1f4ede81eSAmarnath Valluri /* 2f4ede81eSAmarnath Valluri * Emulator TPM driver 3f4ede81eSAmarnath Valluri * 4f4ede81eSAmarnath Valluri * Copyright (c) 2017 Intel Corporation 5f4ede81eSAmarnath Valluri * Author: Amarnath Valluri <amarnath.valluri@intel.com> 6f4ede81eSAmarnath Valluri * 738ab74e7SStefan Berger * Copyright (c) 2010 - 2013, 2018 IBM Corporation 8f4ede81eSAmarnath Valluri * Authors: 9f4ede81eSAmarnath Valluri * Stefan Berger <stefanb@us.ibm.com> 10f4ede81eSAmarnath Valluri * 11f4ede81eSAmarnath Valluri * Copyright (C) 2011 IAIK, Graz University of Technology 12f4ede81eSAmarnath Valluri * Author: Andreas Niederl 13f4ede81eSAmarnath Valluri * 14f4ede81eSAmarnath Valluri * This library is free software; you can redistribute it and/or 15f4ede81eSAmarnath Valluri * modify it under the terms of the GNU Lesser General Public 16f4ede81eSAmarnath Valluri * License as published by the Free Software Foundation; either 17eac2fce9SChetan Pant * version 2.1 of the License, or (at your option) any later version. 18f4ede81eSAmarnath Valluri * 19f4ede81eSAmarnath Valluri * This library is distributed in the hope that it will be useful, 20f4ede81eSAmarnath Valluri * but WITHOUT ANY WARRANTY; without even the implied warranty of 21f4ede81eSAmarnath Valluri * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 22f4ede81eSAmarnath Valluri * Lesser General Public License for more details. 23f4ede81eSAmarnath Valluri * 24f4ede81eSAmarnath Valluri * You should have received a copy of the GNU Lesser General Public 25f4ede81eSAmarnath Valluri * License along with this library; if not, see <http://www.gnu.org/licenses/> 26f4ede81eSAmarnath Valluri * 27f4ede81eSAmarnath Valluri */ 28f4ede81eSAmarnath Valluri 29f4ede81eSAmarnath Valluri #include "qemu/osdep.h" 30f4ede81eSAmarnath Valluri #include "qemu/error-report.h" 310b8fa32fSMarkus Armbruster #include "qemu/module.h" 32f4ede81eSAmarnath Valluri #include "qemu/sockets.h" 33bf5dcf8fSPhilippe Mathieu-Daudé #include "qemu/lockable.h" 34f4ede81eSAmarnath Valluri #include "io/channel-socket.h" 35f4ede81eSAmarnath Valluri #include "sysemu/tpm_backend.h" 360f7d2148SPhilippe Mathieu-Daudé #include "sysemu/tpm_util.h" 37f4ede81eSAmarnath Valluri #include "tpm_int.h" 38f4ede81eSAmarnath Valluri #include "tpm_ioctl.h" 39f4ede81eSAmarnath Valluri #include "migration/blocker.h" 40d6454270SMarkus Armbruster #include "migration/vmstate.h" 41f4ede81eSAmarnath Valluri #include "qapi/error.h" 42f4ede81eSAmarnath Valluri #include "qapi/clone-visitor.h" 439af23989SMarkus Armbruster #include "qapi/qapi-visit-tpm.h" 44f4ede81eSAmarnath Valluri #include "chardev/char-fe.h" 459d9dcd96SStefan Berger #include "trace.h" 46db1015e9SEduardo Habkost #include "qom/object.h" 47f4ede81eSAmarnath Valluri 48f4ede81eSAmarnath Valluri #define TYPE_TPM_EMULATOR "tpm-emulator" 498063396bSEduardo Habkost OBJECT_DECLARE_SIMPLE_TYPE(TPMEmulator, TPM_EMULATOR) 50f4ede81eSAmarnath Valluri 51f4ede81eSAmarnath Valluri #define TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(S, cap) (((S)->caps & (cap)) == (cap)) 52f4ede81eSAmarnath Valluri 53f4ede81eSAmarnath Valluri /* data structures */ 5438ab74e7SStefan Berger 5538ab74e7SStefan Berger /* blobs from the TPM; part of VM state when migrating */ 5638ab74e7SStefan Berger typedef struct TPMBlobBuffers { 5738ab74e7SStefan Berger uint32_t permanent_flags; 5838ab74e7SStefan Berger TPMSizedBuffer permanent; 5938ab74e7SStefan Berger 6038ab74e7SStefan Berger uint32_t volatil_flags; 6138ab74e7SStefan Berger TPMSizedBuffer volatil; 6238ab74e7SStefan Berger 6338ab74e7SStefan Berger uint32_t savestate_flags; 6438ab74e7SStefan Berger TPMSizedBuffer savestate; 6538ab74e7SStefan Berger } TPMBlobBuffers; 6638ab74e7SStefan Berger 67db1015e9SEduardo Habkost struct TPMEmulator { 68f4ede81eSAmarnath Valluri TPMBackend parent; 69f4ede81eSAmarnath Valluri 70f4ede81eSAmarnath Valluri TPMEmulatorOptions *options; 71f4ede81eSAmarnath Valluri CharBackend ctrl_chr; 72f4ede81eSAmarnath Valluri QIOChannel *data_ioc; 73f4ede81eSAmarnath Valluri TPMVersion tpm_version; 74f4ede81eSAmarnath Valluri ptm_cap caps; /* capabilities of the TPM */ 75f4ede81eSAmarnath Valluri uint8_t cur_locty_number; /* last set locality */ 76f4ede81eSAmarnath Valluri Error *migration_blocker; 7717b1af77SMarc-André Lureau 7817b1af77SMarc-André Lureau QemuMutex mutex; 790b4c7c65SStefan Berger 800b4c7c65SStefan Berger unsigned int established_flag:1; 810b4c7c65SStefan Berger unsigned int established_flag_cached:1; 8238ab74e7SStefan Berger 8338ab74e7SStefan Berger TPMBlobBuffers state_blobs; 84db1015e9SEduardo Habkost }; 85f4ede81eSAmarnath Valluri 867e095e84SStefan Berger struct tpm_error { 877e095e84SStefan Berger uint32_t tpm_result; 887e095e84SStefan Berger const char *string; 897e095e84SStefan Berger }; 907e095e84SStefan Berger 917e095e84SStefan Berger static const struct tpm_error tpm_errors[] = { 927e095e84SStefan Berger /* TPM 1.2 error codes */ 937e095e84SStefan Berger { TPM_BAD_PARAMETER , "a parameter is bad" }, 947e095e84SStefan Berger { TPM_FAIL , "operation failed" }, 957e095e84SStefan Berger { TPM_KEYNOTFOUND , "key could not be found" }, 967e095e84SStefan Berger { TPM_BAD_PARAM_SIZE , "bad parameter size"}, 977e095e84SStefan Berger { TPM_ENCRYPT_ERROR , "encryption error" }, 987e095e84SStefan Berger { TPM_DECRYPT_ERROR , "decryption error" }, 997e095e84SStefan Berger { TPM_BAD_KEY_PROPERTY, "bad key property" }, 1007e095e84SStefan Berger { TPM_BAD_MODE , "bad (encryption) mode" }, 1017e095e84SStefan Berger { TPM_BAD_VERSION , "bad version identifier" }, 1027e095e84SStefan Berger { TPM_BAD_LOCALITY , "bad locality" }, 1037e095e84SStefan Berger /* TPM 2 error codes */ 1047e095e84SStefan Berger { TPM_RC_FAILURE , "operation failed" }, 1057e095e84SStefan Berger { TPM_RC_LOCALITY , "bad locality" }, 1067e095e84SStefan Berger { TPM_RC_INSUFFICIENT, "insufficient amount of data" }, 1077e095e84SStefan Berger }; 1087e095e84SStefan Berger 1097e095e84SStefan Berger static const char *tpm_emulator_strerror(uint32_t tpm_result) 1107e095e84SStefan Berger { 1117e095e84SStefan Berger size_t i; 1127e095e84SStefan Berger 1137e095e84SStefan Berger for (i = 0; i < ARRAY_SIZE(tpm_errors); i++) { 1147e095e84SStefan Berger if (tpm_errors[i].tpm_result == tpm_result) { 1157e095e84SStefan Berger return tpm_errors[i].string; 1167e095e84SStefan Berger } 1177e095e84SStefan Berger } 1187e095e84SStefan Berger return ""; 1197e095e84SStefan Berger } 120f4ede81eSAmarnath Valluri 12117b1af77SMarc-André Lureau static int tpm_emulator_ctrlcmd(TPMEmulator *tpm, unsigned long cmd, void *msg, 122f4ede81eSAmarnath Valluri size_t msg_len_in, size_t msg_len_out) 123f4ede81eSAmarnath Valluri { 12417b1af77SMarc-André Lureau CharBackend *dev = &tpm->ctrl_chr; 125f4ede81eSAmarnath Valluri uint32_t cmd_no = cpu_to_be32(cmd); 126f4ede81eSAmarnath Valluri ssize_t n = sizeof(uint32_t) + msg_len_in; 127f4ede81eSAmarnath Valluri uint8_t *buf = NULL; 12817b1af77SMarc-André Lureau 129bf5dcf8fSPhilippe Mathieu-Daudé WITH_QEMU_LOCK_GUARD(&tpm->mutex) { 130f4ede81eSAmarnath Valluri buf = g_alloca(n); 131f4ede81eSAmarnath Valluri memcpy(buf, &cmd_no, sizeof(cmd_no)); 132f4ede81eSAmarnath Valluri memcpy(buf + sizeof(cmd_no), msg, msg_len_in); 133f4ede81eSAmarnath Valluri 134f4ede81eSAmarnath Valluri n = qemu_chr_fe_write_all(dev, buf, n); 135f4ede81eSAmarnath Valluri if (n <= 0) { 136bf5dcf8fSPhilippe Mathieu-Daudé return -1; 137f4ede81eSAmarnath Valluri } 138f4ede81eSAmarnath Valluri 139f4ede81eSAmarnath Valluri if (msg_len_out != 0) { 140f4ede81eSAmarnath Valluri n = qemu_chr_fe_read_all(dev, msg, msg_len_out); 141f4ede81eSAmarnath Valluri if (n <= 0) { 142bf5dcf8fSPhilippe Mathieu-Daudé return -1; 143bf5dcf8fSPhilippe Mathieu-Daudé } 144f4ede81eSAmarnath Valluri } 145f4ede81eSAmarnath Valluri } 146f4ede81eSAmarnath Valluri 147bf5dcf8fSPhilippe Mathieu-Daudé return 0; 148f4ede81eSAmarnath Valluri } 149f4ede81eSAmarnath Valluri 150f4ede81eSAmarnath Valluri static int tpm_emulator_unix_tx_bufs(TPMEmulator *tpm_emu, 151f4ede81eSAmarnath Valluri const uint8_t *in, uint32_t in_len, 152f4ede81eSAmarnath Valluri uint8_t *out, uint32_t out_len, 153f4ede81eSAmarnath Valluri bool *selftest_done, 154e04e3321SVladimir Sementsov-Ogievskiy Error **errp) 155f4ede81eSAmarnath Valluri { 156f4ede81eSAmarnath Valluri ssize_t ret; 157f4ede81eSAmarnath Valluri bool is_selftest = false; 158f4ede81eSAmarnath Valluri 159f4ede81eSAmarnath Valluri if (selftest_done) { 160f4ede81eSAmarnath Valluri *selftest_done = false; 161f4ede81eSAmarnath Valluri is_selftest = tpm_util_is_selftest(in, in_len); 162f4ede81eSAmarnath Valluri } 163f4ede81eSAmarnath Valluri 164e04e3321SVladimir Sementsov-Ogievskiy ret = qio_channel_write_all(tpm_emu->data_ioc, (char *)in, in_len, errp); 165f4ede81eSAmarnath Valluri if (ret != 0) { 166f4ede81eSAmarnath Valluri return -1; 167f4ede81eSAmarnath Valluri } 168f4ede81eSAmarnath Valluri 169cc1b6c55SMarc-André Lureau ret = qio_channel_read_all(tpm_emu->data_ioc, (char *)out, 170e04e3321SVladimir Sementsov-Ogievskiy sizeof(struct tpm_resp_hdr), errp); 171f4ede81eSAmarnath Valluri if (ret != 0) { 172f4ede81eSAmarnath Valluri return -1; 173f4ede81eSAmarnath Valluri } 174f4ede81eSAmarnath Valluri 175cc1b6c55SMarc-André Lureau ret = qio_channel_read_all(tpm_emu->data_ioc, 176cc1b6c55SMarc-André Lureau (char *)out + sizeof(struct tpm_resp_hdr), 177e04e3321SVladimir Sementsov-Ogievskiy tpm_cmd_get_size(out) - sizeof(struct tpm_resp_hdr), errp); 178f4ede81eSAmarnath Valluri if (ret != 0) { 179f4ede81eSAmarnath Valluri return -1; 180f4ede81eSAmarnath Valluri } 181f4ede81eSAmarnath Valluri 182f4ede81eSAmarnath Valluri if (is_selftest) { 183cc1b6c55SMarc-André Lureau *selftest_done = tpm_cmd_get_errcode(out) == 0; 184f4ede81eSAmarnath Valluri } 185f4ede81eSAmarnath Valluri 186f4ede81eSAmarnath Valluri return 0; 187f4ede81eSAmarnath Valluri } 188f4ede81eSAmarnath Valluri 189c106ede9SMarc-André Lureau static int tpm_emulator_set_locality(TPMEmulator *tpm_emu, uint8_t locty_number, 190c106ede9SMarc-André Lureau Error **errp) 191f4ede81eSAmarnath Valluri { 192f4ede81eSAmarnath Valluri ptm_loc loc; 193f4ede81eSAmarnath Valluri 194f4ede81eSAmarnath Valluri if (tpm_emu->cur_locty_number == locty_number) { 195f4ede81eSAmarnath Valluri return 0; 196f4ede81eSAmarnath Valluri } 197f4ede81eSAmarnath Valluri 1989d9dcd96SStefan Berger trace_tpm_emulator_set_locality(locty_number); 1999d9dcd96SStefan Berger 200eff1fe9fSStefan Berger memset(&loc, 0, sizeof(loc)); 201f4ede81eSAmarnath Valluri loc.u.req.loc = locty_number; 20217b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_LOCALITY, &loc, 203f4ede81eSAmarnath Valluri sizeof(loc), sizeof(loc)) < 0) { 204c106ede9SMarc-André Lureau error_setg(errp, "tpm-emulator: could not set locality : %s", 205f4ede81eSAmarnath Valluri strerror(errno)); 206f4ede81eSAmarnath Valluri return -1; 207f4ede81eSAmarnath Valluri } 208f4ede81eSAmarnath Valluri 209f4ede81eSAmarnath Valluri loc.u.resp.tpm_result = be32_to_cpu(loc.u.resp.tpm_result); 210f4ede81eSAmarnath Valluri if (loc.u.resp.tpm_result != 0) { 211c106ede9SMarc-André Lureau error_setg(errp, "tpm-emulator: TPM result for set locality : 0x%x", 212f4ede81eSAmarnath Valluri loc.u.resp.tpm_result); 213f4ede81eSAmarnath Valluri return -1; 214f4ede81eSAmarnath Valluri } 215f4ede81eSAmarnath Valluri 216f4ede81eSAmarnath Valluri tpm_emu->cur_locty_number = locty_number; 217f4ede81eSAmarnath Valluri 218f4ede81eSAmarnath Valluri return 0; 219f4ede81eSAmarnath Valluri } 220f4ede81eSAmarnath Valluri 2216a8a2354SMarc-André Lureau static void tpm_emulator_handle_request(TPMBackend *tb, TPMBackendCmd *cmd, 2226a8a2354SMarc-André Lureau Error **errp) 223f4ede81eSAmarnath Valluri { 224f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 225f4ede81eSAmarnath Valluri 2269d9dcd96SStefan Berger trace_tpm_emulator_handle_request(); 227f4ede81eSAmarnath Valluri 2286a8a2354SMarc-André Lureau if (tpm_emulator_set_locality(tpm_emu, cmd->locty, errp) < 0 || 2296a8a2354SMarc-André Lureau tpm_emulator_unix_tx_bufs(tpm_emu, cmd->in, cmd->in_len, 2300e43b7e6SMarc-André Lureau cmd->out, cmd->out_len, 2316a8a2354SMarc-André Lureau &cmd->selftest_done, errp) < 0) { 2320e43b7e6SMarc-André Lureau tpm_util_write_fatal_error_response(cmd->out, cmd->out_len); 2336a8a2354SMarc-André Lureau } 234f4ede81eSAmarnath Valluri } 235f4ede81eSAmarnath Valluri 236f4ede81eSAmarnath Valluri static int tpm_emulator_probe_caps(TPMEmulator *tpm_emu) 237f4ede81eSAmarnath Valluri { 23817b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_CAPABILITY, 239f4ede81eSAmarnath Valluri &tpm_emu->caps, 0, sizeof(tpm_emu->caps)) < 0) { 240f4ede81eSAmarnath Valluri error_report("tpm-emulator: probing failed : %s", strerror(errno)); 241f4ede81eSAmarnath Valluri return -1; 242f4ede81eSAmarnath Valluri } 243f4ede81eSAmarnath Valluri 244f4ede81eSAmarnath Valluri tpm_emu->caps = be64_to_cpu(tpm_emu->caps); 245f4ede81eSAmarnath Valluri 2469d9dcd96SStefan Berger trace_tpm_emulator_probe_caps(tpm_emu->caps); 247f4ede81eSAmarnath Valluri 248f4ede81eSAmarnath Valluri return 0; 249f4ede81eSAmarnath Valluri } 250f4ede81eSAmarnath Valluri 251f4ede81eSAmarnath Valluri static int tpm_emulator_check_caps(TPMEmulator *tpm_emu) 252f4ede81eSAmarnath Valluri { 253f4ede81eSAmarnath Valluri ptm_cap caps = 0; 254f4ede81eSAmarnath Valluri const char *tpm = NULL; 255f4ede81eSAmarnath Valluri 256f4ede81eSAmarnath Valluri /* check for min. required capabilities */ 257f4ede81eSAmarnath Valluri switch (tpm_emu->tpm_version) { 258f4ede81eSAmarnath Valluri case TPM_VERSION_1_2: 259f4ede81eSAmarnath Valluri caps = PTM_CAP_INIT | PTM_CAP_SHUTDOWN | PTM_CAP_GET_TPMESTABLISHED | 2609375c44fSStefan Berger PTM_CAP_SET_LOCALITY | PTM_CAP_SET_DATAFD | PTM_CAP_STOP | 2619375c44fSStefan Berger PTM_CAP_SET_BUFFERSIZE; 262f4ede81eSAmarnath Valluri tpm = "1.2"; 263f4ede81eSAmarnath Valluri break; 264f4ede81eSAmarnath Valluri case TPM_VERSION_2_0: 265f4ede81eSAmarnath Valluri caps = PTM_CAP_INIT | PTM_CAP_SHUTDOWN | PTM_CAP_GET_TPMESTABLISHED | 266f4ede81eSAmarnath Valluri PTM_CAP_SET_LOCALITY | PTM_CAP_RESET_TPMESTABLISHED | 2679375c44fSStefan Berger PTM_CAP_SET_DATAFD | PTM_CAP_STOP | PTM_CAP_SET_BUFFERSIZE; 268f4ede81eSAmarnath Valluri tpm = "2"; 269f4ede81eSAmarnath Valluri break; 270f4ede81eSAmarnath Valluri case TPM_VERSION_UNSPEC: 271f4ede81eSAmarnath Valluri error_report("tpm-emulator: TPM version has not been set"); 272f4ede81eSAmarnath Valluri return -1; 273f4ede81eSAmarnath Valluri } 274f4ede81eSAmarnath Valluri 275f4ede81eSAmarnath Valluri if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, caps)) { 276f4ede81eSAmarnath Valluri error_report("tpm-emulator: TPM does not implement minimum set of " 277f4ede81eSAmarnath Valluri "required capabilities for TPM %s (0x%x)", tpm, (int)caps); 278f4ede81eSAmarnath Valluri return -1; 279f4ede81eSAmarnath Valluri } 280f4ede81eSAmarnath Valluri 281f4ede81eSAmarnath Valluri return 0; 282f4ede81eSAmarnath Valluri } 283f4ede81eSAmarnath Valluri 2849375c44fSStefan Berger static int tpm_emulator_stop_tpm(TPMBackend *tb) 2859375c44fSStefan Berger { 2869375c44fSStefan Berger TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 2879375c44fSStefan Berger ptm_res res; 2889375c44fSStefan Berger 2899375c44fSStefan Berger if (tpm_emulator_ctrlcmd(tpm_emu, CMD_STOP, &res, 0, sizeof(res)) < 0) { 2909375c44fSStefan Berger error_report("tpm-emulator: Could not stop TPM: %s", 2919375c44fSStefan Berger strerror(errno)); 2929375c44fSStefan Berger return -1; 2939375c44fSStefan Berger } 2949375c44fSStefan Berger 2959375c44fSStefan Berger res = be32_to_cpu(res); 2969375c44fSStefan Berger if (res) { 2977e095e84SStefan Berger error_report("tpm-emulator: TPM result for CMD_STOP: 0x%x %s", res, 2987e095e84SStefan Berger tpm_emulator_strerror(res)); 2999375c44fSStefan Berger return -1; 3009375c44fSStefan Berger } 3019375c44fSStefan Berger 3029375c44fSStefan Berger return 0; 3039375c44fSStefan Berger } 3049375c44fSStefan Berger 3059375c44fSStefan Berger static int tpm_emulator_set_buffer_size(TPMBackend *tb, 3069375c44fSStefan Berger size_t wanted_size, 3079375c44fSStefan Berger size_t *actual_size) 3089375c44fSStefan Berger { 3099375c44fSStefan Berger TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 3109375c44fSStefan Berger ptm_setbuffersize psbs; 3119375c44fSStefan Berger 3129375c44fSStefan Berger if (tpm_emulator_stop_tpm(tb) < 0) { 3139375c44fSStefan Berger return -1; 3149375c44fSStefan Berger } 3159375c44fSStefan Berger 3169375c44fSStefan Berger psbs.u.req.buffersize = cpu_to_be32(wanted_size); 3179375c44fSStefan Berger 3189375c44fSStefan Berger if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_BUFFERSIZE, &psbs, 3199375c44fSStefan Berger sizeof(psbs.u.req), sizeof(psbs.u.resp)) < 0) { 3209375c44fSStefan Berger error_report("tpm-emulator: Could not set buffer size: %s", 3219375c44fSStefan Berger strerror(errno)); 3229375c44fSStefan Berger return -1; 3239375c44fSStefan Berger } 3249375c44fSStefan Berger 3259375c44fSStefan Berger psbs.u.resp.tpm_result = be32_to_cpu(psbs.u.resp.tpm_result); 3269375c44fSStefan Berger if (psbs.u.resp.tpm_result != 0) { 3277e095e84SStefan Berger error_report("tpm-emulator: TPM result for set buffer size : 0x%x %s", 3287e095e84SStefan Berger psbs.u.resp.tpm_result, 3297e095e84SStefan Berger tpm_emulator_strerror(psbs.u.resp.tpm_result)); 3309375c44fSStefan Berger return -1; 3319375c44fSStefan Berger } 3329375c44fSStefan Berger 3339375c44fSStefan Berger if (actual_size) { 3349375c44fSStefan Berger *actual_size = be32_to_cpu(psbs.u.resp.buffersize); 3359375c44fSStefan Berger } 3369375c44fSStefan Berger 3379d9dcd96SStefan Berger trace_tpm_emulator_set_buffer_size( 3389375c44fSStefan Berger be32_to_cpu(psbs.u.resp.buffersize), 3399375c44fSStefan Berger be32_to_cpu(psbs.u.resp.minsize), 3409375c44fSStefan Berger be32_to_cpu(psbs.u.resp.maxsize)); 3419375c44fSStefan Berger 3429375c44fSStefan Berger return 0; 3439375c44fSStefan Berger } 3449375c44fSStefan Berger 34538ab74e7SStefan Berger static int tpm_emulator_startup_tpm_resume(TPMBackend *tb, size_t buffersize, 34638ab74e7SStefan Berger bool is_resume) 347f4ede81eSAmarnath Valluri { 348f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 34930270587SStefan Berger ptm_init init = { 35030270587SStefan Berger .u.req.init_flags = 0, 35130270587SStefan Berger }; 352f4ede81eSAmarnath Valluri ptm_res res; 353f4ede81eSAmarnath Valluri 35438ab74e7SStefan Berger trace_tpm_emulator_startup_tpm_resume(is_resume, buffersize); 35538ab74e7SStefan Berger 3569375c44fSStefan Berger if (buffersize != 0 && 3579375c44fSStefan Berger tpm_emulator_set_buffer_size(tb, buffersize, NULL) < 0) { 3589375c44fSStefan Berger goto err_exit; 3599375c44fSStefan Berger } 3609375c44fSStefan Berger 36138ab74e7SStefan Berger if (is_resume) { 36238ab74e7SStefan Berger init.u.req.init_flags |= cpu_to_be32(PTM_INIT_FLAG_DELETE_VOLATILE); 36338ab74e7SStefan Berger } 36438ab74e7SStefan Berger 36517b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_INIT, &init, sizeof(init), 366f4ede81eSAmarnath Valluri sizeof(init)) < 0) { 367f4ede81eSAmarnath Valluri error_report("tpm-emulator: could not send INIT: %s", 368f4ede81eSAmarnath Valluri strerror(errno)); 369f4ede81eSAmarnath Valluri goto err_exit; 370f4ede81eSAmarnath Valluri } 371f4ede81eSAmarnath Valluri 372f4ede81eSAmarnath Valluri res = be32_to_cpu(init.u.resp.tpm_result); 373f4ede81eSAmarnath Valluri if (res) { 3747e095e84SStefan Berger error_report("tpm-emulator: TPM result for CMD_INIT: 0x%x %s", res, 3757e095e84SStefan Berger tpm_emulator_strerror(res)); 376f4ede81eSAmarnath Valluri goto err_exit; 377f4ede81eSAmarnath Valluri } 378f4ede81eSAmarnath Valluri return 0; 379f4ede81eSAmarnath Valluri 380f4ede81eSAmarnath Valluri err_exit: 381f4ede81eSAmarnath Valluri return -1; 382f4ede81eSAmarnath Valluri } 383f4ede81eSAmarnath Valluri 38438ab74e7SStefan Berger static int tpm_emulator_startup_tpm(TPMBackend *tb, size_t buffersize) 38538ab74e7SStefan Berger { 38638ab74e7SStefan Berger return tpm_emulator_startup_tpm_resume(tb, buffersize, false); 38738ab74e7SStefan Berger } 38838ab74e7SStefan Berger 389f4ede81eSAmarnath Valluri static bool tpm_emulator_get_tpm_established_flag(TPMBackend *tb) 390f4ede81eSAmarnath Valluri { 391f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 392f4ede81eSAmarnath Valluri ptm_est est; 393f4ede81eSAmarnath Valluri 3940b4c7c65SStefan Berger if (tpm_emu->established_flag_cached) { 3950b4c7c65SStefan Berger return tpm_emu->established_flag; 3960b4c7c65SStefan Berger } 3970b4c7c65SStefan Berger 39817b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_TPMESTABLISHED, &est, 399f4ede81eSAmarnath Valluri 0, sizeof(est)) < 0) { 400f4ede81eSAmarnath Valluri error_report("tpm-emulator: Could not get the TPM established flag: %s", 401f4ede81eSAmarnath Valluri strerror(errno)); 402f4ede81eSAmarnath Valluri return false; 403f4ede81eSAmarnath Valluri } 4049d9dcd96SStefan Berger trace_tpm_emulator_get_tpm_established_flag(est.u.resp.bit); 405f4ede81eSAmarnath Valluri 4060b4c7c65SStefan Berger tpm_emu->established_flag_cached = 1; 4070b4c7c65SStefan Berger tpm_emu->established_flag = (est.u.resp.bit != 0); 4080b4c7c65SStefan Berger 4090b4c7c65SStefan Berger return tpm_emu->established_flag; 410f4ede81eSAmarnath Valluri } 411f4ede81eSAmarnath Valluri 412f4ede81eSAmarnath Valluri static int tpm_emulator_reset_tpm_established_flag(TPMBackend *tb, 413f4ede81eSAmarnath Valluri uint8_t locty) 414f4ede81eSAmarnath Valluri { 415f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 416f4ede81eSAmarnath Valluri ptm_reset_est reset_est; 417f4ede81eSAmarnath Valluri ptm_res res; 418f4ede81eSAmarnath Valluri 419f4ede81eSAmarnath Valluri /* only a TPM 2.0 will support this */ 420f4ede81eSAmarnath Valluri if (tpm_emu->tpm_version != TPM_VERSION_2_0) { 421f4ede81eSAmarnath Valluri return 0; 422f4ede81eSAmarnath Valluri } 423f4ede81eSAmarnath Valluri 424f4ede81eSAmarnath Valluri reset_est.u.req.loc = tpm_emu->cur_locty_number; 42517b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_RESET_TPMESTABLISHED, 426f4ede81eSAmarnath Valluri &reset_est, sizeof(reset_est), 427f4ede81eSAmarnath Valluri sizeof(reset_est)) < 0) { 428f4ede81eSAmarnath Valluri error_report("tpm-emulator: Could not reset the establishment bit: %s", 429f4ede81eSAmarnath Valluri strerror(errno)); 430f4ede81eSAmarnath Valluri return -1; 431f4ede81eSAmarnath Valluri } 432f4ede81eSAmarnath Valluri 433f4ede81eSAmarnath Valluri res = be32_to_cpu(reset_est.u.resp.tpm_result); 434f4ede81eSAmarnath Valluri if (res) { 4357e095e84SStefan Berger error_report( 4367e095e84SStefan Berger "tpm-emulator: TPM result for rest established flag: 0x%x %s", 4377e095e84SStefan Berger res, tpm_emulator_strerror(res)); 438f4ede81eSAmarnath Valluri return -1; 439f4ede81eSAmarnath Valluri } 440f4ede81eSAmarnath Valluri 4410b4c7c65SStefan Berger tpm_emu->established_flag_cached = 0; 4420b4c7c65SStefan Berger 443f4ede81eSAmarnath Valluri return 0; 444f4ede81eSAmarnath Valluri } 445f4ede81eSAmarnath Valluri 446f4ede81eSAmarnath Valluri static void tpm_emulator_cancel_cmd(TPMBackend *tb) 447f4ede81eSAmarnath Valluri { 448f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 449f4ede81eSAmarnath Valluri ptm_res res; 450f4ede81eSAmarnath Valluri 451f4ede81eSAmarnath Valluri if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, PTM_CAP_CANCEL_TPM_CMD)) { 4529d9dcd96SStefan Berger trace_tpm_emulator_cancel_cmd_not_supt(); 453f4ede81eSAmarnath Valluri return; 454f4ede81eSAmarnath Valluri } 455f4ede81eSAmarnath Valluri 4563d011411SMarc-André Lureau /* FIXME: make the function non-blocking, or it may block a VCPU */ 45717b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_CANCEL_TPM_CMD, &res, 0, 458f4ede81eSAmarnath Valluri sizeof(res)) < 0) { 459f4ede81eSAmarnath Valluri error_report("tpm-emulator: Could not cancel command: %s", 460f4ede81eSAmarnath Valluri strerror(errno)); 461f4ede81eSAmarnath Valluri } else if (res != 0) { 462f4ede81eSAmarnath Valluri error_report("tpm-emulator: Failed to cancel TPM: 0x%x", 463f4ede81eSAmarnath Valluri be32_to_cpu(res)); 464f4ede81eSAmarnath Valluri } 465f4ede81eSAmarnath Valluri } 466f4ede81eSAmarnath Valluri 467f4ede81eSAmarnath Valluri static TPMVersion tpm_emulator_get_tpm_version(TPMBackend *tb) 468f4ede81eSAmarnath Valluri { 469f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 470f4ede81eSAmarnath Valluri 471f4ede81eSAmarnath Valluri return tpm_emu->tpm_version; 472f4ede81eSAmarnath Valluri } 473f4ede81eSAmarnath Valluri 474b21e6aafSStefan Berger static size_t tpm_emulator_get_buffer_size(TPMBackend *tb) 475b21e6aafSStefan Berger { 4769375c44fSStefan Berger size_t actual_size; 4779375c44fSStefan Berger 4789375c44fSStefan Berger if (tpm_emulator_set_buffer_size(tb, 0, &actual_size) < 0) { 479b21e6aafSStefan Berger return 4096; 480b21e6aafSStefan Berger } 481b21e6aafSStefan Berger 4829375c44fSStefan Berger return actual_size; 4839375c44fSStefan Berger } 4849375c44fSStefan Berger 485f4ede81eSAmarnath Valluri static int tpm_emulator_block_migration(TPMEmulator *tpm_emu) 486f4ede81eSAmarnath Valluri { 487f4ede81eSAmarnath Valluri Error *err = NULL; 48838ab74e7SStefan Berger ptm_cap caps = PTM_CAP_GET_STATEBLOB | PTM_CAP_SET_STATEBLOB | 48938ab74e7SStefan Berger PTM_CAP_STOP; 490f4ede81eSAmarnath Valluri 49138ab74e7SStefan Berger if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, caps)) { 492f4ede81eSAmarnath Valluri error_setg(&tpm_emu->migration_blocker, 49338ab74e7SStefan Berger "Migration disabled: TPM emulator does not support " 49438ab74e7SStefan Berger "migration"); 495436c831aSMarkus Armbruster if (migrate_add_blocker(tpm_emu->migration_blocker, &err) < 0) { 496f4ede81eSAmarnath Valluri error_report_err(err); 497f4ede81eSAmarnath Valluri error_free(tpm_emu->migration_blocker); 498f4ede81eSAmarnath Valluri tpm_emu->migration_blocker = NULL; 499f4ede81eSAmarnath Valluri 500f4ede81eSAmarnath Valluri return -1; 501f4ede81eSAmarnath Valluri } 50238ab74e7SStefan Berger } 503f4ede81eSAmarnath Valluri 504f4ede81eSAmarnath Valluri return 0; 505f4ede81eSAmarnath Valluri } 506f4ede81eSAmarnath Valluri 507f4ede81eSAmarnath Valluri static int tpm_emulator_prepare_data_fd(TPMEmulator *tpm_emu) 508f4ede81eSAmarnath Valluri { 509f4ede81eSAmarnath Valluri ptm_res res; 510f4ede81eSAmarnath Valluri Error *err = NULL; 511f4ede81eSAmarnath Valluri int fds[2] = { -1, -1 }; 512f4ede81eSAmarnath Valluri 513f4ede81eSAmarnath Valluri if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds) < 0) { 514f4ede81eSAmarnath Valluri error_report("tpm-emulator: Failed to create socketpair"); 515f4ede81eSAmarnath Valluri return -1; 516f4ede81eSAmarnath Valluri } 517f4ede81eSAmarnath Valluri 518f4ede81eSAmarnath Valluri qemu_chr_fe_set_msgfds(&tpm_emu->ctrl_chr, fds + 1, 1); 519f4ede81eSAmarnath Valluri 52017b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_DATAFD, &res, 0, 52117b1af77SMarc-André Lureau sizeof(res)) < 0 || res != 0) { 522f4ede81eSAmarnath Valluri error_report("tpm-emulator: Failed to send CMD_SET_DATAFD: %s", 523f4ede81eSAmarnath Valluri strerror(errno)); 524f4ede81eSAmarnath Valluri goto err_exit; 525f4ede81eSAmarnath Valluri } 526f4ede81eSAmarnath Valluri 527f4ede81eSAmarnath Valluri tpm_emu->data_ioc = QIO_CHANNEL(qio_channel_socket_new_fd(fds[0], &err)); 528f4ede81eSAmarnath Valluri if (err) { 529f4ede81eSAmarnath Valluri error_prepend(&err, "tpm-emulator: Failed to create io channel: "); 530f4ede81eSAmarnath Valluri error_report_err(err); 531f4ede81eSAmarnath Valluri goto err_exit; 532f4ede81eSAmarnath Valluri } 533f4ede81eSAmarnath Valluri 534f4ede81eSAmarnath Valluri closesocket(fds[1]); 535f4ede81eSAmarnath Valluri 536f4ede81eSAmarnath Valluri return 0; 537f4ede81eSAmarnath Valluri 538f4ede81eSAmarnath Valluri err_exit: 539f4ede81eSAmarnath Valluri closesocket(fds[0]); 540f4ede81eSAmarnath Valluri closesocket(fds[1]); 541f4ede81eSAmarnath Valluri return -1; 542f4ede81eSAmarnath Valluri } 543f4ede81eSAmarnath Valluri 544f4ede81eSAmarnath Valluri static int tpm_emulator_handle_device_opts(TPMEmulator *tpm_emu, QemuOpts *opts) 545f4ede81eSAmarnath Valluri { 546f4ede81eSAmarnath Valluri const char *value; 54788f83074SStefan Berger Error *err = NULL; 54888f83074SStefan Berger Chardev *dev; 549f4ede81eSAmarnath Valluri 550f4ede81eSAmarnath Valluri value = qemu_opt_get(opts, "chardev"); 55188f83074SStefan Berger if (!value) { 55288f83074SStefan Berger error_report("tpm-emulator: parameter 'chardev' is missing"); 55388f83074SStefan Berger goto err; 55488f83074SStefan Berger } 555f4ede81eSAmarnath Valluri 55688f83074SStefan Berger dev = qemu_chr_find(value); 557f4ede81eSAmarnath Valluri if (!dev) { 55888f83074SStefan Berger error_report("tpm-emulator: tpm chardev '%s' not found", value); 559f4ede81eSAmarnath Valluri goto err; 560f4ede81eSAmarnath Valluri } 561f4ede81eSAmarnath Valluri 562f4ede81eSAmarnath Valluri if (!qemu_chr_fe_init(&tpm_emu->ctrl_chr, dev, &err)) { 563f4ede81eSAmarnath Valluri error_prepend(&err, "tpm-emulator: No valid chardev found at '%s':", 564f4ede81eSAmarnath Valluri value); 565f4ede81eSAmarnath Valluri error_report_err(err); 566f4ede81eSAmarnath Valluri goto err; 567f4ede81eSAmarnath Valluri } 568f4ede81eSAmarnath Valluri 569f4ede81eSAmarnath Valluri tpm_emu->options->chardev = g_strdup(value); 570f4ede81eSAmarnath Valluri 571f4ede81eSAmarnath Valluri if (tpm_emulator_prepare_data_fd(tpm_emu) < 0) { 572f4ede81eSAmarnath Valluri goto err; 573f4ede81eSAmarnath Valluri } 574f4ede81eSAmarnath Valluri 575f4ede81eSAmarnath Valluri /* FIXME: tpm_util_test_tpmdev() accepts only on socket fd, as it also used 576f4ede81eSAmarnath Valluri * by passthrough driver, which not yet using GIOChannel. 577f4ede81eSAmarnath Valluri */ 578f4ede81eSAmarnath Valluri if (tpm_util_test_tpmdev(QIO_CHANNEL_SOCKET(tpm_emu->data_ioc)->fd, 579f4ede81eSAmarnath Valluri &tpm_emu->tpm_version)) { 580f4ede81eSAmarnath Valluri error_report("'%s' is not emulating TPM device. Error: %s", 581f4ede81eSAmarnath Valluri tpm_emu->options->chardev, strerror(errno)); 582f4ede81eSAmarnath Valluri goto err; 583f4ede81eSAmarnath Valluri } 584f4ede81eSAmarnath Valluri 5859d9dcd96SStefan Berger switch (tpm_emu->tpm_version) { 5869d9dcd96SStefan Berger case TPM_VERSION_1_2: 5879d9dcd96SStefan Berger trace_tpm_emulator_handle_device_opts_tpm12(); 5889d9dcd96SStefan Berger break; 5899d9dcd96SStefan Berger case TPM_VERSION_2_0: 5909d9dcd96SStefan Berger trace_tpm_emulator_handle_device_opts_tpm2(); 5919d9dcd96SStefan Berger break; 5929d9dcd96SStefan Berger default: 5939d9dcd96SStefan Berger trace_tpm_emulator_handle_device_opts_unspec(); 5949d9dcd96SStefan Berger } 595f4ede81eSAmarnath Valluri 596f4ede81eSAmarnath Valluri if (tpm_emulator_probe_caps(tpm_emu) || 597f4ede81eSAmarnath Valluri tpm_emulator_check_caps(tpm_emu)) { 598f4ede81eSAmarnath Valluri goto err; 599f4ede81eSAmarnath Valluri } 600f4ede81eSAmarnath Valluri 601f4ede81eSAmarnath Valluri return tpm_emulator_block_migration(tpm_emu); 602f4ede81eSAmarnath Valluri 603f4ede81eSAmarnath Valluri err: 6049d9dcd96SStefan Berger trace_tpm_emulator_handle_device_opts_startup_error(); 6059d9dcd96SStefan Berger 606f4ede81eSAmarnath Valluri return -1; 607f4ede81eSAmarnath Valluri } 608f4ede81eSAmarnath Valluri 6099f7c0ef2SMarc-André Lureau static TPMBackend *tpm_emulator_create(QemuOpts *opts) 610f4ede81eSAmarnath Valluri { 611f4ede81eSAmarnath Valluri TPMBackend *tb = TPM_BACKEND(object_new(TYPE_TPM_EMULATOR)); 612f4ede81eSAmarnath Valluri 613f4ede81eSAmarnath Valluri if (tpm_emulator_handle_device_opts(TPM_EMULATOR(tb), opts)) { 6149f7c0ef2SMarc-André Lureau object_unref(OBJECT(tb)); 6159f7c0ef2SMarc-André Lureau return NULL; 616f4ede81eSAmarnath Valluri } 617f4ede81eSAmarnath Valluri 618f4ede81eSAmarnath Valluri return tb; 619f4ede81eSAmarnath Valluri } 620f4ede81eSAmarnath Valluri 621f4ede81eSAmarnath Valluri static TpmTypeOptions *tpm_emulator_get_tpm_options(TPMBackend *tb) 622f4ede81eSAmarnath Valluri { 623f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 624f4ede81eSAmarnath Valluri TpmTypeOptions *options = g_new0(TpmTypeOptions, 1); 625f4ede81eSAmarnath Valluri 626*39dc3e4aSMarkus Armbruster options->type = TPM_TYPE_EMULATOR; 627f4ede81eSAmarnath Valluri options->u.emulator.data = QAPI_CLONE(TPMEmulatorOptions, tpm_emu->options); 628f4ede81eSAmarnath Valluri 629f4ede81eSAmarnath Valluri return options; 630f4ede81eSAmarnath Valluri } 631f4ede81eSAmarnath Valluri 632f4ede81eSAmarnath Valluri static const QemuOptDesc tpm_emulator_cmdline_opts[] = { 633f4ede81eSAmarnath Valluri TPM_STANDARD_CMDLINE_OPTS, 634f4ede81eSAmarnath Valluri { 635f4ede81eSAmarnath Valluri .name = "chardev", 636f4ede81eSAmarnath Valluri .type = QEMU_OPT_STRING, 637f4ede81eSAmarnath Valluri .help = "Character device to use for out-of-band control messages", 638f4ede81eSAmarnath Valluri }, 639f4ede81eSAmarnath Valluri { /* end of list */ }, 640f4ede81eSAmarnath Valluri }; 641f4ede81eSAmarnath Valluri 64238ab74e7SStefan Berger /* 64338ab74e7SStefan Berger * Transfer a TPM state blob from the TPM into a provided buffer. 64438ab74e7SStefan Berger * 64538ab74e7SStefan Berger * @tpm_emu: TPMEmulator 64638ab74e7SStefan Berger * @type: the type of blob to transfer 64738ab74e7SStefan Berger * @tsb: the TPMSizeBuffer to fill with the blob 64838ab74e7SStefan Berger * @flags: the flags to return to the caller 64938ab74e7SStefan Berger */ 65038ab74e7SStefan Berger static int tpm_emulator_get_state_blob(TPMEmulator *tpm_emu, 65138ab74e7SStefan Berger uint8_t type, 65238ab74e7SStefan Berger TPMSizedBuffer *tsb, 65338ab74e7SStefan Berger uint32_t *flags) 65438ab74e7SStefan Berger { 65538ab74e7SStefan Berger ptm_getstate pgs; 65638ab74e7SStefan Berger ptm_res res; 65738ab74e7SStefan Berger ssize_t n; 65838ab74e7SStefan Berger uint32_t totlength, length; 65938ab74e7SStefan Berger 66038ab74e7SStefan Berger tpm_sized_buffer_reset(tsb); 66138ab74e7SStefan Berger 66238ab74e7SStefan Berger pgs.u.req.state_flags = cpu_to_be32(PTM_STATE_FLAG_DECRYPTED); 66338ab74e7SStefan Berger pgs.u.req.type = cpu_to_be32(type); 66438ab74e7SStefan Berger pgs.u.req.offset = 0; 66538ab74e7SStefan Berger 66638ab74e7SStefan Berger if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_STATEBLOB, 66738ab74e7SStefan Berger &pgs, sizeof(pgs.u.req), 66838ab74e7SStefan Berger offsetof(ptm_getstate, u.resp.data)) < 0) { 66938ab74e7SStefan Berger error_report("tpm-emulator: could not get state blob type %d : %s", 67038ab74e7SStefan Berger type, strerror(errno)); 67138ab74e7SStefan Berger return -1; 67238ab74e7SStefan Berger } 67338ab74e7SStefan Berger 67438ab74e7SStefan Berger res = be32_to_cpu(pgs.u.resp.tpm_result); 67538ab74e7SStefan Berger if (res != 0 && (res & 0x800) == 0) { 67638ab74e7SStefan Berger error_report("tpm-emulator: Getting the stateblob (type %d) failed " 6777e095e84SStefan Berger "with a TPM error 0x%x %s", type, res, 6787e095e84SStefan Berger tpm_emulator_strerror(res)); 67938ab74e7SStefan Berger return -1; 68038ab74e7SStefan Berger } 68138ab74e7SStefan Berger 68238ab74e7SStefan Berger totlength = be32_to_cpu(pgs.u.resp.totlength); 68338ab74e7SStefan Berger length = be32_to_cpu(pgs.u.resp.length); 68438ab74e7SStefan Berger if (totlength != length) { 68538ab74e7SStefan Berger error_report("tpm-emulator: Expecting to read %u bytes " 68638ab74e7SStefan Berger "but would get %u", totlength, length); 68738ab74e7SStefan Berger return -1; 68838ab74e7SStefan Berger } 68938ab74e7SStefan Berger 69038ab74e7SStefan Berger *flags = be32_to_cpu(pgs.u.resp.state_flags); 69138ab74e7SStefan Berger 69238ab74e7SStefan Berger if (totlength > 0) { 69338ab74e7SStefan Berger tsb->buffer = g_try_malloc(totlength); 69438ab74e7SStefan Berger if (!tsb->buffer) { 69538ab74e7SStefan Berger error_report("tpm-emulator: Out of memory allocating %u bytes", 69638ab74e7SStefan Berger totlength); 69738ab74e7SStefan Berger return -1; 69838ab74e7SStefan Berger } 69938ab74e7SStefan Berger 70038ab74e7SStefan Berger n = qemu_chr_fe_read_all(&tpm_emu->ctrl_chr, tsb->buffer, totlength); 70138ab74e7SStefan Berger if (n != totlength) { 70238ab74e7SStefan Berger error_report("tpm-emulator: Could not read stateblob (type %d); " 70338ab74e7SStefan Berger "expected %u bytes, got %zd", 70438ab74e7SStefan Berger type, totlength, n); 70538ab74e7SStefan Berger return -1; 70638ab74e7SStefan Berger } 70738ab74e7SStefan Berger } 70838ab74e7SStefan Berger tsb->size = totlength; 70938ab74e7SStefan Berger 71038ab74e7SStefan Berger trace_tpm_emulator_get_state_blob(type, tsb->size, *flags); 71138ab74e7SStefan Berger 71238ab74e7SStefan Berger return 0; 71338ab74e7SStefan Berger } 71438ab74e7SStefan Berger 71538ab74e7SStefan Berger static int tpm_emulator_get_state_blobs(TPMEmulator *tpm_emu) 71638ab74e7SStefan Berger { 71738ab74e7SStefan Berger TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs; 71838ab74e7SStefan Berger 71938ab74e7SStefan Berger if (tpm_emulator_get_state_blob(tpm_emu, PTM_BLOB_TYPE_PERMANENT, 72038ab74e7SStefan Berger &state_blobs->permanent, 72138ab74e7SStefan Berger &state_blobs->permanent_flags) < 0 || 72238ab74e7SStefan Berger tpm_emulator_get_state_blob(tpm_emu, PTM_BLOB_TYPE_VOLATILE, 72338ab74e7SStefan Berger &state_blobs->volatil, 72438ab74e7SStefan Berger &state_blobs->volatil_flags) < 0 || 72538ab74e7SStefan Berger tpm_emulator_get_state_blob(tpm_emu, PTM_BLOB_TYPE_SAVESTATE, 72638ab74e7SStefan Berger &state_blobs->savestate, 72738ab74e7SStefan Berger &state_blobs->savestate_flags) < 0) { 72838ab74e7SStefan Berger goto err_exit; 72938ab74e7SStefan Berger } 73038ab74e7SStefan Berger 73138ab74e7SStefan Berger return 0; 73238ab74e7SStefan Berger 73338ab74e7SStefan Berger err_exit: 73438ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->volatil); 73538ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->permanent); 73638ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->savestate); 73738ab74e7SStefan Berger 73838ab74e7SStefan Berger return -1; 73938ab74e7SStefan Berger } 74038ab74e7SStefan Berger 74138ab74e7SStefan Berger /* 74238ab74e7SStefan Berger * Transfer a TPM state blob to the TPM emulator. 74338ab74e7SStefan Berger * 74438ab74e7SStefan Berger * @tpm_emu: TPMEmulator 74538ab74e7SStefan Berger * @type: the type of TPM state blob to transfer 74638ab74e7SStefan Berger * @tsb: TPMSizedBuffer containing the TPM state blob 74738ab74e7SStefan Berger * @flags: Flags describing the (encryption) state of the TPM state blob 74838ab74e7SStefan Berger */ 74938ab74e7SStefan Berger static int tpm_emulator_set_state_blob(TPMEmulator *tpm_emu, 75038ab74e7SStefan Berger uint32_t type, 75138ab74e7SStefan Berger TPMSizedBuffer *tsb, 75238ab74e7SStefan Berger uint32_t flags) 75338ab74e7SStefan Berger { 75438ab74e7SStefan Berger ssize_t n; 75538ab74e7SStefan Berger ptm_setstate pss; 75638ab74e7SStefan Berger ptm_res tpm_result; 75738ab74e7SStefan Berger 75838ab74e7SStefan Berger if (tsb->size == 0) { 75938ab74e7SStefan Berger return 0; 76038ab74e7SStefan Berger } 76138ab74e7SStefan Berger 76238ab74e7SStefan Berger pss = (ptm_setstate) { 76338ab74e7SStefan Berger .u.req.state_flags = cpu_to_be32(flags), 76438ab74e7SStefan Berger .u.req.type = cpu_to_be32(type), 76538ab74e7SStefan Berger .u.req.length = cpu_to_be32(tsb->size), 76638ab74e7SStefan Berger }; 76738ab74e7SStefan Berger 76838ab74e7SStefan Berger /* write the header only */ 76938ab74e7SStefan Berger if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_STATEBLOB, &pss, 77038ab74e7SStefan Berger offsetof(ptm_setstate, u.req.data), 0) < 0) { 77138ab74e7SStefan Berger error_report("tpm-emulator: could not set state blob type %d : %s", 77238ab74e7SStefan Berger type, strerror(errno)); 77338ab74e7SStefan Berger return -1; 77438ab74e7SStefan Berger } 77538ab74e7SStefan Berger 77638ab74e7SStefan Berger /* now the body */ 77738ab74e7SStefan Berger n = qemu_chr_fe_write_all(&tpm_emu->ctrl_chr, tsb->buffer, tsb->size); 77838ab74e7SStefan Berger if (n != tsb->size) { 77938ab74e7SStefan Berger error_report("tpm-emulator: Writing the stateblob (type %d) " 78038ab74e7SStefan Berger "failed; could not write %u bytes, but only %zd", 78138ab74e7SStefan Berger type, tsb->size, n); 78238ab74e7SStefan Berger return -1; 78338ab74e7SStefan Berger } 78438ab74e7SStefan Berger 78538ab74e7SStefan Berger /* now get the result */ 78638ab74e7SStefan Berger n = qemu_chr_fe_read_all(&tpm_emu->ctrl_chr, 78738ab74e7SStefan Berger (uint8_t *)&pss, sizeof(pss.u.resp)); 78838ab74e7SStefan Berger if (n != sizeof(pss.u.resp)) { 78938ab74e7SStefan Berger error_report("tpm-emulator: Reading response from writing stateblob " 79038ab74e7SStefan Berger "(type %d) failed; expected %zu bytes, got %zd", type, 79138ab74e7SStefan Berger sizeof(pss.u.resp), n); 79238ab74e7SStefan Berger return -1; 79338ab74e7SStefan Berger } 79438ab74e7SStefan Berger 79538ab74e7SStefan Berger tpm_result = be32_to_cpu(pss.u.resp.tpm_result); 79638ab74e7SStefan Berger if (tpm_result != 0) { 79738ab74e7SStefan Berger error_report("tpm-emulator: Setting the stateblob (type %d) failed " 7987e095e84SStefan Berger "with a TPM error 0x%x %s", type, tpm_result, 7997e095e84SStefan Berger tpm_emulator_strerror(tpm_result)); 80038ab74e7SStefan Berger return -1; 80138ab74e7SStefan Berger } 80238ab74e7SStefan Berger 80338ab74e7SStefan Berger trace_tpm_emulator_set_state_blob(type, tsb->size, flags); 80438ab74e7SStefan Berger 80538ab74e7SStefan Berger return 0; 80638ab74e7SStefan Berger } 80738ab74e7SStefan Berger 80838ab74e7SStefan Berger /* 80938ab74e7SStefan Berger * Set all the TPM state blobs. 81038ab74e7SStefan Berger * 81138ab74e7SStefan Berger * Returns a negative errno code in case of error. 81238ab74e7SStefan Berger */ 81338ab74e7SStefan Berger static int tpm_emulator_set_state_blobs(TPMBackend *tb) 81438ab74e7SStefan Berger { 81538ab74e7SStefan Berger TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 81638ab74e7SStefan Berger TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs; 81738ab74e7SStefan Berger 81838ab74e7SStefan Berger trace_tpm_emulator_set_state_blobs(); 81938ab74e7SStefan Berger 82038ab74e7SStefan Berger if (tpm_emulator_stop_tpm(tb) < 0) { 82138ab74e7SStefan Berger trace_tpm_emulator_set_state_blobs_error("Could not stop TPM"); 82238ab74e7SStefan Berger return -EIO; 82338ab74e7SStefan Berger } 82438ab74e7SStefan Berger 82538ab74e7SStefan Berger if (tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_PERMANENT, 82638ab74e7SStefan Berger &state_blobs->permanent, 82738ab74e7SStefan Berger state_blobs->permanent_flags) < 0 || 82838ab74e7SStefan Berger tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_VOLATILE, 82938ab74e7SStefan Berger &state_blobs->volatil, 83038ab74e7SStefan Berger state_blobs->volatil_flags) < 0 || 83138ab74e7SStefan Berger tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_SAVESTATE, 83238ab74e7SStefan Berger &state_blobs->savestate, 83338ab74e7SStefan Berger state_blobs->savestate_flags) < 0) { 83438ab74e7SStefan Berger return -EIO; 83538ab74e7SStefan Berger } 83638ab74e7SStefan Berger 83738ab74e7SStefan Berger trace_tpm_emulator_set_state_blobs_done(); 83838ab74e7SStefan Berger 83938ab74e7SStefan Berger return 0; 84038ab74e7SStefan Berger } 84138ab74e7SStefan Berger 84238ab74e7SStefan Berger static int tpm_emulator_pre_save(void *opaque) 84338ab74e7SStefan Berger { 84438ab74e7SStefan Berger TPMBackend *tb = opaque; 84538ab74e7SStefan Berger TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 84638ab74e7SStefan Berger 84738ab74e7SStefan Berger trace_tpm_emulator_pre_save(); 84838ab74e7SStefan Berger 84938ab74e7SStefan Berger tpm_backend_finish_sync(tb); 85038ab74e7SStefan Berger 85138ab74e7SStefan Berger /* get the state blobs from the TPM */ 85238ab74e7SStefan Berger return tpm_emulator_get_state_blobs(tpm_emu); 85338ab74e7SStefan Berger } 85438ab74e7SStefan Berger 85538ab74e7SStefan Berger /* 85638ab74e7SStefan Berger * Load the TPM state blobs into the TPM. 85738ab74e7SStefan Berger * 85838ab74e7SStefan Berger * Returns negative errno codes in case of error. 85938ab74e7SStefan Berger */ 86038ab74e7SStefan Berger static int tpm_emulator_post_load(void *opaque, int version_id) 86138ab74e7SStefan Berger { 86238ab74e7SStefan Berger TPMBackend *tb = opaque; 86338ab74e7SStefan Berger int ret; 86438ab74e7SStefan Berger 86538ab74e7SStefan Berger ret = tpm_emulator_set_state_blobs(tb); 86638ab74e7SStefan Berger if (ret < 0) { 86738ab74e7SStefan Berger return ret; 86838ab74e7SStefan Berger } 86938ab74e7SStefan Berger 87038ab74e7SStefan Berger if (tpm_emulator_startup_tpm_resume(tb, 0, true) < 0) { 87138ab74e7SStefan Berger return -EIO; 87238ab74e7SStefan Berger } 87338ab74e7SStefan Berger 87438ab74e7SStefan Berger return 0; 87538ab74e7SStefan Berger } 87638ab74e7SStefan Berger 87738ab74e7SStefan Berger static const VMStateDescription vmstate_tpm_emulator = { 87838ab74e7SStefan Berger .name = "tpm-emulator", 87938ab74e7SStefan Berger .version_id = 0, 88038ab74e7SStefan Berger .pre_save = tpm_emulator_pre_save, 88138ab74e7SStefan Berger .post_load = tpm_emulator_post_load, 88238ab74e7SStefan Berger .fields = (VMStateField[]) { 88338ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.permanent_flags, TPMEmulator), 88438ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.permanent.size, TPMEmulator), 88538ab74e7SStefan Berger VMSTATE_VBUFFER_ALLOC_UINT32(state_blobs.permanent.buffer, 88638ab74e7SStefan Berger TPMEmulator, 0, 0, 88738ab74e7SStefan Berger state_blobs.permanent.size), 88838ab74e7SStefan Berger 88938ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.volatil_flags, TPMEmulator), 89038ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.volatil.size, TPMEmulator), 89138ab74e7SStefan Berger VMSTATE_VBUFFER_ALLOC_UINT32(state_blobs.volatil.buffer, 89238ab74e7SStefan Berger TPMEmulator, 0, 0, 89338ab74e7SStefan Berger state_blobs.volatil.size), 89438ab74e7SStefan Berger 89538ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.savestate_flags, TPMEmulator), 89638ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.savestate.size, TPMEmulator), 89738ab74e7SStefan Berger VMSTATE_VBUFFER_ALLOC_UINT32(state_blobs.savestate.buffer, 89838ab74e7SStefan Berger TPMEmulator, 0, 0, 89938ab74e7SStefan Berger state_blobs.savestate.size), 90038ab74e7SStefan Berger 90138ab74e7SStefan Berger VMSTATE_END_OF_LIST() 90238ab74e7SStefan Berger } 90338ab74e7SStefan Berger }; 90438ab74e7SStefan Berger 905f4ede81eSAmarnath Valluri static void tpm_emulator_inst_init(Object *obj) 906f4ede81eSAmarnath Valluri { 907f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(obj); 908f4ede81eSAmarnath Valluri 9099d9dcd96SStefan Berger trace_tpm_emulator_inst_init(); 9109d9dcd96SStefan Berger 911f4ede81eSAmarnath Valluri tpm_emu->options = g_new0(TPMEmulatorOptions, 1); 912f4ede81eSAmarnath Valluri tpm_emu->cur_locty_number = ~0; 91317b1af77SMarc-André Lureau qemu_mutex_init(&tpm_emu->mutex); 91438ab74e7SStefan Berger 9151df2c9a2SPeter Xu vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY, 9161df2c9a2SPeter Xu &vmstate_tpm_emulator, obj); 917f4ede81eSAmarnath Valluri } 918f4ede81eSAmarnath Valluri 919f4ede81eSAmarnath Valluri /* 920f4ede81eSAmarnath Valluri * Gracefully shut down the external TPM 921f4ede81eSAmarnath Valluri */ 922f4ede81eSAmarnath Valluri static void tpm_emulator_shutdown(TPMEmulator *tpm_emu) 923f4ede81eSAmarnath Valluri { 924f4ede81eSAmarnath Valluri ptm_res res; 925f4ede81eSAmarnath Valluri 92688f83074SStefan Berger if (!tpm_emu->options->chardev) { 92788f83074SStefan Berger /* was never properly initialized */ 92888f83074SStefan Berger return; 92988f83074SStefan Berger } 93088f83074SStefan Berger 93117b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SHUTDOWN, &res, 0, sizeof(res)) < 0) { 932f4ede81eSAmarnath Valluri error_report("tpm-emulator: Could not cleanly shutdown the TPM: %s", 933f4ede81eSAmarnath Valluri strerror(errno)); 934f4ede81eSAmarnath Valluri } else if (res != 0) { 9357e095e84SStefan Berger error_report("tpm-emulator: TPM result for shutdown: 0x%x %s", 9367e095e84SStefan Berger be32_to_cpu(res), tpm_emulator_strerror(be32_to_cpu(res))); 937f4ede81eSAmarnath Valluri } 938f4ede81eSAmarnath Valluri } 939f4ede81eSAmarnath Valluri 940f4ede81eSAmarnath Valluri static void tpm_emulator_inst_finalize(Object *obj) 941f4ede81eSAmarnath Valluri { 942f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(obj); 94338ab74e7SStefan Berger TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs; 944f4ede81eSAmarnath Valluri 945f4ede81eSAmarnath Valluri tpm_emulator_shutdown(tpm_emu); 946f4ede81eSAmarnath Valluri 947f4ede81eSAmarnath Valluri object_unref(OBJECT(tpm_emu->data_ioc)); 948f4ede81eSAmarnath Valluri 949f4ede81eSAmarnath Valluri qemu_chr_fe_deinit(&tpm_emu->ctrl_chr, false); 950f4ede81eSAmarnath Valluri 951f4ede81eSAmarnath Valluri qapi_free_TPMEmulatorOptions(tpm_emu->options); 952f4ede81eSAmarnath Valluri 953f4ede81eSAmarnath Valluri if (tpm_emu->migration_blocker) { 954f4ede81eSAmarnath Valluri migrate_del_blocker(tpm_emu->migration_blocker); 955f4ede81eSAmarnath Valluri error_free(tpm_emu->migration_blocker); 956f4ede81eSAmarnath Valluri } 95717b1af77SMarc-André Lureau 95838ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->volatil); 95938ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->permanent); 96038ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->savestate); 96138ab74e7SStefan Berger 96217b1af77SMarc-André Lureau qemu_mutex_destroy(&tpm_emu->mutex); 96338ab74e7SStefan Berger 96438ab74e7SStefan Berger vmstate_unregister(NULL, &vmstate_tpm_emulator, obj); 965f4ede81eSAmarnath Valluri } 966f4ede81eSAmarnath Valluri 967f4ede81eSAmarnath Valluri static void tpm_emulator_class_init(ObjectClass *klass, void *data) 968f4ede81eSAmarnath Valluri { 969f4ede81eSAmarnath Valluri TPMBackendClass *tbc = TPM_BACKEND_CLASS(klass); 970d31076baSMarc-André Lureau 971d31076baSMarc-André Lureau tbc->type = TPM_TYPE_EMULATOR; 972d31076baSMarc-André Lureau tbc->opts = tpm_emulator_cmdline_opts; 973d31076baSMarc-André Lureau tbc->desc = "TPM emulator backend driver"; 974d31076baSMarc-André Lureau tbc->create = tpm_emulator_create; 975d31076baSMarc-André Lureau tbc->startup_tpm = tpm_emulator_startup_tpm; 976d31076baSMarc-André Lureau tbc->cancel_cmd = tpm_emulator_cancel_cmd; 977d31076baSMarc-André Lureau tbc->get_tpm_established_flag = tpm_emulator_get_tpm_established_flag; 978d31076baSMarc-André Lureau tbc->reset_tpm_established_flag = tpm_emulator_reset_tpm_established_flag; 979d31076baSMarc-André Lureau tbc->get_tpm_version = tpm_emulator_get_tpm_version; 980b21e6aafSStefan Berger tbc->get_buffer_size = tpm_emulator_get_buffer_size; 981d31076baSMarc-André Lureau tbc->get_tpm_options = tpm_emulator_get_tpm_options; 982d31076baSMarc-André Lureau 983f4ede81eSAmarnath Valluri tbc->handle_request = tpm_emulator_handle_request; 984f4ede81eSAmarnath Valluri } 985f4ede81eSAmarnath Valluri 986f4ede81eSAmarnath Valluri static const TypeInfo tpm_emulator_info = { 987f4ede81eSAmarnath Valluri .name = TYPE_TPM_EMULATOR, 988f4ede81eSAmarnath Valluri .parent = TYPE_TPM_BACKEND, 989f4ede81eSAmarnath Valluri .instance_size = sizeof(TPMEmulator), 990f4ede81eSAmarnath Valluri .class_init = tpm_emulator_class_init, 991f4ede81eSAmarnath Valluri .instance_init = tpm_emulator_inst_init, 992f4ede81eSAmarnath Valluri .instance_finalize = tpm_emulator_inst_finalize, 993f4ede81eSAmarnath Valluri }; 994f4ede81eSAmarnath Valluri 995f4ede81eSAmarnath Valluri static void tpm_emulator_register(void) 996f4ede81eSAmarnath Valluri { 997f4ede81eSAmarnath Valluri type_register_static(&tpm_emulator_info); 998f4ede81eSAmarnath Valluri } 999f4ede81eSAmarnath Valluri 1000f4ede81eSAmarnath Valluri type_init(tpm_emulator_register) 1001