aboutsummaryrefslogtreecommitdiff
path: root/hw/tpm
AgeCommit message (Collapse)Author
2017-12-14tpm-emulator: add a FIXME comment about blocking cancelMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm: add tpm_cmd_get_size() to tpm_utilMarc-André Lureau
The function is generally useful and used in the following patches. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm: add TPM interface to lookup TPM versionMarc-André Lureau
Do not hardcode TPM device model to lookup version, use an interface instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm: rename qemu_find_tpm() -> qemu_find_tpm_be()Marc-André Lureau
find_tpm() will be introduced to lookup the TPM device. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-tis: simplify header inclusionMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-passthrough: workaround a possible raceMarc-André Lureau
The TPM backend processing thread has common shared variable race issues. (they should not be so easy to reach since guest interaction with the device is slow compared to host emulation) An obvious one is setting op_cancelled from device thread after calling write(cancel_fd). The backend thread may return before the device thread has set the variable. Instead set it before cancellation. Even if the write() failed, the end result is command get possibly cancelled (even if cancellation came from external sources it doesn't matter much). It's worth to consider removing the backend processing thread for now. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-passthrough: simplify create()Marc-André Lureau
Use a similar code as tpm_emulator_create(), call handle_opts() and handle failure cleanup with object_unref() in create(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-passthrough: make it safer to destroy after creationMarc-André Lureau
Check fds values before closing, to avoid close(-1). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-backend: move set 'id' to common codeMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-passthrough: pass TPMPassthruState to handle_device_optsMarc-André Lureau
It doesn't need TPMBackend. Also reorder arguments for consistency. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-passthrough: don't save guessed cancel_path in optionsMarc-André Lureau
The value is later unneeded, and may leak if the free visitor doesn't consider it since has_cancel_path is false. And for consistency with "path" it shouldn't be returned in get_tpm_options(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-be: ask model to the TPM interfaceMarc-André Lureau
No need to store the mode in the backend, or to let the frontend set it itself. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-be: report error instead of front-endMarc-André Lureau
Backend can give more accurate error description, and lift out the job from the frontend. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-be: call request_completed() out of threadMarc-André Lureau
Lift from the backend implementation the responsability to call the request_completed() callback outside of thread context. This also simplify frontend/interface work, as they no longer need to care whether the callback is called from a different thread. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-tis: no longer expose TPMStateMarc-André Lureau
Now that there is an interface instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-backend: store TPMIf interface, improve backend_init()Marc-André Lureau
Store the TPM interface, the actual object may be different from TPMState. Keep a reference on the interface, and check the backend wasn't already initialized. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm: move TpmIf in include/sysemu/tpm.hMarc-André Lureau
This is a better location than hw/tpm, since we are going to use the interface from outside hw/tpm. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-12-14tpm-tis: remove unused locty_numberMarc-André Lureau
This field slipped in commit 5086bf9784. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-11-15tpm_tis: Return 0 for every register in case of failure modeStefan Berger
Rather than returning ~0, return 0 for every register in case of failure mode. The '0' is better to indicate that there's no device there. It avoids SeaBIOS detecting a device and getting stuck on it trying to read and write its registers. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2017-11-15tpm_tis: Return TPM_VERSION_UNSPEC in case of BE failureStefan Berger
In case the backend has a failure, such as the tpm_emulator's CMD_INIT failing, the TIS goes into failure mode and does not respond to reads or writes to MMIO registers. In this case we need to prevent the ACPI table from being added and the straight-forward way is to indicate that there's no known TPM version being used. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2017-11-15tpm-emulator: protect concurrent ctrl_chr accessMarc-André Lureau
The control chardev is being used from the data thread to set the locality of the next request. Altough the chr has a write mutex, we may potentially read the reply from another thread request. Add a mutex to protect from concurrent control commands. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-25tpm: print buffers received from TPM when debuggingStefan Berger
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2017-10-19tpm: move recv_data_callback to TPM interfaceMarc-André Lureau
Simplify the TPM backend setup, move callback to TPM interface. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm: add a QOM TPM interfaceMarc-André Lureau
This will simplify backend / interface objects relationship, so the frontend interface will simply have to implement the TPM QOM interface. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm-tis: fold TPMTISEmuState in TPMStateMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm-tis: remove tpm_tis.h headerMarc-André Lureau
The definitions are now private to TIS implementation. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm-tis: move TPMState to TIS headerMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm: remove locty_data from TPMStateMarc-André Lureau
Keep it internal to tpm-tis instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm-emulator: fix error handlingMarc-André Lureau
The previous patch cleaned up a bit error handling, and exposed an existing bug: error_report_err() could be called with a NULL error. Instead, make tpm_emulator_set_locality() set the error. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm: add TPMBackendCmd to hold the request stateMarc-André Lureau
This simplifies a bit locality handling, and argument passing, and could pave the way to queuing requests (if that makes sense). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm: remove locty argument from receive_cbMarc-André Lureau
The tpm_state is passed as argument, the assert() is pointless since we give it the value of tpm_state->locty_number already. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm: remove needless castMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm: remove unused TPMBackendCmdMarc-André Lureau
There is only handling of request so far in both backends. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm: remove TPMDriverOpsMarc-André Lureau
Use TPMBackendClass to hold class methods/fields. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm: move TPMSizedBuffer to tpm_tis.hMarc-André Lureau
Close to where it's being used. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm: remove tpm_register_driver()Marc-André Lureau
No more users of be_drivers[], drop that too. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm-tis: remove RAISE_STS_IRQMarc-André Lureau
This look like temporary hacking code. It shouldn't be necessary in release code, or there should be a runtime option for it. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-19tpm-tis: remove unused hw_access argumentMarc-André Lureau
This argument is always false, simplify the code. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-13tpm: Added support for TPM emulatorAmarnath Valluri
This change introduces a new TPM backend driver that can communicate with swtpm(software TPM emulator) using unix domain socket interface. QEMU talks to the TPM emulator using QEMU's socket-based chardev backend device. Swtpm uses two Unix sockets for communications, one for plain TPM commands and responses, and one for out-of-band control messages. QEMU passes the data socket to be used over the control channel. The swtpm and associated tools can be found here: https://github.com/stefanberger/swtpm The swtpm's control channel protocol specification can be found here: https://github.com/stefanberger/swtpm/wiki/Control-Channel-Specification Usage: # setup TPM state directory mkdir /tmp/mytpm chown -R tss:root /tmp/mytpm /usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek # Ask qemu to use TPM emulator with given tpm state directory qemu-system-x86_64 \ [...] \ -chardev socket,id=chrtpm,path=/tmp/swtpm-sock \ -tpmdev emulator,id=tpm0,chardev=chrtpm \ -device tpm-tis,tpmdev=tpm0 \ [...] Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-13tpm-passthrough: move reusable code to utilsAmarnath Valluri
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-13tpm-backend: Move realloc_buffer() implementation to tpm-tis modelAmarnath Valluri
buffer reallocation is very unlikely to be backend specific. Hence move inside the tis. Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-13tpm-backend: Add new API to read backend TpmInfoAmarnath Valluri
TPM configuration options are backend implementation details and shall not be part of base TPMBackend object, and these shall not be accessed directly outside of the class, hence added a new interface method, get_tpm_options() to TPMDriverOps., which shall be implemented by the derived classes to return configured tpm options. A new tpm backend api - tpm_backend_query_tpm() which uses _get_tpm_options() to prepare TpmInfo. Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-13tpm-backend: Made few interface methods optionalAmarnath Valluri
This allows backend implementations left optional interface methods. For mandatory methods assertion checks added. Took the opportunity to remove unused methods: - tpm_backend_get_desc() - TPMDriverOps->handle_startup_error Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger<stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-13tpm-backend: Initialize and free data members in it's own methodsAmarnath Valluri
Initialize and free TPMBackend data members in it's own instance_init() and instance_finalize methods. Took the opportunity to remove unneeded destroy() method from TpmDriverOps interface as TPMBackend is a Qemu Object, we can use object_unref() inplace of tpm_backend_destroy() to free the backend object, hence removed destroy() from TPMDriverOps interface. Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-13tpm-backend: Move thread handling inside TPMBackendAmarnath Valluri
Move thread handling inside TPMBackend, this way backend implementations need not to maintain their own thread life cycle, instead they needs to implement 'handle_request()' class method that always been called from a thread. This change made tpm_backend_int.h kind of useless, hence removed it. Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-13tpm-backend: Remove unneeded member variable from backend classAmarnath Valluri
TPMDriverOps inside TPMBackend is not required, as it is supposed to be a class member. The only possible reason for keeping in TPMBackend was, to get the backend type in tpm.c where dedicated backend api, tpm_backend_get_type() is present. Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-13tpm: Use EMSGSIZE instead of EBADMSG to compile on OpenBSDStefan Berger
EBADMSG was only added to OpenBSD very recently. To make QEMU compilable on older OpenBSD versions use EMSGSIZE instead when a mismatch between number of received bytes and message size indicated in the header was found. Return -EMSGSIZE and convert all other errnos in the same functions to return the negative errno. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2016-10-28clean-up: removed duplicate #includesAnand J
Some files contain multiple #includes of the same header file. Removed most of those unnecessary duplicate entries using scripts/clean-includes. Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Anand J <anand.indukala@gmail.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-10-28hw/tpm/tpm_passthrough: Simplify if-statements a little bitThomas Huth
The condition '!A || (A && B)' is equivalent to '!A || B' Buglink: https://bugs.launchpad.net/qemu/+bug/1464611 Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-07-12Clean up header guards that don't match their file nameMarkus Armbruster
Header guard symbols should match their file name to make guard collisions less likely. Offenders found with scripts/clean-header-guards.pl -vn. Cleaned up with scripts/clean-header-guards.pl, followed by some renaming of new guard symbols picked by the script to better ones. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
generated by cgit v1.2.3 (git 2.26.2) at 2025-03-16 04:33:56 +0000