1f4ede81eSAmarnath Valluri /* 2f4ede81eSAmarnath Valluri * Emulator TPM driver 3f4ede81eSAmarnath Valluri * 4f4ede81eSAmarnath Valluri * Copyright (c) 2017 Intel Corporation 5f4ede81eSAmarnath Valluri * Author: Amarnath Valluri <amarnath.valluri@intel.com> 6f4ede81eSAmarnath Valluri * 738ab74e7SStefan Berger * Copyright (c) 2010 - 2013, 2018 IBM Corporation 8f4ede81eSAmarnath Valluri * Authors: 9f4ede81eSAmarnath Valluri * Stefan Berger <stefanb@us.ibm.com> 10f4ede81eSAmarnath Valluri * 11f4ede81eSAmarnath Valluri * Copyright (C) 2011 IAIK, Graz University of Technology 12f4ede81eSAmarnath Valluri * Author: Andreas Niederl 13f4ede81eSAmarnath Valluri * 14f4ede81eSAmarnath Valluri * This library is free software; you can redistribute it and/or 15f4ede81eSAmarnath Valluri * modify it under the terms of the GNU Lesser General Public 16f4ede81eSAmarnath Valluri * License as published by the Free Software Foundation; either 17eac2fce9SChetan Pant * version 2.1 of the License, or (at your option) any later version. 18f4ede81eSAmarnath Valluri * 19f4ede81eSAmarnath Valluri * This library is distributed in the hope that it will be useful, 20f4ede81eSAmarnath Valluri * but WITHOUT ANY WARRANTY; without even the implied warranty of 21f4ede81eSAmarnath Valluri * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 22f4ede81eSAmarnath Valluri * Lesser General Public License for more details. 23f4ede81eSAmarnath Valluri * 24f4ede81eSAmarnath Valluri * You should have received a copy of the GNU Lesser General Public 25f4ede81eSAmarnath Valluri * License along with this library; if not, see <http://www.gnu.org/licenses/> 26f4ede81eSAmarnath Valluri * 27f4ede81eSAmarnath Valluri */ 28f4ede81eSAmarnath Valluri 29f4ede81eSAmarnath Valluri #include "qemu/osdep.h" 30f4ede81eSAmarnath Valluri #include "qemu/error-report.h" 310b8fa32fSMarkus Armbruster #include "qemu/module.h" 32f4ede81eSAmarnath Valluri #include "qemu/sockets.h" 33*bf5dcf8fSPhilippe Mathieu-Daudé #include "qemu/lockable.h" 34f4ede81eSAmarnath Valluri #include "io/channel-socket.h" 35f4ede81eSAmarnath Valluri #include "sysemu/tpm_backend.h" 360f7d2148SPhilippe Mathieu-Daudé #include "sysemu/tpm_util.h" 37f4ede81eSAmarnath Valluri #include "tpm_int.h" 38f4ede81eSAmarnath Valluri #include "tpm_ioctl.h" 39f4ede81eSAmarnath Valluri #include "migration/blocker.h" 40d6454270SMarkus Armbruster #include "migration/vmstate.h" 41f4ede81eSAmarnath Valluri #include "qapi/error.h" 42f4ede81eSAmarnath Valluri #include "qapi/clone-visitor.h" 439af23989SMarkus Armbruster #include "qapi/qapi-visit-tpm.h" 44f4ede81eSAmarnath Valluri #include "chardev/char-fe.h" 459d9dcd96SStefan Berger #include "trace.h" 46db1015e9SEduardo Habkost #include "qom/object.h" 47f4ede81eSAmarnath Valluri 48f4ede81eSAmarnath Valluri #define TYPE_TPM_EMULATOR "tpm-emulator" 498063396bSEduardo Habkost OBJECT_DECLARE_SIMPLE_TYPE(TPMEmulator, TPM_EMULATOR) 50f4ede81eSAmarnath Valluri 51f4ede81eSAmarnath Valluri #define TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(S, cap) (((S)->caps & (cap)) == (cap)) 52f4ede81eSAmarnath Valluri 53f4ede81eSAmarnath Valluri /* data structures */ 5438ab74e7SStefan Berger 5538ab74e7SStefan Berger /* blobs from the TPM; part of VM state when migrating */ 5638ab74e7SStefan Berger typedef struct TPMBlobBuffers { 5738ab74e7SStefan Berger uint32_t permanent_flags; 5838ab74e7SStefan Berger TPMSizedBuffer permanent; 5938ab74e7SStefan Berger 6038ab74e7SStefan Berger uint32_t volatil_flags; 6138ab74e7SStefan Berger TPMSizedBuffer volatil; 6238ab74e7SStefan Berger 6338ab74e7SStefan Berger uint32_t savestate_flags; 6438ab74e7SStefan Berger TPMSizedBuffer savestate; 6538ab74e7SStefan Berger } TPMBlobBuffers; 6638ab74e7SStefan Berger 67db1015e9SEduardo Habkost struct TPMEmulator { 68f4ede81eSAmarnath Valluri TPMBackend parent; 69f4ede81eSAmarnath Valluri 70f4ede81eSAmarnath Valluri TPMEmulatorOptions *options; 71f4ede81eSAmarnath Valluri CharBackend ctrl_chr; 72f4ede81eSAmarnath Valluri QIOChannel *data_ioc; 73f4ede81eSAmarnath Valluri TPMVersion tpm_version; 74f4ede81eSAmarnath Valluri ptm_cap caps; /* capabilities of the TPM */ 75f4ede81eSAmarnath Valluri uint8_t cur_locty_number; /* last set locality */ 76f4ede81eSAmarnath Valluri Error *migration_blocker; 7717b1af77SMarc-André Lureau 7817b1af77SMarc-André Lureau QemuMutex mutex; 790b4c7c65SStefan Berger 800b4c7c65SStefan Berger unsigned int established_flag:1; 810b4c7c65SStefan Berger unsigned int established_flag_cached:1; 8238ab74e7SStefan Berger 8338ab74e7SStefan Berger TPMBlobBuffers state_blobs; 84db1015e9SEduardo Habkost }; 85f4ede81eSAmarnath Valluri 867e095e84SStefan Berger struct tpm_error { 877e095e84SStefan Berger uint32_t tpm_result; 887e095e84SStefan Berger const char *string; 897e095e84SStefan Berger }; 907e095e84SStefan Berger 917e095e84SStefan Berger static const struct tpm_error tpm_errors[] = { 927e095e84SStefan Berger /* TPM 1.2 error codes */ 937e095e84SStefan Berger { TPM_BAD_PARAMETER , "a parameter is bad" }, 947e095e84SStefan Berger { TPM_FAIL , "operation failed" }, 957e095e84SStefan Berger { TPM_KEYNOTFOUND , "key could not be found" }, 967e095e84SStefan Berger { TPM_BAD_PARAM_SIZE , "bad parameter size"}, 977e095e84SStefan Berger { TPM_ENCRYPT_ERROR , "encryption error" }, 987e095e84SStefan Berger { TPM_DECRYPT_ERROR , "decryption error" }, 997e095e84SStefan Berger { TPM_BAD_KEY_PROPERTY, "bad key property" }, 1007e095e84SStefan Berger { TPM_BAD_MODE , "bad (encryption) mode" }, 1017e095e84SStefan Berger { TPM_BAD_VERSION , "bad version identifier" }, 1027e095e84SStefan Berger { TPM_BAD_LOCALITY , "bad locality" }, 1037e095e84SStefan Berger /* TPM 2 error codes */ 1047e095e84SStefan Berger { TPM_RC_FAILURE , "operation failed" }, 1057e095e84SStefan Berger { TPM_RC_LOCALITY , "bad locality" }, 1067e095e84SStefan Berger { TPM_RC_INSUFFICIENT, "insufficient amount of data" }, 1077e095e84SStefan Berger }; 1087e095e84SStefan Berger 1097e095e84SStefan Berger static const char *tpm_emulator_strerror(uint32_t tpm_result) 1107e095e84SStefan Berger { 1117e095e84SStefan Berger size_t i; 1127e095e84SStefan Berger 1137e095e84SStefan Berger for (i = 0; i < ARRAY_SIZE(tpm_errors); i++) { 1147e095e84SStefan Berger if (tpm_errors[i].tpm_result == tpm_result) { 1157e095e84SStefan Berger return tpm_errors[i].string; 1167e095e84SStefan Berger } 1177e095e84SStefan Berger } 1187e095e84SStefan Berger return ""; 1197e095e84SStefan Berger } 120f4ede81eSAmarnath Valluri 12117b1af77SMarc-André Lureau static int tpm_emulator_ctrlcmd(TPMEmulator *tpm, unsigned long cmd, void *msg, 122f4ede81eSAmarnath Valluri size_t msg_len_in, size_t msg_len_out) 123f4ede81eSAmarnath Valluri { 12417b1af77SMarc-André Lureau CharBackend *dev = &tpm->ctrl_chr; 125f4ede81eSAmarnath Valluri uint32_t cmd_no = cpu_to_be32(cmd); 126f4ede81eSAmarnath Valluri ssize_t n = sizeof(uint32_t) + msg_len_in; 127f4ede81eSAmarnath Valluri uint8_t *buf = NULL; 12817b1af77SMarc-André Lureau 129*bf5dcf8fSPhilippe Mathieu-Daudé WITH_QEMU_LOCK_GUARD(&tpm->mutex) { 130f4ede81eSAmarnath Valluri buf = g_alloca(n); 131f4ede81eSAmarnath Valluri memcpy(buf, &cmd_no, sizeof(cmd_no)); 132f4ede81eSAmarnath Valluri memcpy(buf + sizeof(cmd_no), msg, msg_len_in); 133f4ede81eSAmarnath Valluri 134f4ede81eSAmarnath Valluri n = qemu_chr_fe_write_all(dev, buf, n); 135f4ede81eSAmarnath Valluri if (n <= 0) { 136*bf5dcf8fSPhilippe Mathieu-Daudé return -1; 137f4ede81eSAmarnath Valluri } 138f4ede81eSAmarnath Valluri 139f4ede81eSAmarnath Valluri if (msg_len_out != 0) { 140f4ede81eSAmarnath Valluri n = qemu_chr_fe_read_all(dev, msg, msg_len_out); 141f4ede81eSAmarnath Valluri if (n <= 0) { 142*bf5dcf8fSPhilippe Mathieu-Daudé return -1; 143*bf5dcf8fSPhilippe Mathieu-Daudé } 144f4ede81eSAmarnath Valluri } 145f4ede81eSAmarnath Valluri } 146f4ede81eSAmarnath Valluri 147*bf5dcf8fSPhilippe Mathieu-Daudé return 0; 148f4ede81eSAmarnath Valluri } 149f4ede81eSAmarnath Valluri 150f4ede81eSAmarnath Valluri static int tpm_emulator_unix_tx_bufs(TPMEmulator *tpm_emu, 151f4ede81eSAmarnath Valluri const uint8_t *in, uint32_t in_len, 152f4ede81eSAmarnath Valluri uint8_t *out, uint32_t out_len, 153f4ede81eSAmarnath Valluri bool *selftest_done, 154e04e3321SVladimir Sementsov-Ogievskiy Error **errp) 155f4ede81eSAmarnath Valluri { 156f4ede81eSAmarnath Valluri ssize_t ret; 157f4ede81eSAmarnath Valluri bool is_selftest = false; 158f4ede81eSAmarnath Valluri 159f4ede81eSAmarnath Valluri if (selftest_done) { 160f4ede81eSAmarnath Valluri *selftest_done = false; 161f4ede81eSAmarnath Valluri is_selftest = tpm_util_is_selftest(in, in_len); 162f4ede81eSAmarnath Valluri } 163f4ede81eSAmarnath Valluri 164e04e3321SVladimir Sementsov-Ogievskiy ret = qio_channel_write_all(tpm_emu->data_ioc, (char *)in, in_len, errp); 165f4ede81eSAmarnath Valluri if (ret != 0) { 166f4ede81eSAmarnath Valluri return -1; 167f4ede81eSAmarnath Valluri } 168f4ede81eSAmarnath Valluri 169cc1b6c55SMarc-André Lureau ret = qio_channel_read_all(tpm_emu->data_ioc, (char *)out, 170e04e3321SVladimir Sementsov-Ogievskiy sizeof(struct tpm_resp_hdr), errp); 171f4ede81eSAmarnath Valluri if (ret != 0) { 172f4ede81eSAmarnath Valluri return -1; 173f4ede81eSAmarnath Valluri } 174f4ede81eSAmarnath Valluri 175cc1b6c55SMarc-André Lureau ret = qio_channel_read_all(tpm_emu->data_ioc, 176cc1b6c55SMarc-André Lureau (char *)out + sizeof(struct tpm_resp_hdr), 177e04e3321SVladimir Sementsov-Ogievskiy tpm_cmd_get_size(out) - sizeof(struct tpm_resp_hdr), errp); 178f4ede81eSAmarnath Valluri if (ret != 0) { 179f4ede81eSAmarnath Valluri return -1; 180f4ede81eSAmarnath Valluri } 181f4ede81eSAmarnath Valluri 182f4ede81eSAmarnath Valluri if (is_selftest) { 183cc1b6c55SMarc-André Lureau *selftest_done = tpm_cmd_get_errcode(out) == 0; 184f4ede81eSAmarnath Valluri } 185f4ede81eSAmarnath Valluri 186f4ede81eSAmarnath Valluri return 0; 187f4ede81eSAmarnath Valluri } 188f4ede81eSAmarnath Valluri 189c106ede9SMarc-André Lureau static int tpm_emulator_set_locality(TPMEmulator *tpm_emu, uint8_t locty_number, 190c106ede9SMarc-André Lureau Error **errp) 191f4ede81eSAmarnath Valluri { 192f4ede81eSAmarnath Valluri ptm_loc loc; 193f4ede81eSAmarnath Valluri 194f4ede81eSAmarnath Valluri if (tpm_emu->cur_locty_number == locty_number) { 195f4ede81eSAmarnath Valluri return 0; 196f4ede81eSAmarnath Valluri } 197f4ede81eSAmarnath Valluri 1989d9dcd96SStefan Berger trace_tpm_emulator_set_locality(locty_number); 1999d9dcd96SStefan Berger 200eff1fe9fSStefan Berger memset(&loc, 0, sizeof(loc)); 201f4ede81eSAmarnath Valluri loc.u.req.loc = locty_number; 20217b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_LOCALITY, &loc, 203f4ede81eSAmarnath Valluri sizeof(loc), sizeof(loc)) < 0) { 204c106ede9SMarc-André Lureau error_setg(errp, "tpm-emulator: could not set locality : %s", 205f4ede81eSAmarnath Valluri strerror(errno)); 206f4ede81eSAmarnath Valluri return -1; 207f4ede81eSAmarnath Valluri } 208f4ede81eSAmarnath Valluri 209f4ede81eSAmarnath Valluri loc.u.resp.tpm_result = be32_to_cpu(loc.u.resp.tpm_result); 210f4ede81eSAmarnath Valluri if (loc.u.resp.tpm_result != 0) { 211c106ede9SMarc-André Lureau error_setg(errp, "tpm-emulator: TPM result for set locality : 0x%x", 212f4ede81eSAmarnath Valluri loc.u.resp.tpm_result); 213f4ede81eSAmarnath Valluri return -1; 214f4ede81eSAmarnath Valluri } 215f4ede81eSAmarnath Valluri 216f4ede81eSAmarnath Valluri tpm_emu->cur_locty_number = locty_number; 217f4ede81eSAmarnath Valluri 218f4ede81eSAmarnath Valluri return 0; 219f4ede81eSAmarnath Valluri } 220f4ede81eSAmarnath Valluri 2216a8a2354SMarc-André Lureau static void tpm_emulator_handle_request(TPMBackend *tb, TPMBackendCmd *cmd, 2226a8a2354SMarc-André Lureau Error **errp) 223f4ede81eSAmarnath Valluri { 224f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 225f4ede81eSAmarnath Valluri 2269d9dcd96SStefan Berger trace_tpm_emulator_handle_request(); 227f4ede81eSAmarnath Valluri 2286a8a2354SMarc-André Lureau if (tpm_emulator_set_locality(tpm_emu, cmd->locty, errp) < 0 || 2296a8a2354SMarc-André Lureau tpm_emulator_unix_tx_bufs(tpm_emu, cmd->in, cmd->in_len, 2300e43b7e6SMarc-André Lureau cmd->out, cmd->out_len, 2316a8a2354SMarc-André Lureau &cmd->selftest_done, errp) < 0) { 2320e43b7e6SMarc-André Lureau tpm_util_write_fatal_error_response(cmd->out, cmd->out_len); 2336a8a2354SMarc-André Lureau } 234f4ede81eSAmarnath Valluri } 235f4ede81eSAmarnath Valluri 236f4ede81eSAmarnath Valluri static int tpm_emulator_probe_caps(TPMEmulator *tpm_emu) 237f4ede81eSAmarnath Valluri { 23817b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_CAPABILITY, 239f4ede81eSAmarnath Valluri &tpm_emu->caps, 0, sizeof(tpm_emu->caps)) < 0) { 240f4ede81eSAmarnath Valluri error_report("tpm-emulator: probing failed : %s", strerror(errno)); 241f4ede81eSAmarnath Valluri return -1; 242f4ede81eSAmarnath Valluri } 243f4ede81eSAmarnath Valluri 244f4ede81eSAmarnath Valluri tpm_emu->caps = be64_to_cpu(tpm_emu->caps); 245f4ede81eSAmarnath Valluri 2469d9dcd96SStefan Berger trace_tpm_emulator_probe_caps(tpm_emu->caps); 247f4ede81eSAmarnath Valluri 248f4ede81eSAmarnath Valluri return 0; 249f4ede81eSAmarnath Valluri } 250f4ede81eSAmarnath Valluri 251f4ede81eSAmarnath Valluri static int tpm_emulator_check_caps(TPMEmulator *tpm_emu) 252f4ede81eSAmarnath Valluri { 253f4ede81eSAmarnath Valluri ptm_cap caps = 0; 254f4ede81eSAmarnath Valluri const char *tpm = NULL; 255f4ede81eSAmarnath Valluri 256f4ede81eSAmarnath Valluri /* check for min. required capabilities */ 257f4ede81eSAmarnath Valluri switch (tpm_emu->tpm_version) { 258f4ede81eSAmarnath Valluri case TPM_VERSION_1_2: 259f4ede81eSAmarnath Valluri caps = PTM_CAP_INIT | PTM_CAP_SHUTDOWN | PTM_CAP_GET_TPMESTABLISHED | 2609375c44fSStefan Berger PTM_CAP_SET_LOCALITY | PTM_CAP_SET_DATAFD | PTM_CAP_STOP | 2619375c44fSStefan Berger PTM_CAP_SET_BUFFERSIZE; 262f4ede81eSAmarnath Valluri tpm = "1.2"; 263f4ede81eSAmarnath Valluri break; 264f4ede81eSAmarnath Valluri case TPM_VERSION_2_0: 265f4ede81eSAmarnath Valluri caps = PTM_CAP_INIT | PTM_CAP_SHUTDOWN | PTM_CAP_GET_TPMESTABLISHED | 266f4ede81eSAmarnath Valluri PTM_CAP_SET_LOCALITY | PTM_CAP_RESET_TPMESTABLISHED | 2679375c44fSStefan Berger PTM_CAP_SET_DATAFD | PTM_CAP_STOP | PTM_CAP_SET_BUFFERSIZE; 268f4ede81eSAmarnath Valluri tpm = "2"; 269f4ede81eSAmarnath Valluri break; 270f4ede81eSAmarnath Valluri case TPM_VERSION_UNSPEC: 271f4ede81eSAmarnath Valluri error_report("tpm-emulator: TPM version has not been set"); 272f4ede81eSAmarnath Valluri return -1; 273f4ede81eSAmarnath Valluri } 274f4ede81eSAmarnath Valluri 275f4ede81eSAmarnath Valluri if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, caps)) { 276f4ede81eSAmarnath Valluri error_report("tpm-emulator: TPM does not implement minimum set of " 277f4ede81eSAmarnath Valluri "required capabilities for TPM %s (0x%x)", tpm, (int)caps); 278f4ede81eSAmarnath Valluri return -1; 279f4ede81eSAmarnath Valluri } 280f4ede81eSAmarnath Valluri 281f4ede81eSAmarnath Valluri return 0; 282f4ede81eSAmarnath Valluri } 283f4ede81eSAmarnath Valluri 2849375c44fSStefan Berger static int tpm_emulator_stop_tpm(TPMBackend *tb) 2859375c44fSStefan Berger { 2869375c44fSStefan Berger TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 2879375c44fSStefan Berger ptm_res res; 2889375c44fSStefan Berger 2899375c44fSStefan Berger if (tpm_emulator_ctrlcmd(tpm_emu, CMD_STOP, &res, 0, sizeof(res)) < 0) { 2909375c44fSStefan Berger error_report("tpm-emulator: Could not stop TPM: %s", 2919375c44fSStefan Berger strerror(errno)); 2929375c44fSStefan Berger return -1; 2939375c44fSStefan Berger } 2949375c44fSStefan Berger 2959375c44fSStefan Berger res = be32_to_cpu(res); 2969375c44fSStefan Berger if (res) { 2977e095e84SStefan Berger error_report("tpm-emulator: TPM result for CMD_STOP: 0x%x %s", res, 2987e095e84SStefan Berger tpm_emulator_strerror(res)); 2999375c44fSStefan Berger return -1; 3009375c44fSStefan Berger } 3019375c44fSStefan Berger 3029375c44fSStefan Berger return 0; 3039375c44fSStefan Berger } 3049375c44fSStefan Berger 3059375c44fSStefan Berger static int tpm_emulator_set_buffer_size(TPMBackend *tb, 3069375c44fSStefan Berger size_t wanted_size, 3079375c44fSStefan Berger size_t *actual_size) 3089375c44fSStefan Berger { 3099375c44fSStefan Berger TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 3109375c44fSStefan Berger ptm_setbuffersize psbs; 3119375c44fSStefan Berger 3129375c44fSStefan Berger if (tpm_emulator_stop_tpm(tb) < 0) { 3139375c44fSStefan Berger return -1; 3149375c44fSStefan Berger } 3159375c44fSStefan Berger 3169375c44fSStefan Berger psbs.u.req.buffersize = cpu_to_be32(wanted_size); 3179375c44fSStefan Berger 3189375c44fSStefan Berger if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_BUFFERSIZE, &psbs, 3199375c44fSStefan Berger sizeof(psbs.u.req), sizeof(psbs.u.resp)) < 0) { 3209375c44fSStefan Berger error_report("tpm-emulator: Could not set buffer size: %s", 3219375c44fSStefan Berger strerror(errno)); 3229375c44fSStefan Berger return -1; 3239375c44fSStefan Berger } 3249375c44fSStefan Berger 3259375c44fSStefan Berger psbs.u.resp.tpm_result = be32_to_cpu(psbs.u.resp.tpm_result); 3269375c44fSStefan Berger if (psbs.u.resp.tpm_result != 0) { 3277e095e84SStefan Berger error_report("tpm-emulator: TPM result for set buffer size : 0x%x %s", 3287e095e84SStefan Berger psbs.u.resp.tpm_result, 3297e095e84SStefan Berger tpm_emulator_strerror(psbs.u.resp.tpm_result)); 3309375c44fSStefan Berger return -1; 3319375c44fSStefan Berger } 3329375c44fSStefan Berger 3339375c44fSStefan Berger if (actual_size) { 3349375c44fSStefan Berger *actual_size = be32_to_cpu(psbs.u.resp.buffersize); 3359375c44fSStefan Berger } 3369375c44fSStefan Berger 3379d9dcd96SStefan Berger trace_tpm_emulator_set_buffer_size( 3389375c44fSStefan Berger be32_to_cpu(psbs.u.resp.buffersize), 3399375c44fSStefan Berger be32_to_cpu(psbs.u.resp.minsize), 3409375c44fSStefan Berger be32_to_cpu(psbs.u.resp.maxsize)); 3419375c44fSStefan Berger 3429375c44fSStefan Berger return 0; 3439375c44fSStefan Berger } 3449375c44fSStefan Berger 34538ab74e7SStefan Berger static int tpm_emulator_startup_tpm_resume(TPMBackend *tb, size_t buffersize, 34638ab74e7SStefan Berger bool is_resume) 347f4ede81eSAmarnath Valluri { 348f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 34930270587SStefan Berger ptm_init init = { 35030270587SStefan Berger .u.req.init_flags = 0, 35130270587SStefan Berger }; 352f4ede81eSAmarnath Valluri ptm_res res; 353f4ede81eSAmarnath Valluri 35438ab74e7SStefan Berger trace_tpm_emulator_startup_tpm_resume(is_resume, buffersize); 35538ab74e7SStefan Berger 3569375c44fSStefan Berger if (buffersize != 0 && 3579375c44fSStefan Berger tpm_emulator_set_buffer_size(tb, buffersize, NULL) < 0) { 3589375c44fSStefan Berger goto err_exit; 3599375c44fSStefan Berger } 3609375c44fSStefan Berger 36138ab74e7SStefan Berger if (is_resume) { 36238ab74e7SStefan Berger init.u.req.init_flags |= cpu_to_be32(PTM_INIT_FLAG_DELETE_VOLATILE); 36338ab74e7SStefan Berger } 36438ab74e7SStefan Berger 36517b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_INIT, &init, sizeof(init), 366f4ede81eSAmarnath Valluri sizeof(init)) < 0) { 367f4ede81eSAmarnath Valluri error_report("tpm-emulator: could not send INIT: %s", 368f4ede81eSAmarnath Valluri strerror(errno)); 369f4ede81eSAmarnath Valluri goto err_exit; 370f4ede81eSAmarnath Valluri } 371f4ede81eSAmarnath Valluri 372f4ede81eSAmarnath Valluri res = be32_to_cpu(init.u.resp.tpm_result); 373f4ede81eSAmarnath Valluri if (res) { 3747e095e84SStefan Berger error_report("tpm-emulator: TPM result for CMD_INIT: 0x%x %s", res, 3757e095e84SStefan Berger tpm_emulator_strerror(res)); 376f4ede81eSAmarnath Valluri goto err_exit; 377f4ede81eSAmarnath Valluri } 378f4ede81eSAmarnath Valluri return 0; 379f4ede81eSAmarnath Valluri 380f4ede81eSAmarnath Valluri err_exit: 381f4ede81eSAmarnath Valluri return -1; 382f4ede81eSAmarnath Valluri } 383f4ede81eSAmarnath Valluri 38438ab74e7SStefan Berger static int tpm_emulator_startup_tpm(TPMBackend *tb, size_t buffersize) 38538ab74e7SStefan Berger { 38638ab74e7SStefan Berger return tpm_emulator_startup_tpm_resume(tb, buffersize, false); 38738ab74e7SStefan Berger } 38838ab74e7SStefan Berger 389f4ede81eSAmarnath Valluri static bool tpm_emulator_get_tpm_established_flag(TPMBackend *tb) 390f4ede81eSAmarnath Valluri { 391f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 392f4ede81eSAmarnath Valluri ptm_est est; 393f4ede81eSAmarnath Valluri 3940b4c7c65SStefan Berger if (tpm_emu->established_flag_cached) { 3950b4c7c65SStefan Berger return tpm_emu->established_flag; 3960b4c7c65SStefan Berger } 3970b4c7c65SStefan Berger 39817b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_TPMESTABLISHED, &est, 399f4ede81eSAmarnath Valluri 0, sizeof(est)) < 0) { 400f4ede81eSAmarnath Valluri error_report("tpm-emulator: Could not get the TPM established flag: %s", 401f4ede81eSAmarnath Valluri strerror(errno)); 402f4ede81eSAmarnath Valluri return false; 403f4ede81eSAmarnath Valluri } 4049d9dcd96SStefan Berger trace_tpm_emulator_get_tpm_established_flag(est.u.resp.bit); 405f4ede81eSAmarnath Valluri 4060b4c7c65SStefan Berger tpm_emu->established_flag_cached = 1; 4070b4c7c65SStefan Berger tpm_emu->established_flag = (est.u.resp.bit != 0); 4080b4c7c65SStefan Berger 4090b4c7c65SStefan Berger return tpm_emu->established_flag; 410f4ede81eSAmarnath Valluri } 411f4ede81eSAmarnath Valluri 412f4ede81eSAmarnath Valluri static int tpm_emulator_reset_tpm_established_flag(TPMBackend *tb, 413f4ede81eSAmarnath Valluri uint8_t locty) 414f4ede81eSAmarnath Valluri { 415f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 416f4ede81eSAmarnath Valluri ptm_reset_est reset_est; 417f4ede81eSAmarnath Valluri ptm_res res; 418f4ede81eSAmarnath Valluri 419f4ede81eSAmarnath Valluri /* only a TPM 2.0 will support this */ 420f4ede81eSAmarnath Valluri if (tpm_emu->tpm_version != TPM_VERSION_2_0) { 421f4ede81eSAmarnath Valluri return 0; 422f4ede81eSAmarnath Valluri } 423f4ede81eSAmarnath Valluri 424f4ede81eSAmarnath Valluri reset_est.u.req.loc = tpm_emu->cur_locty_number; 42517b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_RESET_TPMESTABLISHED, 426f4ede81eSAmarnath Valluri &reset_est, sizeof(reset_est), 427f4ede81eSAmarnath Valluri sizeof(reset_est)) < 0) { 428f4ede81eSAmarnath Valluri error_report("tpm-emulator: Could not reset the establishment bit: %s", 429f4ede81eSAmarnath Valluri strerror(errno)); 430f4ede81eSAmarnath Valluri return -1; 431f4ede81eSAmarnath Valluri } 432f4ede81eSAmarnath Valluri 433f4ede81eSAmarnath Valluri res = be32_to_cpu(reset_est.u.resp.tpm_result); 434f4ede81eSAmarnath Valluri if (res) { 4357e095e84SStefan Berger error_report( 4367e095e84SStefan Berger "tpm-emulator: TPM result for rest established flag: 0x%x %s", 4377e095e84SStefan Berger res, tpm_emulator_strerror(res)); 438f4ede81eSAmarnath Valluri return -1; 439f4ede81eSAmarnath Valluri } 440f4ede81eSAmarnath Valluri 4410b4c7c65SStefan Berger tpm_emu->established_flag_cached = 0; 4420b4c7c65SStefan Berger 443f4ede81eSAmarnath Valluri return 0; 444f4ede81eSAmarnath Valluri } 445f4ede81eSAmarnath Valluri 446f4ede81eSAmarnath Valluri static void tpm_emulator_cancel_cmd(TPMBackend *tb) 447f4ede81eSAmarnath Valluri { 448f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 449f4ede81eSAmarnath Valluri ptm_res res; 450f4ede81eSAmarnath Valluri 451f4ede81eSAmarnath Valluri if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, PTM_CAP_CANCEL_TPM_CMD)) { 4529d9dcd96SStefan Berger trace_tpm_emulator_cancel_cmd_not_supt(); 453f4ede81eSAmarnath Valluri return; 454f4ede81eSAmarnath Valluri } 455f4ede81eSAmarnath Valluri 4563d011411SMarc-André Lureau /* FIXME: make the function non-blocking, or it may block a VCPU */ 45717b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_CANCEL_TPM_CMD, &res, 0, 458f4ede81eSAmarnath Valluri sizeof(res)) < 0) { 459f4ede81eSAmarnath Valluri error_report("tpm-emulator: Could not cancel command: %s", 460f4ede81eSAmarnath Valluri strerror(errno)); 461f4ede81eSAmarnath Valluri } else if (res != 0) { 462f4ede81eSAmarnath Valluri error_report("tpm-emulator: Failed to cancel TPM: 0x%x", 463f4ede81eSAmarnath Valluri be32_to_cpu(res)); 464f4ede81eSAmarnath Valluri } 465f4ede81eSAmarnath Valluri } 466f4ede81eSAmarnath Valluri 467f4ede81eSAmarnath Valluri static TPMVersion tpm_emulator_get_tpm_version(TPMBackend *tb) 468f4ede81eSAmarnath Valluri { 469f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 470f4ede81eSAmarnath Valluri 471f4ede81eSAmarnath Valluri return tpm_emu->tpm_version; 472f4ede81eSAmarnath Valluri } 473f4ede81eSAmarnath Valluri 474b21e6aafSStefan Berger static size_t tpm_emulator_get_buffer_size(TPMBackend *tb) 475b21e6aafSStefan Berger { 4769375c44fSStefan Berger size_t actual_size; 4779375c44fSStefan Berger 4789375c44fSStefan Berger if (tpm_emulator_set_buffer_size(tb, 0, &actual_size) < 0) { 479b21e6aafSStefan Berger return 4096; 480b21e6aafSStefan Berger } 481b21e6aafSStefan Berger 4829375c44fSStefan Berger return actual_size; 4839375c44fSStefan Berger } 4849375c44fSStefan Berger 485f4ede81eSAmarnath Valluri static int tpm_emulator_block_migration(TPMEmulator *tpm_emu) 486f4ede81eSAmarnath Valluri { 487f4ede81eSAmarnath Valluri Error *err = NULL; 48838ab74e7SStefan Berger ptm_cap caps = PTM_CAP_GET_STATEBLOB | PTM_CAP_SET_STATEBLOB | 48938ab74e7SStefan Berger PTM_CAP_STOP; 490f4ede81eSAmarnath Valluri 49138ab74e7SStefan Berger if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, caps)) { 492f4ede81eSAmarnath Valluri error_setg(&tpm_emu->migration_blocker, 49338ab74e7SStefan Berger "Migration disabled: TPM emulator does not support " 49438ab74e7SStefan Berger "migration"); 495f4ede81eSAmarnath Valluri migrate_add_blocker(tpm_emu->migration_blocker, &err); 496f4ede81eSAmarnath Valluri if (err) { 497f4ede81eSAmarnath Valluri error_report_err(err); 498f4ede81eSAmarnath Valluri error_free(tpm_emu->migration_blocker); 499f4ede81eSAmarnath Valluri tpm_emu->migration_blocker = NULL; 500f4ede81eSAmarnath Valluri 501f4ede81eSAmarnath Valluri return -1; 502f4ede81eSAmarnath Valluri } 50338ab74e7SStefan Berger } 504f4ede81eSAmarnath Valluri 505f4ede81eSAmarnath Valluri return 0; 506f4ede81eSAmarnath Valluri } 507f4ede81eSAmarnath Valluri 508f4ede81eSAmarnath Valluri static int tpm_emulator_prepare_data_fd(TPMEmulator *tpm_emu) 509f4ede81eSAmarnath Valluri { 510f4ede81eSAmarnath Valluri ptm_res res; 511f4ede81eSAmarnath Valluri Error *err = NULL; 512f4ede81eSAmarnath Valluri int fds[2] = { -1, -1 }; 513f4ede81eSAmarnath Valluri 514f4ede81eSAmarnath Valluri if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds) < 0) { 515f4ede81eSAmarnath Valluri error_report("tpm-emulator: Failed to create socketpair"); 516f4ede81eSAmarnath Valluri return -1; 517f4ede81eSAmarnath Valluri } 518f4ede81eSAmarnath Valluri 519f4ede81eSAmarnath Valluri qemu_chr_fe_set_msgfds(&tpm_emu->ctrl_chr, fds + 1, 1); 520f4ede81eSAmarnath Valluri 52117b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_DATAFD, &res, 0, 52217b1af77SMarc-André Lureau sizeof(res)) < 0 || res != 0) { 523f4ede81eSAmarnath Valluri error_report("tpm-emulator: Failed to send CMD_SET_DATAFD: %s", 524f4ede81eSAmarnath Valluri strerror(errno)); 525f4ede81eSAmarnath Valluri goto err_exit; 526f4ede81eSAmarnath Valluri } 527f4ede81eSAmarnath Valluri 528f4ede81eSAmarnath Valluri tpm_emu->data_ioc = QIO_CHANNEL(qio_channel_socket_new_fd(fds[0], &err)); 529f4ede81eSAmarnath Valluri if (err) { 530f4ede81eSAmarnath Valluri error_prepend(&err, "tpm-emulator: Failed to create io channel: "); 531f4ede81eSAmarnath Valluri error_report_err(err); 532f4ede81eSAmarnath Valluri goto err_exit; 533f4ede81eSAmarnath Valluri } 534f4ede81eSAmarnath Valluri 535f4ede81eSAmarnath Valluri closesocket(fds[1]); 536f4ede81eSAmarnath Valluri 537f4ede81eSAmarnath Valluri return 0; 538f4ede81eSAmarnath Valluri 539f4ede81eSAmarnath Valluri err_exit: 540f4ede81eSAmarnath Valluri closesocket(fds[0]); 541f4ede81eSAmarnath Valluri closesocket(fds[1]); 542f4ede81eSAmarnath Valluri return -1; 543f4ede81eSAmarnath Valluri } 544f4ede81eSAmarnath Valluri 545f4ede81eSAmarnath Valluri static int tpm_emulator_handle_device_opts(TPMEmulator *tpm_emu, QemuOpts *opts) 546f4ede81eSAmarnath Valluri { 547f4ede81eSAmarnath Valluri const char *value; 54888f83074SStefan Berger Error *err = NULL; 54988f83074SStefan Berger Chardev *dev; 550f4ede81eSAmarnath Valluri 551f4ede81eSAmarnath Valluri value = qemu_opt_get(opts, "chardev"); 55288f83074SStefan Berger if (!value) { 55388f83074SStefan Berger error_report("tpm-emulator: parameter 'chardev' is missing"); 55488f83074SStefan Berger goto err; 55588f83074SStefan Berger } 556f4ede81eSAmarnath Valluri 55788f83074SStefan Berger dev = qemu_chr_find(value); 558f4ede81eSAmarnath Valluri if (!dev) { 55988f83074SStefan Berger error_report("tpm-emulator: tpm chardev '%s' not found", value); 560f4ede81eSAmarnath Valluri goto err; 561f4ede81eSAmarnath Valluri } 562f4ede81eSAmarnath Valluri 563f4ede81eSAmarnath Valluri if (!qemu_chr_fe_init(&tpm_emu->ctrl_chr, dev, &err)) { 564f4ede81eSAmarnath Valluri error_prepend(&err, "tpm-emulator: No valid chardev found at '%s':", 565f4ede81eSAmarnath Valluri value); 566f4ede81eSAmarnath Valluri error_report_err(err); 567f4ede81eSAmarnath Valluri goto err; 568f4ede81eSAmarnath Valluri } 569f4ede81eSAmarnath Valluri 570f4ede81eSAmarnath Valluri tpm_emu->options->chardev = g_strdup(value); 571f4ede81eSAmarnath Valluri 572f4ede81eSAmarnath Valluri if (tpm_emulator_prepare_data_fd(tpm_emu) < 0) { 573f4ede81eSAmarnath Valluri goto err; 574f4ede81eSAmarnath Valluri } 575f4ede81eSAmarnath Valluri 576f4ede81eSAmarnath Valluri /* FIXME: tpm_util_test_tpmdev() accepts only on socket fd, as it also used 577f4ede81eSAmarnath Valluri * by passthrough driver, which not yet using GIOChannel. 578f4ede81eSAmarnath Valluri */ 579f4ede81eSAmarnath Valluri if (tpm_util_test_tpmdev(QIO_CHANNEL_SOCKET(tpm_emu->data_ioc)->fd, 580f4ede81eSAmarnath Valluri &tpm_emu->tpm_version)) { 581f4ede81eSAmarnath Valluri error_report("'%s' is not emulating TPM device. Error: %s", 582f4ede81eSAmarnath Valluri tpm_emu->options->chardev, strerror(errno)); 583f4ede81eSAmarnath Valluri goto err; 584f4ede81eSAmarnath Valluri } 585f4ede81eSAmarnath Valluri 5869d9dcd96SStefan Berger switch (tpm_emu->tpm_version) { 5879d9dcd96SStefan Berger case TPM_VERSION_1_2: 5889d9dcd96SStefan Berger trace_tpm_emulator_handle_device_opts_tpm12(); 5899d9dcd96SStefan Berger break; 5909d9dcd96SStefan Berger case TPM_VERSION_2_0: 5919d9dcd96SStefan Berger trace_tpm_emulator_handle_device_opts_tpm2(); 5929d9dcd96SStefan Berger break; 5939d9dcd96SStefan Berger default: 5949d9dcd96SStefan Berger trace_tpm_emulator_handle_device_opts_unspec(); 5959d9dcd96SStefan Berger } 596f4ede81eSAmarnath Valluri 597f4ede81eSAmarnath Valluri if (tpm_emulator_probe_caps(tpm_emu) || 598f4ede81eSAmarnath Valluri tpm_emulator_check_caps(tpm_emu)) { 599f4ede81eSAmarnath Valluri goto err; 600f4ede81eSAmarnath Valluri } 601f4ede81eSAmarnath Valluri 602f4ede81eSAmarnath Valluri return tpm_emulator_block_migration(tpm_emu); 603f4ede81eSAmarnath Valluri 604f4ede81eSAmarnath Valluri err: 6059d9dcd96SStefan Berger trace_tpm_emulator_handle_device_opts_startup_error(); 6069d9dcd96SStefan Berger 607f4ede81eSAmarnath Valluri return -1; 608f4ede81eSAmarnath Valluri } 609f4ede81eSAmarnath Valluri 6109f7c0ef2SMarc-André Lureau static TPMBackend *tpm_emulator_create(QemuOpts *opts) 611f4ede81eSAmarnath Valluri { 612f4ede81eSAmarnath Valluri TPMBackend *tb = TPM_BACKEND(object_new(TYPE_TPM_EMULATOR)); 613f4ede81eSAmarnath Valluri 614f4ede81eSAmarnath Valluri if (tpm_emulator_handle_device_opts(TPM_EMULATOR(tb), opts)) { 6159f7c0ef2SMarc-André Lureau object_unref(OBJECT(tb)); 6169f7c0ef2SMarc-André Lureau return NULL; 617f4ede81eSAmarnath Valluri } 618f4ede81eSAmarnath Valluri 619f4ede81eSAmarnath Valluri return tb; 620f4ede81eSAmarnath Valluri } 621f4ede81eSAmarnath Valluri 622f4ede81eSAmarnath Valluri static TpmTypeOptions *tpm_emulator_get_tpm_options(TPMBackend *tb) 623f4ede81eSAmarnath Valluri { 624f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 625f4ede81eSAmarnath Valluri TpmTypeOptions *options = g_new0(TpmTypeOptions, 1); 626f4ede81eSAmarnath Valluri 627f4ede81eSAmarnath Valluri options->type = TPM_TYPE_OPTIONS_KIND_EMULATOR; 628f4ede81eSAmarnath Valluri options->u.emulator.data = QAPI_CLONE(TPMEmulatorOptions, tpm_emu->options); 629f4ede81eSAmarnath Valluri 630f4ede81eSAmarnath Valluri return options; 631f4ede81eSAmarnath Valluri } 632f4ede81eSAmarnath Valluri 633f4ede81eSAmarnath Valluri static const QemuOptDesc tpm_emulator_cmdline_opts[] = { 634f4ede81eSAmarnath Valluri TPM_STANDARD_CMDLINE_OPTS, 635f4ede81eSAmarnath Valluri { 636f4ede81eSAmarnath Valluri .name = "chardev", 637f4ede81eSAmarnath Valluri .type = QEMU_OPT_STRING, 638f4ede81eSAmarnath Valluri .help = "Character device to use for out-of-band control messages", 639f4ede81eSAmarnath Valluri }, 640f4ede81eSAmarnath Valluri { /* end of list */ }, 641f4ede81eSAmarnath Valluri }; 642f4ede81eSAmarnath Valluri 64338ab74e7SStefan Berger /* 64438ab74e7SStefan Berger * Transfer a TPM state blob from the TPM into a provided buffer. 64538ab74e7SStefan Berger * 64638ab74e7SStefan Berger * @tpm_emu: TPMEmulator 64738ab74e7SStefan Berger * @type: the type of blob to transfer 64838ab74e7SStefan Berger * @tsb: the TPMSizeBuffer to fill with the blob 64938ab74e7SStefan Berger * @flags: the flags to return to the caller 65038ab74e7SStefan Berger */ 65138ab74e7SStefan Berger static int tpm_emulator_get_state_blob(TPMEmulator *tpm_emu, 65238ab74e7SStefan Berger uint8_t type, 65338ab74e7SStefan Berger TPMSizedBuffer *tsb, 65438ab74e7SStefan Berger uint32_t *flags) 65538ab74e7SStefan Berger { 65638ab74e7SStefan Berger ptm_getstate pgs; 65738ab74e7SStefan Berger ptm_res res; 65838ab74e7SStefan Berger ssize_t n; 65938ab74e7SStefan Berger uint32_t totlength, length; 66038ab74e7SStefan Berger 66138ab74e7SStefan Berger tpm_sized_buffer_reset(tsb); 66238ab74e7SStefan Berger 66338ab74e7SStefan Berger pgs.u.req.state_flags = cpu_to_be32(PTM_STATE_FLAG_DECRYPTED); 66438ab74e7SStefan Berger pgs.u.req.type = cpu_to_be32(type); 66538ab74e7SStefan Berger pgs.u.req.offset = 0; 66638ab74e7SStefan Berger 66738ab74e7SStefan Berger if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_STATEBLOB, 66838ab74e7SStefan Berger &pgs, sizeof(pgs.u.req), 66938ab74e7SStefan Berger offsetof(ptm_getstate, u.resp.data)) < 0) { 67038ab74e7SStefan Berger error_report("tpm-emulator: could not get state blob type %d : %s", 67138ab74e7SStefan Berger type, strerror(errno)); 67238ab74e7SStefan Berger return -1; 67338ab74e7SStefan Berger } 67438ab74e7SStefan Berger 67538ab74e7SStefan Berger res = be32_to_cpu(pgs.u.resp.tpm_result); 67638ab74e7SStefan Berger if (res != 0 && (res & 0x800) == 0) { 67738ab74e7SStefan Berger error_report("tpm-emulator: Getting the stateblob (type %d) failed " 6787e095e84SStefan Berger "with a TPM error 0x%x %s", type, res, 6797e095e84SStefan Berger tpm_emulator_strerror(res)); 68038ab74e7SStefan Berger return -1; 68138ab74e7SStefan Berger } 68238ab74e7SStefan Berger 68338ab74e7SStefan Berger totlength = be32_to_cpu(pgs.u.resp.totlength); 68438ab74e7SStefan Berger length = be32_to_cpu(pgs.u.resp.length); 68538ab74e7SStefan Berger if (totlength != length) { 68638ab74e7SStefan Berger error_report("tpm-emulator: Expecting to read %u bytes " 68738ab74e7SStefan Berger "but would get %u", totlength, length); 68838ab74e7SStefan Berger return -1; 68938ab74e7SStefan Berger } 69038ab74e7SStefan Berger 69138ab74e7SStefan Berger *flags = be32_to_cpu(pgs.u.resp.state_flags); 69238ab74e7SStefan Berger 69338ab74e7SStefan Berger if (totlength > 0) { 69438ab74e7SStefan Berger tsb->buffer = g_try_malloc(totlength); 69538ab74e7SStefan Berger if (!tsb->buffer) { 69638ab74e7SStefan Berger error_report("tpm-emulator: Out of memory allocating %u bytes", 69738ab74e7SStefan Berger totlength); 69838ab74e7SStefan Berger return -1; 69938ab74e7SStefan Berger } 70038ab74e7SStefan Berger 70138ab74e7SStefan Berger n = qemu_chr_fe_read_all(&tpm_emu->ctrl_chr, tsb->buffer, totlength); 70238ab74e7SStefan Berger if (n != totlength) { 70338ab74e7SStefan Berger error_report("tpm-emulator: Could not read stateblob (type %d); " 70438ab74e7SStefan Berger "expected %u bytes, got %zd", 70538ab74e7SStefan Berger type, totlength, n); 70638ab74e7SStefan Berger return -1; 70738ab74e7SStefan Berger } 70838ab74e7SStefan Berger } 70938ab74e7SStefan Berger tsb->size = totlength; 71038ab74e7SStefan Berger 71138ab74e7SStefan Berger trace_tpm_emulator_get_state_blob(type, tsb->size, *flags); 71238ab74e7SStefan Berger 71338ab74e7SStefan Berger return 0; 71438ab74e7SStefan Berger } 71538ab74e7SStefan Berger 71638ab74e7SStefan Berger static int tpm_emulator_get_state_blobs(TPMEmulator *tpm_emu) 71738ab74e7SStefan Berger { 71838ab74e7SStefan Berger TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs; 71938ab74e7SStefan Berger 72038ab74e7SStefan Berger if (tpm_emulator_get_state_blob(tpm_emu, PTM_BLOB_TYPE_PERMANENT, 72138ab74e7SStefan Berger &state_blobs->permanent, 72238ab74e7SStefan Berger &state_blobs->permanent_flags) < 0 || 72338ab74e7SStefan Berger tpm_emulator_get_state_blob(tpm_emu, PTM_BLOB_TYPE_VOLATILE, 72438ab74e7SStefan Berger &state_blobs->volatil, 72538ab74e7SStefan Berger &state_blobs->volatil_flags) < 0 || 72638ab74e7SStefan Berger tpm_emulator_get_state_blob(tpm_emu, PTM_BLOB_TYPE_SAVESTATE, 72738ab74e7SStefan Berger &state_blobs->savestate, 72838ab74e7SStefan Berger &state_blobs->savestate_flags) < 0) { 72938ab74e7SStefan Berger goto err_exit; 73038ab74e7SStefan Berger } 73138ab74e7SStefan Berger 73238ab74e7SStefan Berger return 0; 73338ab74e7SStefan Berger 73438ab74e7SStefan Berger err_exit: 73538ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->volatil); 73638ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->permanent); 73738ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->savestate); 73838ab74e7SStefan Berger 73938ab74e7SStefan Berger return -1; 74038ab74e7SStefan Berger } 74138ab74e7SStefan Berger 74238ab74e7SStefan Berger /* 74338ab74e7SStefan Berger * Transfer a TPM state blob to the TPM emulator. 74438ab74e7SStefan Berger * 74538ab74e7SStefan Berger * @tpm_emu: TPMEmulator 74638ab74e7SStefan Berger * @type: the type of TPM state blob to transfer 74738ab74e7SStefan Berger * @tsb: TPMSizedBuffer containing the TPM state blob 74838ab74e7SStefan Berger * @flags: Flags describing the (encryption) state of the TPM state blob 74938ab74e7SStefan Berger */ 75038ab74e7SStefan Berger static int tpm_emulator_set_state_blob(TPMEmulator *tpm_emu, 75138ab74e7SStefan Berger uint32_t type, 75238ab74e7SStefan Berger TPMSizedBuffer *tsb, 75338ab74e7SStefan Berger uint32_t flags) 75438ab74e7SStefan Berger { 75538ab74e7SStefan Berger ssize_t n; 75638ab74e7SStefan Berger ptm_setstate pss; 75738ab74e7SStefan Berger ptm_res tpm_result; 75838ab74e7SStefan Berger 75938ab74e7SStefan Berger if (tsb->size == 0) { 76038ab74e7SStefan Berger return 0; 76138ab74e7SStefan Berger } 76238ab74e7SStefan Berger 76338ab74e7SStefan Berger pss = (ptm_setstate) { 76438ab74e7SStefan Berger .u.req.state_flags = cpu_to_be32(flags), 76538ab74e7SStefan Berger .u.req.type = cpu_to_be32(type), 76638ab74e7SStefan Berger .u.req.length = cpu_to_be32(tsb->size), 76738ab74e7SStefan Berger }; 76838ab74e7SStefan Berger 76938ab74e7SStefan Berger /* write the header only */ 77038ab74e7SStefan Berger if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_STATEBLOB, &pss, 77138ab74e7SStefan Berger offsetof(ptm_setstate, u.req.data), 0) < 0) { 77238ab74e7SStefan Berger error_report("tpm-emulator: could not set state blob type %d : %s", 77338ab74e7SStefan Berger type, strerror(errno)); 77438ab74e7SStefan Berger return -1; 77538ab74e7SStefan Berger } 77638ab74e7SStefan Berger 77738ab74e7SStefan Berger /* now the body */ 77838ab74e7SStefan Berger n = qemu_chr_fe_write_all(&tpm_emu->ctrl_chr, tsb->buffer, tsb->size); 77938ab74e7SStefan Berger if (n != tsb->size) { 78038ab74e7SStefan Berger error_report("tpm-emulator: Writing the stateblob (type %d) " 78138ab74e7SStefan Berger "failed; could not write %u bytes, but only %zd", 78238ab74e7SStefan Berger type, tsb->size, n); 78338ab74e7SStefan Berger return -1; 78438ab74e7SStefan Berger } 78538ab74e7SStefan Berger 78638ab74e7SStefan Berger /* now get the result */ 78738ab74e7SStefan Berger n = qemu_chr_fe_read_all(&tpm_emu->ctrl_chr, 78838ab74e7SStefan Berger (uint8_t *)&pss, sizeof(pss.u.resp)); 78938ab74e7SStefan Berger if (n != sizeof(pss.u.resp)) { 79038ab74e7SStefan Berger error_report("tpm-emulator: Reading response from writing stateblob " 79138ab74e7SStefan Berger "(type %d) failed; expected %zu bytes, got %zd", type, 79238ab74e7SStefan Berger sizeof(pss.u.resp), n); 79338ab74e7SStefan Berger return -1; 79438ab74e7SStefan Berger } 79538ab74e7SStefan Berger 79638ab74e7SStefan Berger tpm_result = be32_to_cpu(pss.u.resp.tpm_result); 79738ab74e7SStefan Berger if (tpm_result != 0) { 79838ab74e7SStefan Berger error_report("tpm-emulator: Setting the stateblob (type %d) failed " 7997e095e84SStefan Berger "with a TPM error 0x%x %s", type, tpm_result, 8007e095e84SStefan Berger tpm_emulator_strerror(tpm_result)); 80138ab74e7SStefan Berger return -1; 80238ab74e7SStefan Berger } 80338ab74e7SStefan Berger 80438ab74e7SStefan Berger trace_tpm_emulator_set_state_blob(type, tsb->size, flags); 80538ab74e7SStefan Berger 80638ab74e7SStefan Berger return 0; 80738ab74e7SStefan Berger } 80838ab74e7SStefan Berger 80938ab74e7SStefan Berger /* 81038ab74e7SStefan Berger * Set all the TPM state blobs. 81138ab74e7SStefan Berger * 81238ab74e7SStefan Berger * Returns a negative errno code in case of error. 81338ab74e7SStefan Berger */ 81438ab74e7SStefan Berger static int tpm_emulator_set_state_blobs(TPMBackend *tb) 81538ab74e7SStefan Berger { 81638ab74e7SStefan Berger TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 81738ab74e7SStefan Berger TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs; 81838ab74e7SStefan Berger 81938ab74e7SStefan Berger trace_tpm_emulator_set_state_blobs(); 82038ab74e7SStefan Berger 82138ab74e7SStefan Berger if (tpm_emulator_stop_tpm(tb) < 0) { 82238ab74e7SStefan Berger trace_tpm_emulator_set_state_blobs_error("Could not stop TPM"); 82338ab74e7SStefan Berger return -EIO; 82438ab74e7SStefan Berger } 82538ab74e7SStefan Berger 82638ab74e7SStefan Berger if (tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_PERMANENT, 82738ab74e7SStefan Berger &state_blobs->permanent, 82838ab74e7SStefan Berger state_blobs->permanent_flags) < 0 || 82938ab74e7SStefan Berger tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_VOLATILE, 83038ab74e7SStefan Berger &state_blobs->volatil, 83138ab74e7SStefan Berger state_blobs->volatil_flags) < 0 || 83238ab74e7SStefan Berger tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_SAVESTATE, 83338ab74e7SStefan Berger &state_blobs->savestate, 83438ab74e7SStefan Berger state_blobs->savestate_flags) < 0) { 83538ab74e7SStefan Berger return -EIO; 83638ab74e7SStefan Berger } 83738ab74e7SStefan Berger 83838ab74e7SStefan Berger trace_tpm_emulator_set_state_blobs_done(); 83938ab74e7SStefan Berger 84038ab74e7SStefan Berger return 0; 84138ab74e7SStefan Berger } 84238ab74e7SStefan Berger 84338ab74e7SStefan Berger static int tpm_emulator_pre_save(void *opaque) 84438ab74e7SStefan Berger { 84538ab74e7SStefan Berger TPMBackend *tb = opaque; 84638ab74e7SStefan Berger TPMEmulator *tpm_emu = TPM_EMULATOR(tb); 84738ab74e7SStefan Berger 84838ab74e7SStefan Berger trace_tpm_emulator_pre_save(); 84938ab74e7SStefan Berger 85038ab74e7SStefan Berger tpm_backend_finish_sync(tb); 85138ab74e7SStefan Berger 85238ab74e7SStefan Berger /* get the state blobs from the TPM */ 85338ab74e7SStefan Berger return tpm_emulator_get_state_blobs(tpm_emu); 85438ab74e7SStefan Berger } 85538ab74e7SStefan Berger 85638ab74e7SStefan Berger /* 85738ab74e7SStefan Berger * Load the TPM state blobs into the TPM. 85838ab74e7SStefan Berger * 85938ab74e7SStefan Berger * Returns negative errno codes in case of error. 86038ab74e7SStefan Berger */ 86138ab74e7SStefan Berger static int tpm_emulator_post_load(void *opaque, int version_id) 86238ab74e7SStefan Berger { 86338ab74e7SStefan Berger TPMBackend *tb = opaque; 86438ab74e7SStefan Berger int ret; 86538ab74e7SStefan Berger 86638ab74e7SStefan Berger ret = tpm_emulator_set_state_blobs(tb); 86738ab74e7SStefan Berger if (ret < 0) { 86838ab74e7SStefan Berger return ret; 86938ab74e7SStefan Berger } 87038ab74e7SStefan Berger 87138ab74e7SStefan Berger if (tpm_emulator_startup_tpm_resume(tb, 0, true) < 0) { 87238ab74e7SStefan Berger return -EIO; 87338ab74e7SStefan Berger } 87438ab74e7SStefan Berger 87538ab74e7SStefan Berger return 0; 87638ab74e7SStefan Berger } 87738ab74e7SStefan Berger 87838ab74e7SStefan Berger static const VMStateDescription vmstate_tpm_emulator = { 87938ab74e7SStefan Berger .name = "tpm-emulator", 88038ab74e7SStefan Berger .version_id = 0, 88138ab74e7SStefan Berger .pre_save = tpm_emulator_pre_save, 88238ab74e7SStefan Berger .post_load = tpm_emulator_post_load, 88338ab74e7SStefan Berger .fields = (VMStateField[]) { 88438ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.permanent_flags, TPMEmulator), 88538ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.permanent.size, TPMEmulator), 88638ab74e7SStefan Berger VMSTATE_VBUFFER_ALLOC_UINT32(state_blobs.permanent.buffer, 88738ab74e7SStefan Berger TPMEmulator, 0, 0, 88838ab74e7SStefan Berger state_blobs.permanent.size), 88938ab74e7SStefan Berger 89038ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.volatil_flags, TPMEmulator), 89138ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.volatil.size, TPMEmulator), 89238ab74e7SStefan Berger VMSTATE_VBUFFER_ALLOC_UINT32(state_blobs.volatil.buffer, 89338ab74e7SStefan Berger TPMEmulator, 0, 0, 89438ab74e7SStefan Berger state_blobs.volatil.size), 89538ab74e7SStefan Berger 89638ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.savestate_flags, TPMEmulator), 89738ab74e7SStefan Berger VMSTATE_UINT32(state_blobs.savestate.size, TPMEmulator), 89838ab74e7SStefan Berger VMSTATE_VBUFFER_ALLOC_UINT32(state_blobs.savestate.buffer, 89938ab74e7SStefan Berger TPMEmulator, 0, 0, 90038ab74e7SStefan Berger state_blobs.savestate.size), 90138ab74e7SStefan Berger 90238ab74e7SStefan Berger VMSTATE_END_OF_LIST() 90338ab74e7SStefan Berger } 90438ab74e7SStefan Berger }; 90538ab74e7SStefan Berger 906f4ede81eSAmarnath Valluri static void tpm_emulator_inst_init(Object *obj) 907f4ede81eSAmarnath Valluri { 908f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(obj); 909f4ede81eSAmarnath Valluri 9109d9dcd96SStefan Berger trace_tpm_emulator_inst_init(); 9119d9dcd96SStefan Berger 912f4ede81eSAmarnath Valluri tpm_emu->options = g_new0(TPMEmulatorOptions, 1); 913f4ede81eSAmarnath Valluri tpm_emu->cur_locty_number = ~0; 91417b1af77SMarc-André Lureau qemu_mutex_init(&tpm_emu->mutex); 91538ab74e7SStefan Berger 9161df2c9a2SPeter Xu vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY, 9171df2c9a2SPeter Xu &vmstate_tpm_emulator, obj); 918f4ede81eSAmarnath Valluri } 919f4ede81eSAmarnath Valluri 920f4ede81eSAmarnath Valluri /* 921f4ede81eSAmarnath Valluri * Gracefully shut down the external TPM 922f4ede81eSAmarnath Valluri */ 923f4ede81eSAmarnath Valluri static void tpm_emulator_shutdown(TPMEmulator *tpm_emu) 924f4ede81eSAmarnath Valluri { 925f4ede81eSAmarnath Valluri ptm_res res; 926f4ede81eSAmarnath Valluri 92788f83074SStefan Berger if (!tpm_emu->options->chardev) { 92888f83074SStefan Berger /* was never properly initialized */ 92988f83074SStefan Berger return; 93088f83074SStefan Berger } 93188f83074SStefan Berger 93217b1af77SMarc-André Lureau if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SHUTDOWN, &res, 0, sizeof(res)) < 0) { 933f4ede81eSAmarnath Valluri error_report("tpm-emulator: Could not cleanly shutdown the TPM: %s", 934f4ede81eSAmarnath Valluri strerror(errno)); 935f4ede81eSAmarnath Valluri } else if (res != 0) { 9367e095e84SStefan Berger error_report("tpm-emulator: TPM result for shutdown: 0x%x %s", 9377e095e84SStefan Berger be32_to_cpu(res), tpm_emulator_strerror(be32_to_cpu(res))); 938f4ede81eSAmarnath Valluri } 939f4ede81eSAmarnath Valluri } 940f4ede81eSAmarnath Valluri 941f4ede81eSAmarnath Valluri static void tpm_emulator_inst_finalize(Object *obj) 942f4ede81eSAmarnath Valluri { 943f4ede81eSAmarnath Valluri TPMEmulator *tpm_emu = TPM_EMULATOR(obj); 94438ab74e7SStefan Berger TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs; 945f4ede81eSAmarnath Valluri 946f4ede81eSAmarnath Valluri tpm_emulator_shutdown(tpm_emu); 947f4ede81eSAmarnath Valluri 948f4ede81eSAmarnath Valluri object_unref(OBJECT(tpm_emu->data_ioc)); 949f4ede81eSAmarnath Valluri 950f4ede81eSAmarnath Valluri qemu_chr_fe_deinit(&tpm_emu->ctrl_chr, false); 951f4ede81eSAmarnath Valluri 952f4ede81eSAmarnath Valluri qapi_free_TPMEmulatorOptions(tpm_emu->options); 953f4ede81eSAmarnath Valluri 954f4ede81eSAmarnath Valluri if (tpm_emu->migration_blocker) { 955f4ede81eSAmarnath Valluri migrate_del_blocker(tpm_emu->migration_blocker); 956f4ede81eSAmarnath Valluri error_free(tpm_emu->migration_blocker); 957f4ede81eSAmarnath Valluri } 95817b1af77SMarc-André Lureau 95938ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->volatil); 96038ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->permanent); 96138ab74e7SStefan Berger tpm_sized_buffer_reset(&state_blobs->savestate); 96238ab74e7SStefan Berger 96317b1af77SMarc-André Lureau qemu_mutex_destroy(&tpm_emu->mutex); 96438ab74e7SStefan Berger 96538ab74e7SStefan Berger vmstate_unregister(NULL, &vmstate_tpm_emulator, obj); 966f4ede81eSAmarnath Valluri } 967f4ede81eSAmarnath Valluri 968f4ede81eSAmarnath Valluri static void tpm_emulator_class_init(ObjectClass *klass, void *data) 969f4ede81eSAmarnath Valluri { 970f4ede81eSAmarnath Valluri TPMBackendClass *tbc = TPM_BACKEND_CLASS(klass); 971d31076baSMarc-André Lureau 972d31076baSMarc-André Lureau tbc->type = TPM_TYPE_EMULATOR; 973d31076baSMarc-André Lureau tbc->opts = tpm_emulator_cmdline_opts; 974d31076baSMarc-André Lureau tbc->desc = "TPM emulator backend driver"; 975d31076baSMarc-André Lureau tbc->create = tpm_emulator_create; 976d31076baSMarc-André Lureau tbc->startup_tpm = tpm_emulator_startup_tpm; 977d31076baSMarc-André Lureau tbc->cancel_cmd = tpm_emulator_cancel_cmd; 978d31076baSMarc-André Lureau tbc->get_tpm_established_flag = tpm_emulator_get_tpm_established_flag; 979d31076baSMarc-André Lureau tbc->reset_tpm_established_flag = tpm_emulator_reset_tpm_established_flag; 980d31076baSMarc-André Lureau tbc->get_tpm_version = tpm_emulator_get_tpm_version; 981b21e6aafSStefan Berger tbc->get_buffer_size = tpm_emulator_get_buffer_size; 982d31076baSMarc-André Lureau tbc->get_tpm_options = tpm_emulator_get_tpm_options; 983d31076baSMarc-André Lureau 984f4ede81eSAmarnath Valluri tbc->handle_request = tpm_emulator_handle_request; 985f4ede81eSAmarnath Valluri } 986f4ede81eSAmarnath Valluri 987f4ede81eSAmarnath Valluri static const TypeInfo tpm_emulator_info = { 988f4ede81eSAmarnath Valluri .name = TYPE_TPM_EMULATOR, 989f4ede81eSAmarnath Valluri .parent = TYPE_TPM_BACKEND, 990f4ede81eSAmarnath Valluri .instance_size = sizeof(TPMEmulator), 991f4ede81eSAmarnath Valluri .class_init = tpm_emulator_class_init, 992f4ede81eSAmarnath Valluri .instance_init = tpm_emulator_inst_init, 993f4ede81eSAmarnath Valluri .instance_finalize = tpm_emulator_inst_finalize, 994f4ede81eSAmarnath Valluri }; 995f4ede81eSAmarnath Valluri 996f4ede81eSAmarnath Valluri static void tpm_emulator_register(void) 997f4ede81eSAmarnath Valluri { 998f4ede81eSAmarnath Valluri type_register_static(&tpm_emulator_info); 999f4ede81eSAmarnath Valluri } 1000f4ede81eSAmarnath Valluri 1001f4ede81eSAmarnath Valluri type_init(tpm_emulator_register) 1002