From: "Michael S. Tsirkin" <mst@redhat.com>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>,
Michael Tokarev <mjt@tls.msk.ru>,
Markus Armbruster <armbru@redhat.com>,
Stefan Berger <stefanb@linux.vnet.ibm.com>
Subject: [Qemu-devel] [PULL v2 47/60] tpm: Probe for connected TPM 1.2 or TPM 2
Date: Mon, 1 Jun 2015 14:25:14 +0200 [thread overview]
Message-ID: <1433161230-29421-48-git-send-email-mst@redhat.com> (raw)
In-Reply-To: <1433161230-29421-1-git-send-email-mst@redhat.com>
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
In the TPM passthrough backend driver, modify the probing code so
that we can check whether a TPM 1.2 or TPM 2 is being used
and adapt the behavior of the TPM TIS accordingly.
Move the code that tested for a TPM 1.2 into tpm_utils.c
and extend it with test for probing for TPM 2. Have the
function return the version of TPM found.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
hw/tpm/tpm_int.h | 6 +++
hw/tpm/tpm_util.h | 28 +++++++++++
hw/tpm/tpm_passthrough.c | 59 +++-------------------
hw/tpm/tpm_util.c | 126 +++++++++++++++++++++++++++++++++++++++++++++++
hw/tpm/Makefile.objs | 2 +-
5 files changed, 167 insertions(+), 54 deletions(-)
create mode 100644 hw/tpm/tpm_util.h
create mode 100644 hw/tpm/tpm_util.c
diff --git a/hw/tpm/tpm_int.h b/hw/tpm/tpm_int.h
index 9866c79..f2f285b 100644
--- a/hw/tpm/tpm_int.h
+++ b/hw/tpm/tpm_int.h
@@ -66,4 +66,10 @@ struct tpm_resp_hdr {
#define TPM_ORD_ContinueSelfTest 0x53
#define TPM_ORD_GetTicks 0xf1
+
+/* TPM2 defines */
+#define TPM2_ST_NO_SESSIONS 0x8001
+
+#define TPM2_CC_ReadClock 0x00000181
+
#endif /* TPM_TPM_INT_H */
diff --git a/hw/tpm/tpm_util.h b/hw/tpm/tpm_util.h
new file mode 100644
index 0000000..e7f354a
--- /dev/null
+++ b/hw/tpm/tpm_util.h
@@ -0,0 +1,28 @@
+/*
+ * TPM utility functions
+ *
+ * Copyright (c) 2010 - 2015 IBM Corporation
+ * Authors:
+ * Stefan Berger <stefanb@us.ibm.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>
+ */
+#ifndef TPM_TPM_UTILS_H
+#define TPM_TPM_UTILS_H
+
+#include "sysemu/tpm_backend.h"
+
+int tpm_util_test_tpmdev(int tpm_fd, TPMVersion *tpm_version);
+
+#endif /* TPM_TPM_UTILS_H */
diff --git a/hw/tpm/tpm_passthrough.c b/hw/tpm/tpm_passthrough.c
index f1361d2..8d8523a 100644
--- a/hw/tpm/tpm_passthrough.c
+++ b/hw/tpm/tpm_passthrough.c
@@ -33,6 +33,7 @@
#include "hw/i386/pc.h"
#include "sysemu/tpm_backend_int.h"
#include "tpm_tis.h"
+#include "tpm_util.h"
#define DEBUG_TPM 0
@@ -69,6 +70,8 @@ struct TPMPassthruState {
bool tpm_op_canceled;
int cancel_fd;
bool had_startup_error;
+
+ TPMVersion tpm_version;
};
typedef struct TPMPassthruState TPMPassthruState;
@@ -333,59 +336,9 @@ static const char *tpm_passthrough_create_desc(void)
static TPMVersion tpm_passthrough_get_tpm_version(TPMBackend *tb)
{
- return TPM_VERSION_1_2;
-}
-
-/*
- * A basic test of a TPM device. We expect a well formatted response header
- * (error response is fine) within one second.
- */
-static int tpm_passthrough_test_tpmdev(int fd)
-{
- struct tpm_req_hdr req = {
- .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
- .len = cpu_to_be32(sizeof(req)),
- .ordinal = cpu_to_be32(TPM_ORD_GetTicks),
- };
- struct tpm_resp_hdr *resp;
- fd_set readfds;
- int n;
- struct timeval tv = {
- .tv_sec = 1,
- .tv_usec = 0,
- };
- unsigned char buf[1024];
-
- n = write(fd, &req, sizeof(req));
- if (n < 0) {
- return errno;
- }
- if (n != sizeof(req)) {
- return EFAULT;
- }
-
- FD_ZERO(&readfds);
- FD_SET(fd, &readfds);
-
- /* wait for a second */
- n = select(fd + 1, &readfds, NULL, NULL, &tv);
- if (n != 1) {
- return errno;
- }
-
- n = read(fd, &buf, sizeof(buf));
- if (n < sizeof(struct tpm_resp_hdr)) {
- return EFAULT;
- }
-
- resp = (struct tpm_resp_hdr *)buf;
- /* check the header */
- if (be16_to_cpu(resp->tag) != TPM_TAG_RSP_COMMAND ||
- be32_to_cpu(resp->len) != n) {
- return EBADMSG;
- }
+ TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb);
- return 0;
+ return tpm_pt->tpm_version;
}
/*
@@ -455,7 +408,7 @@ static int tpm_passthrough_handle_device_opts(QemuOpts *opts, TPMBackend *tb)
goto err_free_parameters;
}
- if (tpm_passthrough_test_tpmdev(tpm_pt->tpm_fd)) {
+ if (tpm_util_test_tpmdev(tpm_pt->tpm_fd, &tpm_pt->tpm_version)) {
error_report("'%s' is not a TPM device.",
tpm_pt->tpm_dev);
goto err_close_tpmdev;
diff --git a/hw/tpm/tpm_util.c b/hw/tpm/tpm_util.c
new file mode 100644
index 0000000..4ace585
--- /dev/null
+++ b/hw/tpm/tpm_util.c
@@ -0,0 +1,126 @@
+/*
+ * TPM utility functions
+ *
+ * Copyright (c) 2010 - 2015 IBM Corporation
+ * Authors:
+ * Stefan Berger <stefanb@us.ibm.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>
+ */
+
+#include "tpm_util.h"
+#include "tpm_int.h"
+
+/*
+ * A basic test of a TPM device. We expect a well formatted response header
+ * (error response is fine) within one second.
+ */
+static int tpm_util_test(int fd,
+ unsigned char *request,
+ size_t requestlen,
+ uint16_t *return_tag)
+{
+ struct tpm_resp_hdr *resp;
+ fd_set readfds;
+ int n;
+ struct timeval tv = {
+ .tv_sec = 1,
+ .tv_usec = 0,
+ };
+ unsigned char buf[1024];
+
+ n = write(fd, request, requestlen);
+ if (n < 0) {
+ return errno;
+ }
+ if (n != requestlen) {
+ return EFAULT;
+ }
+
+ FD_ZERO(&readfds);
+ FD_SET(fd, &readfds);
+
+ /* wait for a second */
+ n = select(fd + 1, &readfds, NULL, NULL, &tv);
+ if (n != 1) {
+ return errno;
+ }
+
+ n = read(fd, &buf, sizeof(buf));
+ if (n < sizeof(struct tpm_resp_hdr)) {
+ return EFAULT;
+ }
+
+ resp = (struct tpm_resp_hdr *)buf;
+ /* check the header */
+ if (be32_to_cpu(resp->len) != n) {
+ return EBADMSG;
+ }
+
+ *return_tag = be16_to_cpu(resp->tag);
+
+ return 0;
+}
+
+/*
+ * Probe for the TPM device in the back
+ * Returns 0 on success with the version of the probed TPM set, 1 on failure.
+ */
+int tpm_util_test_tpmdev(int tpm_fd, TPMVersion *tpm_version)
+{
+ /*
+ * Sending a TPM1.2 command to a TPM2 should return a TPM1.2
+ * header (tag = 0xc4) and error code (TPM_BADTAG = 0x1e)
+ *
+ * Sending a TPM2 command to a TPM 2 will give a TPM 2 tag in the
+ * header.
+ * Sending a TPM2 command to a TPM 1.2 will give a TPM 1.2 tag
+ * in the header and an error code.
+ */
+ const struct tpm_req_hdr test_req = {
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
+ .len = cpu_to_be32(sizeof(test_req)),
+ .ordinal = cpu_to_be32(TPM_ORD_GetTicks),
+ };
+
+ const struct tpm_req_hdr test_req_tpm2 = {
+ .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
+ .len = cpu_to_be32(sizeof(test_req_tpm2)),
+ .ordinal = cpu_to_be32(TPM2_CC_ReadClock),
+ };
+ uint16_t return_tag;
+ int ret;
+
+ /* Send TPM 2 command */
+ ret = tpm_util_test(tpm_fd, (unsigned char *)&test_req_tpm2,
+ sizeof(test_req_tpm2), &return_tag);
+ /* TPM 2 would respond with a tag of TPM2_ST_NO_SESSIONS */
+ if (!ret && return_tag == TPM2_ST_NO_SESSIONS) {
+ *tpm_version = TPM_VERSION_2_0;
+ return 0;
+ }
+
+ /* Send TPM 1.2 command */
+ ret = tpm_util_test(tpm_fd, (unsigned char *)&test_req,
+ sizeof(test_req), &return_tag);
+ if (!ret && return_tag == TPM_TAG_RSP_COMMAND) {
+ *tpm_version = TPM_VERSION_1_2;
+ /* this is a TPM 1.2 */
+ return 0;
+ }
+
+ *tpm_version = TPM_VERSION_UNSPEC;
+
+ return 1;
+}
diff --git a/hw/tpm/Makefile.objs b/hw/tpm/Makefile.objs
index 99f5983..64cecc3 100644
--- a/hw/tpm/Makefile.objs
+++ b/hw/tpm/Makefile.objs
@@ -1,2 +1,2 @@
common-obj-$(CONFIG_TPM_TIS) += tpm_tis.o
-common-obj-$(CONFIG_TPM_PASSTHROUGH) += tpm_passthrough.o
+common-obj-$(CONFIG_TPM_PASSTHROUGH) += tpm_passthrough.o tpm_util.o
--
MST
next prev parent reply other threads:[~2015-06-01 12:25 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-01 12:22 [Qemu-devel] [PULL v2 00/60] pc, pci, tpm, virtio, vhost enhancements and fixes Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 01/60] hw/virtio/virtio-balloon: move adding property to virtio_balloon_instance_init Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 02/60] hw/virtio/virtio-pci: use alias property for virtio-balloon-pci Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 03/60] hw/s390x/virtio-ccw: use alias property for virtio-balloon-ccw Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 04/60] pc: Replace tab with spaces Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 05/60] hw: Move commas inside HW_COMPAT_2_1 macro Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 06/60] pc: Move commas inside PC_COMPAT_* macros Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 07/60] spapr: Move commas inside SPAPR_COMPAT_* macros Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 08/60] hw: Define empty HW_COMPAT_2_[23] macros Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 09/60] pc: Define PC_COMPAT_2_[123] macros Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 10/60] spapr: Use HW_COMPAT_* inside SPAPR_COMPAT_* macros Michael S. Tsirkin
2015-06-01 12:22 ` [Qemu-devel] [PULL v2 11/60] spapr: define SPAPR_COMPAT_2_3 Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 12/60] piix: Move pc-0.14 qxl compat properties to PC_COMPAT_0_14 Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 13/60] piix: Move pc-0.11 drive version compat props to PC_COMPAT_0_11 Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 14/60] piix: Move pc-0.13 virtio-9p-pci compat to PC_COMPAT_0_13 Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 15/60] piix: Move pc-0.1[23] rombar compat props " Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 16/60] piix: Define PC_COMPAT_0_10 Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 17/60] pc: Define MACHINE_OPTIONS macros consistently for all machines Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 18/60] pc: Define machines using a DEFINE_PC_MACHINE macro Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 19/60] pc: Convert *_MACHINE_OPTIONS macros into functions Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 20/60] pc: Move compat_props setting inside *_machine_options() functions Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 21/60] pc: Don't use QEMUMachine anymore Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 22/60] pc: Remove qemu_register_pc_machine() function Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 23/60] machine: Remove unused fields from QEMUMachine Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 24/60] piix: Add kvmclock_enabled, pci_enabled globals Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 25/60] piix: Eliminate pc_init_pci() Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 26/60] pc: Generate init functions with a macro Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 27/60] pc: acpi: fix pvpanic for buggy guests Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 28/60] virtio: move host_features Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 29/60] virtio-ccw: Don't advertise VIRTIO_F_BAD_FEATURE Michael S. Tsirkin
2015-06-01 12:23 ` [Qemu-devel] [PULL v2 30/60] virtio: move VIRTIO_F_NOTIFY_ON_EMPTY into core Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 31/60] virtio-net: adding all queues in .realize() Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 32/60] virtio: device_plugged() can fail Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 33/60] virtio: introduce virtio_get_num_queues() Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 34/60] virtio-ccw: introduce ccw specific queue limit Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 35/60] virtio-ccw: validate the number of queues against bus limitation Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 36/60] virtio-s390: introduce virito s390 queue limit Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 37/60] virtio-s390: introduce virtio_s390_device_plugged() Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 38/60] virtio: rename VIRTIO_PCI_QUEUE_MAX to VIRTIO_QUEUE_MAX Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 39/60] virtio: increase the queue limit to 1024 Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 40/60] i386/pc: pc_basic_device_init(): delegate FDC creation request Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 41/60] i386/pc: '-drive if=floppy' should imply a board-default FDC Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 42/60] i386/pc_q35: don't insist on board FDC if there's no default floppy Michael S. Tsirkin
2015-06-01 12:24 ` [Qemu-devel] [PULL v2 43/60] i386: drop FDC in pc-q35-2.4+ if neither it nor floppy drives are wanted Michael S. Tsirkin
2015-06-19 7:01 ` Markus Armbruster
2015-06-19 12:52 ` Laszlo Ersek
2015-06-19 13:32 ` Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 44/60] acpi: Simplify printing to dynamic string Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 45/60] Add stream ID to MSI write Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 46/60] Extend TPM TIS interface to support TPM 2 Michael S. Tsirkin
2015-06-01 12:25 ` Michael S. Tsirkin [this message]
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 48/60] TPM2 ACPI table support Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 49/60] acpi: add aml_add() term Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 50/60] acpi: add aml_lless() term Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 51/60] acpi: add aml_index() term Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 52/60] acpi: add aml_shiftleft() term Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 53/60] acpi: add aml_shiftright() term Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 54/60] acpi: add aml_increment() term Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 55/60] acpi: add aml_while() term Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 56/60] hw/acpi/aml-build: Fix memory leak Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 57/60] virtio-mmio: ioeventfd support Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 58/60] qdev: add 64bit properties Michael S. Tsirkin
2015-06-20 21:10 ` Paolo Bonzini
2015-06-23 1:36 ` Gonglei
2015-06-23 6:55 ` Markus Armbruster
2015-06-23 7:04 ` Gonglei
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 59/60] virtio: make features 64bit wide Michael S. Tsirkin
2015-06-01 12:25 ` [Qemu-devel] [PULL v2 60/60] vhost-user: add multi queue support Michael S. Tsirkin
2015-06-01 16:33 ` [Qemu-devel] [PULL v2 00/60] pc, pci, tpm, virtio, vhost enhancements and fixes Peter Maydell
2015-06-01 17:39 ` Daniel P. Berrange
2015-06-01 23:42 ` Stefan Berger
2015-06-02 14:53 ` Igor Mammedov
2015-06-02 14:59 ` Stefan Berger
2015-06-02 15:04 ` Michael S. Tsirkin
2015-06-02 8:06 ` Markus Armbruster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1433161230-29421-48-git-send-email-mst@redhat.com \
--to=mst@redhat.com \
--cc=armbru@redhat.com \
--cc=mjt@tls.msk.ru \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanb@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.