vtpmmgr: use XSM label as vTPM kernel hash

Because there is not currently a method for the vTPM Manager to obtain a
build hash of a vTPM, use the hash of the vTPM's XSM label as a
substitute.  This allows the vTPM Manager to distinguish between vTPMs
intended to be paired with a hardware domain kernel (which cannot use
pv-grub) and vTPMs which are paired with a pv-grub domain and therefore
contain reliable measurements of the guest kernel in PCRs 4 and 5.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Ian Campbell <ian.campbell@citrix.com>

diff --git a/vtpmmgr/init.c b/vtpmmgr/init.c
index c35ab8fe7b12f2517fa733d85b141f02d8e3ebbd..f3aa02f21cc17e7db3083bc009ddf4f538090a42 100644 (file)
--- a/vtpmmgr/init.c
+++ b/vtpmmgr/init.c
@@ -386,6 +386,8 @@ static void set_opaque(domid_t domid, unsigned int handle)
 
        opq = calloc(1, sizeof(*opq));
        opq->uuid = (uuid_t*)tpmback_get_uuid(domid, handle);
+       opq->domid = domid;
+       opq->handle = handle;
        tpmback_set_opaque(domid, handle, opq);
 }
 

diff --git a/vtpmmgr/vtpm_cmd_handler.c b/vtpmmgr/vtpm_cmd_handler.c
index f2869b629a17fafc043562488fc5fc7fe69f3a1d..000cce8e173ca97205c97bb4000661cc5328767b 100644 (file)
--- a/vtpmmgr/vtpm_cmd_handler.c
+++ b/vtpmmgr/vtpm_cmd_handler.c
@@ -59,10 +59,40 @@ static void gen_random_uuid(uuid_t uuid)
        uuid[8] = 0x80 | (uuid[8] & 0x3F);
 }
 
+/*
+ * Instead of using a kernel hash, which requires a trusted domain builder to
+ * report, use the XSM label as a substitute.
+ */
 static TPM_RESULT find_vtpm_khash(int domid, struct tpm_opaque *opq)
 {
-       // TODO getting the build hashes requires a domain builder to report them
-       memset(opq->kern_hash, 0, sizeof(opq->kern_hash));
+       char buf[128];
+       int i, rv;
+       buf[127] = 0;
+       rv = tpmback_get_peercontext(opq->domid, opq->handle, buf, sizeof(buf) - 1);
+       if (rv < 0)
+               return TPM_FAIL;
+
+       sha1((void*)buf, strlen(buf), opq->kern_hash);
+
+       /*
+        * As a hack to support the use of the XSM user field as an optional
+        * wildcard, check the hash against the group here. If it fails, replace
+        * the user field with a "*" and return the hash of that value.
+        */
+       for(i=0; i < be32_native(opq->group->seal_bits.nr_kerns); i++) {
+               if (!memcmp(opq->group->seal_bits.kernels[i].bits, opq->kern_hash, 20)) {
+                       return TPM_SUCCESS;
+               }
+       }
+
+       char* upos = strchr(buf, ':');
+       if (upos == NULL || upos == buf)
+               return TPM_SUCCESS;
+
+       upos--;
+       upos[0] = '*';
+
+       sha1((void*)upos, strlen(upos), opq->kern_hash);
        return TPM_SUCCESS;
 }
 

diff --git a/vtpmmgr/vtpmmgr.h b/vtpmmgr/vtpmmgr.h
index 68edd4cf613ea3f879a7ea56ad07954ef2d2a406..2d9d15319c0c344f911a3837bb2579d3062dfa1e 100644 (file)
--- a/vtpmmgr/vtpmmgr.h
+++ b/vtpmmgr/vtpmmgr.h
@@ -65,7 +65,11 @@ struct tpm_opaque {
        uuid_t *uuid;
        struct mem_group *group;
        struct mem_vtpm *vtpm;
-       uint8_t kern_hash[32];
+
+       domid_t domid;
+       unsigned int handle;
+
+       uint8_t kern_hash[20];
 };
 
 // --------------------------- Global Values --------------------------