_FIFO "/var/vtpm/fifos/guest-from-all.fifo" 3.371 ++ #define GUEST_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo" 3.372 ++ #define GUEST_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo" 3.373 +#endif 3.374 + 3.375 + int dmi_id;
4.1 --- a/tools/vtpm_manager/Rules.mk Wed May 17 23:19:18 2006 +0100 4.2 +++ b/tools/vtpm_manager/Rules.mk Wed May 17 23:23:26 2006 +0100 4.3 @@ -40,6 +40,9 @@ OBJS = $(patsubst %.c,%.o,$(SRCS)) 4.4 # Project-specific definitions 4.5 # 4.6 4.7 +# Need UNIX98 spec for pthread rwlocks 4.8 +CFLAGS += -D_GNU_SOURCE 4.9 + 4.10 # Logging Level. See utils/tools.h for usage 4.11 CFLAGS += -DLOGGING_MODULES="(BITMASK(VTPM_LOG_TCS)|BITMASK(VTPM_LOG_VTSP)|BITMASK(VTPM_LOG_VTPM)|BITMASK(VTPM_LOG_VTPM_DEEP))" 4.12 4.13 @@ -50,7 +53,7 @@ CFLAGS += -DLOGGING_MODULES="(BITMASK(VT 4.14 # Use frontend/backend pairs between manager & DMs? 4.15 #CFLAGS += -DVTPM_MULTI_VM 4.16 4.17 -# vtpm_manager listens on /tmp/in.fifo and /tmp/out.fifo rather than backend 4.18 +# vtpm_manager listens on fifo's rather than backend 4.19 #CFLAGS += -DDUMMY_BACKEND 4.20 4.21 # Do not have manager launch DMs. 4.22 @@ -59,9 +62,6 @@ CFLAGS += -DLOGGING_MODULES="(BITMASK(VT 4.23 # Fixed OwnerAuth 4.24 #CFLAGS += -DWELL_KNOWN_OWNER_AUTH 4.25 4.26 -# TPM Hardware Device or TPM Simulator 4.27 -#CFLAGS += -DTPM_HWDEV 4.28 - 4.29 # Include 4.30 CFLAGS += -I$(XEN_ROOT)/tools/vtpm_manager/crypto 4.31 CFLAGS += -I$(XEN_ROOT)/tools/vtpm_manager/util
5.1 --- a/tools/vtpm_manager/manager/dmictl.c Wed May 17 23:19:18 2006 +0100 5.2 +++ b/tools/vtpm_manager/manager/dmictl.c Wed May 17 23:23:26 2006 +0100 5.3 @@ -55,66 +55,30 @@ 5.4 #include "log.h" 5.5 #include "hashtable.h" 5.6 #include "hashtable_itr.h" 5.7 +#include "vtpm_ipc.h" 5.8 5.9 #define TPM_EMULATOR_PATH "/usr/bin/vtpmd" 5.10 5.11 -TPM_RESULT close_dmi( VTPM_DMI_RESOURCE *dmi_res) { 5.12 - TPM_RESULT status = TPM_FAIL; 5.13 - 5.14 +TPM_RESULT close_dmi(VTPM_DMI_RESOURCE *dmi_res) { 5.15 if (dmi_res == NULL) 5.16 return TPM_SUCCESS; 5.17 5.18 - status = TCS_CloseContext(dmi_res->TCSContext); 5.19 + TCS_CloseContext(dmi_res->TCSContext); 5.20 free ( dmi_res->NVMLocation ); 5.21 dmi_res->connected = FALSE; 5.22 5.23 -#ifndef VTPM_MULTI_VM 5.24 - free(dmi_res->guest_tx_fname); 5.25 - free(dmi_res->vtpm_tx_fname); 5.26 - 5.27 - close(dmi_res->guest_tx_fh); dmi_res->guest_tx_fh = -1; 5.28 - close(dmi_res->vtpm_tx_fh); dmi_res->vtpm_tx_fh = -1; 5.29 vtpm_globals->connected_dmis--; 5.30 5.31 - if (vtpm_globals->connected_dmis == 0) { 5.32 - // No more DMI's connected. Close fifo to prevent a broken pipe. 5.33 - close(vtpm_globals->guest_rx_fh); 5.34 - vtpm_globals->guest_rx_fh = -1; 5.35 - } 5.36 - #ifndef MANUAL_DM_LAUNCH 5.37 - if (dmi_res->dmi_id != VTPM_CTL_DM) { 5.38 - if (dmi_res->dmi_pid != 0) { 5.39 - vtpmloginfo(VTPM_LOG_VTPM, "Killing dmi on pid %d.\n", dmi_res->dmi_pid); 5.40 - if (kill(dmi_res->dmi_pid, SIGKILL) !=0) { 5.41 - vtpmloginfo(VTPM_LOG_VTPM, "DMI on pid %d is already dead.\n", dmi_res->dmi_pid); 5.42 - } else if (waitpid(dmi_res->dmi_pid, NULL, 0) != dmi_res->dmi_pid) { 5.43 - vtpmlogerror(VTPM_LOG_VTPM, "DMI on pid %d failed to stop.\n", dmi_res->dmi_pid); 5.44 - status = TPM_FAIL; 5.45 - } 5.46 - } else { 5.47 - vtpmlogerror(VTPM_LOG_VTPM, "Could not kill dmi because it's pid was 0.\n"); 5.48 - status = TPM_FAIL; 5.49 - } 5.50 - } 5.51 - #endif 5.52 -#endif 5.53 - 5.54 - return status; 5.55 + return (VTPM_Close_DMI_Extra(dmi_res) ); 5.56 } 5.57 5.58 -TPM_RESULT VTPM_Handle_New_DMI( const buffer_t *param_buf) { 5.59 +TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf) { 5.60 5.61 VTPM_DMI_RESOURCE *new_dmi=NULL; 5.62 TPM_RESULT status=TPM_FAIL; 5.63 BYTE type; 5.64 UINT32 dmi_id, domain_id, *dmi_id_key; 5.65 5.66 -#ifndef VTPM_MULTI_VM 5.67 - int fh; 5.68 - char dmi_id_str[11]; // UINT32s are up to 10 digits + NULL 5.69 - struct stat file_info; 5.70 -#endif 5.71 - 5.72 if (param_buf == NULL) { // Assume creation of Dom 0 control 5.73 type = 0; 5.74 domain_id = VTPM_CTL_DM; 5.75 @@ -156,7 +120,7 @@ TPM_RESULT VTPM_Handle_New_DMI( const bu 5.76 status = TPM_FAIL; 5.77 goto egress; 5.78 } 5.79 - 5.80 + 5.81 } else 5.82 vtpmloginfo(VTPM_LOG_VTPM, "Re-attaching DMI instance %d on domain %d .\n", dmi_id, domain_id); 5.83 5.84 @@ -176,94 +140,16 @@ TPM_RESULT VTPM_Handle_New_DMI( const bu 5.85 new_dmi->NVMLocation = (char *) malloc(11 + strlen(DMI_NVM_FILE)); 5.86 sprintf(new_dmi->NVMLocation, DMI_NVM_FILE, (uint32_t) new_dmi->dmi_id); 5.87 5.88 - // Measure DMI 5.89 - // FIXME: This will measure DMI. Until then use a fixed DMI_Measurement value 5.90 - /* 5.91 - fh = open(TPM_EMULATOR_PATH, O_RDONLY); 5.92 - stat_ret = fstat(fh, &file_stat); 5.93 - if (stat_ret == 0) 5.94 - dmi_size = file_stat.st_size; 5.95 - else { 5.96 - vtpmlogerror(VTPM_LOG_VTPM, "Could not open tpm_emulator!!\n"); 5.97 - status = TPM_IOERROR; 5.98 - goto abort_egress; 5.99 - } 5.100 - dmi_buffer 5.101 - */ 5.102 - memset(&new_dmi->DMI_measurement, 0xcc, sizeof(TPM_DIGEST)); 5.103 - 5.104 -#ifndef VTPM_MULTI_VM 5.105 - if (dmi_id != VTPM_CTL_DM) { 5.106 - // Create a pair of fifo pipes 5.107 - if( (new_dmi->guest_tx_fname = (char *) malloc(11 + strlen(GUEST_TX_FIFO))) == NULL){ 5.108 - status = TPM_RESOURCES; 5.109 - goto abort_egress; 5.110 - } 5.111 - sprintf(new_dmi->guest_tx_fname, GUEST_TX_FIFO, (uint32_t) dmi_id); 5.112 - 5.113 - if ((new_dmi->vtpm_tx_fname = (char *) malloc(11 + strlen(VTPM_TX_FIFO))) == NULL) { 5.114 - status = TPM_RESOURCES; 5.115 - goto abort_egress; 5.116 - } 5.117 - sprintf(new_dmi->vtpm_tx_fname, VTPM_TX_FIFO, (uint32_t) dmi_id); 5.118 - 5.119 - new_dmi->guest_tx_fh = -1; 5.120 - new_dmi->vtpm_tx_fh= -1; 5.121 - 5.122 - if ( stat(new_dmi->guest_tx_fname, &file_info) == -1) { 5.123 - if ( mkfifo(new_dmi->guest_tx_fname, S_IWUSR | S_IRUSR ) ){ 5.124 - vtpmlogerror(VTPM_LOG_VTPM, "Failed to create dmi fifo.\n"); 5.125 - status = TPM_IOERROR; 5.126 - goto abort_egress; 5.127 - } 5.128 - } 5.129 - 5.130 - if ( (fh = open(new_dmi->vtpm_tx_fname, O_RDWR)) == -1) { 5.131 - if ( mkfifo(new_dmi->vtpm_tx_fname, S_IWUSR | S_IRUSR ) ) { 5.132 - vtpmlogerror(VTPM_LOG_VTPM, "Failed to create dmi fifo.\n"); 5.133 - status = TPM_IOERROR; 5.134 - goto abort_egress; 5.135 - } 5.136 - } 5.137 - 5.138 - // Launch DMI 5.139 - sprintf(dmi_id_str, "%d", (int) dmi_id); 5.140 -#ifdef MANUAL_DM_LAUNCH 5.141 - vtpmlogerror(VTPM_LOG_VTPM, "FAKING starting vtpm with dmi=%s\n", dmi_id_str); 5.142 - new_dmi->dmi_pid = 0; 5.143 -#else 5.144 - pid_t pid = fork(); 5.145 - 5.146 - if (pid == -1) { 5.147 - vtpmlogerror(VTPM_LOG_VTPM, "Could not fork to launch vtpm\n"); 5.148 - status = TPM_RESOURCES; 5.149 - goto abort_egress; 5.150 - } else if (pid == 0) { 5.151 - if ( stat(new_dmi->NVMLocation, &file_info) == -1) 5.152 - execl (TPM_EMULATOR_PATH, "vtmpd", "clear", dmi_id_str, NULL); 5.153 - else 5.154 - execl (TPM_EMULATOR_PATH, "vtpmd", "save", dmi_id_str, NULL); 5.155 - 5.156 - // Returning from these at all is an error. 5.157 - vtpmlogerror(VTPM_LOG_VTPM, "Could not exec to launch vtpm\n"); 5.158 - } else { 5.159 - new_dmi->dmi_pid = pid; 5.160 - vtpmloginfo(VTPM_LOG_VTPM, "Launching DMI on PID = %d\n", pid); 5.161 - } 5.162 -#endif // MANUAL_DM_LAUNCH 5.163 - } 5.164 -#else // VTPM_MUTLI_VM 5.165 - // FIXME: Measure DMI through call to Measurement agent in platform. 5.166 -#endif 5.167 - 5.168 - vtpm_globals->DMI_table_dirty = TRUE; 5.169 new_dmi->connected = TRUE; 5.170 - status=TPM_SUCCESS; 5.171 + 5.172 + // Design specific new DMI code. 5.173 + // Includes: create IPCs, Measuring DMI, and maybe launching DMI 5.174 + status = VTPM_New_DMI_Extra(new_dmi); 5.175 goto egress; 5.176 5.177 abort_egress: 5.178 vtpmlogerror(VTPM_LOG_VTPM, "Failed to create DMI id=%d due to status=%s. Cleaning.\n", dmi_id, tpm_get_error_name(status)); 5.179 - close_dmi( new_dmi ); 5.180 + close_dmi(new_dmi ); 5.181 5.182 egress: 5.183 return status; 5.184 @@ -293,7 +179,7 @@ TPM_RESULT VTPM_Handle_Close_DMI( const 5.185 goto abort_egress; 5.186 } 5.187 5.188 - if (!dmi_res->connected) { 5.189 + if (!dmi_res->connected) { 5.190 vtpmlogerror(VTPM_LOG_VTPM, "Closing non-connected DMI.\n"); 5.191 status = TPM_BAD_PARAMETER; 5.192 goto abort_egress;
6.1 --- a/tools/vtpm_manager/manager/securestorage.c Wed May 17 23:19:18 2006 +0100 6.2 +++ b/tools/vtpm_manager/manager/securestorage.c Wed May 17 23:23:26 2006 +0100 6.3 @@ -197,9 +197,6 @@ TPM_RESULT VTPM_Handle_Save_NVM(VTPM_DMI 6.4 &vtpm_globals->storageKey, 6.5 &sealed_NVM) ); 6.6 6.7 - // Mark DMI Table so new save state info will get pushed to disk on return. 6.8 - vtpm_globals->DMI_table_dirty = TRUE; 6.9 - 6.10 // Write sealed blob off disk from NVMLocation 6.11 // TODO: How to properly return from these. Do we care if we return failure 6.12 // after writing the file? We can't get the old one back. 6.13 @@ -303,7 +300,7 @@ TPM_RESULT VTPM_Handle_Load_NVM(VTPM_DMI 6.14 } 6.15 6.16 6.17 -TPM_RESULT VTPM_SaveService(void) { 6.18 +TPM_RESULT VTPM_SaveManagerData(void) { 6.19 TPM_RESULT status=TPM_SUCCESS; 6.20 int fh, dmis=-1; 6.21 6.22 @@ -317,7 +314,7 @@ TPM_RESULT VTPM_SaveService(void) { 6.23 struct hashtable_itr *dmi_itr; 6.24 VTPM_DMI_RESOURCE *dmi_res; 6.25 6.26 - UINT32 boot_key_size, flat_dmis_size; 6.27 + UINT32 boot_key_size = 0, flat_dmis_size = 0; 6.28 6.29 // Initially fill these with buffer sizes for each data type. Later fill 6.30 // in actual size, once flattened. 6.31 @@ -347,11 +344,11 @@ TPM_RESULT VTPM_SaveService(void) { 6.32 BSG_PackConst(buffer_len(&enc_flat_global), 4, flat_enc); 6.33 6.34 // Per DMI values to be saved (if any exit) 6.35 - if (hashtable_count(vtpm_globals->dmi_map) > 0) { 6.36 + if (hashtable_count(vtpm_globals->dmi_map) > 1) { 6.37 6.38 - flat_dmis_size = (hashtable_count(vtpm_globals->dmi_map) - 1) * // num DMIS (-1 for Dom0) 6.39 - (sizeof(UINT32) + 2*sizeof(TPM_DIGEST)); // Per DMI info 6.40 - flat_dmis = (BYTE *) malloc( flat_dmis_size ); 6.41 + flat_dmis = (BYTE *) malloc( 6.42 + (hashtable_count(vtpm_globals->dmi_map) - 1) * // num DMIS (-1 for Dom0) 6.43 + (sizeof(UINT32) + 2*sizeof(TPM_DIGEST)) ); // Per DMI info 6.44 6.45 dmi_itr = hashtable_iterator(vtpm_globals->dmi_map); 6.46 do { 6.47 @@ -387,8 +384,6 @@ TPM_RESULT VTPM_SaveService(void) { 6.48 goto abort_egress; 6.49 } 6.50 6.51 - vtpm_globals->DMI_table_dirty = FALSE; 6.52 - 6.53 goto egress; 6.54 6.55 abort_egress: 6.56 @@ -400,11 +395,11 @@ TPM_RESULT VTPM_SaveService(void) { 6.57 free(flat_dmis); 6.58 close(fh); 6.59 6.60 - vtpmloginfo(VTPM_LOG_VTPM, "Saved VTPM Service state (status = %d, dmis = %d)\n", (int) status, dmis); 6.61 + vtpmloginfo(VTPM_LOG_VTPM, "Saved VTPM Manager state (status = %d, dmis = %d)\n", (int) status, dmis); 6.62 return status; 6.63 } 6.64 6.65 -TPM_RESULT VTPM_LoadService(void) { 6.66 +TPM_RESULT VTPM_LoadManagerData(void) { 6.67 6.68 TPM_RESULT status=TPM_SUCCESS; 6.69 int fh, stat_ret, dmis=0;
7.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 7.2 +++ b/tools/vtpm_manager/manager/vtpm_ipc.c Wed May 17 23:23:26 2006 +0100 7.3 @@ -0,0 +1,141 @@ 7.4 +// =================================================================== 7.5 +// 7.6 +// Copyright (c) 2005, Intel Corp. 7.7 +// All rights reserved. 7.8 +// 7.9 +// Redistribution and use in source and binary forms, with or without 7.10 +// modification, are permitted provided that the following conditions 7.11 +// are met: 7.12 +// 7.13 +// * Redistributions of source code must retain the above copyright 7.14 +// notice, this list of conditions and the following disclaimer. 7.15 +// * Redistributions in binary form must reproduce the above 7.16 +// copyright notice, this list of conditions and the following 7.17 +// disclaimer in the documentation and/or other materials provided 7.18 +// with the distribution. 7.19 +// * Neither the name of Intel Corporation nor the names of its 7.20 +// contributors may be used to endorse or promote products derived 7.21 +// from this software without specific prior written permission. 7.22 +// 7.23 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 7.24 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 7.25 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 7.26 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 7.27 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 7.28 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 7.29 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 7.30 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 7.31 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 7.32 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 7.33 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 7.34 +// OF THE POSSIBILITY OF SUCH DAMAGE. 7.35 +// =================================================================== 7.36 +// 7.37 +// vtpm_ipc.c Implements ipc routines using file io. This file can 7.38 +// be replaced with other ipc types. 7.39 +// 7.40 +// =================================================================== 7.41 + 7.42 +#include <sys/stat.h> 7.43 +#include "vtpm_ipc.h" 7.44 +#include "vtpmpriv.h" 7.45 +#include "log.h" 7.46 + 7.47 +int vtpm_ipc_init(vtpm_ipc_handle_t *ipc_h, char* name, int flags, BOOL create) { 7.48 + ipc_h->name = name; 7.49 + ipc_h->flags = flags; 7.50 + ipc_h->fh = VTPM_IPC_CLOSED; 7.51 + 7.52 + if (create) 7.53 + return(vtpm_ipc_create(ipc_h)); 7.54 + else 7.55 + return 0; 7.56 +} 7.57 + 7.58 +// Create the file that needs opening. Used only for FIFOs 7.59 +// FYI: This may cause problems in other file IO schemes. We'll see. 7.60 +int vtpm_ipc_create(vtpm_ipc_handle_t *ipc_h) { 7.61 + int fh; 7.62 + struct stat file_info; 7.63 + 7.64 + if ((!ipc_h) || (!ipc_h->name)) 7.65 + return -1; 7.66 + 7.67 + if ( stat(ipc_h->name, &file_info) == -1) { 7.68 + if ( mkfifo(ipc_h->name, S_IWUSR | S_IRUSR ) ) { 7.69 + vtpmlogerror(VTPM_LOG_VTPM, "Failed to create fifo %s.\n", ipc_h->name); 7.70 + return -1; 7.71 + } 7.72 + } 7.73 + 7.74 + ipc_h->fh = VTPM_IPC_CLOSED; 7.75 + 7.76 + return 0; 7.77 +} 7.78 + 7.79 + 7.80 +// Read size bytes. If FH isn't open, open it. 7.81 +int vtpm_ipc_read(vtpm_ipc_handle_t *ipc_h, vtpm_ipc_handle_t *alt_ipc_h, BYTE *bytes, UINT32 size){ 7.82 + vtpm_ipc_handle_t *my_ipc_h; 7.83 + int result; 7.84 + 7.85 + if (ipc_h) { 7.86 + my_ipc_h = ipc_h; 7.87 + } else { 7.88 + my_ipc_h = alt_ipc_h; 7.89 + } 7.90 + 7.91 + if (my_ipc_h->fh == VTPM_IPC_CLOSED) { 7.92 + my_ipc_h->fh = open(my_ipc_h->name, my_ipc_h->flags); 7.93 + } 7.94 + 7.95 + if ( my_ipc_h->fh == VTPM_IPC_CLOSED ) { 7.96 + vtpmlogerror(VTPM_LOG_VTPM, "VTPM ERROR: Can't open %s for reading.\n", my_ipc_h->name); 7.97 + return -1; 7.98 + } 7.99 + 7.100 + result = read(my_ipc_h->fh, bytes, size); 7.101 + if (result < 0) { 7.102 + my_ipc_h->fh = VTPM_IPC_CLOSED; 7.103 + } 7.104 + 7.105 + return (result); 7.106 +} 7.107 + 7.108 +// Write size bytes. If FH isn't open, open it. 7.109 +int vtpm_ipc_write(vtpm_ipc_handle_t *ipc_h, vtpm_ipc_handle_t *alt_ipc_h, BYTE *bytes, UINT32 size) { 7.110 + vtpm_ipc_handle_t *my_ipc_h; 7.111 + int result; 7.112 + 7.113 + if (ipc_h) { 7.114 + my_ipc_h = ipc_h; 7.115 + } else { 7.116 + my_ipc_h = alt_ipc_h; 7.117 + } 7.118 + 7.119 + if (my_ipc_h->fh == VTPM_IPC_CLOSED) { 7.120 + my_ipc_h->fh = open(my_ipc_h->name, my_ipc_h->flags); 7.121 + } 7.122 + 7.123 + if ( my_ipc_h->fh == VTPM_IPC_CLOSED ) { 7.124 + vtpmlogerror(VTPM_LOG_VTPM, "VTPM ERROR: Can't open %s for writing.\n", my_ipc_h->name); 7.125 + return -1; 7.126 + } 7.127 + 7.128 + result = write(my_ipc_h->fh, bytes, size); 7.129 + if (result < 0) { 7.130 + my_ipc_h->fh = VTPM_IPC_CLOSED; 7.131 + } 7.132 + 7.133 + return (result); 7.134 +} 7.135 + 7.136 +// Mark file as closed and try and close it. Errors not reported. 7.137 +void vtpm_ipc_close(vtpm_ipc_handle_t *ipc_h) { 7.138 + 7.139 + if (ipc_h) { 7.140 + close(ipc_h->fh); 7.141 + } 7.142 + ipc_h->fh = VTPM_IPC_CLOSED; 7.143 + 7.144 +}
8.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 8.2 +++ b/tools/vtpm_manager/manager/vtpm_ipc.h Wed May 17 23:23:26 2006 +0100 8.3 @@ -0,0 +1,71 @@ 8.4 +// =================================================================== 8.5 +// 8.6 +// Copyright (c) 2005, Intel Corp. 8.7 +// All rights reserved. 8.8 +// 8.9 +// Redistribution and use in source and binary forms, with or without 8.10 +// modification, are permitted provided that the following conditions 8.11 +// are met: 8.12 +// 8.13 +// * Redistributions of source code must retain the above copyright 8.14 +// notice, this list of conditions and the following disclaimer. 8.15 +// * Redistributions in binary form must reproduce the above 8.16 +// copyright notice, this list of conditions and the following 8.17 +// disclaimer in the documentation and/or other materials provided 8.18 +// with the distribution. 8.19 +// * Neither the name of Intel Corporation nor the names of its 8.20 +// contributors may be used to endorse or promote products derived 8.21 +// from this software without specific prior written permission. 8.22 +// 8.23 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 8.24 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 8.25 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 8.26 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 8.27 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 8.28 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 8.29 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 8.30 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 8.31 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 8.32 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 8.33 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 8.34 +// OF THE POSSIBILITY OF SUCH DAMAGE. 8.35 +// =================================================================== 8.36 +// 8.37 +// vtpm_ipc.h Header for interprocess communication between VTPM manager 8.38 +// and Guests or VTPMs 8.39 +// 8.40 +// =================================================================== 8.41 + 8.42 +#ifndef __VTPM_IO_H__ 8.43 +#define __VTPM_IO_H__ 8.44 + 8.45 +#include "tcg.h" 8.46 + 8.47 +#define VTPM_IPC_CLOSED -1 8.48 + 8.49 +// Represents an (somewhat) abstracted io handle. 8.50 +typedef struct vtpm_ipc_handle_t { 8.51 + int fh; // IO handle. 8.52 + int flags; // Flags for opening. This may need to become 8.53 + // a void *, but for now files use an int. 8.54 + char *name; // Names for debugging as well as filenames 8.55 + // for file-based io. 8.56 +} vtpm_ipc_handle_t; 8.57 + 8.58 + 8.59 +int vtpm_ipc_init(vtpm_ipc_handle_t *ioh, char* name, int flags, BOOL create); 8.60 + 8.61 +// Create the file that needs opening. Used only for FIFOs 8.62 +// FYI: This may cause problems in other file IO schemes. We'll see. 8.63 +int vtpm_ipc_create(vtpm_ipc_handle_t *ioh); 8.64 + 8.65 +// Read size bytes. If FH isn't open, open it. 8.66 +int vtpm_ipc_read(vtpm_ipc_handle_t *ioh, vtpm_ipc_handle_t *alt_ioh, BYTE *bytes, UINT32 size); 8.67 + 8.68 +// Write size bytes. If FH isn't open, open it. 8.69 +int vtpm_ipc_write(vtpm_ipc_handle_t *ioh, vtpm_ipc_handle_t *alt_ioh, BYTE *bytes, UINT32 size); 8.70 + 8.71 +// Mark file as closed and try and close it. Errors not reported. 8.72 +void vtpm_ipc_close(vtpm_ipc_handle_t *ioh); 8.73 + 8.74 +#endif
9.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 9.2 +++ b/tools/vtpm_manager/manager/vtpm_lock.c Wed May 17 23:23:26 2006 +0100 9.3 @@ -0,0 +1,63 @@ 9.4 +// =================================================================== 9.5 +// 9.6 +// Copyright (c) 2005, Intel Corp. 9.7 +// All rights reserved. 9.8 +// 9.9 +// Redistribution and use in source and binary forms, with or without 9.10 +// modification, are permitted provided that the following conditions 9.11 +// are met: 9.12 +// 9.13 +// * Redistributions of source code must retain the above copyright 9.14 +// notice, this list of conditions and the following disclaimer. 9.15 +// * Redistributions in binary form must reproduce the above 9.16 +// copyright notice, this list of conditions and the following 9.17 +// disclaimer in the documentation and/or other materials provided 9.18 +// with the distribution. 9.19 +// * Neither the name of Intel Corporation nor the names of its 9.20 +// contributors may be used to endorse or promote products derived 9.21 +// from this software without specific prior written permission. 9.22 +// 9.23 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 9.24 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 9.25 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 9.26 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 9.27 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 9.28 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 9.29 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 9.30 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 9.31 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 9.32 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 9.33 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 9.34 +// OF THE POSSIBILITY OF SUCH DAMAGE. 9.35 +// =================================================================== 9.36 +// 9.37 +// vtpm_lock.c Provided controlled sync around access to vtpm structures 9.38 +// 9.39 +// =================================================================== 9.40 + 9.41 +#include <pthread.h> 9.42 +#include "vtpm_lock.h" 9.43 + 9.44 +static pthread_rwlock_t vtpm_lock; 9.45 + 9.46 +void vtpm_lock_init() { 9.47 + 9.48 + pthread_rwlock_init( &vtpm_lock, NULL); 9.49 +} 9.50 + 9.51 +void vtpm_lock_destroy(){ 9.52 + pthread_rwlock_destroy(&vtpm_lock); 9.53 +} 9.54 + 9.55 +void vtpm_lock_rdlock(){ 9.56 + pthread_rwlock_rdlock(&vtpm_lock); 9.57 +} 9.58 + 9.59 +void vtpm_lock_wrlock(){ 9.60 + pthread_rwlock_wrlock(&vtpm_lock); 9.61 +} 9.62 + 9.63 +void vtpm_lock_unlock(){ 9.64 + pthread_rwlock_unlock(&vtpm_lock); 9.65 +} 9.66 +
10.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 10.2 +++ b/tools/vtpm_manager/manager/vtpm_lock.h Wed May 17 23:23:26 2006 +0100 10.3 @@ -0,0 +1,48 @@ 10.4 +// =================================================================== 10.5 +// 10.6 +// Copyright (c) 2005, Intel Corp. 10.7 +// All rights reserved. 10.8 +// 10.9 +// Redistribution and use in source and binary forms, with or without 10.10 +// modification, are permitted provided that the following conditions 10.11 +// are met: 10.12 +// 10.13 +// * Redistributions of source code must retain the above copyright 10.14 +// notice, this list of conditions and the following disclaimer. 10.15 +// * Redistributions in binary form must reproduce the above 10.16 +// copyright notice, this list of conditions and the following 10.17 +// disclaimer in the documentation and/or other materials provided 10.18 +// with the distribution. 10.19 +// * Neither the name of Intel Corporation nor the names of its 10.20 +// contributors may be used to endorse or promote products derived 10.21 +// from this software without specific prior written permission. 10.22 +// 10.23 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 10.24 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 10.25 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 10.26 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 10.27 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 10.28 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 10.29 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 10.30 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 10.31 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 10.32 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 10.33 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 10.34 +// OF THE POSSIBILITY OF SUCH DAMAGE. 10.35 +// =================================================================== 10.36 +// 10.37 +// vtpm_lock.h Provided controlled sync around access to vtpm structures 10.38 +// 10.39 +// =================================================================== 10.40 + 10.41 +#ifndef __VTPM_LOCK_H__ 10.42 +#define __VTPM_LOCK_H__ 10.43 + 10.44 +void vtpm_lock_init(); 10.45 +void vtpm_lock_destroy(); 10.46 + 10.47 +void vtpm_lock_rdlock(); 10.48 +void vtpm_lock_wrlock(); 10.49 +void vtpm_lock_unlock(); 10.50 + 10.51 +#endif
11.1 --- a/tools/vtpm_manager/manager/vtpm_manager.c Wed May 17 23:19:18 2006 +0100 11.2 +++ b/tools/vtpm_manager/manager/vtpm_manager.c Wed May 17 23:23:26 2006 +0100 11.3 @@ -39,18 +39,8 @@ 11.4 11.5 #include <stdio.h> 11.6 #include <unistd.h> 11.7 -#include <sys/types.h> 11.8 -#include <sys/stat.h> 11.9 -#include <fcntl.h> 11.10 #include <string.h> 11.11 11.12 -#ifndef VTPM_MULTI_VM 11.13 -#include <pthread.h> 11.14 -#include <errno.h> 11.15 -#include <aio.h> 11.16 -#include <time.h> 11.17 -#endif 11.18 - 11.19 #include "vtpm_manager.h" 11.20 #include "vtpmpriv.h" 11.21 #include "vtsp.h" 11.22 @@ -63,16 +53,6 @@ 11.23 11.24 VTPM_GLOBALS *vtpm_globals=NULL; 11.25 11.26 -#ifdef VTPM_MULTI_VM 11.27 - #define vtpmhandlerloginfo(module,fmt,args...) vtpmloginfo (module, fmt, ##args ); 11.28 - #define vtpmhandlerloginfomore(module,fmt,args...) vtpmloginfomore (module, fmt, ##args ); 11.29 - #define vtpmhandlerlogerror(module,fmt,args...) vtpmlogerror (module, fmt, ##args ); 11.30 -#else 11.31 - #define vtpmhandlerloginfo(module,fmt,args...) vtpmloginfo (module, "[%d]: " fmt, threadType, ##args ); 11.32 - #define vtpmhandlerloginfomore(module,fmt,args...) vtpmloginfomore (module, fmt, ##args ); 11.33 - #define vtpmhandlerlogerror(module,fmt,args...) vtpmlogerror (module, "[%d]: " fmt, threadType, ##args ); 11.34 -#endif 11.35 - 11.36 // --------------------------- Well Known Auths -------------------------- 11.37 const TPM_AUTHDATA SRK_AUTH = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 11.38 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 11.39 @@ -95,7 +75,7 @@ static int equals32(void *k1, void *k2) 11.40 11.41 // --------------------------- Functions ------------------------------ 11.42 11.43 -TPM_RESULT VTPM_Create_Service(){ 11.44 +TPM_RESULT VTPM_Create_Manager(){ 11.45 11.46 TPM_RESULT status = TPM_SUCCESS; 11.47 11.48 @@ -184,562 +164,21 @@ TPM_RESULT VTPM_Create_Service(){ 11.49 NULL, 11.50 &vtpm_globals->bootKey, 11.51 TRUE ) ); 11.52 + 11.53 + printf("***************************** FIXME: SAVE NEW STATE *******\n"); 11.54 goto egress; 11.55 11.56 abort_egress: 11.57 exit(1); 11.58 11.59 egress: 11.60 - vtpmloginfo(VTPM_LOG_VTPM, "Finished initialized new VTPM service (Status = %d).\n", status); 11.61 + vtpmloginfo(VTPM_LOG_VTPM, "Finished initialized new VTPM manager (Status = %d).\n", status); 11.62 return status; 11.63 11.64 } 11.65 11.66 - 11.67 -////////////////////////////////////////////////////////////////////////////// 11.68 -#ifdef VTPM_MULTI_VM 11.69 -int VTPM_Service_Handler(){ 11.70 -#else 11.71 -void *VTPM_Service_Handler(void *threadTypePtr){ 11.72 -#endif 11.73 - TPM_RESULT status = TPM_FAIL; // Should never return 11.74 - UINT32 dmi, in_param_size, cmd_size, out_param_size, out_message_size, out_message_size_full; 11.75 - BYTE *cmd_header, *in_param, *out_message; 11.76 - buffer_t *command_buf=NULL, *result_buf=NULL; 11.77 - TPM_TAG tag; 11.78 - TPM_COMMAND_CODE ord; 11.79 - VTPM_DMI_RESOURCE *dmi_res; 11.80 - int size_read, size_write, i; 11.81 - 11.82 -#ifndef VTPM_MULTI_VM 11.83 - UINT32 dmi_cmd_size; 11.84 - BYTE *dmi_cmd; 11.85 - int threadType = *(int *) threadTypePtr; 11.86 - 11.87 - // async io structures 11.88 - struct aiocb dmi_aio; 11.89 - struct aiocb *dmi_aio_a[1]; 11.90 - dmi_aio_a[0] = &dmi_aio; 11.91 -#endif 11.92 - 11.93 -#ifdef DUMMY_BACKEND 11.94 - int dummy_rx; 11.95 -#endif 11.96 - 11.97 - cmd_header = (BYTE *) malloc(VTPM_COMMAND_HEADER_SIZE_SRV); 11.98 - command_buf = (buffer_t *) malloc(sizeof(buffer_t)); 11.99 - result_buf = (buffer_t *) malloc(sizeof(buffer_t)); 11.100 - 11.101 -#ifndef VTPM_MULTI_VM 11.102 - TPM_RESULT *ret_value = (TPM_RESULT *) malloc(sizeof(TPM_RESULT)); 11.103 -#endif 11.104 - 11.105 - int *tx_fh, // Pointer to the filehandle this function will write to 11.106 - *rx_fh; // Pointer to the filehandle this function will read from 11.107 - // For a multi VM VTPM system, this function tx/rx with the BE 11.108 - // via vtpm_globals->be_fh. 11.109 - // For a single VM system, the BE_LISTENER_THREAD tx/rx with theBE 11.110 - // via vtpm_globals->be_fh, and the DMI_LISTENER_THREAD rx from 11.111 - // vtpm_globals->vtpm_rx_fh and tx to dmi_res->vtpm_tx_fh 11.112 - 11.113 - // Set rx_fh to point to the correct fh based on this mode. 11.114 -#ifdef VTPM_MULTI_VM 11.115 - rx_fh = &vtpm_globals->be_fh; 11.116 -#else 11.117 - if (threadType == BE_LISTENER_THREAD) { 11.118 - #ifdef DUMMY_BACKEND 11.119 - dummy_rx = -1; 11.120 - rx_fh = &dummy_rx; 11.121 - #else 11.122 - rx_fh = &vtpm_globals->be_fh; 11.123 - #endif 11.124 - } else { // DMI_LISTENER_THREAD 11.125 - rx_fh = &vtpm_globals->vtpm_rx_fh; 11.126 - } 11.127 -#endif 11.128 - 11.129 - // Set tx_fh to point to the correct fh based on this mode (If static) 11.130 - // Create any fifos that these fh will use. 11.131 -#ifndef VTPM_MULTI_VM 11.132 - int fh; 11.133 - if (threadType == BE_LISTENER_THREAD) { 11.134 - tx_fh = &vtpm_globals->be_fh; 11.135 - if ( (fh = open(GUEST_RX_FIFO, O_RDWR)) == -1) { 11.136 - if ( mkfifo(GUEST_RX_FIFO, S_IWUSR | S_IRUSR ) ){ 11.137 - vtpmlogerror(VTPM_LOG_VTPM, "Unable to create FIFO: %s.\n", GUEST_RX_FIFO); 11.138 - *ret_value = TPM_FAIL; 11.139 - pthread_exit(ret_value); 11.140 - } 11.141 - } else 11.142 - close(fh); 11.143 - 11.144 - } else { // else DMI_LISTENER_THREAD 11.145 - // tx_fh will be set once the DMI is identified 11.146 - // But we need to make sure the read pip is created. 11.147 - if ( (fh = open(VTPM_RX_FIFO, O_RDWR)) == -1) { 11.148 - if ( mkfifo(VTPM_RX_FIFO, S_IWUSR | S_IRUSR ) ){ 11.149 - vtpmlogerror(VTPM_LOG_VTPM, "Unable to create FIFO: %s.\n", VTPM_RX_FIFO); 11.150 - *ret_value = TPM_FAIL; 11.151 - pthread_exit(ret_value); 11.152 - } 11.153 - } else 11.154 - close(fh); 11.155 - 11.156 - } 11.157 -#else 11.158 - tx_fh = &vtpm_globals->be_fh; 11.159 -#endif 11.160 - 11.161 - ////////////////////////// Main Loop ////////////////////////////////// 11.162 - while(1) { 11.163 - 11.164 -#ifdef VTPM_MULTI_VM 11.165 - vtpmhandlerloginfo(VTPM_LOG_VTPM, "Waiting for DMI messages.\n"); 11.166 -#else 11.167 - if (threadType == BE_LISTENER_THREAD) { 11.168 - vtpmhandlerloginfo(VTPM_LOG_VTPM, "Waiting for Guest requests & ctrl messages.\n"); 11.169 - } else 11.170 - vtpmhandlerloginfo(VTPM_LOG_VTPM, "Waiting for DMI messages.\n"); 11.171 -#endif 11.172 - 11.173 - // Check status of rx_fh. If necessary attempt to re-open it. 11.174 - char* s = NULL; 11.175 - if (*rx_fh < 0) { 11.176 -#ifdef VTPM_MULTI_VM 11.177 - s = VTPM_BE_DEV; 11.178 -#else 11.179 - if (threadType == BE_LISTENER_THREAD) 11.180 - #ifdef DUMMY_BACKEND 11.181 - s = "/tmp/in.fifo"; 11.182 - #else 11.183 - s = VTPM_BE_DEV; 11.184 - #endif 11.185 - else // DMI Listener 11.186 - s = VTPM_RX_FIFO; 11.187 - *rx_fh = open(s, O_RDWR); 11.188 -#endif 11.189 - } 11.190 - 11.191 - // Respond to failures to open rx_fh 11.192 - if (*rx_fh < 0) { 11.193 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Can't open inbound fh for %s.\n", s); 11.194 -#ifdef VTPM_MULTI_VM 11.195 - return TPM_IOERROR; 11.196 -#else 11.197 - *ret_value = TPM_IOERROR; 11.198 - pthread_exit(ret_value); 11.199 -#endif 11.200 - } 11.201 - 11.202 - // Read command header from rx_fh 11.203 - size_read = read(*rx_fh, cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); 11.204 - if (size_read > 0) { 11.205 - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "RECV[%d}: 0x", size_read); 11.206 - for (i=0; i<size_read; i++) 11.207 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); 11.208 - } else { 11.209 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Can't read from BE. Aborting... \n"); 11.210 - close(*rx_fh); 11.211 - *rx_fh = -1; 11.212 - goto abort_command; 11.213 - } 11.214 - 11.215 - if (size_read < (int) VTPM_COMMAND_HEADER_SIZE_SRV) { 11.216 - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "\n"); 11.217 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command shorter than normal header (%d bytes). Aborting...\n", size_read); 11.218 - goto abort_command; 11.219 - } 11.220 - 11.221 - // Unpack header 11.222 - BSG_UnpackList(cmd_header, 4, 11.223 - BSG_TYPE_UINT32, &dmi, 11.224 - BSG_TPM_TAG, &tag, 11.225 - BSG_TYPE_UINT32, &in_param_size, 11.226 - BSG_TPM_COMMAND_CODE, &ord ); 11.227 - 11.228 - // Using the header info, read from rx_fh the parameters of the command 11.229 - // Note that in_param_size is in the client's context 11.230 - cmd_size = in_param_size - VTPM_COMMAND_HEADER_SIZE_CLT; 11.231 - if (cmd_size > 0) { 11.232 - in_param = (BYTE *) malloc(cmd_size); 11.233 - size_read = read( *rx_fh, in_param, cmd_size); 11.234 - if (size_read > 0) { 11.235 - for (i=0; i<size_read; i++) 11.236 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); 11.237 - 11.238 - } else { 11.239 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error reading from cmd. Aborting... \n"); 11.240 - close(*rx_fh); 11.241 - *rx_fh = -1; 11.242 - goto abort_command; 11.243 - } 11.244 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 11.245 - 11.246 - if (size_read < (int) cmd_size) { 11.247 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 11.248 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command read(%d) is shorter than header indicates(%d). Aborting...\n", size_read, cmd_size); 11.249 - goto abort_command; 11.250 - } 11.251 - } else { 11.252 - in_param = NULL; 11.253 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 11.254 - } 11.255 - 11.256 -#ifndef VTPM_MULTI_VM 11.257 - // It's illegal to receive a Dom0 command from a DMI. 11.258 - if ((threadType != BE_LISTENER_THREAD) && (dmi == 0)) { 11.259 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Attempt to access dom0 commands from DMI interface. Aborting...\n"); 11.260 - goto abort_command; 11.261 - } 11.262 -#endif 11.263 - 11.264 - // Fetch infomation about the DMI issuing the request. 11.265 - dmi_res = (VTPM_DMI_RESOURCE *) hashtable_search(vtpm_globals->dmi_map, &dmi); 11.266 - if (dmi_res == NULL) { 11.267 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Attempted access to non-existent DMI in domain: %d. Aborting...\n", dmi); 11.268 - goto abort_command; 11.269 - } 11.270 - if (!dmi_res->connected) { 11.271 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Attempted access to disconnected DMI in domain: %d. Aborting...\n", dmi); 11.272 - goto abort_command; 11.273 - } 11.274 - 11.275 -#ifndef VTPM_MULTI_VM 11.276 - // Now that we know which DMI this is, we can set the tx_fh handle. 11.277 - if (threadType != BE_LISTENER_THREAD) 11.278 - tx_fh = &dmi_res->vtpm_tx_fh; 11.279 - // else we set this before the while loop since it doesn't change. 11.280 -#endif 11.281 - 11.282 - // Init the buffers used to handle the command and the response 11.283 - if ( (buffer_init_convert(command_buf, cmd_size, in_param) != TPM_SUCCESS) || 11.284 - (buffer_init(result_buf, 0, 0) != TPM_SUCCESS) ) { 11.285 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Failed to setup buffers. Aborting...\n"); 11.286 - goto abort_command; 11.287 - } 11.288 - 11.289 - // Dispatch it as either control or user request. 11.290 - if (tag == VTPM_TAG_REQ) { 11.291 - if (dmi_res->dmi_id == VTPM_CTL_DM){ 11.292 - switch (ord) { 11.293 - case VTPM_ORD_OPEN: 11.294 - status = VTPM_Handle_New_DMI(command_buf); 11.295 - break; 11.296 - 11.297 - case VTPM_ORD_CLOSE: 11.298 - status = VTPM_Handle_Close_DMI(command_buf); 11.299 - break; 11.300 - 11.301 - case VTPM_ORD_DELETE: 11.302 - status = VTPM_Handle_Delete_DMI(command_buf); 11.303 - break; 11.304 - default: 11.305 - status = TPM_BAD_ORDINAL; 11.306 - } // switch 11.307 - } else { 11.308 - 11.309 - switch (ord) { 11.310 - case VTPM_ORD_SAVENVM: 11.311 - status= VTPM_Handle_Save_NVM(dmi_res, 11.312 - command_buf, 11.313 - result_buf); 11.314 - break; 11.315 - case VTPM_ORD_LOADNVM: 11.316 - status= VTPM_Handle_Load_NVM(dmi_res, 11.317 - command_buf, 11.318 - result_buf); 11.319 - break; 11.320 - 11.321 - case VTPM_ORD_TPMCOMMAND: 11.322 - status= VTPM_Handle_TPM_Command(dmi_res, 11.323 - command_buf, 11.324 - result_buf); 11.325 - break; 11.326 - 11.327 - default: 11.328 - status = TPM_BAD_ORDINAL; 11.329 - } // switch 11.330 - } 11.331 - } else { // This is not a VTPM Command at all. 11.332 - // This happens in two cases. 11.333 - // MULTI_VM = A DMI illegally sent a raw TPM command to the manager 11.334 - // Single VM: 11.335 - // BE_LISTENER_THREAD: Guest issued a TPM command. 11.336 - // Send this to DMI and wait for response 11.337 - // DMI_LISTENER_THREAD: A DMI illegally sent a raw TPM command. 11.338 - 11.339 -#ifdef VTPM_MULTI_VM 11.340 - // Raw TPM commands are not supported from the DMI 11.341 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Attempt to use unsupported direct access to TPM.\n"); 11.342 - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "Bad Command. dmi:%d, tag:%d, size:%d, ord:%d, Params: ", dmi, tag, in_param_size, ord); 11.343 - for (i=0; i<cmd_size; i++) 11.344 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); 11.345 - 11.346 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 11.347 - status = TPM_FAIL; 11.348 - 11.349 -#else 11.350 - // If BE_LISTENER_THREAD then this is a TPM command from a guest 11.351 - if (threadType == BE_LISTENER_THREAD) { 11.352 - // Dom0 can't talk to the BE, so this must be a broken FE/BE or badness 11.353 - if (dmi == 0) { 11.354 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Illegal use of TPM command from dom0\n"); 11.355 - status = TPM_FAIL; 11.356 - } else { 11.357 - vtpmhandlerloginfo(VTPM_LOG_VTPM, "Forwarding command to DMI.\n"); 11.358 - 11.359 - // open the dmi_res->guest_tx_fh to send command to DMI 11.360 - if (dmi_res->guest_tx_fh < 0) 11.361 - dmi_res->guest_tx_fh = open(dmi_res->guest_tx_fname, O_WRONLY | O_NONBLOCK); 11.362 - 11.363 - // handle failed opens dmi_res->guest_tx_fh 11.364 - if (dmi_res->guest_tx_fh < 0){ 11.365 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "VTPM ERROR: Can't open outbound fh to dmi.\n"); 11.366 - status = TPM_IOERROR; 11.367 - goto abort_with_error; 11.368 - } 11.369 - 11.370 - //Forward TPM CMD stamped with dmi_id to DMI for handling 11.371 - if (cmd_size) { 11.372 - dmi_cmd = (BYTE *) malloc(VTPM_COMMAND_HEADER_SIZE_SRV + cmd_size); 11.373 - dmi_cmd_size = VTPM_COMMAND_HEADER_SIZE_SRV + cmd_size; 11.374 - memcpy(dmi_cmd, cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); 11.375 - memcpy(dmi_cmd + VTPM_COMMAND_HEADER_SIZE_SRV, in_param, cmd_size); 11.376 - size_write = write(dmi_res->guest_tx_fh, dmi_cmd, dmi_cmd_size); 11.377 - 11.378 - if (size_write > 0) { 11.379 - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "SENT (DMI): 0x"); 11.380 - for (i=0; i<VTPM_COMMAND_HEADER_SIZE_SRV + cmd_size; i++) { 11.381 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", dmi_cmd[i]); 11.382 - } 11.383 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 11.384 - } else { 11.385 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error writing to DMI. Aborting... \n"); 11.386 - close(dmi_res->guest_tx_fh); 11.387 - dmi_res->guest_tx_fh = -1; 11.388 - status = TPM_IOERROR; 11.389 - goto abort_with_error; 11.390 - } 11.391 - free(dmi_cmd); 11.392 - } else { 11.393 - dmi_cmd_size = VTPM_COMMAND_HEADER_SIZE_SRV; 11.394 - size_write = write(dmi_res->guest_tx_fh, cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV ); 11.395 - if (size_write > 0) { 11.396 - for (i=0; i<VTPM_COMMAND_HEADER_SIZE_SRV; i++) 11.397 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); 11.398 - 11.399 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 11.400 - } else { 11.401 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error writing to DMI. Aborting... \n"); 11.402 - close(dmi_res->guest_tx_fh); 11.403 - dmi_res->guest_tx_fh = -1; 11.404 - status = TPM_IOERROR; 11.405 - goto abort_with_error; 11.406 - } 11.407 - } 11.408 - 11.409 - if (size_write != (int) dmi_cmd_size) 11.410 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Could not write entire command to DMI (%d/%d)\n", size_write, dmi_cmd_size); 11.411 - buffer_free(command_buf); 11.412 - 11.413 - // Open vtpm_globals->guest_rx_fh to receive DMI response 11.414 - if (vtpm_globals->guest_rx_fh < 0) 11.415 - vtpm_globals->guest_rx_fh = open(GUEST_RX_FIFO, O_RDONLY); 11.416 - 11.417 - // Handle open failures 11.418 - if (vtpm_globals->guest_rx_fh < 0){ 11.419 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Can't open inbound fh to dmi.\n"); 11.420 - status = TPM_IOERROR; 11.421 - goto abort_with_error; 11.422 - } 11.423 - 11.424 - // Read header for response to TPM command from DMI 11.425 - size_read = read( vtpm_globals->guest_rx_fh, cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); 11.426 - if (size_read > 0) { 11.427 - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "RECV (DMI): 0x"); 11.428 - for (i=0; i<size_read; i++) 11.429 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); 11.430 - 11.431 - } else { 11.432 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error reading from DMI. Aborting... \n"); 11.433 - close(vtpm_globals->guest_rx_fh); 11.434 - vtpm_globals->guest_rx_fh = -1; 11.435 - status = TPM_IOERROR; 11.436 - goto abort_with_error; 11.437 - } 11.438 - 11.439 - if (size_read < (int) VTPM_COMMAND_HEADER_SIZE_SRV) { 11.440 - //vtpmdeepsublog("\n"); 11.441 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command from DMI shorter than normal header. Aborting...\n"); 11.442 - status = TPM_IOERROR; 11.443 - goto abort_with_error; 11.444 - } 11.445 - 11.446 - // Unpack response from DMI for TPM command 11.447 - BSG_UnpackList(cmd_header, 4, 11.448 - BSG_TYPE_UINT32, &dmi, 11.449 - BSG_TPM_TAG, &tag, 11.450 - BSG_TYPE_UINT32, &in_param_size, 11.451 - BSG_TPM_COMMAND_CODE, &status ); 11.452 - 11.453 - // If response has parameters, read them. 11.454 - // Note that in_param_size is in the client's context 11.455 - cmd_size = in_param_size - VTPM_COMMAND_HEADER_SIZE_CLT; 11.456 - if (cmd_size > 0) { 11.457 - in_param = (BYTE *) malloc(cmd_size); 11.458 - size_read = read( vtpm_globals->guest_rx_fh, in_param, cmd_size); 11.459 - if (size_read > 0) { 11.460 - for (i=0; i<size_read; i++) 11.461 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); 11.462 - 11.463 - } else { 11.464 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error reading from BE. Aborting... \n"); 11.465 - close(vtpm_globals->guest_rx_fh); 11.466 - vtpm_globals->guest_rx_fh = -1; 11.467 - status = TPM_IOERROR; 11.468 - goto abort_with_error; 11.469 - } 11.470 - vtpmhandlerloginfomore(VTPM_LOG_VTPM, "\n"); 11.471 - 11.472 - if (size_read < (int)cmd_size) { 11.473 - vtpmhandlerloginfomore(VTPM_LOG_VTPM, "\n"); 11.474 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command read(%d) from DMI is shorter than header indicates(%d). Aborting...\n", size_read, cmd_size); 11.475 - status = TPM_IOERROR; 11.476 - goto abort_with_error; 11.477 - } 11.478 - } else { 11.479 - in_param = NULL; 11.480 - vtpmhandlerloginfomore(VTPM_LOG_VTPM, "\n"); 11.481 - } 11.482 - 11.483 - if (buffer_init_convert(result_buf, cmd_size, in_param) != TPM_SUCCESS) { 11.484 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Failed to setup buffers. Aborting...\n"); 11.485 - status = TPM_FAIL; 11.486 - goto abort_with_error; 11.487 - } 11.488 - 11.489 - vtpmhandlerloginfo(VTPM_LOG_VTPM, "Sending DMI's response to guest.\n"); 11.490 - } // end else for if (dmi==0) 11.491 - 11.492 - } else { // This is a DMI lister thread. Thus this is from a DMI 11.493 - // Raw TPM commands are not supported from the DMI 11.494 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Attempt to use unsupported direct access to TPM.\n"); 11.495 - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "Bad Command. dmi:%d, tag:%d, size:%d, ord:%d, Params: ", dmi, tag, in_param_size, ord); 11.496 - for (i=0; i<cmd_size; i++) 11.497 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); 11.498 - 11.499 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 11.500 - 11.501 - status = TPM_FAIL; 11.502 - } // end else for if BE Listener 11.503 -#endif 11.504 - 11.505 - } // end else for is VTPM Command 11.506 - 11.507 - // This marks the beginning of preparing response to be sent out. 11.508 - // Errors while handling responses jump here to reply with error messages 11.509 - // NOTE: Currently there are no recoverable errors in multi-VM mode. If one 11.510 - // is added to the code, this ifdef should be removed. 11.511 - // Also note this is NOT referring to errors in commands, but rather 11.512 - // this is about I/O errors and such. 11.513 -#ifndef VTPM_MULTI_VM 11.514 - abort_with_error: 11.515 -#endif 11.516 - 11.517 - // Open tx_fh in preperation to send reponse back 11.518 - if (*tx_fh < 0) { 11.519 -#ifdef VTPM_MULTI_VM 11.520 - *tx_fh = open(VTPM_BE_DEV, O_RDWR); 11.521 -#else 11.522 - if (threadType == BE_LISTENER_THREAD) 11.523 - #ifdef DUMMY_BACKEND 11.524 - *tx_fh = open("/tmp/out.fifo", O_RDWR); 11.525 - #else 11.526 - *tx_fh = open(VTPM_BE_DEV, O_RDWR); 11.527 - #endif 11.528 - else // DMI Listener 11.529 - *tx_fh = open(dmi_res->vtpm_tx_fname, O_WRONLY); 11.530 -#endif 11.531 - } 11.532 - 11.533 - 11.534 - // Handle failed open 11.535 - if (*tx_fh < 0) { 11.536 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "VTPM ERROR: Can't open outbound fh.\n"); 11.537 -#ifdef VTPM_MULTI_VM 11.538 - return TPM_IOERROR; 11.539 -#else 11.540 - *ret_value = TPM_IOERROR; 11.541 - pthread_exit(ret_value); 11.542 -#endif 11.543 - } 11.544 - 11.545 - // Prepend VTPM header with destination DM stamped 11.546 - out_param_size = buffer_len(result_buf); 11.547 - out_message_size = VTPM_COMMAND_HEADER_SIZE_CLT + out_param_size; 11.548 - out_message_size_full = VTPM_COMMAND_HEADER_SIZE_SRV + out_param_size; 11.549 - out_message = (BYTE *) malloc (out_message_size_full); 11.550 - 11.551 - BSG_PackList(out_message, 4, 11.552 - BSG_TYPE_UINT32, (BYTE *) &dmi, 11.553 - BSG_TPM_TAG, (BYTE *) &tag, 11.554 - BSG_TYPE_UINT32, (BYTE *) &out_message_size, 11.555 - BSG_TPM_RESULT, (BYTE *) &status); 11.556 - 11.557 - if (buffer_len(result_buf) > 0) 11.558 - memcpy(out_message + VTPM_COMMAND_HEADER_SIZE_SRV, result_buf->bytes, out_param_size); 11.559 - 11.560 - 11.561 - //Note: Send message + dmi_id 11.562 - size_write = write(*tx_fh, out_message, out_message_size_full ); 11.563 - if (size_write > 0) { 11.564 - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "SENT: 0x"); 11.565 - for (i=0; i < out_message_size_full; i++) 11.566 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", out_message[i]); 11.567 - 11.568 - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 11.569 - } else { 11.570 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error writing to BE. Aborting... \n"); 11.571 - close(*tx_fh); 11.572 - *tx_fh = -1; 11.573 - goto abort_command; 11.574 - } 11.575 - free(out_message); 11.576 - 11.577 - if (size_write < (int)out_message_size_full) { 11.578 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Unable to write full command to BE (%d/%d)\n", size_write, out_message_size_full); 11.579 - goto abort_command; 11.580 - } 11.581 - 11.582 - // On certain failures an error message cannot be sent. 11.583 - // This marks the beginning of cleanup in preperation for the next command. 11.584 - abort_command: 11.585 - //free buffers 11.586 - bzero(cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); 11.587 - //free(in_param); // This was converted to command_buf. No need to free 11.588 - if (command_buf != result_buf) 11.589 - buffer_free(result_buf); 11.590 - 11.591 - buffer_free(command_buf); 11.592 - 11.593 -#ifndef VTPM_MULTI_VM 11.594 - if (threadType != BE_LISTENER_THREAD) { 11.595 -#endif 11.596 - if ( (vtpm_globals->DMI_table_dirty) && 11.597 - (VTPM_SaveService() != TPM_SUCCESS) ) { 11.598 - vtpmhandlerlogerror(VTPM_LOG_VTPM, "ERROR: Unable to save manager data.\n"); 11.599 - } 11.600 -#ifndef VTPM_MULTI_VM 11.601 - } 11.602 -#endif 11.603 - 11.604 - } // End while(1) 11.605 - 11.606 -} 11.607 - 11.608 - 11.609 /////////////////////////////////////////////////////////////////////////////// 11.610 -TPM_RESULT VTPM_Init_Service() { 11.611 +TPM_RESULT VTPM_Init_Manager() { 11.612 TPM_RESULT status = TPM_FAIL, serviceStatus; 11.613 BYTE *randomsead; 11.614 UINT32 randomsize; 11.615 @@ -749,20 +188,14 @@ TPM_RESULT VTPM_Init_Service() { 11.616 goto abort_egress; 11.617 } 11.618 memset(vtpm_globals, 0, sizeof(VTPM_GLOBALS)); 11.619 - vtpm_globals->be_fh = -1; 11.620 11.621 -#ifndef VTPM_MULTI_VM 11.622 - vtpm_globals->vtpm_rx_fh = -1; 11.623 - vtpm_globals->guest_rx_fh = -1; 11.624 vtpm_globals->connected_dmis = 0; 11.625 -#endif 11.626 + 11.627 if ((vtpm_globals->dmi_map = create_hashtable(10, hashfunc32, equals32)) == NULL){ 11.628 status = TPM_FAIL; 11.629 goto abort_egress; 11.630 } 11.631 11.632 - vtpm_globals->DMI_table_dirty = FALSE; 11.633 - 11.634 // Create new TCS Object 11.635 vtpm_globals->manager_tcs_handle = 0; 11.636 11.637 @@ -783,13 +216,14 @@ TPM_RESULT VTPM_Init_Service() { 11.638 &vtpm_globals->keyAuth) ); 11.639 vtpm_globals->keyAuth.fContinueAuthSession = TRUE; 11.640 11.641 - // If failed, create new Service. 11.642 - serviceStatus = VTPM_LoadService(); 11.643 + // If failed, create new Manager. 11.644 + serviceStatus = VTPM_LoadManagerData(); 11.645 if (serviceStatus == TPM_IOERROR) { 11.646 - vtpmloginfo(VTPM_LOG_VTPM, "Failed to read service file. Assuming first time initialization.\n"); 11.647 - TPMTRYRETURN( VTPM_Create_Service() ); 11.648 + vtpmloginfo(VTPM_LOG_VTPM, "Failed to read manager file. Assuming first time initialization.\n"); 11.649 + TPMTRYRETURN( VTPM_Create_Manager() ); 11.650 + TPMTRYRETURN( VTPM_SaveManagerData() ); 11.651 } else if (serviceStatus != TPM_SUCCESS) { 11.652 - vtpmlogerror(VTPM_LOG_VTPM, "Failed to read existing service file"); 11.653 + vtpmlogerror(VTPM_LOG_VTPM, "Failed to read existing manager file"); 11.654 exit(1); 11.655 } 11.656 11.657 @@ -805,8 +239,6 @@ TPM_RESULT VTPM_Init_Service() { 11.658 11.659 // Create entry for Dom0 for control messages 11.660 TPMTRYRETURN( VTPM_Handle_New_DMI(NULL) ); 11.661 - 11.662 - // --------------------- Command handlers --------------------------- 11.663 11.664 goto egress; 11.665 11.666 @@ -815,8 +247,9 @@ TPM_RESULT VTPM_Init_Service() { 11.667 11.668 return(status); 11.669 } 11.670 - 11.671 -void VTPM_Stop_Service() { 11.672 + 11.673 +/////////////////////////////////////////////////////////////////////////////// 11.674 +void VTPM_Stop_Manager() { 11.675 VTPM_DMI_RESOURCE *dmi_res; 11.676 struct hashtable_itr *dmi_itr; 11.677 11.678 @@ -832,7 +265,7 @@ void VTPM_Stop_Service() { 11.679 free (dmi_itr); 11.680 } 11.681 11.682 - if ( (vtpm_globals->DMI_table_dirty) && (VTPM_SaveService() != TPM_SUCCESS) ) 11.683 + if ( VTPM_SaveManagerData() != TPM_SUCCESS ) 11.684 vtpmlogerror(VTPM_LOG_VTPM, "Unable to save manager data.\n"); 11.685 11.686 TCS_CloseContext(vtpm_globals->manager_tcs_handle); 11.687 @@ -841,7 +274,6 @@ void VTPM_Stop_Service() { 11.688 hashtable_destroy(vtpm_globals->dmi_map, 1); 11.689 free(vtpm_globals); 11.690 11.691 - close(vtpm_globals->be_fh); 11.692 Crypto_Exit(); 11.693 11.694 vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager stopped.\n");
12.1 --- a/tools/vtpm_manager/manager/vtpm_manager.h Wed May 17 23:19:18 2006 +0100 12.2 +++ b/tools/vtpm_manager/manager/vtpm_manager.h Wed May 17 23:23:26 2006 +0100 12.3 @@ -40,32 +40,30 @@ 12.4 #ifndef __VTPM_MANAGER_H__ 12.5 #define __VTPM_MANAGER_H__ 12.6 12.7 -#include "tcg.h" 12.8 - 12.9 #define VTPM_TAG_REQ 0x01c1 12.10 #define VTPM_TAG_RSP 0x01c4 12.11 #define COMMAND_BUFFER_SIZE 4096 12.12 12.13 // Header sizes. Note Header MAY include the DMI 12.14 -#define VTPM_COMMAND_HEADER_SIZE_SRV ( sizeof(UINT32) + sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE)) 12.15 -#define VTPM_COMMAND_HEADER_SIZE_CLT ( sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE)) 12.16 - 12.17 -// ********************** Public Functions ************************* 12.18 -TPM_RESULT VTPM_Init_Service(); // Start VTPM Service 12.19 -void VTPM_Stop_Service(); // Stop VTPM Service 12.20 -#ifdef VTPM_MULTI_VM 12.21 -int VTPM_Service_Handler(); 12.22 -#else 12.23 -void *VTPM_Service_Handler(void *threadTypePtr); 12.24 -#endif 12.25 +#define VTPM_COMMAND_HEADER_SIZE_CLT ( 2 + 4 + 4) 12.26 +// sizeof(TPM_TAG + UINT32 + TPM_COMMAND_CODE) 12.27 +#define VTPM_COMMAND_HEADER_SIZE_SRV ( 4 + VTPM_COMMAND_HEADER_SIZE_CLT ) 12.28 +// sizeof( UINT32 + VTPM_COMMAND_HEADER_SIZE_CLT) 12.29 12.30 //************************ Command Codes **************************** 12.31 -#define VTPM_ORD_OPEN 1 // ULM Creates New DMI 12.32 -#define VTPM_ORD_CLOSE 2 // ULM Closes a DMI 12.33 -#define VTPM_ORD_DELETE 3 // ULM Permemently Deletes DMI 12.34 -#define VTPM_ORD_SAVENVM 4 // DMI requests Secrets Unseal 12.35 -#define VTPM_ORD_LOADNVM 5 // DMI requests Secrets Saved 12.36 -#define VTPM_ORD_TPMCOMMAND 6 // DMI issues HW TPM Command 12.37 +#define VTPM_ORD_BASE 0x0000 12.38 +#define VTPM_PRIV_MASK 0x01000000 // Priviledged VTPM Command 12.39 +#define VTPM_PRIV_BASE (VTPM_ORD_BASE | VTPM_PRIV_MASK) 12.40 + 12.41 +// Non-priviledged VTPM Commands (From DMI's) 12.42 +#define VTPM_ORD_SAVENVM (VTPM_ORD_BASE + 1) // DMI Saves Secrets 12.43 +#define VTPM_ORD_LOADNVM (VTPM_ORD_BASE + 2) // DMI Loads Secrets 12.44 +#define VTPM_ORD_TPMCOMMAND (VTPM_ORD_BASE + 3) // DMI issues HW TPM Command 12.45 + 12.46 +// Priviledged VTPM Commands (From management console) 12.47 +#define VTPM_ORD_OPEN (VTPM_PRIV_BASE + 1) // Creates/reopens DMI 12.48 +#define VTPM_ORD_CLOSE (VTPM_PRIV_BASE + 2) // Closes a DMI 12.49 +#define VTPM_ORD_DELETE (VTPM_PRIV_BASE + 3) // Permemently Deletes DMI 12.50 12.51 //************************ Return Codes **************************** 12.52 #define VTPM_SUCCESS 0
13.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 13.2 +++ b/tools/vtpm_manager/manager/vtpm_manager_handler.c Wed May 17 23:23:26 2006 +0100 13.3 @@ -0,0 +1,455 @@ 13.4 +// =================================================================== 13.5 +// 13.6 +// Copyright (c) 2005, Intel Corp. 13.7 +// All rights reserved. 13.8 +// 13.9 +// Redistribution and use in source and binary forms, with or without 13.10 +// modification, are permitted provided that the following conditions 13.11 +// are met: 13.12 +// 13.13 +// * Redistributions of source code must retain the above copyright 13.14 +// notice, this list of conditions and the following disclaimer. 13.15 +// * Redistributions in binary form must reproduce the above 13.16 +// copyright notice, this list of conditions and the following 13.17 +// disclaimer in the documentation and/or other materials provided 13.18 +// with the distribution. 13.19 +// * Neither the name of Intel Corporation nor the names of its 13.20 +// contributors may be used to endorse or promote products derived 13.21 +// from this software without specific prior written permission. 13.22 +// 13.23 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 13.24 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 13.25 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 13.26 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 13.27 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 13.28 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 13.29 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 13.30 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 13.31 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 13.32 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 13.33 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 13.34 +// OF THE POSSIBILITY OF SUCH DAMAGE. 13.35 +// =================================================================== 13.36 +// 13.37 +// vtpm_manager_handler.c 13.38 +// 13.39 +// This file will house the main logic of the VTPM Manager 13.40 +// 13.41 +// ================================================================== 13.42 + 13.43 +#include <stdio.h> 13.44 +#include <unistd.h> 13.45 +#include <string.h> 13.46 + 13.47 +#include "vtpm_manager.h" 13.48 +#include "vtpmpriv.h" 13.49 +#include "vtsp.h" 13.50 +#include "bsg.h" 13.51 +#include "hashtable.h" 13.52 +#include "hashtable_itr.h" 13.53 +#include "log.h" 13.54 +#include "buffer.h" 13.55 + 13.56 +#define vtpmhandlerloginfo(module,fmt,args...) vtpmloginfo (module, "[%s]: " fmt, thread_name, ##args ); 13.57 +#define vtpmhandlerloginfomore(module,fmt,args...) vtpmloginfomore (module, fmt, ##args ); 13.58 +#define vtpmhandlerlogerror(module,fmt,args...) vtpmlogerror (module, "[%s]: " fmt, thread_name, ##args ); 13.59 + 13.60 +// ---------------------- Prototypes ------------------- 13.61 +TPM_RESULT vtpm_manager_handle_vtpm_cmd(VTPM_DMI_RESOURCE *dmi_res, 13.62 + TPM_COMMAND_CODE ord, 13.63 + buffer_t *command_buf, 13.64 + buffer_t *result_buf, 13.65 + BOOL is_priv, 13.66 + char *thread_name); 13.67 + 13.68 +TPM_RESULT vtpm_manager_handle_tpm_cmd(vtpm_ipc_handle_t *tx_ipc_h, 13.69 + vtpm_ipc_handle_t *rx_ipc_h, 13.70 + VTPM_DMI_RESOURCE *dmi_res, 13.71 + BYTE *cmd_header, 13.72 + buffer_t *param_buf, 13.73 + buffer_t *result_buf, 13.74 + char *thread_name); 13.75 + 13.76 +TPM_RESULT VTPM_Manager_Handler( vtpm_ipc_handle_t *tx_ipc_h, 13.77 + vtpm_ipc_handle_t *rx_ipc_h, 13.78 + BOOL fw_tpm, // Forward TPM cmds? 13.79 + vtpm_ipc_handle_t *fw_tx_ipc_h, 13.80 + vtpm_ipc_handle_t *fw_rx_ipc_h, 13.81 + BOOL is_priv, 13.82 + char *thread_name) { 13.83 + TPM_RESULT status = TPM_FAIL; // Should never return 13.84 + UINT32 dmi, in_param_size, cmd_size, out_param_size, out_message_size, out_message_size_full; 13.85 + BYTE *cmd_header, *in_param, *out_message; 13.86 + buffer_t *command_buf=NULL, *result_buf=NULL; 13.87 + TPM_TAG tag; 13.88 + TPM_COMMAND_CODE ord; 13.89 + VTPM_DMI_RESOURCE *dmi_res; 13.90 + int size_read, size_write, i; 13.91 + 13.92 + cmd_header = (BYTE *) malloc(VTPM_COMMAND_HEADER_SIZE_SRV); 13.93 + command_buf = (buffer_t *) malloc(sizeof(buffer_t)); 13.94 + result_buf = (buffer_t *) malloc(sizeof(buffer_t)); 13.95 + 13.96 + // ------------------------ Main Loop -------------------------------- 13.97 + while(1) { 13.98 + 13.99 + vtpmhandlerloginfo(VTPM_LOG_VTPM, "%s waiting for messages.\n", thread_name); 13.100 + 13.101 + // --------------------- Read Cmd from Sender ---------------- 13.102 + 13.103 + // Read command header 13.104 + size_read = vtpm_ipc_read(rx_ipc_h, NULL, cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); 13.105 + if (size_read > 0) { 13.106 + vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "RECV[%d}: 0x", size_read); 13.107 + for (i=0; i<size_read; i++) 13.108 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); 13.109 + } else { 13.110 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s can't read from ipc. Aborting... \n", thread_name); 13.111 + goto abort_command; 13.112 + } 13.113 + 13.114 + if (size_read < (int) VTPM_COMMAND_HEADER_SIZE_SRV) { 13.115 + vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "\n"); 13.116 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command shorter than normal header (%d bytes). Aborting...\n", size_read); 13.117 + goto abort_command; 13.118 + } 13.119 + 13.120 + // Unpack header 13.121 + BSG_UnpackList(cmd_header, 4, 13.122 + BSG_TYPE_UINT32, &dmi, 13.123 + BSG_TPM_TAG, &tag, 13.124 + BSG_TYPE_UINT32, &in_param_size, 13.125 + BSG_TPM_COMMAND_CODE, &ord ); 13.126 + 13.127 + // Using the header info, read the parameters of the command 13.128 + // Note that in_param_size is in the client's context 13.129 + cmd_size = in_param_size - VTPM_COMMAND_HEADER_SIZE_CLT; 13.130 + if (cmd_size > 0) { 13.131 + in_param = (BYTE *) malloc(cmd_size); 13.132 + size_read = vtpm_ipc_read( rx_ipc_h, NULL, in_param, cmd_size); 13.133 + if (size_read > 0) { 13.134 + for (i=0; i<size_read; i++) 13.135 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); 13.136 + 13.137 + } else { 13.138 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s had error reading cmd from ipc. Aborting... \n", thread_name); 13.139 + goto abort_command; 13.140 + } 13.141 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 13.142 + 13.143 + if (size_read < (int) cmd_size) { 13.144 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 13.145 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command read(%d) is shorter than header indicates(%d). Aborting...\n", size_read, cmd_size); 13.146 + goto abort_command; 13.147 + } 13.148 + } else { 13.149 + in_param = NULL; 13.150 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 13.151 + } 13.152 + 13.153 + // Init the buffers used to handle the command and the response 13.154 + if ( (buffer_init_convert(command_buf, cmd_size, in_param) != TPM_SUCCESS) || 13.155 + (buffer_init(result_buf, 0, 0) != TPM_SUCCESS) ) { 13.156 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Failed to setup buffers. Aborting...\n"); 13.157 + goto abort_command; 13.158 + } 13.159 + 13.160 + // -------------- Dispatch Commands to Handlers ----------- 13.161 + if ((tag == VTPM_TAG_REQ) && (ord & VTPM_PRIV_MASK)) { 13.162 + vtpm_lock_wrlock(); 13.163 + } else { 13.164 + vtpm_lock_rdlock(); 13.165 + } 13.166 + 13.167 + if ( !(dmi_res = (VTPM_DMI_RESOURCE *) hashtable_search(vtpm_globals->dmi_map, &dmi)) || 13.168 + (!dmi_res->connected) ) { 13.169 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Attempted access to non-existent or disconnected DMI %d. Aborting...\n", dmi); 13.170 + status = TPM_BAD_PARAMETER; 13.171 + } 13.172 + 13.173 + if (tag == VTPM_TAG_REQ) { 13.174 + 13.175 + status = vtpm_manager_handle_vtpm_cmd(dmi_res, ord, command_buf, result_buf, is_priv, thread_name); 13.176 + 13.177 + } else { // This is not a VTPM Command at all. 13.178 + if (fw_tpm) { 13.179 + status = vtpm_manager_handle_tpm_cmd(fw_tx_ipc_h, fw_rx_ipc_h, dmi_res, cmd_header, command_buf, result_buf, thread_name); 13.180 + 13.181 + // This means calling the DMI failed, not that the cmd failed in the DMI 13.182 + if (status != TPM_SUCCESS) { 13.183 + goto abort_with_error; 13.184 + } 13.185 + } else { 13.186 + // We are not supposed to forward TPM commands at all. 13.187 + int i; 13.188 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Attempt to use unsupported direct access to TPM.\n"); 13.189 + vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "Bad Command. dmi:%d, tag:%d, size:%d, ord:%d, Params: ", dmi, tag, in_param_size, ord); 13.190 + for (i=0; i<cmd_size; i++) 13.191 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); 13.192 + 13.193 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 13.194 + 13.195 + status = TPM_FAIL; 13.196 + goto abort_with_error; 13.197 + } 13.198 + 13.199 + } // end else for is VTPM Command 13.200 + 13.201 + // ------------------- Respond to Sender ------------------ 13.202 + 13.203 + // Errors while handling responses jump here to reply with error messages 13.204 + // NOTE: Currently there are no recoverable errors in multi-VM mode. If one 13.205 + // is added to the code, this ifdef should be removed. 13.206 + // Also note this is NOT referring to errors in commands, but rather 13.207 + // this is about I/O errors and such. 13.208 +#ifndef VTPM_MULTI_VM 13.209 + abort_with_error: 13.210 +#endif 13.211 + 13.212 + // Prepend VTPM header with destination DM stamped 13.213 + out_param_size = buffer_len(result_buf); 13.214 + out_message_size = VTPM_COMMAND_HEADER_SIZE_CLT + out_param_size; 13.215 + out_message_size_full = VTPM_COMMAND_HEADER_SIZE_SRV + out_param_size; 13.216 + out_message = (BYTE *) malloc (out_message_size_full); 13.217 + 13.218 + BSG_PackList(out_message, 4, 13.219 + BSG_TYPE_UINT32, (BYTE *) &dmi, 13.220 + BSG_TPM_TAG, (BYTE *) &tag, 13.221 + BSG_TYPE_UINT32, (BYTE *) &out_message_size, 13.222 + BSG_TPM_RESULT, (BYTE *) &status); 13.223 + 13.224 + if (buffer_len(result_buf) > 0) 13.225 + memcpy(out_message + VTPM_COMMAND_HEADER_SIZE_SRV, result_buf->bytes, out_param_size); 13.226 + 13.227 + //Note: Send message + dmi_id 13.228 + size_write = vtpm_ipc_write(tx_ipc_h, dmi_res->tx_vtpm_ipc_h, out_message, out_message_size_full ); 13.229 + if (size_write > 0) { 13.230 + vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "SENT: 0x"); 13.231 + for (i=0; i < out_message_size_full; i++) 13.232 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", out_message[i]); 13.233 + 13.234 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 13.235 + } else { 13.236 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s had error writing to ipc. Aborting... \n", thread_name); 13.237 + goto abort_command; 13.238 + } 13.239 + free(out_message); 13.240 + 13.241 + if (size_write < (int)out_message_size_full) { 13.242 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s unable to write full command to ipc (%d/%d)\n", thread_name, size_write, out_message_size_full); 13.243 + goto abort_command; 13.244 + } 13.245 + 13.246 + // On certain failures an error message cannot be sent. 13.247 + // This marks the beginning of cleanup in preperation for the next command. 13.248 + abort_command: 13.249 + //free buffers 13.250 + bzero(cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); 13.251 + //free(in_param); // This was converted to command_buf. No need to free 13.252 + if (command_buf != result_buf) 13.253 + buffer_free(result_buf); 13.254 + 13.255 + buffer_free(command_buf); 13.256 + 13.257 + // If we have a write lock, save the manager table 13.258 + if ((tag == VTPM_TAG_REQ) && (ord & VTPM_PRIV_MASK) && 13.259 + (VTPM_SaveManagerData() != TPM_SUCCESS) ) { 13.260 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "ERROR: Unable to save manager data.\n"); 13.261 + } 13.262 + 13.263 + vtpm_lock_unlock(); 13.264 + } // End while(1) 13.265 + 13.266 +} 13.267 + 13.268 +///////////////////////////////////////////////////////////////////////// 13.269 +TPM_RESULT vtpm_manager_handle_vtpm_cmd(VTPM_DMI_RESOURCE *dmi_res, 13.270 + TPM_COMMAND_CODE ord, 13.271 + buffer_t *command_buf, 13.272 + buffer_t *result_buf, 13.273 + BOOL is_priv, 13.274 + char *thread_name) { 13.275 + 13.276 + TPM_RESULT status = TPM_FAIL; 13.277 + 13.278 + switch (ord) { 13.279 + case VTPM_ORD_SAVENVM: 13.280 + status= VTPM_Handle_Save_NVM(dmi_res, 13.281 + command_buf, 13.282 + result_buf); 13.283 + break; 13.284 + 13.285 + case VTPM_ORD_LOADNVM: 13.286 + status= VTPM_Handle_Load_NVM(dmi_res, 13.287 + command_buf, 13.288 + result_buf); 13.289 + break; 13.290 + 13.291 + case VTPM_ORD_TPMCOMMAND: 13.292 + status= VTPM_Handle_TPM_Command(dmi_res, 13.293 + command_buf, 13.294 + result_buf); 13.295 + break; 13.296 + 13.297 + default: 13.298 + // Privileged handlers can do maintanance 13.299 + if (is_priv) { 13.300 + switch (ord) { 13.301 + case VTPM_ORD_OPEN: 13.302 + status = VTPM_Handle_New_DMI(command_buf); 13.303 + break; 13.304 + 13.305 + case VTPM_ORD_CLOSE: 13.306 + status = VTPM_Handle_Close_DMI(command_buf); 13.307 + break; 13.308 + 13.309 + case VTPM_ORD_DELETE: 13.310 + status = VTPM_Handle_Delete_DMI(command_buf); 13.311 + break; 13.312 + 13.313 + default: 13.314 + status = TPM_BAD_ORDINAL; 13.315 + } // switch 13.316 + } else { // is priv command 13.317 + 13.318 + status = TPM_BAD_ORDINAL; 13.319 + } // inner switch 13.320 + } // outer switch 13.321 + 13.322 + return(status); 13.323 +} 13.324 + 13.325 +///////////////////////////////////////////////////////////////////// 13.326 +TPM_RESULT vtpm_manager_handle_tpm_cmd(vtpm_ipc_handle_t *tx_ipc_h, 13.327 + vtpm_ipc_handle_t *rx_ipc_h, 13.328 + VTPM_DMI_RESOURCE *dmi_res, 13.329 + BYTE *cmd_header, 13.330 + buffer_t *param_buf, 13.331 + buffer_t *result_buf, 13.332 + char *thread_name) { 13.333 + 13.334 + TPM_RESULT status = TPM_FAIL; 13.335 + UINT32 dmi_dst; 13.336 + TPM_COMMAND_CODE ord; 13.337 + TPM_TAG tag_out; 13.338 + UINT32 dmi_cmd_size, in_param_size, adj_param_size; 13.339 + BYTE *dmi_cmd, *in_param; 13.340 + int size_read, size_write, i; 13.341 + 13.342 + //// Dom0 can't talk to the BE, so this must be a broken FE/BE or badness 13.343 + if (dmi_res->dmi_id == VTPM_CTL_DM) { 13.344 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Illegal use of TPM command from dom0\n"); 13.345 + status = TPM_FAIL; 13.346 + goto abort_with_error; 13.347 + } 13.348 + 13.349 + vtpmhandlerloginfo(VTPM_LOG_VTPM, "Forwarding command to DMI.\n"); 13.350 + 13.351 + //Forward TPM CMD stamped with dmi_id to DMI for handling 13.352 + if (buffer_len(param_buf)) { 13.353 + dmi_cmd = (BYTE *) malloc(VTPM_COMMAND_HEADER_SIZE_SRV + buffer_len(param_buf)); 13.354 + dmi_cmd_size = VTPM_COMMAND_HEADER_SIZE_SRV + buffer_len(param_buf); 13.355 + memcpy(dmi_cmd, cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); 13.356 + memcpy(dmi_cmd + VTPM_COMMAND_HEADER_SIZE_SRV, param_buf->bytes, buffer_len(param_buf)); 13.357 + size_write = vtpm_ipc_write(tx_ipc_h, dmi_res->tx_tpm_ipc_h, dmi_cmd, dmi_cmd_size); 13.358 + 13.359 + if (size_write > 0) { 13.360 + vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "SENT (DMI): 0x"); 13.361 + for (i=0; i<VTPM_COMMAND_HEADER_SIZE_SRV + buffer_len(param_buf); i++) { 13.362 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", dmi_cmd[i]); 13.363 + } 13.364 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 13.365 + } else { 13.366 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error writing to DMI. Aborting... \n"); 13.367 + status = TPM_IOERROR; 13.368 + goto abort_with_error; 13.369 + } 13.370 + free(dmi_cmd); 13.371 + } else { 13.372 + dmi_cmd_size = VTPM_COMMAND_HEADER_SIZE_SRV; 13.373 + size_write = vtpm_ipc_write(tx_ipc_h, dmi_res->tx_tpm_ipc_h, cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV ); 13.374 + if (size_write > 0) { 13.375 + for (i=0; i<VTPM_COMMAND_HEADER_SIZE_SRV; i++) 13.376 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); 13.377 + 13.378 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); 13.379 + } else { 13.380 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error writing to DMI. Aborting... \n"); 13.381 + status = TPM_IOERROR; 13.382 + goto abort_with_error; 13.383 + } 13.384 + } 13.385 + 13.386 + if (size_write != (int) dmi_cmd_size) 13.387 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Could not write entire command to DMI (%d/%d)\n", size_write, dmi_cmd_size); 13.388 + 13.389 + buffer_free(param_buf); 13.390 + 13.391 + // Read header for response to TPM command from DMI 13.392 + size_read = vtpm_ipc_read( rx_ipc_h, dmi_res->rx_tpm_ipc_h, cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); 13.393 + if (size_read > 0) { 13.394 + vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "RECV (DMI): 0x"); 13.395 + for (i=0; i<size_read; i++) 13.396 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); 13.397 + 13.398 + } else { 13.399 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error reading from DMI. Aborting... \n"); 13.400 + status = TPM_IOERROR; 13.401 + goto abort_with_error; 13.402 + } 13.403 + 13.404 + if (size_read < (int) VTPM_COMMAND_HEADER_SIZE_SRV) { 13.405 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command from DMI shorter than normal header. Aborting...\n"); 13.406 + status = TPM_IOERROR; 13.407 + goto abort_with_error; 13.408 + } 13.409 + 13.410 + // Unpack response from DMI for TPM command 13.411 + BSG_UnpackList(cmd_header, 4, 13.412 + BSG_TYPE_UINT32, &dmi_dst, 13.413 + BSG_TPM_TAG, &tag_out, 13.414 + BSG_TYPE_UINT32, &in_param_size, 13.415 + BSG_TPM_COMMAND_CODE, &status ); 13.416 + 13.417 + // If response has parameters, read them. 13.418 + // Note that in_param_size is in the client's context 13.419 + adj_param_size = in_param_size - VTPM_COMMAND_HEADER_SIZE_CLT; 13.420 + if (adj_param_size > 0) { 13.421 + in_param = (BYTE *) malloc(adj_param_size); 13.422 + size_read = vtpm_ipc_read(rx_ipc_h, dmi_res->rx_tpm_ipc_h, in_param, adj_param_size); 13.423 + if (size_read > 0) { 13.424 + for (i=0; i<size_read; i++) 13.425 + vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); 13.426 + 13.427 + } else { 13.428 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error reading from BE. Aborting... \n"); 13.429 + goto abort_with_error; 13.430 + } 13.431 + vtpmhandlerloginfomore(VTPM_LOG_VTPM, "\n"); 13.432 + 13.433 + if (size_read < (int)adj_param_size) { 13.434 + vtpmhandlerloginfomore(VTPM_LOG_VTPM, "\n"); 13.435 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command read(%d) from DMI is shorter than header indicates(%d). Aborting...\n", size_read, adj_param_size); 13.436 + status = TPM_IOERROR; 13.437 + goto abort_with_error; 13.438 + } 13.439 + } else { 13.440 + in_param = NULL; 13.441 + vtpmhandlerloginfomore(VTPM_LOG_VTPM, "\n"); 13.442 + } 13.443 + 13.444 + if (buffer_init_convert(result_buf, adj_param_size, in_param) != TPM_SUCCESS) { 13.445 + vtpmhandlerlogerror(VTPM_LOG_VTPM, "Failed to setup buffers. Aborting...\n"); 13.446 + status = TPM_FAIL; 13.447 + goto abort_with_error; 13.448 + } 13.449 + 13.450 + vtpmhandlerloginfo(VTPM_LOG_VTPM, "Sending DMI's response to guest.\n"); 13.451 + 13.452 + status = TPM_SUCCESS; 13.453 + 13.454 + abort_with_error: 13.455 + 13.456 + return status; 13.457 +} 13.458 +
14.1 --- a/tools/vtpm_manager/manager/vtpmd.c Wed May 17 23:19:18 2006 +0100 14.2 +++ b/tools/vtpm_manager/manager/vtpmd.c Wed May 17 23:23:26 2006 +0100 14.3 @@ -38,21 +38,67 @@ 14.4 // =================================================================== 14.5 14.6 #include <stdio.h> 14.7 -#include <signal.h> 14.8 +#include <unistd.h> 14.9 #include <sys/types.h> 14.10 -#include <unistd.h> 14.11 +#include <sys/stat.h> 14.12 +#include <fcntl.h> 14.13 +#include <signal.h> 14.14 +#include <string.h> 14.15 +#include <pthread.h> 14.16 #include "vtpm_manager.h" 14.17 #include "vtpmpriv.h" 14.18 #include "tcg.h" 14.19 #include "log.h" 14.20 +#include "vtpm_ipc.h" 14.21 14.22 -#ifndef VTPM_MULTI_VM 14.23 - #include <pthread.h> 14.24 -#endif 14.25 + 14.26 +#define TPM_EMULATOR_PATH "/usr/bin/vtpmd" 14.27 + 14.28 +#define VTPM_BE_FNAME "/dev/vtpm" 14.29 +#define VTPM_DUMMY_TX_BE_FNAME "/var/vtpm/fifos/dummy_out.fifo" 14.30 +#define VTPM_DUMMY_RX_BE_FNAME "/var/vtpm/fifos/dummy_in.fifo" 14.31 +#define VTPM_TX_TPM_FNAME "/var/vtpm/fifos/tpm_cmd_to_%d.fifo" 14.32 +#define VTPM_RX_TPM_FNAME "/var/vtpm/fifos/tpm_rsp_from_all.fifo" 14.33 +#define VTPM_TX_VTPM_FNAME "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo" 14.34 +#define VTPM_RX_VTPM_FNAME "/var/vtpm/fifos/vtpm_cmd_from_all.fifo" 14.35 +#define VTPM_TX_HP_FNAME "/var/vtpm/fifos/to_console.fifo" 14.36 +#define VTPM_RX_HP_FNAME "/var/vtpm/fifos/from_console.fifo" 14.37 + 14.38 + 14.39 +#define GUEST_TX_FIFO "/var/vtpm/fifos/guest-to-%d.fifo" 14.40 +#define GUEST_RX_FIFO "/var/vtpm/fifos/guest-from-all.fifo" 14.41 + 14.42 +#define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm-to-%d.fifo" 14.43 +#define VTPM_RX_FIFO "/var/vtpm/fifos/vtpm-from-all.fifo" 14.44 + 14.45 + 14.46 +struct vtpm_thread_params_s { 14.47 + vtpm_ipc_handle_t *tx_ipc_h; 14.48 + vtpm_ipc_handle_t *rx_ipc_h; 14.49 + BOOL fw_tpm; 14.50 + vtpm_ipc_handle_t *fw_tx_ipc_h; 14.51 + vtpm_ipc_handle_t *fw_rx_ipc_h; 14.52 + BOOL is_priv; 14.53 + char *thread_name; 14.54 +}; 14.55 + 14.56 +// This is needed to all extra_close_dmi to close this to prevent a 14.57 +// broken pipe when no DMIs are left. 14.58 +static vtpm_ipc_handle_t *g_rx_tpm_ipc_h; 14.59 + 14.60 +void *vtpm_manager_thread(void *arg_void) { 14.61 + TPM_RESULT *status = (TPM_RESULT *) malloc(sizeof(TPM_RESULT) ); 14.62 + struct vtpm_thread_params_s *arg = (struct vtpm_thread_params_s *) arg_void; 14.63 + 14.64 + *status = VTPM_Manager_Handler(arg->tx_ipc_h, arg->rx_ipc_h, 14.65 + arg->fw_tpm, arg->fw_tx_ipc_h, arg->fw_rx_ipc_h, 14.66 + arg->is_priv, arg->thread_name); 14.67 + 14.68 + return (status); 14.69 +} 14.70 + 14.71 14.72 void signal_handler(int reason) { 14.73 -#ifndef VTPM_MULTI_VM 14.74 - 14.75 if (pthread_equal(pthread_self(), vtpm_globals->master_pid)) { 14.76 vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager shutting down for signal %d.\n", reason); 14.77 } else { 14.78 @@ -60,71 +106,258 @@ void signal_handler(int reason) { 14.79 vtpmloginfo(VTPM_LOG_VTPM, "Child shutting down\n"); 14.80 pthread_exit(NULL); 14.81 } 14.82 -#endif 14.83 - VTPM_Stop_Service(); 14.84 + 14.85 + VTPM_Stop_Manager(); 14.86 exit(-1); 14.87 } 14.88 14.89 struct sigaction ctl_c_handler; 14.90 14.91 +TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res) { 14.92 + 14.93 + TPM_RESULT status = TPM_SUCCESS; 14.94 + int fh; 14.95 + char dmi_id_str[11]; // UINT32s are up to 10 digits + NULL 14.96 + char *tx_vtpm_name, *tx_tpm_name; 14.97 + struct stat file_info; 14.98 + 14.99 + if (dmi_res->dmi_id == VTPM_CTL_DM) { 14.100 + dmi_res->tx_tpm_ipc_h = NULL; 14.101 + dmi_res->rx_tpm_ipc_h = NULL; 14.102 + dmi_res->tx_vtpm_ipc_h = NULL; 14.103 + dmi_res->rx_vtpm_ipc_h = NULL; 14.104 + } else { 14.105 + // Create a pair of fifo pipes 14.106 + dmi_res->rx_tpm_ipc_h = NULL; 14.107 + dmi_res->rx_vtpm_ipc_h = NULL; 14.108 + 14.109 + if ( ((dmi_res->tx_tpm_ipc_h = (vtpm_ipc_handle_t *) malloc (sizeof(vtpm_ipc_handle_t))) == NULL ) || 14.110 + ((dmi_res->tx_vtpm_ipc_h =(vtpm_ipc_handle_t *) malloc (sizeof(vtpm_ipc_handle_t))) == NULL ) || 14.111 + ((tx_tpm_name = (char *) malloc(11 + strlen(VTPM_TX_TPM_FNAME))) == NULL ) || 14.112 + ((tx_vtpm_name =(char *) malloc(11 + strlen(VTPM_TX_VTPM_FNAME))) == NULL) ) { 14.113 + status =TPM_RESOURCES; 14.114 + goto abort_egress; 14.115 + } 14.116 + 14.117 + sprintf(tx_tpm_name, VTPM_TX_TPM_FNAME, (uint32_t) dmi_res->dmi_id); 14.118 + sprintf(tx_vtpm_name, VTPM_TX_VTPM_FNAME, (uint32_t) dmi_res->dmi_id); 14.119 + 14.120 + if ( (vtpm_ipc_init(dmi_res->tx_tpm_ipc_h, tx_tpm_name, O_WRONLY | O_NONBLOCK, TRUE) != 0) || 14.121 + (vtpm_ipc_init(dmi_res->tx_vtpm_ipc_h, tx_vtpm_name, O_WRONLY, TRUE) != 0) ) { //FIXME: O_NONBLOCK? 14.122 + status = TPM_IOERROR; 14.123 + goto abort_egress; 14.124 + } 14.125 + 14.126 + // Measure DMI 14.127 + // FIXME: This will measure DMI. Until then use a fixed DMI_Measurement value 14.128 + // Also, this mechanism is specific to 1 VM. 14.129 + /* 14.130 + fh = open(TPM_EMULATOR_PATH, O_RDONLY); 14.131 + stat_ret = fstat(fh, &file_stat); 14.132 + if (stat_ret == 0) 14.133 + dmi_size = file_stat.st_size; 14.134 + else { 14.135 + vtpmlogerror(VTPM_LOG_VTPM, "Could not open tpm_emulator!!\n"); 14.136 + status = TPM_IOERROR; 14.137 + goto abort_egress; 14.138 + } 14.139 + dmi_buffer 14.140 + */ 14.141 + memset(&dmi_res->DMI_measurement, 0xcc, sizeof(TPM_DIGEST)); 14.142 + 14.143 + 14.144 + // Launch DMI 14.145 + sprintf(dmi_id_str, "%d", (int) dmi_res->dmi_id); 14.146 +#ifdef MANUAL_DM_LAUNCH 14.147 + vtpmlogerror(VTPM_LOG_VTPM, "Manually start VTPM with dmi=%s now.\n", dmi_id_str); 14.148 + dmi_res->dmi_pid = 0; 14.149 +#else 14.150 + pid_t pid = fork(); 14.151 + 14.152 + if (pid == -1) { 14.153 + vtpmlogerror(VTPM_LOG_VTPM, "Could not fork to launch vtpm\n"); 14.154 + status = TPM_RESOURCES; 14.155 + goto abort_egress; 14.156 + } else if (pid == 0) { 14.157 + if ( stat(dmi_res->NVMLocation, &file_info) == -1) 14.158 + execl (TPM_EMULATOR_PATH, "vtmpd", "clear", dmi_id_str, NULL); 14.159 + else 14.160 + execl (TPM_EMULATOR_PATH, "vtpmd", "save", dmi_id_str, NULL); 14.161 + 14.162 + // Returning from these at all is an error. 14.163 + vtpmlogerror(VTPM_LOG_VTPM, "Could not exec to launch vtpm\n"); 14.164 + } else { 14.165 + dmi_res->dmi_pid = pid; 14.166 + vtpmloginfo(VTPM_LOG_VTPM, "Launching DMI on PID = %d\n", pid); 14.167 + } 14.168 +#endif // MANUAL_DM_LAUNCH 14.169 + 14.170 + } // If DMI = VTPM_CTL_DM 14.171 + status = TPM_SUCCESS; 14.172 + 14.173 +abort_egress: 14.174 + return (status); 14.175 +} 14.176 + 14.177 +TPM_RESULT VTPM_Close_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res) { 14.178 + TPM_RESULT status = TPM_SUCCESS; 14.179 + 14.180 + if (vtpm_globals->connected_dmis == 0) { 14.181 + // No more DMI's connected. Close fifo to prevent a broken pipe. 14.182 + // This is hackish. Need to think of another way. 14.183 + vtpm_ipc_close(g_rx_tpm_ipc_h); 14.184 + } 14.185 + 14.186 + 14.187 + if (dmi_res->dmi_id != VTPM_CTL_DM) { 14.188 + vtpm_ipc_close(dmi_res->tx_tpm_ipc_h); 14.189 + vtpm_ipc_close(dmi_res->tx_vtpm_ipc_h); 14.190 + 14.191 + free(dmi_res->tx_tpm_ipc_h->name); 14.192 + free(dmi_res->tx_vtpm_ipc_h->name); 14.193 + 14.194 +#ifndef MANUAL_DM_LAUNCH 14.195 + if (dmi_res->dmi_id != VTPM_CTL_DM) { 14.196 + if (dmi_res->dmi_pid != 0) { 14.197 + vtpmloginfo(VTPM_LOG_VTPM, "Killing dmi on pid %d.\n", dmi_res->dmi_pid); 14.198 + if (kill(dmi_res->dmi_pid, SIGKILL) !=0) { 14.199 + vtpmloginfo(VTPM_LOG_VTPM, "DMI on pid %d is already dead.\n", dmi_res->dmi_pid); 14.200 + } else if (waitpid(dmi_res->dmi_pid, NULL, 0) != dmi_res->dmi_pid) { 14.201 + vtpmlogerror(VTPM_LOG_VTPM, "DMI on pid %d failed to stop.\n", dmi_res->dmi_pid); 14.202 + status = TPM_FAIL; 14.203 + } 14.204 + } else { 14.205 + vtpmlogerror(VTPM_LOG_VTPM, "Could not kill dmi because it's pid was 0.\n"); 14.206 + status = TPM_FAIL; 14.207 + } 14.208 + } 14.209 +#endif 14.210 + 14.211 + } //endif ! dom0 14.212 + return status; 14.213 +} 14.214 + 14.215 + 14.216 int main(int argc, char **argv) { 14.217 + vtpm_ipc_handle_t *tx_be_ipc_h, *rx_be_ipc_h, rx_tpm_ipc_h, rx_vtpm_ipc_h, tx_hp_ipc_h, rx_hp_ipc_h; 14.218 + struct vtpm_thread_params_s be_thread_params, dmi_thread_params, hp_thread_params; 14.219 + pthread_t be_thread, dmi_thread, hp_thread; 14.220 + 14.221 +#ifdef DUMMY_BACKEND 14.222 + vtpm_ipc_handle_t tx_dummy_ipc_h, rx_dummy_ipc_h; 14.223 +#else 14.224 + vtpm_ipc_handle_t real_be_ipc_h; 14.225 +#endif 14.226 14.227 vtpmloginfo(VTPM_LOG_VTPM, "Starting VTPM.\n"); 14.228 - 14.229 - if (VTPM_Init_Service() != TPM_SUCCESS) { 14.230 + 14.231 + // -------------------- Initialize Manager ----------------- 14.232 + if (VTPM_Init_Manager() != TPM_SUCCESS) { 14.233 vtpmlogerror(VTPM_LOG_VTPM, "Closing vtpmd due to error during startup.\n"); 14.234 return -1; 14.235 } 14.236 14.237 + // -------------------- Setup Ctrl+C Handlers -------------- 14.238 ctl_c_handler.sa_handler = signal_handler; 14.239 sigemptyset(&ctl_c_handler.sa_mask); 14.240 ctl_c_handler.sa_flags = 0; 14.241 14.242 if (sigaction(SIGINT, &ctl_c_handler, NULL) == -1) 14.243 - vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGINT handler. Ctl+break will not stop service gently.\n"); 14.244 + vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGINT handler. Ctl+break will not stop manager gently.\n"); 14.245 14.246 // For easier debuggin with gdb 14.247 if (sigaction(SIGHUP, &ctl_c_handler, NULL) == -1) 14.248 - vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGHUP handler. Ctl+break will not stop service gently.\n"); 14.249 + vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGHUP handler. Ctl+break will not stop manager gently.\n"); 14.250 14.251 -#ifdef VTPM_MULTI_VM 14.252 - TPM_RESULT status = VTPM_Service_Handler(); 14.253 - 14.254 - if (status != TPM_SUCCESS) 14.255 - vtpmlogerror(VTPM_LOG_VTPM, "VTPM Manager exited with status %s. It never should exit.\n", tpm_get_error_name(status)); 14.256 - 14.257 - return -1; 14.258 -#else 14.259 sigset_t sig_mask; 14.260 - 14.261 sigemptyset(&sig_mask); 14.262 sigaddset(&sig_mask, SIGPIPE); 14.263 sigprocmask(SIG_BLOCK, &sig_mask, NULL); 14.264 - //pthread_mutex_init(&vtpm_globals->dmi_mutex, NULL); 14.265 - pthread_t be_thread, dmi_thread; 14.266 - int betype_be, dmitype_dmi; 14.267 14.268 + // ------------------- Set up file ipc structures ---------- 14.269 +#ifdef DUMMY_BACKEND 14.270 + if ( (vtpm_ipc_init(&tx_dummy_ipc_h, VTPM_DUMMY_TX_BE_FNAME, O_RDWR, TRUE) != 0) || 14.271 + (vtpm_ipc_init(&rx_dummy_ipc_h, VTPM_DUMMY_RX_BE_FNAME, O_RDWR, TRUE) != 0) ) { 14.272 + 14.273 + vtpmlogerror(VTPM_LOG_VTPM, "Unable to create Dummy BE FIFOs.\n"); 14.274 + exit(-1); 14.275 + } 14.276 + 14.277 + tx_be_ipc_h = &tx_dummy_ipc_h; 14.278 + rx_be_ipc_h = &rx_dummy_ipc_h; 14.279 +#else 14.280 + vtpm_ipc_init(&real_be_ipc_h, VTPM_BE_FNAME, O_RDWR, FALSE); 14.281 + 14.282 + tx_be_ipc_h = &real_be_ipc_h; 14.283 + rx_be_ipc_h = &real_be_ipc_h; 14.284 +#endif 14.285 + 14.286 + if ( (vtpm_ipc_init(&rx_tpm_ipc_h, VTPM_RX_TPM_FNAME, O_RDONLY, TRUE) != 0) || 14.287 + (vtpm_ipc_init(&rx_vtpm_ipc_h, VTPM_RX_VTPM_FNAME, O_RDWR, TRUE) != 0) || //FIXME: O_RDONLY? 14.288 + (vtpm_ipc_init(&tx_hp_ipc_h, VTPM_TX_HP_FNAME, O_RDWR, TRUE) != 0) || 14.289 + (vtpm_ipc_init(&rx_hp_ipc_h, VTPM_RX_HP_FNAME, O_RDWR, TRUE) != 0) ) { 14.290 + vtpmlogerror(VTPM_LOG_VTPM, "Unable to create initial FIFOs.\n"); 14.291 + exit(-1); 14.292 + } 14.293 + 14.294 + g_rx_tpm_ipc_h = &rx_tpm_ipc_h; 14.295 + 14.296 + // -------------------- Set up thread params ------------- 14.297 + 14.298 + be_thread_params.tx_ipc_h = tx_be_ipc_h; 14.299 + be_thread_params.rx_ipc_h = rx_be_ipc_h; 14.300 + be_thread_params.fw_tpm = TRUE; 14.301 + be_thread_params.fw_tx_ipc_h = NULL; 14.302 + be_thread_params.fw_rx_ipc_h = &rx_tpm_ipc_h; 14.303 + be_thread_params.is_priv = TRUE; //FIXME: Change when HP is up 14.304 + be_thread_params.thread_name = "Backend Listener"; 14.305 + 14.306 + dmi_thread_params.tx_ipc_h = NULL; 14.307 + dmi_thread_params.rx_ipc_h = &rx_vtpm_ipc_h; 14.308 + dmi_thread_params.fw_tpm = FALSE; 14.309 + dmi_thread_params.fw_tx_ipc_h = NULL; 14.310 + dmi_thread_params.fw_rx_ipc_h = NULL; 14.311 + dmi_thread_params.is_priv = FALSE; 14.312 + dmi_thread_params.thread_name = "VTPM Listeners"; 14.313 + 14.314 + hp_thread_params.tx_ipc_h = &tx_hp_ipc_h; 14.315 + hp_thread_params.rx_ipc_h = &rx_hp_ipc_h; 14.316 + hp_thread_params.fw_tpm = FALSE; 14.317 + hp_thread_params.fw_tx_ipc_h = NULL; 14.318 + hp_thread_params.fw_rx_ipc_h = NULL; 14.319 + hp_thread_params.is_priv = TRUE; 14.320 + hp_thread_params.thread_name = "Hotplug Listener"; 14.321 + 14.322 + // --------------------- Launch Threads ----------------- 14.323 + 14.324 + vtpm_lock_init(); 14.325 + 14.326 vtpm_globals->master_pid = pthread_self(); 14.327 14.328 - betype_be = BE_LISTENER_THREAD; 14.329 - if (pthread_create(&be_thread, NULL, VTPM_Service_Handler, &betype_be) != 0) { 14.330 + if (pthread_create(&be_thread, NULL, vtpm_manager_thread, &be_thread_params) != 0) { 14.331 vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch BE Thread.\n"); 14.332 exit(-1); 14.333 } 14.334 14.335 - dmitype_dmi = DMI_LISTENER_THREAD; 14.336 - if (pthread_create(&dmi_thread, NULL, VTPM_Service_Handler, &dmitype_dmi) != 0) { 14.337 + if (pthread_create(&dmi_thread, NULL, vtpm_manager_thread, &dmi_thread_params) != 0) { 14.338 vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch DMI Thread.\n"); 14.339 exit(-1); 14.340 } 14.341 - 14.342 + 14.343 + 14.344 +// if (pthread_create(&hp_thread, NULL, vtpm_manager_thread, &hp_thread_params) != 0) { 14.345 +// vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch HP Thread.\n"); 14.346 +// exit(-1); 14.347 +// } 14.348 + 14.349 //Join the other threads until exit time. 14.350 pthread_join(be_thread, NULL); 14.351 pthread_join(dmi_thread, NULL); 14.352 -#endif 14.353 + pthread_join(hp_thread, NULL); 14.354 14.355 vtpmlogerror(VTPM_LOG_VTPM, "VTPM Manager shut down unexpectedly.\n"); 14.356 14.357 - VTPM_Stop_Service(); 14.358 + VTPM_Stop_Manager(); 14.359 + vtpm_lock_destroy(); 14.360 return 0; 14.361 }
15.1 --- a/tools/vtpm_manager/manager/vtpmpriv.h Wed May 17 23:19:18 2006 +0100 15.2 +++ b/tools/vtpm_manager/manager/vtpmpriv.h Wed May 17 23:23:26 2006 +0100 15.3 @@ -44,42 +44,24 @@ 15.4 #include "tcs.h" 15.5 #include "buffer.h" 15.6 #include "crypto.h" 15.7 +#include "vtpm_ipc.h" 15.8 15.9 #define STATE_FILE "/var/vtpm/VTPM" 15.10 #define DMI_NVM_FILE "/var/vtpm/vtpm_dm_%d.data" 15.11 -#define VTPM_BE_DEV "/dev/vtpm" 15.12 #define VTPM_CTL_DM 0 15.13 15.14 -#ifndef VTPM_MUTLI_VM 15.15 - #include <sys/types.h> 15.16 - #define GUEST_TX_FIFO "/var/vtpm/fifos/guest-to-%d.fifo" 15.17 - #define GUEST_RX_FIFO "/var/vtpm/fifos/guest-from-all.fifo" 15.18 - 15.19 - #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm-to-%d.fifo" 15.20 - #define VTPM_RX_FIFO "/var/vtpm/fifos/vtpm-from-all.fifo" 15.21 - 15.22 - #define BE_LISTENER_THREAD 1 15.23 - #define DMI_LISTENER_THREAD 2 15.24 - 15.25 - // Seconds until DMI timeout. Timeouts result in DMI being out 15.26 - // of sync, which may require a reboot of DMI and guest to recover 15.27 - // from. Don't set this to low. Also note that DMI may issue a TPM 15.28 - // call so we should expect time to process at DMI + TPM processing. 15.29 - #define DMI_TIMEOUT 90 15.30 -#endif 15.31 - 15.32 - 15.33 // ------------------------ Private Structures ----------------------- 15.34 typedef struct VTPM_DMI_RESOURCE_T { 15.35 - // I/O info for Manager to talk to DMI's over FIFOs 15.36 -#ifndef VTPM_MUTLI_VM 15.37 - int guest_tx_fh; // open GUEST_TX_FIFO 15.38 - int vtpm_tx_fh; // open VTPM_TX_FIFO 15.39 - char *guest_tx_fname; // open GUEST_TX_FIFO 15.40 - char *vtpm_tx_fname; // open VTPM_TX_FIFO 15.41 - 15.42 + // I/O info for Manager to talk to DMI's and controllers 15.43 + vtpm_ipc_handle_t *tx_vtpm_ipc_h; // TX VTPM Results to DMI 15.44 + vtpm_ipc_handle_t *rx_vtpm_ipc_h; // RX VTPM Commands from DMI 15.45 + vtpm_ipc_handle_t *tx_tpm_ipc_h; // TX TPM Commands to DMI 15.46 + vtpm_ipc_handle_t *rx_tpm_ipc_h; // RX TPM Results from DMI 15.47 + 15.48 +#ifndef VTPM_MULTI_VM 15.49 pid_t dmi_pid; 15.50 #endif 15.51 + 15.52 // Non-persistent Information 15.53 bool connected; 15.54 UINT32 dmi_domain_id; 15.55 @@ -94,26 +76,19 @@ typedef struct VTPM_DMI_RESOURCE_T { 15.56 15.57 typedef struct tdVTPM_GLOBALS { 15.58 // Non-persistent data 15.59 - int be_fh; // File handle to ipc used to communicate with backend 15.60 #ifndef VTPM_MULTI_VM 15.61 - int vtpm_rx_fh; 15.62 - int guest_rx_fh; 15.63 - int connected_dmis; // Used to close guest_rx when no dmis are connected 15.64 - 15.65 pid_t master_pid; 15.66 #endif 15.67 + 15.68 + int connected_dmis; // To close guest_rx when no dmis are connected 15.69 + 15.70 struct hashtable *dmi_map; // Table of all DMI's known indexed by persistent instance # 15.71 -#ifndef VTPM_MULTI_VM 15.72 - pthread_mutex_t dmi_map_mutex; // 15.73 -#endif 15.74 + 15.75 TCS_CONTEXT_HANDLE manager_tcs_handle; // TCS Handle used by manager 15.76 TPM_HANDLE storageKeyHandle; // Key used by persistent store 15.77 CRYPTO_INFO storageKey; // For software encryption 15.78 CRYPTO_INFO bootKey; // For saving table 15.79 TCS_AUTH keyAuth; // OIAP session for storageKey 15.80 - BOOL DMI_table_dirty; // Indicates that a command 15.81 - // has updated the DMI table 15.82 - 15.83 15.84 // Persistent Data 15.85 TPM_AUTHDATA owner_usage_auth; // OwnerAuth of real TPM 15.86 @@ -130,6 +105,18 @@ extern VTPM_GLOBALS *vtpm_globals; // 15.87 extern const TPM_AUTHDATA SRK_AUTH; // SRK Well Known Auth Value 15.88 15.89 // ********************** Command Handler Prototypes *********************** 15.90 + 15.91 +// ********************** VTPM Functions ************************* 15.92 +TPM_RESULT VTPM_Init_Manager(); // Start VTPM Service 15.93 +void VTPM_Stop_Manager(); // Stop VTPM Service 15.94 +TPM_RESULT VTPM_Manager_Handler(vtpm_ipc_handle_t *tx_ipc_h, 15.95 + vtpm_ipc_handle_t *rx_ipc_h, 15.96 + BOOL fw_tpm, // Should forward TPM cmds 15.97 + vtpm_ipc_handle_t *fw_tx_ipc_h, 15.98 + vtpm_ipc_handle_t *fw_rx_ipc_h, 15.99 + BOOL is_priv, 15.100 + char *client_name); 15.101 + 15.102 TPM_RESULT VTPM_Handle_Load_NVM( VTPM_DMI_RESOURCE *myDMI, 15.103 const buffer_t *inbuf, 15.104 buffer_t *outbuf); 15.105 @@ -148,8 +135,12 @@ TPM_RESULT VTPM_Handle_Close_DMI(const b 15.106 15.107 TPM_RESULT VTPM_Handle_Delete_DMI(const buffer_t *param_buf); 15.108 15.109 -TPM_RESULT VTPM_SaveService(void); 15.110 -TPM_RESULT VTPM_LoadService(void); 15.111 +TPM_RESULT VTPM_SaveManagerData(void); 15.112 +TPM_RESULT VTPM_LoadManagerData(void); 15.113 + 15.114 +TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res); 15.115 15.116 -TPM_RESULT close_dmi( VTPM_DMI_RESOURCE *dmi_res); 15.117 +TPM_RESULT VTPM_Close_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res); 15.118 + 15.119 +TPM_RESULT close_dmi(VTPM_DMI_RESOURCE *dmi_res); 15.120 #endif // __VTPMPRIV_H__