diff options
| author | Paolo Bonzini <pbonzini@redhat.com> | 2013-04-02 18:28:41 +0200 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2013-04-15 18:19:25 +0200 |
| commit | bdee56f5466a724f043e6cfcfcf69866cc48cc94 (patch) | |
| tree | 342c4de4d6e553b4116860489f671fdba7fd950c /tpm | |
| parent | 3b8acc11d3f60792f9f716f2a93c258e729af980 (diff) | |
tpm: reorganize headers and split hardware part
The TPM subsystem does not have a full front-end/back-end separation.
The sole available backend, tpm_passthrough, depends on the data
structures of the sole available frontend, tpm_tis.
However, we can at least try to split the user interface (tpm.c) from the
implementation (hw/tpm). The patches makes tpm.c not include tpm_int.h,
which is shared between tpm_tis.c and tpm_passthrough.c; instead it
moves more stuff to tpm_backend.h.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'tpm')
| -rw-r--r-- | tpm/Makefile.objs | 4 | ||||
| -rw-r--r-- | tpm/tpm.c | 365 | ||||
| -rw-r--r-- | tpm/tpm_backend.c | 58 | ||||
| -rw-r--r-- | tpm/tpm_backend.h | 45 | ||||
| -rw-r--r-- | tpm/tpm_int.h | 95 | ||||
| -rw-r--r-- | tpm/tpm_passthrough.c | 560 | ||||
| -rw-r--r-- | tpm/tpm_tis.c | 930 | ||||
| -rw-r--r-- | tpm/tpm_tis.h | 80 |
8 files changed, 0 insertions, 2137 deletions
diff --git a/tpm/Makefile.objs b/tpm/Makefile.objs deleted file mode 100644 index 366e4a7128..0000000000 --- a/tpm/Makefile.objs +++ /dev/null @@ -1,4 +0,0 @@ -common-obj-y = tpm.o -common-obj-$(CONFIG_TPM) += tpm_backend.o -common-obj-$(CONFIG_TPM_TIS) += tpm_tis.o -common-obj-$(CONFIG_TPM_PASSTHROUGH) += tpm_passthrough.o diff --git a/tpm/tpm.c b/tpm/tpm.c deleted file mode 100644 index 1f4ac8da00..0000000000 --- a/tpm/tpm.c +++ /dev/null @@ -1,365 +0,0 @@ -/* - * TPM configuration - * - * Copyright (C) 2011-2013 IBM Corporation - * - * Authors: - * Stefan Berger <stefanb@us.ibm.com> - * - * This work is licensed under the terms of the GNU GPL, version 2 or later. - * See the COPYING file in the top-level directory. - * - * Based on net.c - */ -#include "config-host.h" - -#include "monitor/monitor.h" -#include "qapi/qmp/qerror.h" -#include "backends/tpm.h" -#include "tpm_int.h" -#include "tpm/tpm.h" -#include "qemu/config-file.h" -#include "qmp-commands.h" - -static QLIST_HEAD(, TPMBackend) tpm_backends = - QLIST_HEAD_INITIALIZER(tpm_backends); - - -#define TPM_MAX_MODELS 1 -#define TPM_MAX_DRIVERS 1 - -static TPMDriverOps const *be_drivers[TPM_MAX_DRIVERS] = { - NULL, -}; - -static enum TpmModel tpm_models[TPM_MAX_MODELS] = { - -1, -}; - -int tpm_register_model(enum TpmModel model) -{ - int i; - - for (i = 0; i < TPM_MAX_MODELS; i++) { - if (tpm_models[i] == -1) { - tpm_models[i] = model; - return 0; - } - } - error_report("Could not register TPM model"); - return 1; -} - -static bool tpm_model_is_registered(enum TpmModel model) -{ - int i; - - for (i = 0; i < TPM_MAX_MODELS; i++) { - if (tpm_models[i] == model) { - return true; - } - } - return false; -} - -/* - * Write an error message in the given output buffer. - */ -void tpm_write_fatal_error_response(uint8_t *out, uint32_t out_len) -{ - if (out_len >= sizeof(struct tpm_resp_hdr)) { - struct tpm_resp_hdr *resp = (struct tpm_resp_hdr *)out; - - resp->tag = cpu_to_be16(TPM_TAG_RSP_COMMAND); - resp->len = cpu_to_be32(sizeof(struct tpm_resp_hdr)); - resp->errcode = cpu_to_be32(TPM_FAIL); - } -} - -const TPMDriverOps *tpm_get_backend_driver(const char *type) -{ - int i; - - for (i = 0; i < TPM_MAX_DRIVERS && be_drivers[i] != NULL; i++) { - if (!strcmp(TpmType_lookup[be_drivers[i]->type], type)) { - return be_drivers[i]; - } - } - - return NULL; -} - -#ifdef CONFIG_TPM - -int tpm_register_driver(const TPMDriverOps *tdo) -{ - int i; - - for (i = 0; i < TPM_MAX_DRIVERS; i++) { - if (!be_drivers[i]) { - be_drivers[i] = tdo; - return 0; - } - } - error_report("Could not register TPM driver"); - return 1; -} - -/* - * Walk the list of available TPM backend drivers and display them on the - * screen. - */ -void tpm_display_backend_drivers(void) -{ - int i; - - fprintf(stderr, "Supported TPM types (choose only one):\n"); - - for (i = 0; i < TPM_MAX_DRIVERS && be_drivers[i] != NULL; i++) { - fprintf(stderr, "%12s %s\n", - TpmType_lookup[be_drivers[i]->type], be_drivers[i]->desc()); - } - fprintf(stderr, "\n"); -} - -/* - * Find the TPM with the given Id - */ -TPMBackend *qemu_find_tpm(const char *id) -{ - TPMBackend *drv; - - if (id) { - QLIST_FOREACH(drv, &tpm_backends, list) { - if (!strcmp(drv->id, id)) { - return drv; - } - } - } - - return NULL; -} - -static int configure_tpm(QemuOpts *opts) -{ - const char *value; - const char *id; - const TPMDriverOps *be; - TPMBackend *drv; - Error *local_err = NULL; - - if (!QLIST_EMPTY(&tpm_backends)) { - error_report("Only one TPM is allowed.\n"); - return 1; - } - - id = qemu_opts_id(opts); - if (id == NULL) { - qerror_report(QERR_MISSING_PARAMETER, "id"); - return 1; - } - - value = qemu_opt_get(opts, "type"); - if (!value) { - qerror_report(QERR_MISSING_PARAMETER, "type"); - tpm_display_backend_drivers(); - return 1; - } - - be = tpm_get_backend_driver(value); - if (be == NULL) { - qerror_report(QERR_INVALID_PARAMETER_VALUE, "type", - "a TPM backend type"); - tpm_display_backend_drivers(); - return 1; - } - - drv = be->create(opts, id); - if (!drv) { - return 1; - } - - tpm_backend_open(drv, &local_err); - if (local_err) { - qerror_report_err(local_err); - error_free(local_err); - return 1; - } - - QLIST_INSERT_HEAD(&tpm_backends, drv, list); - - return 0; -} - -static int tpm_init_tpmdev(QemuOpts *opts, void *dummy) -{ - return configure_tpm(opts); -} - -/* - * Walk the list of TPM backend drivers that are in use and call their - * destroy function to have them cleaned up. - */ -void tpm_cleanup(void) -{ - TPMBackend *drv, *next; - - QLIST_FOREACH_SAFE(drv, &tpm_backends, list, next) { - QLIST_REMOVE(drv, list); - tpm_backend_destroy(drv); - } -} - -/* - * Initialize the TPM. Process the tpmdev command line options describing the - * TPM backend. - */ -int tpm_init(void) -{ - if (qemu_opts_foreach(qemu_find_opts("tpmdev"), - tpm_init_tpmdev, NULL, 1) != 0) { - return -1; - } - - atexit(tpm_cleanup); - - return 0; -} - -/* - * Parse the TPM configuration options. - * To display all available TPM backends the user may use '-tpmdev help' - */ -int tpm_config_parse(QemuOptsList *opts_list, const char *optarg) -{ - QemuOpts *opts; - - if (!strcmp(optarg, "help")) { - tpm_display_backend_drivers(); - return -1; - } - opts = qemu_opts_parse(opts_list, optarg, 1); - if (!opts) { - return -1; - } - return 0; -} - -#endif /* CONFIG_TPM */ - -static const TPMDriverOps *tpm_driver_find_by_type(enum TpmType type) -{ - int i; - - for (i = 0; i < TPM_MAX_DRIVERS && be_drivers[i] != NULL; i++) { - if (be_drivers[i]->type == type) { - return be_drivers[i]; - } - } - return NULL; -} - -static TPMInfo *qmp_query_tpm_inst(TPMBackend *drv) -{ - TPMInfo *res = g_new0(TPMInfo, 1); - TPMPassthroughOptions *tpo; - - res->id = g_strdup(drv->id); - res->model = drv->fe_model; - res->options = g_new0(TpmTypeOptions, 1); - - switch (drv->ops->type) { - case TPM_TYPE_PASSTHROUGH: - res->options->kind = TPM_TYPE_OPTIONS_KIND_PASSTHROUGH; - tpo = g_new0(TPMPassthroughOptions, 1); - res->options->passthrough = tpo; - if (drv->path) { - tpo->path = g_strdup(drv->path); - tpo->has_path = true; - } - if (drv->cancel_path) { - tpo->cancel_path = g_strdup(drv->cancel_path); - tpo->has_cancel_path = true; - } - break; - case TPM_TYPE_MAX: - break; - } - - return res; -} - -/* - * Walk the list of active TPM backends and collect information about them - * following the schema description in qapi-schema.json. - */ -TPMInfoList *qmp_query_tpm(Error **errp) -{ - TPMBackend *drv; - TPMInfoList *info, *head = NULL, *cur_item = NULL; - - QLIST_FOREACH(drv, &tpm_backends, list) { - if (!tpm_model_is_registered(drv->fe_model)) { - continue; - } - info = g_new0(TPMInfoList, 1); - info->value = qmp_query_tpm_inst(drv); - - if (!cur_item) { - head = cur_item = info; - } else { - cur_item->next = info; - cur_item = info; - } - } - - return head; -} - -TpmTypeList *qmp_query_tpm_types(Error **errp) -{ - unsigned int i = 0; - TpmTypeList *head = NULL, *prev = NULL, *cur_item; - - for (i = 0; i < TPM_TYPE_MAX; i++) { - if (!tpm_driver_find_by_type(i)) { - continue; - } - cur_item = g_new0(TpmTypeList, 1); - cur_item->value = i; - - if (prev) { - prev->next = cur_item; - } - if (!head) { - head = cur_item; - } - prev = cur_item; - } - - return head; -} - -TpmModelList *qmp_query_tpm_models(Error **errp) -{ - unsigned int i = 0; - TpmModelList *head = NULL, *prev = NULL, *cur_item; - - for (i = 0; i < TPM_MODEL_MAX; i++) { - if (!tpm_model_is_registered(i)) { - continue; - } - cur_item = g_new0(TpmModelList, 1); - cur_item->value = i; - - if (prev) { - prev->next = cur_item; - } - if (!head) { - head = cur_item; - } - prev = cur_item; - } - - return head; -} diff --git a/tpm/tpm_backend.c b/tpm/tpm_backend.c deleted file mode 100644 index 4144ef7d76..0000000000 --- a/tpm/tpm_backend.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * common TPM backend driver functions - * - * Copyright (c) 2012-2013 IBM Corporation - * Authors: - * Stefan Berger <stefanb@us.ibm.com> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, see <http://www.gnu.org/licenses/> - */ - -#include "tpm/tpm.h" -#include "qemu/thread.h" -#include "tpm_backend.h" - -void tpm_backend_thread_deliver_request(TPMBackendThread *tbt) -{ - g_thread_pool_push(tbt->pool, (gpointer)TPM_BACKEND_CMD_PROCESS_CMD, NULL); -} - -void tpm_backend_thread_create(TPMBackendThread *tbt, - GFunc func, gpointer user_data) -{ - if (!tbt->pool) { - tbt->pool = g_thread_pool_new(func, user_data, 1, TRUE, NULL); - g_thread_pool_push(tbt->pool, (gpointer)TPM_BACKEND_CMD_INIT, NULL); - } -} - -void tpm_backend_thread_end(TPMBackendThread *tbt) -{ - if (tbt->pool) { - g_thread_pool_push(tbt->pool, (gpointer)TPM_BACKEND_CMD_END, NULL); - g_thread_pool_free(tbt->pool, FALSE, TRUE); - tbt->pool = NULL; - } -} - -void tpm_backend_thread_tpm_reset(TPMBackendThread *tbt, - GFunc func, gpointer user_data) -{ - if (!tbt->pool) { - tpm_backend_thread_create(tbt, func, user_data); - } else { - g_thread_pool_push(tbt->pool, (gpointer)TPM_BACKEND_CMD_TPM_RESET, - NULL); - } -} diff --git a/tpm/tpm_backend.h b/tpm/tpm_backend.h deleted file mode 100644 index 05d94d0f5b..0000000000 --- a/tpm/tpm_backend.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * common TPM backend driver functions - * - * Copyright (c) 2012-2013 IBM Corporation - * Authors: - * Stefan Berger <stefanb@us.ibm.com> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, see <http://www.gnu.org/licenses/> - */ - -#ifndef TPM_TPM_BACKEND_H -#define TPM_TPM_BACKEND_H - -#include <glib.h> - -typedef struct TPMBackendThread { - GThreadPool *pool; -} TPMBackendThread; - -void tpm_backend_thread_deliver_request(TPMBackendThread *tbt); -void tpm_backend_thread_create(TPMBackendThread *tbt, - GFunc func, gpointer user_data); -void tpm_backend_thread_end(TPMBackendThread *tbt); -void tpm_backend_thread_tpm_reset(TPMBackendThread *tbt, - GFunc func, gpointer user_data); - -typedef enum TPMBackendCmd { - TPM_BACKEND_CMD_INIT = 1, - TPM_BACKEND_CMD_PROCESS_CMD, - TPM_BACKEND_CMD_END, - TPM_BACKEND_CMD_TPM_RESET, -} TPMBackendCmd; - -#endif /* TPM_TPM_BACKEND_H */ diff --git a/tpm/tpm_int.h b/tpm/tpm_int.h deleted file mode 100644 index 340bfd52f1..0000000000 --- a/tpm/tpm_int.h +++ /dev/null @@ -1,95 +0,0 @@ -/* - * TPM configuration - * - * Copyright (C) 2011-2013 IBM Corporation - * - * Authors: - * Stefan Berger <stefanb@us.ibm.com> - * - * This work is licensed under the terms of the GNU GPL, version 2 or later. - * See the COPYING file in the top-level directory. - */ -#ifndef TPM_TPM_INT_H -#define TPM_TPM_INT_H - -#include "exec/memory.h" -#include "tpm/tpm_tis.h" - -/* overall state of the TPM interface */ -struct TPMState { - ISADevice busdev; - MemoryRegion mmio; - - union { - TPMTISEmuState tis; - } s; - - uint8_t locty_number; - TPMLocality *locty_data; - - char *backend; - TPMBackend *be_driver; -}; - -#define TPM(obj) OBJECT_CHECK(TPMState, (obj), TYPE_TPM_TIS) - -struct TPMDriverOps { - enum TpmType type; - /* get a descriptive text of the backend to display to the user */ - const char *(*desc)(void); - - TPMBackend *(*create)(QemuOpts *opts, const char *id); - void (*destroy)(TPMBackend *t); - - /* initialize the backend */ - int (*init)(TPMBackend *t, TPMState *s, TPMRecvDataCB *datacb); - /* start up the TPM on the backend */ - int (*startup_tpm)(TPMBackend *t); - /* returns true if nothing will ever answer TPM requests */ - bool (*had_startup_error)(TPMBackend *t); - - size_t (*realloc_buffer)(TPMSizedBuffer *sb); - - void (*deliver_request)(TPMBackend *t); - - void (*reset)(TPMBackend *t); - - void (*cancel_cmd)(TPMBackend *t); - - bool (*get_tpm_established_flag)(TPMBackend *t); -}; - -struct tpm_req_hdr { - uint16_t tag; - uint32_t len; - uint32_t ordinal; -} QEMU_PACKED; - -struct tpm_resp_hdr { - uint16_t tag; - uint32_t len; - uint32_t errcode; -} QEMU_PACKED; - -#define TPM_TAG_RQU_COMMAND 0xc1 -#define TPM_TAG_RQU_AUTH1_COMMAND 0xc2 -#define TPM_TAG_RQU_AUTH2_COMMAND 0xc3 - -#define TPM_TAG_RSP_COMMAND 0xc4 -#define TPM_TAG_RSP_AUTH1_COMMAND 0xc5 -#define TPM_TAG_RSP_AUTH2_COMMAND 0xc6 - -#define TPM_FAIL 9 - -#define TPM_ORD_GetTicks 0xf1 - -TPMBackend *qemu_find_tpm(const char *id); -int tpm_register_model(enum TpmModel model); -int tpm_register_driver(const TPMDriverOps *tdo); -void tpm_display_backend_drivers(void); -const TPMDriverOps *tpm_get_backend_driver(const char *type); -void tpm_write_fatal_error_response(uint8_t *out, uint32_t out_len); - -extern const TPMDriverOps tpm_passthrough_driver; - -#endif /* TPM_TPM_INT_H */ diff --git a/tpm/tpm_passthrough.c b/tpm/tpm_passthrough.c deleted file mode 100644 index 1fdd66d356..0000000000 --- a/tpm/tpm_passthrough.c +++ /dev/null @@ -1,560 +0,0 @@ -/* - * passthrough TPM driver - * - * Copyright (c) 2010 - 2013 IBM Corporation - * Authors: - * Stefan Berger <stefanb@us.ibm.com> - * - * Copyright (C) 2011 IAIK, Graz University of Technology - * Author: Andreas Niederl - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, see <http://www.gnu.org/licenses/> - */ - -#include <dirent.h> - -#include "qemu-common.h" -#include "qapi/error.h" -#include "qemu/sockets.h" -#include "backends/tpm.h" -#include "tpm_int.h" -#include "hw/hw.h" -#include "hw/i386/pc.h" -#include "tpm_tis.h" -#include "tpm_backend.h" - -/* #define DEBUG_TPM */ - -#ifdef DEBUG_TPM -#define DPRINTF(fmt, ...) \ - do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0) -#else -#define DPRINTF(fmt, ...) \ - do { } while (0) -#endif - -#define TYPE_TPM_PASSTHROUGH "tpm-passthrough" -#define TPM_PASSTHROUGH(obj) \ - OBJECT_CHECK(TPMPassthruState, (obj), TYPE_TPM_PASSTHROUGH) - -/* data structures */ -typedef struct TPMPassthruThreadParams { - TPMState *tpm_state; - - TPMRecvDataCB *recv_data_callback; - TPMBackend *tb; -} TPMPassthruThreadParams; - -struct TPMPassthruState { - TPMBackend parent; - - TPMBackendThread tbt; - - TPMPassthruThreadParams tpm_thread_params; - - char *tpm_dev; - int tpm_fd; - bool tpm_executing; - bool tpm_op_canceled; - int cancel_fd; - bool had_startup_error; -}; - -typedef struct TPMPassthruState TPMPassthruState; - -#define TPM_PASSTHROUGH_DEFAULT_DEVICE "/dev/tpm0" - -/* functions */ - -static void tpm_passthrough_cancel_cmd(TPMBackend *tb); - -static int tpm_passthrough_unix_write(int fd, const uint8_t *buf, uint32_t len) -{ - return send_all(fd, buf, len); -} - -static int tpm_passthrough_unix_read(int fd, uint8_t *buf, uint32_t len) -{ - return recv_all(fd, buf, len, true); -} - -static uint32_t tpm_passthrough_get_size_from_buffer(const uint8_t *buf) -{ - struct tpm_resp_hdr *resp = (struct tpm_resp_hdr *)buf; - - return be32_to_cpu(resp->len); -} - -static int tpm_passthrough_unix_tx_bufs(TPMPassthruState *tpm_pt, - const uint8_t *in, uint32_t in_len, - uint8_t *out, uint32_t out_len) -{ - int ret; - - tpm_pt->tpm_op_canceled = false; - tpm_pt->tpm_executing = true; - - ret = tpm_passthrough_unix_write(tpm_pt->tpm_fd, in, in_len); - if (ret != in_len) { - if (!tpm_pt->tpm_op_canceled || - (tpm_pt->tpm_op_canceled && errno != ECANCELED)) { - error_report("tpm_passthrough: error while transmitting data " - "to TPM: %s (%i)\n", - strerror(errno), errno); - } - goto err_exit; - } - - tpm_pt->tpm_executing = false; - - ret = tpm_passthrough_unix_read(tpm_pt->tpm_fd, out, out_len); - if (ret < 0) { - if (!tpm_pt->tpm_op_canceled || - (tpm_pt->tpm_op_canceled && errno != ECANCELED)) { - error_report("tpm_passthrough: error while reading data from " - "TPM: %s (%i)\n", - strerror(errno), errno); - } - } else if (ret < sizeof(struct tpm_resp_hdr) || - tpm_passthrough_get_size_from_buffer(out) != ret) { - ret = -1; - error_report("tpm_passthrough: received invalid response " - "packet from TPM\n"); - } - -err_exit: - if (ret < 0) { - tpm_write_fatal_error_response(out, out_len); - } - - tpm_pt->tpm_executing = false; - - return ret; -} - -static int tpm_passthrough_unix_transfer(TPMPassthruState *tpm_pt, - const TPMLocality *locty_data) -{ - return tpm_passthrough_unix_tx_bufs(tpm_pt, - locty_data->w_buffer.buffer, - locty_data->w_offset, - locty_data->r_buffer.buffer, - locty_data->r_buffer.size); -} - -static void tpm_passthrough_worker_thread(gpointer data, - gpointer user_data) -{ - TPMPassthruThreadParams *thr_parms = user_data; - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(thr_parms->tb); - TPMBackendCmd cmd = (TPMBackendCmd)data; - - DPRINTF("tpm_passthrough: processing command type %d\n", cmd); - - switch (cmd) { - case TPM_BACKEND_CMD_PROCESS_CMD: - tpm_passthrough_unix_transfer(tpm_pt, - thr_parms->tpm_state->locty_data); - - thr_parms->recv_data_callback(thr_parms->tpm_state, - thr_parms->tpm_state->locty_number); - break; - case TPM_BACKEND_CMD_INIT: - case TPM_BACKEND_CMD_END: - case TPM_BACKEND_CMD_TPM_RESET: - /* nothing to do */ - break; - } -} - -/* - * Start the TPM (thread). If it had been started before, then terminate - * and start it again. - */ -static int tpm_passthrough_startup_tpm(TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - /* terminate a running TPM */ - tpm_backend_thread_end(&tpm_pt->tbt); - - tpm_backend_thread_create(&tpm_pt->tbt, - tpm_passthrough_worker_thread, - &tpm_pt->tpm_thread_params); - - return 0; -} - -static void tpm_passthrough_reset(TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - DPRINTF("tpm_passthrough: CALL TO TPM_RESET!\n"); - - tpm_passthrough_cancel_cmd(tb); - - tpm_backend_thread_end(&tpm_pt->tbt); - - tpm_pt->had_startup_error = false; -} - -static int tpm_passthrough_init(TPMBackend *tb, TPMState *s, - TPMRecvDataCB *recv_data_cb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - tpm_pt->tpm_thread_params.tpm_state = s; - tpm_pt->tpm_thread_params.recv_data_callback = recv_data_cb; - tpm_pt->tpm_thread_params.tb = tb; - - return 0; -} - -static bool tpm_passthrough_get_tpm_established_flag(TPMBackend *tb) -{ - return false; -} - -static bool tpm_passthrough_get_startup_error(TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - return tpm_pt->had_startup_error; -} - -static size_t tpm_passthrough_realloc_buffer(TPMSizedBuffer *sb) -{ - size_t wanted_size = 4096; /* Linux tpm.c buffer size */ - - if (sb->size != wanted_size) { - sb->buffer = g_realloc(sb->buffer, wanted_size); - sb->size = wanted_size; - } - return sb->size; -} - -static void tpm_passthrough_deliver_request(TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - tpm_backend_thread_deliver_request(&tpm_pt->tbt); -} - -static void tpm_passthrough_cancel_cmd(TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - int n; - - /* - * As of Linux 3.7 the tpm_tis driver does not properly cancel - * commands on all TPM manufacturers' TPMs. - * Only cancel if we're busy so we don't cancel someone else's - * command, e.g., a command executed on the host. - */ - if (tpm_pt->tpm_executing) { - if (tpm_pt->cancel_fd >= 0) { - n = write(tpm_pt->cancel_fd, "-", 1); - if (n != 1) { - error_report("Canceling TPM command failed: %s\n", - strerror(errno)); - } else { - tpm_pt->tpm_op_canceled = true; - } - } else { - error_report("Cannot cancel TPM command due to missing " - "TPM sysfs cancel entry"); - } - } -} - -static const char *tpm_passthrough_create_desc(void) -{ - return "Passthrough TPM backend driver"; -} - -/* - * A basic test of a TPM device. We expect a well formatted response header - * (error response is fine) within one second. - */ -static int tpm_passthrough_test_tpmdev(int fd) -{ - struct tpm_req_hdr req = { - .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND), - .len = cpu_to_be32(sizeof(req)), - .ordinal = cpu_to_be32(TPM_ORD_GetTicks), - }; - struct tpm_resp_hdr *resp; - fd_set readfds; - int n; - struct timeval tv = { - .tv_sec = 1, - .tv_usec = 0, - }; - unsigned char buf[1024]; - - n = write(fd, &req, sizeof(req)); - if (n < 0) { - return errno; - } - if (n != sizeof(req)) { - return EFAULT; - } - - FD_ZERO(&readfds); - FD_SET(fd, &readfds); - - /* wait for a second */ - n = select(fd + 1, &readfds, NULL, NULL, &tv); - if (n != 1) { - return errno; - } - - n = read(fd, &buf, sizeof(buf)); - if (n < sizeof(struct tpm_resp_hdr)) { - return EFAULT; - } - - resp = (struct tpm_resp_hdr *)buf; - /* check the header */ - if (be16_to_cpu(resp->tag) != TPM_TAG_RSP_COMMAND || - be32_to_cpu(resp->len) != n) { - return EBADMSG; - } - - return 0; -} - -/* - * Check whether the given base path, e.g., /sys/class/misc/tpm0/device, - * is the sysfs directory of a TPM. A TPM sysfs directory should be uniquely - * recognizable by the file entries 'pcrs' and 'cancel'. - * Upon success 'true' is returned and the basebath buffer has '/cancel' - * appended. - */ -static bool tpm_passthrough_check_sysfs_cancel(char *basepath, size_t bufsz) -{ - char path[PATH_MAX]; - struct stat statbuf; - - snprintf(path, sizeof(path), "%s/pcrs", basepath); - if (stat(path, &statbuf) == -1 || !S_ISREG(statbuf.st_mode)) { - return false; - } - - snprintf(path, sizeof(path), "%s/cancel", basepath); - if (stat(path, &statbuf) == -1 || !S_ISREG(statbuf.st_mode)) { - return false; - } - - strncpy(basepath, path, bufsz); - - return true; -} - -/* - * Unless path or file descriptor set has been provided by user, - * determine the sysfs cancel file following kernel documentation - * in Documentation/ABI/stable/sysfs-class-tpm. - */ -static int tpm_passthrough_open_sysfs_cancel(TPMBackend *tb) -{ - int fd = -1; - unsigned int idx; - DIR *pnp_dir; - char path[PATH_MAX]; - struct dirent entry, *result; - int len; - - if (tb->cancel_path) { - fd = qemu_open(tb->cancel_path, O_WRONLY); - if (fd < 0) { - error_report("Could not open TPM cancel path : %s", - strerror(errno)); - } - return fd; - } - - snprintf(path, sizeof(path), "/sys/class/misc"); - pnp_dir = opendir(path); - if (pnp_dir != NULL) { - while (readdir_r(pnp_dir, &entry, &result) == 0 && - result != NULL) { - /* - * only allow /sys/class/misc/tpm%u type of paths - */ - if (sscanf(entry.d_name, "tpm%u%n", &idx, &len) < 1 || - len <= strlen("tpm") || - len != strlen(entry.d_name)) { - continue; - } - - snprintf(path, sizeof(path), "/sys/class/misc/%s/device", - entry.d_name); - if (!tpm_passthrough_check_sysfs_cancel(path, sizeof(path))) { - continue; - } - - fd = qemu_open(path, O_WRONLY); - break; - } - closedir(pnp_dir); - } - - if (fd >= 0) { - tb->cancel_path = g_strdup(path); - } - - return fd; -} - -static int tpm_passthrough_handle_device_opts(QemuOpts *opts, TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - const char *value; - - value = qemu_opt_get(opts, "cancel-path"); - if (value) { - tb->cancel_path = g_strdup(value); - } - - value = qemu_opt_get(opts, "path"); - if (!value) { - value = TPM_PASSTHROUGH_DEFAULT_DEVICE; - } - - tpm_pt->tpm_dev = g_strdup(value); - - tb->path = g_strdup(tpm_pt->tpm_dev); - - tpm_pt->tpm_fd = qemu_open(tpm_pt->tpm_dev, O_RDWR); - if (tpm_pt->tpm_fd < 0) { - error_report("Cannot access TPM device using '%s': %s\n", - tpm_pt->tpm_dev, strerror(errno)); - goto err_free_parameters; - } - - if (tpm_passthrough_test_tpmdev(tpm_pt->tpm_fd)) { - error_report("'%s' is not a TPM device.\n", - tpm_pt->tpm_dev); - goto err_close_tpmdev; - } - - return 0; - - err_close_tpmdev: - qemu_close(tpm_pt->tpm_fd); - tpm_pt->tpm_fd = -1; - - err_free_parameters: - g_free(tb->path); - tb->path = NULL; - - g_free(tpm_pt->tpm_dev); - tpm_pt->tpm_dev = NULL; - - return 1; -} - -static TPMBackend *tpm_passthrough_create(QemuOpts *opts, const char *id) -{ - Object *obj = object_new(TYPE_TPM_PASSTHROUGH); - TPMBackend *tb = TPM_BACKEND(obj); - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - tb->id = g_strdup(id); - /* let frontend set the fe_model to proper value */ - tb->fe_model = -1; - - tb->ops = &tpm_passthrough_driver; - - if (tpm_passthrough_handle_device_opts(opts, tb)) { - goto err_exit; - } - - tpm_pt->cancel_fd = tpm_passthrough_open_sysfs_cancel(tb); - if (tpm_pt->cancel_fd < 0) { - goto err_exit; - } - - return tb; - -err_exit: - g_free(tb->id); - - return NULL; -} - -static void tpm_passthrough_destroy(TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - tpm_passthrough_cancel_cmd(tb); - - tpm_backend_thread_end(&tpm_pt->tbt); - - qemu_close(tpm_pt->tpm_fd); - qemu_close(tpm_pt->cancel_fd); - - g_free(tb->id); - g_free(tb->path); - g_free(tb->cancel_path); - g_free(tpm_pt->tpm_dev); -} - -const TPMDriverOps tpm_passthrough_driver = { - .type = TPM_TYPE_PASSTHROUGH, - .desc = tpm_passthrough_create_desc, - .create = tpm_passthrough_create, - .destroy = tpm_passthrough_destroy, - .init = tpm_passthrough_init, - .startup_tpm = tpm_passthrough_startup_tpm, - .realloc_buffer = tpm_passthrough_realloc_buffer, - .reset = tpm_passthrough_reset, - .had_startup_error = tpm_passthrough_get_startup_error, - .deliver_request = tpm_passthrough_deliver_request, - .cancel_cmd = tpm_passthrough_cancel_cmd, - .get_tpm_established_flag = tpm_passthrough_get_tpm_established_flag, -}; - -static void tpm_passthrough_inst_init(Object *obj) -{ -} - -static void tpm_passthrough_inst_finalize(Object *obj) -{ -} - -static void tpm_passthrough_class_init(ObjectClass *klass, void *data) -{ - TPMBackendClass *tbc = TPM_BACKEND_CLASS(klass); - - tbc->ops = &tpm_passthrough_driver; -} - -static const TypeInfo tpm_passthrough_info = { - .name = TYPE_TPM_PASSTHROUGH, - .parent = TYPE_TPM_BACKEND, - .instance_size = sizeof(TPMPassthruState), - .class_init = tpm_passthrough_class_init, - .instance_init = tpm_passthrough_inst_init, - .instance_finalize = tpm_passthrough_inst_finalize, -}; - -static void tpm_passthrough_register(void) -{ - type_register_static(&tpm_passthrough_info); - tpm_register_driver(&tpm_passthrough_driver); -} - -type_init(tpm_passthrough_register) diff --git a/tpm/tpm_tis.c b/tpm/tpm_tis.c deleted file mode 100644 index f0a4584607..0000000000 --- a/tpm/tpm_tis.c +++ /dev/null @@ -1,930 +0,0 @@ -/* - * tpm_tis.c - QEMU's TPM TIS interface emulator - * - * Copyright (C) 2006,2010-2013 IBM Corporation - * - * Authors: - * Stefan Berger <stefanb@us.ibm.com> - * David Safford <safford@us.ibm.com> - * - * Xen 4 support: Andrease Niederl <andreas.niederl@iaik.tugraz.at> - * - * This work is licensed under the terms of the GNU GPL, version 2 or later. - * See the COPYING file in the top-level directory. - * - * Implementation of the TIS interface according to specs found at - * http://www.trustedcomputinggroup.org. This implementation currently - * supports version 1.21, revision 1.0. - * In the developers menu choose the PC Client section then find the TIS - * specification. - */ - -#include "backends/tpm.h" -#include "tpm_int.h" -#include "block/block.h" -#include "exec/address-spaces.h" -#include "hw/hw.h" -#include "hw/i386/pc.h" -#include "hw/pci/pci_ids.h" -#include "tpm/tpm_tis.h" -#include "qemu-common.h" - -/*#define DEBUG_TIS */ - -#ifdef DEBUG_TIS -#define DPRINTF(fmt, ...) \ - do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0) -#else -#define DPRINTF(fmt, ...) \ - do { } while (0) -#endif - -/* whether the STS interrupt is supported */ -#define RAISE_STS_IRQ - -/* tis registers */ -#define TPM_TIS_REG_ACCESS 0x00 -#define TPM_TIS_REG_INT_ENABLE 0x08 -#define TPM_TIS_REG_INT_VECTOR 0x0c -#define TPM_TIS_REG_INT_STATUS 0x10 -#define TPM_TIS_REG_INTF_CAPABILITY 0x14 -#define TPM_TIS_REG_STS 0x18 -#define TPM_TIS_REG_DATA_FIFO 0x24 -#define TPM_TIS_REG_DID_VID 0xf00 -#define TPM_TIS_REG_RID 0xf04 - -/* vendor-specific registers */ -#define TPM_TIS_REG_DEBUG 0xf90 - -#define TPM_TIS_STS_VALID (1 << 7) -#define TPM_TIS_STS_COMMAND_READY (1 << 6) -#define TPM_TIS_STS_TPM_GO (1 << 5) -#define TPM_TIS_STS_DATA_AVAILABLE (1 << 4) -#define TPM_TIS_STS_EXPECT (1 << 3) -#define TPM_TIS_STS_RESPONSE_RETRY (1 << 1) - -#define TPM_TIS_BURST_COUNT_SHIFT 8 -#define TPM_TIS_BURST_COUNT(X) \ - ((X) << TPM_TIS_BURST_COUNT_SHIFT) - -#define TPM_TIS_ACCESS_TPM_REG_VALID_STS (1 << 7) -#define TPM_TIS_ACCESS_ACTIVE_LOCALITY (1 << 5) -#define TPM_TIS_ACCESS_BEEN_SEIZED (1 << 4) -#define TPM_TIS_ACCESS_SEIZE (1 << 3) -#define TPM_TIS_ACCESS_PENDING_REQUEST (1 << 2) -#define TPM_TIS_ACCESS_REQUEST_USE (1 << 1) -#define TPM_TIS_ACCESS_TPM_ESTABLISHMENT (1 << 0) - -#define TPM_TIS_INT_ENABLED (1 << 31) -#define TPM_TIS_INT_DATA_AVAILABLE (1 << 0) -#define TPM_TIS_INT_STS_VALID (1 << 1) -#define TPM_TIS_INT_LOCALITY_CHANGED (1 << 2) -#define TPM_TIS_INT_COMMAND_READY (1 << 7) - -#define TPM_TIS_INT_POLARITY_MASK (3 << 3) -#define TPM_TIS_INT_POLARITY_LOW_LEVEL (1 << 3) - -#ifndef RAISE_STS_IRQ - -#define TPM_TIS_INTERRUPTS_SUPPORTED (TPM_TIS_INT_LOCALITY_CHANGED | \ - TPM_TIS_INT_DATA_AVAILABLE | \ - TPM_TIS_INT_COMMAND_READY) - -#else - -#define TPM_TIS_INTERRUPTS_SUPPORTED (TPM_TIS_INT_LOCALITY_CHANGED | \ - TPM_TIS_INT_DATA_AVAILABLE | \ - TPM_TIS_INT_STS_VALID | \ - TPM_TIS_INT_COMMAND_READY) - -#endif - -#define TPM_TIS_CAP_INTERRUPT_LOW_LEVEL (1 << 4) /* support is mandatory */ -#define TPM_TIS_CAPABILITIES_SUPPORTED (TPM_TIS_CAP_INTERRUPT_LOW_LEVEL | \ - TPM_TIS_INTERRUPTS_SUPPORTED) - -#define TPM_TIS_TPM_DID 0x0001 -#define TPM_TIS_TPM_VID PCI_VENDOR_ID_IBM -#define TPM_TIS_TPM_RID 0x0001 - -#define TPM_TIS_NO_DATA_BYTE 0xff - -/* local prototypes */ - -static uint64_t tpm_tis_mmio_read(void *opaque, hwaddr addr, - unsigned size); - -/* utility functions */ - -static uint8_t tpm_tis_locality_from_addr(hwaddr addr) -{ - return (uint8_t)((addr >> TPM_TIS_LOCALITY_SHIFT) & 0x7); -} - -static uint32_t tpm_tis_get_size_from_buffer(const TPMSizedBuffer *sb) -{ - return be32_to_cpu(*(uint32_t *)&sb->buffer[2]); -} - -static void tpm_tis_show_buffer(const TPMSizedBuffer *sb, const char *string) -{ -#ifdef DEBUG_TIS - uint32_t len, i; - - len = tpm_tis_get_size_from_buffer(sb); - DPRINTF("tpm_tis: %s length = %d\n", string, len); - for (i = 0; i < len; i++) { - if (i && !(i % 16)) { - DPRINTF("\n"); - } - DPRINTF("%.2X ", sb->buffer[i]); - } - DPRINTF("\n"); -#endif -} - -/* - * Send a request to the TPM. - */ -static void tpm_tis_tpm_send(TPMState *s, uint8_t locty) -{ - TPMTISEmuState *tis = &s->s.tis; - - tpm_tis_show_buffer(&tis->loc[locty].w_buffer, "tpm_tis: To TPM"); - - s->locty_number = locty; - s->locty_data = &tis->loc[locty]; - - /* - * w_offset serves as length indicator for length of data; - * it's reset when the response comes back - */ - tis->loc[locty].state = TPM_TIS_STATE_EXECUTION; - - tpm_backend_deliver_request(s->be_driver); -} - -/* raise an interrupt if allowed */ -static void tpm_tis_raise_irq(TPMState *s, uint8_t locty, uint32_t irqmask) -{ - TPMTISEmuState *tis = &s->s.tis; - - if (!TPM_TIS_IS_VALID_LOCTY(locty)) { - return; - } - - if ((tis->loc[locty].inte & TPM_TIS_INT_ENABLED) && - (tis->loc[locty].inte & irqmask)) { - DPRINTF("tpm_tis: Raising IRQ for flag %08x\n", irqmask); - qemu_irq_raise(s->s.tis.irq); - tis->loc[locty].ints |= irqmask; - } -} - -static uint32_t tpm_tis_check_request_use_except(TPMState *s, uint8_t locty) -{ - uint8_t l; - - for (l = 0; l < TPM_TIS_NUM_LOCALITIES; l++) { - if (l == locty) { - continue; - } - if ((s->s.tis.loc[l].access & TPM_TIS_ACCESS_REQUEST_USE)) { - return 1; - } - } - - return 0; -} - -static void tpm_tis_new_active_locality(TPMState *s, uint8_t new_active_locty) -{ - TPMTISEmuState *tis = &s->s.tis; - bool change = (s->s.tis.active_locty != new_active_locty); - bool is_seize; - uint8_t mask; - - if (change && TPM_TIS_IS_VALID_LOCTY(s->s.tis.active_locty)) { - is_seize = TPM_TIS_IS_VALID_LOCTY(new_active_locty) && - tis->loc[new_active_locty].access & TPM_TIS_ACCESS_SEIZE; - - if (is_seize) { - mask = ~(TPM_TIS_ACCESS_ACTIVE_LOCALITY); - } else { - mask = ~(TPM_TIS_ACCESS_ACTIVE_LOCALITY| - TPM_TIS_ACCESS_REQUEST_USE); - } - /* reset flags on the old active locality */ - tis->loc[s->s.tis.active_locty].access &= mask; - - if (is_seize) { - tis->loc[tis->active_locty].access |= TPM_TIS_ACCESS_BEEN_SEIZED; - } - } - - tis->active_locty = new_active_locty; - - DPRINTF("tpm_tis: Active locality is now %d\n", s->s.tis.active_locty); - - if (TPM_TIS_IS_VALID_LOCTY(new_active_locty)) { - /* set flags on the new active locality */ - tis->loc[new_active_locty].access |= TPM_TIS_ACCESS_ACTIVE_LOCALITY; - tis->loc[new_active_locty].access &= ~(TPM_TIS_ACCESS_REQUEST_USE | - TPM_TIS_ACCESS_SEIZE); - } - - if (change) { - tpm_tis_raise_irq(s, tis->active_locty, TPM_TIS_INT_LOCALITY_CHANGED); - } -} - -/* abort -- this function switches the locality */ -static void tpm_tis_abort(TPMState *s, uint8_t locty) -{ - TPMTISEmuState *tis = &s->s.tis; - - tis->loc[locty].r_offset = 0; - tis->loc[locty].w_offset = 0; - - DPRINTF("tpm_tis: tis_abort: new active locality is %d\n", tis->next_locty); - - /* - * Need to react differently depending on who's aborting now and - * which locality will become active afterwards. - */ - if (tis->aborting_locty == tis->next_locty) { - tis->loc[tis->aborting_locty].state = TPM_TIS_STATE_READY; - tis->loc[tis->aborting_locty].sts = TPM_TIS_STS_COMMAND_READY; - tpm_tis_raise_irq(s, tis->aborting_locty, TPM_TIS_INT_COMMAND_READY); - } - - /* locality after abort is another one than the current one */ - tpm_tis_new_active_locality(s, tis->next_locty); - - tis->next_locty = TPM_TIS_NO_LOCALITY; - /* nobody's aborting a command anymore */ - tis->aborting_locty = TPM_TIS_NO_LOCALITY; -} - -/* prepare aborting current command */ -static void tpm_tis_prep_abort(TPMState *s, uint8_t locty, uint8_t newlocty) -{ - TPMTISEmuState *tis = &s->s.tis; - uint8_t busy_locty; - - tis->aborting_locty = locty; - tis->next_locty = newlocty; /* locality after successful abort */ - - /* - * only abort a command using an interrupt if currently executing - * a command AND if there's a valid connection to the vTPM. - */ - for (busy_locty = 0; busy_locty < TPM_TIS_NUM_LOCALITIES; busy_locty++) { - if (tis->loc[busy_locty].state == TPM_TIS_STATE_EXECUTION) { - /* - * request the backend to cancel. Some backends may not - * support it - */ - tpm_backend_cancel_cmd(s->be_driver); - return; - } - } - - tpm_tis_abort(s, locty); -} - -static void tpm_tis_receive_bh(void *opaque) -{ - TPMState *s = opaque; - TPMTISEmuState *tis = &s->s.tis; - uint8_t locty = s->locty_number; - - tis->loc[locty].sts = TPM_TIS_STS_VALID | TPM_TIS_STS_DATA_AVAILABLE; - tis->loc[locty].state = TPM_TIS_STATE_COMPLETION; - tis->loc[locty].r_offset = 0; - tis->loc[locty].w_offset = 0; - - if (TPM_TIS_IS_VALID_LOCTY(tis->next_locty)) { - tpm_tis_abort(s, locty); - } - -#ifndef RAISE_STS_IRQ - tpm_tis_raise_irq(s, locty, TPM_TIS_INT_DATA_AVAILABLE); -#else - tpm_tis_raise_irq(s, locty, - TPM_TIS_INT_DATA_AVAILABLE | TPM_TIS_INT_STS_VALID); -#endif -} - -/* - * Callback from the TPM to indicate that the response was received. - */ -static void tpm_tis_receive_cb(TPMState *s, uint8_t locty) -{ - TPMTISEmuState *tis = &s->s.tis; - - assert(s->locty_number == locty); - - qemu_bh_schedule(tis->bh); -} - -/* - * Read a byte of response data - */ -static uint32_t tpm_tis_data_read(TPMState *s, uint8_t locty) -{ - TPMTISEmuState *tis = &s->s.tis; - uint32_t ret = TPM_TIS_NO_DATA_BYTE; - uint16_t len; - - if ((tis->loc[locty].sts & TPM_TIS_STS_DATA_AVAILABLE)) { - len = tpm_tis_get_size_from_buffer(&tis->loc[locty].r_buffer); - - ret = tis->loc[locty].r_buffer.buffer[tis->loc[locty].r_offset++]; - if (tis->loc[locty].r_offset >= len) { - /* got last byte */ - tis->loc[locty].sts = TPM_TIS_STS_VALID; -#ifdef RAISE_STS_IRQ - tpm_tis_raise_irq(s, locty, TPM_TIS_INT_STS_VALID); -#endif - } - DPRINTF("tpm_tis: tpm_tis_data_read byte 0x%02x [%d]\n", - ret, tis->loc[locty].r_offset-1); - } - - return ret; -} - -#ifdef DEBUG_TIS -static void tpm_tis_dump_state(void *opaque, hwaddr addr) -{ - static const unsigned regs[] = { - TPM_TIS_REG_ACCESS, - TPM_TIS_REG_INT_ENABLE, - TPM_TIS_REG_INT_VECTOR, - TPM_TIS_REG_INT_STATUS, - TPM_TIS_REG_INTF_CAPABILITY, - TPM_TIS_REG_STS, - TPM_TIS_REG_DID_VID, - TPM_TIS_REG_RID, - 0xfff}; - int idx; - uint8_t locty = tpm_tis_locality_from_addr(addr); - hwaddr base = addr & ~0xfff; - TPMState *s = opaque; - TPMTISEmuState *tis = &s->s.tis; - - DPRINTF("tpm_tis: active locality : %d\n" - "tpm_tis: state of locality %d : %d\n" - "tpm_tis: register dump:\n", - tis->active_locty, - locty, tis->loc[locty].state); - - for (idx = 0; regs[idx] != 0xfff; idx++) { - DPRINTF("tpm_tis: 0x%04x : 0x%08x\n", regs[idx], - (uint32_t)tpm_tis_mmio_read(opaque, base + regs[idx], 4)); - } - - DPRINTF("tpm_tis: read offset : %d\n" - "tpm_tis: result buffer : ", - tis->loc[locty].r_offset); - for (idx = 0; - idx < tpm_tis_get_size_from_buffer(&tis->loc[locty].r_buffer); - idx++) { - DPRINTF("%c%02x%s", - tis->loc[locty].r_offset == idx ? '>' : ' ', - tis->loc[locty].r_buffer.buffer[idx], - ((idx & 0xf) == 0xf) ? "\ntpm_tis: " : ""); - } - DPRINTF("\n" - "tpm_tis: write offset : %d\n" - "tpm_tis: request buffer: ", - tis->loc[locty].w_offset); - for (idx = 0; - idx < tpm_tis_get_size_from_buffer(&tis->loc[locty].w_buffer); - idx++) { - DPRINTF("%c%02x%s", - tis->loc[locty].w_offset == idx ? '>' : ' ', - tis->loc[locty].w_buffer.buffer[idx], - ((idx & 0xf) == 0xf) ? "\ntpm_tis: " : ""); - } - DPRINTF("\n"); -} -#endif - -/* - * Read a register of the TIS interface - * See specs pages 33-63 for description of the registers - */ -static uint64_t tpm_tis_mmio_read(void *opaque, hwaddr addr, - unsigned size) -{ - TPMState *s = opaque; - TPMTISEmuState *tis = &s->s.tis; - uint16_t offset = addr & 0xffc; - uint8_t shift = (addr & 0x3) * 8; - uint32_t val = 0xffffffff; - uint8_t locty = tpm_tis_locality_from_addr(addr); - uint32_t avail; - - if (tpm_backend_had_startup_error(s->be_driver)) { - return val; - } - - switch (offset) { - case TPM_TIS_REG_ACCESS: - /* never show the SEIZE flag even though we use it internally */ - val = tis->loc[locty].access & ~TPM_TIS_ACCESS_SEIZE; - /* the pending flag is always calculated */ - if (tpm_tis_check_request_use_except(s, locty)) { - val |= TPM_TIS_ACCESS_PENDING_REQUEST; - } - val |= !tpm_backend_get_tpm_established_flag(s->be_driver); - break; - case TPM_TIS_REG_INT_ENABLE: - val = tis->loc[locty].inte; - break; - case TPM_TIS_REG_INT_VECTOR: - val = tis->irq_num; - break; - case TPM_TIS_REG_INT_STATUS: - val = tis->loc[locty].ints; - break; - case TPM_TIS_REG_INTF_CAPABILITY: - val = TPM_TIS_CAPABILITIES_SUPPORTED; - break; - case TPM_TIS_REG_STS: - if (tis->active_locty == locty) { - if ((tis->loc[locty].sts & TPM_TIS_STS_DATA_AVAILABLE)) { - val = TPM_TIS_BURST_COUNT( - tpm_tis_get_size_from_buffer(&tis->loc[locty].r_buffer) - - tis->loc[locty].r_offset) | tis->loc[locty].sts; - } else { - avail = tis->loc[locty].w_buffer.size - - tis->loc[locty].w_offset; - /* - * byte-sized reads should not return 0x00 for 0x100 - * available bytes. - */ - if (size == 1 && avail > 0xff) { - avail = 0xff; - } - val = TPM_TIS_BURST_COUNT(avail) | tis->loc[locty].sts; - } - } - break; - case TPM_TIS_REG_DATA_FIFO: - if (tis->active_locty == locty) { - switch (tis->loc[locty].state) { - case TPM_TIS_STATE_COMPLETION: - val = tpm_tis_data_read(s, locty); - break; - default: - val = TPM_TIS_NO_DATA_BYTE; - break; - } - } - break; - case TPM_TIS_REG_DID_VID: - val = (TPM_TIS_TPM_DID << 16) | TPM_TIS_TPM_VID; - break; - case TPM_TIS_REG_RID: - val = TPM_TIS_TPM_RID; - break; -#ifdef DEBUG_TIS - case TPM_TIS_REG_DEBUG: - tpm_tis_dump_state(opaque, addr); - break; -#endif - } - - if (shift) { - val >>= shift; - } - - DPRINTF("tpm_tis: read.%u(%08x) = %08x\n", size, (int)addr, (uint32_t)val); - - return val; -} - -/* - * Write a value to a register of the TIS interface - * See specs pages 33-63 for description of the registers - */ -static void tpm_tis_mmio_write_intern(void *opaque, hwaddr addr, - uint64_t val, unsigned size, - bool hw_access) -{ - TPMState *s = opaque; - TPMTISEmuState *tis = &s->s.tis; - uint16_t off = addr & 0xfff; - uint8_t locty = tpm_tis_locality_from_addr(addr); - uint8_t active_locty, l; - int c, set_new_locty = 1; - uint16_t len; - - DPRINTF("tpm_tis: write.%u(%08x) = %08x\n", size, (int)addr, (uint32_t)val); - - if (locty == 4 && !hw_access) { - DPRINTF("tpm_tis: Access to locality 4 only allowed from hardware\n"); - return; - } - - if (tpm_backend_had_startup_error(s->be_driver)) { - return; - } - - switch (off) { - case TPM_TIS_REG_ACCESS: - - if ((val & TPM_TIS_ACCESS_SEIZE)) { - val &= ~(TPM_TIS_ACCESS_REQUEST_USE | - TPM_TIS_ACCESS_ACTIVE_LOCALITY); - } - - active_locty = tis->active_locty; - - if ((val & TPM_TIS_ACCESS_ACTIVE_LOCALITY)) { - /* give up locality if currently owned */ - if (tis->active_locty == locty) { - DPRINTF("tpm_tis: Releasing locality %d\n", locty); - - uint8_t newlocty = TPM_TIS_NO_LOCALITY; - /* anybody wants the locality ? */ - for (c = TPM_TIS_NUM_LOCALITIES - 1; c >= 0; c--) { - if ((tis->loc[c].access & TPM_TIS_ACCESS_REQUEST_USE)) { - DPRINTF("tpm_tis: Locality %d requests use.\n", c); - newlocty = c; - break; - } - } - DPRINTF("tpm_tis: TPM_TIS_ACCESS_ACTIVE_LOCALITY: " - "Next active locality: %d\n", - newlocty); - - if (TPM_TIS_IS_VALID_LOCTY(newlocty)) { - set_new_locty = 0; - tpm_tis_prep_abort(s, locty, newlocty); - } else { - active_locty = TPM_TIS_NO_LOCALITY; - } - } else { - /* not currently the owner; clear a pending request */ - tis->loc[locty].access &= ~TPM_TIS_ACCESS_REQUEST_USE; - } - } - - if ((val & TPM_TIS_ACCESS_BEEN_SEIZED)) { - tis->loc[locty].access &= ~TPM_TIS_ACCESS_BEEN_SEIZED; - } - - if ((val & TPM_TIS_ACCESS_SEIZE)) { - /* - * allow seize if a locality is active and the requesting - * locality is higher than the one that's active - * OR - * allow seize for requesting locality if no locality is - * active - */ - while ((TPM_TIS_IS_VALID_LOCTY(tis->active_locty) && - locty > tis->active_locty) || - !TPM_TIS_IS_VALID_LOCTY(tis->active_locty)) { - bool higher_seize = FALSE; - - /* already a pending SEIZE ? */ - if ((tis->loc[locty].access & TPM_TIS_ACCESS_SEIZE)) { - break; - } - - /* check for ongoing seize by a higher locality */ - for (l = locty + 1; l < TPM_TIS_NUM_LOCALITIES; l++) { - if ((tis->loc[l].access & TPM_TIS_ACCESS_SEIZE)) { - higher_seize = TRUE; - break; - } - } - - if (higher_seize) { - break; - } - - /* cancel any seize by a lower locality */ - for (l = 0; l < locty - 1; l++) { - tis->loc[l].access &= ~TPM_TIS_ACCESS_SEIZE; - } - - tis->loc[locty].access |= TPM_TIS_ACCESS_SEIZE; - DPRINTF("tpm_tis: TPM_TIS_ACCESS_SEIZE: " - "Locality %d seized from locality %d\n", - locty, tis->active_locty); - DPRINTF("tpm_tis: TPM_TIS_ACCESS_SEIZE: Initiating abort.\n"); - set_new_locty = 0; - tpm_tis_prep_abort(s, tis->active_locty, locty); - break; - } - } - - if ((val & TPM_TIS_ACCESS_REQUEST_USE)) { - if (tis->active_locty != locty) { - if (TPM_TIS_IS_VALID_LOCTY(tis->active_locty)) { - tis->loc[locty].access |= TPM_TIS_ACCESS_REQUEST_USE; - } else { - /* no locality active -> make this one active now */ - active_locty = locty; - } - } - } - - if (set_new_locty) { - tpm_tis_new_active_locality(s, active_locty); - } - - break; - case TPM_TIS_REG_INT_ENABLE: - if (tis->active_locty != locty) { - break; - } - - tis->loc[locty].inte = (val & (TPM_TIS_INT_ENABLED | - TPM_TIS_INT_POLARITY_MASK | - TPM_TIS_INTERRUPTS_SUPPORTED)); - break; - case TPM_TIS_REG_INT_VECTOR: - /* hard wired -- ignore */ - break; - case TPM_TIS_REG_INT_STATUS: - if (tis->active_locty != locty) { - break; - } - - /* clearing of interrupt flags */ - if (((val & TPM_TIS_INTERRUPTS_SUPPORTED)) && - (tis->loc[locty].ints & TPM_TIS_INTERRUPTS_SUPPORTED)) { - tis->loc[locty].ints &= ~val; - if (tis->loc[locty].ints == 0) { - qemu_irq_lower(tis->irq); - DPRINTF("tpm_tis: Lowering IRQ\n"); - } - } - tis->loc[locty].ints &= ~(val & TPM_TIS_INTERRUPTS_SUPPORTED); - break; - case TPM_TIS_REG_STS: - if (tis->active_locty != locty) { - break; - } - - val &= (TPM_TIS_STS_COMMAND_READY | TPM_TIS_STS_TPM_GO | - TPM_TIS_STS_RESPONSE_RETRY); - - if (val == TPM_TIS_STS_COMMAND_READY) { - switch (tis->loc[locty].state) { - - case TPM_TIS_STATE_READY: - tis->loc[locty].w_offset = 0; - tis->loc[locty].r_offset = 0; - break; - - case TPM_TIS_STATE_IDLE: - tis->loc[locty].sts = TPM_TIS_STS_COMMAND_READY; - tis->loc[locty].state = TPM_TIS_STATE_READY; - tpm_tis_raise_irq(s, locty, TPM_TIS_INT_COMMAND_READY); - break; - - case TPM_TIS_STATE_EXECUTION: - case TPM_TIS_STATE_RECEPTION: - /* abort currently running command */ - DPRINTF("tpm_tis: %s: Initiating abort.\n", - __func__); - tpm_tis_prep_abort(s, locty, locty); - break; - - case TPM_TIS_STATE_COMPLETION: - tis->loc[locty].w_offset = 0; - tis->loc[locty].r_offset = 0; - /* shortcut to ready state with C/R set */ - tis->loc[locty].state = TPM_TIS_STATE_READY; - if (!(tis->loc[locty].sts & TPM_TIS_STS_COMMAND_READY)) { - tis->loc[locty].sts = TPM_TIS_STS_COMMAND_READY; - tpm_tis_raise_irq(s, locty, TPM_TIS_INT_COMMAND_READY); - } - tis->loc[locty].sts &= ~(TPM_TIS_STS_DATA_AVAILABLE); - break; - - } - } else if (val == TPM_TIS_STS_TPM_GO) { - switch (tis->loc[locty].state) { - case TPM_TIS_STATE_RECEPTION: - if ((tis->loc[locty].sts & TPM_TIS_STS_EXPECT) == 0) { - tpm_tis_tpm_send(s, locty); - } - break; - default: - /* ignore */ - break; - } - } else if (val == TPM_TIS_STS_RESPONSE_RETRY) { - switch (tis->loc[locty].state) { - case TPM_TIS_STATE_COMPLETION: - tis->loc[locty].r_offset = 0; - tis->loc[locty].sts = TPM_TIS_STS_VALID | - TPM_TIS_STS_DATA_AVAILABLE; - break; - default: - /* ignore */ - break; - } - } - break; - case TPM_TIS_REG_DATA_FIFO: - /* data fifo */ - if (tis->active_locty != locty) { - break; - } - - if (tis->loc[locty].state == TPM_TIS_STATE_IDLE || - tis->loc[locty].state == TPM_TIS_STATE_EXECUTION || - tis->loc[locty].state == TPM_TIS_STATE_COMPLETION) { - /* drop the byte */ - } else { - DPRINTF("tpm_tis: Byte to send to TPM: %02x\n", (uint8_t)val); - if (tis->loc[locty].state == TPM_TIS_STATE_READY) { - tis->loc[locty].state = TPM_TIS_STATE_RECEPTION; - tis->loc[locty].sts = TPM_TIS_STS_EXPECT | TPM_TIS_STS_VALID; - } - - if ((tis->loc[locty].sts & TPM_TIS_STS_EXPECT)) { - if (tis->loc[locty].w_offset < tis->loc[locty].w_buffer.size) { - tis->loc[locty].w_buffer. - buffer[tis->loc[locty].w_offset++] = (uint8_t)val; - } else { - tis->loc[locty].sts = TPM_TIS_STS_VALID; - } - } - - /* check for complete packet */ - if (tis->loc[locty].w_offset > 5 && - (tis->loc[locty].sts & TPM_TIS_STS_EXPECT)) { - /* we have a packet length - see if we have all of it */ -#ifdef RAISE_STS_IRQ - bool needIrq = !(tis->loc[locty].sts & TPM_TIS_STS_VALID); -#endif - len = tpm_tis_get_size_from_buffer(&tis->loc[locty].w_buffer); - if (len > tis->loc[locty].w_offset) { - tis->loc[locty].sts = TPM_TIS_STS_EXPECT | - TPM_TIS_STS_VALID; - } else { - /* packet complete */ - tis->loc[locty].sts = TPM_TIS_STS_VALID; - } -#ifdef RAISE_STS_IRQ - if (needIrq) { - tpm_tis_raise_irq(s, locty, TPM_TIS_INT_STS_VALID); - } -#endif - } - } - break; - } -} - -static void tpm_tis_mmio_write(void *opaque, hwaddr addr, - uint64_t val, unsigned size) -{ - return tpm_tis_mmio_write_intern(opaque, addr, val, size, false); -} - -static const MemoryRegionOps tpm_tis_memory_ops = { - .read = tpm_tis_mmio_read, - .write = tpm_tis_mmio_write, - .endianness = DEVICE_LITTLE_ENDIAN, - .valid = { - .min_access_size = 1, - .max_access_size = 4, - }, -}; - -static int tpm_tis_do_startup_tpm(TPMState *s) -{ - return tpm_backend_startup_tpm(s->be_driver); -} - -/* - * This function is called when the machine starts, resets or due to - * S3 resume. - */ -static void tpm_tis_reset(DeviceState *dev) -{ - TPMState *s = TPM(dev); - TPMTISEmuState *tis = &s->s.tis; - int c; - - tpm_backend_reset(s->be_driver); - - tis->active_locty = TPM_TIS_NO_LOCALITY; - tis->next_locty = TPM_TIS_NO_LOCALITY; - tis->aborting_locty = TPM_TIS_NO_LOCALITY; - - for (c = 0; c < TPM_TIS_NUM_LOCALITIES; c++) { - tis->loc[c].access = TPM_TIS_ACCESS_TPM_REG_VALID_STS; - tis->loc[c].sts = 0; - tis->loc[c].inte = TPM_TIS_INT_POLARITY_LOW_LEVEL; - tis->loc[c].ints = 0; - tis->loc[c].state = TPM_TIS_STATE_IDLE; - - tis->loc[c].w_offset = 0; - tpm_backend_realloc_buffer(s->be_driver, &tis->loc[c].w_buffer); - tis->loc[c].r_offset = 0; - tpm_backend_realloc_buffer(s->be_driver, &tis->loc[c].r_buffer); - } - - tpm_tis_do_startup_tpm(s); -} - -static const VMStateDescription vmstate_tpm_tis = { - .name = "tpm", - .unmigratable = 1, -}; - -static Property tpm_tis_properties[] = { - DEFINE_PROP_UINT32("irq", TPMState, - s.tis.irq_num, TPM_TIS_IRQ), - DEFINE_PROP_STRING("tpmdev", TPMState, backend), - DEFINE_PROP_END_OF_LIST(), -}; - -static void tpm_tis_realizefn(DeviceState *dev, Error **errp) -{ - TPMState *s = TPM(dev); - TPMTISEmuState *tis = &s->s.tis; - - s->be_driver = qemu_find_tpm(s->backend); - if (!s->be_driver) { - error_setg(errp, "tpm_tis: backend driver with id %s could not be " - "found", s->backend); - return; - } - - s->be_driver->fe_model = TPM_MODEL_TPM_TIS; - - if (tpm_backend_init(s->be_driver, s, tpm_tis_receive_cb)) { - error_setg(errp, "tpm_tis: backend driver with id %s could not be " - "initialized", s->backend); - return; - } - - if (tis->irq_num > 15) { - error_setg(errp, "tpm_tis: IRQ %d for TPM TIS is outside valid range " - "of 0 to 15.\n", tis->irq_num); - return; - } - - tis->bh = qemu_bh_new(tpm_tis_receive_bh, s); - - isa_init_irq(&s->busdev, &tis->irq, tis->irq_num); -} - -static void tpm_tis_initfn(Object *obj) -{ - ISADevice *dev = ISA_DEVICE(obj); - TPMState *s = TPM(obj); - - memory_region_init_io(&s->mmio, &tpm_tis_memory_ops, s, "tpm-tis-mmio", - TPM_TIS_NUM_LOCALITIES << TPM_TIS_LOCALITY_SHIFT); - memory_region_add_subregion(isa_address_space(dev), TPM_TIS_ADDR_BASE, - &s->mmio); -} - -static void tpm_tis_uninitfn(Object *obj) -{ - TPMState *s = TPM(obj); - - memory_region_del_subregion(get_system_memory(), &s->mmio); - memory_region_destroy(&s->mmio); -} - -static void tpm_tis_class_init(ObjectClass *klass, void *data) -{ - DeviceClass *dc = DEVICE_CLASS(klass); - - dc->realize = tpm_tis_realizefn; - dc->props = tpm_tis_properties; - dc->reset = tpm_tis_reset; - dc->vmsd = &vmstate_tpm_tis; -} - -static const TypeInfo tpm_tis_info = { - .name = TYPE_TPM_TIS, - .parent = TYPE_ISA_DEVICE, - .instance_size = sizeof(TPMState), - .instance_init = tpm_tis_initfn, - .instance_finalize = tpm_tis_uninitfn, - .class_init = tpm_tis_class_init, -}; - -static void tpm_tis_register(void) -{ - type_register_static(&tpm_tis_info); - tpm_register_model(TPM_MODEL_TPM_TIS); -} - -type_init(tpm_tis_register) diff --git a/tpm/tpm_tis.h b/tpm/tpm_tis.h deleted file mode 100644 index 1be4ddc8a1..0000000000 --- a/tpm/tpm_tis.h +++ /dev/null @@ -1,80 +0,0 @@ -/* - * tpm_tis.h - QEMU's TPM TIS interface emulator - * - * Copyright (C) 2006, 2010-2013 IBM Corporation - * - * Authors: - * Stefan Berger <stefanb@us.ibm.com> - * David Safford <safford@us.ibm.com> - * - * This work is licensed under the terms of the GNU GPL, version 2 or later. - * See the COPYING file in the top-level directory. - * - * Implementation of the TIS interface according to specs found at - * http://www.trustedcomputinggroup.org - * - */ -#ifndef TPM_TPM_TIS_H -#define TPM_TPM_TIS_H - -#include "hw/isa/isa.h" -#include "qemu-common.h" - -#define TPM_TIS_ADDR_BASE 0xFED40000 - -#define TPM_TIS_NUM_LOCALITIES 5 /* per spec */ -#define TPM_TIS_LOCALITY_SHIFT 12 -#define TPM_TIS_NO_LOCALITY 0xff - -#define TPM_TIS_IS_VALID_LOCTY(x) ((x) < TPM_TIS_NUM_LOCALITIES) - -#define TPM_TIS_IRQ 5 - -#define TPM_TIS_BUFFER_MAX 4096 - -#define TYPE_TPM_TIS "tpm-tis" - - -struct TPMSizedBuffer { - uint32_t size; - uint8_t *buffer; -}; - -typedef enum { - TPM_TIS_STATE_IDLE = 0, - TPM_TIS_STATE_READY, - TPM_TIS_STATE_COMPLETION, - TPM_TIS_STATE_EXECUTION, - TPM_TIS_STATE_RECEPTION, -} TPMTISState; - -/* locality data -- all fields are persisted */ -typedef struct TPMLocality { - TPMTISState state; - uint8_t access; - uint8_t sts; - uint32_t inte; - uint32_t ints; - - uint16_t w_offset; - uint16_t r_offset; - TPMSizedBuffer w_buffer; - TPMSizedBuffer r_buffer; -} TPMLocality; - -typedef struct TPMTISEmuState { - QEMUBH *bh; - uint32_t offset; - uint8_t buf[TPM_TIS_BUFFER_MAX]; - - uint8_t active_locty; - uint8_t aborting_locty; - uint8_t next_locty; - - TPMLocality loc[TPM_TIS_NUM_LOCALITIES]; - - qemu_irq irq; - uint32_t irq_num; -} TPMTISEmuState; - -#endif /* TPM_TPM_TIS_H */ |