From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
To: Matthew Fioravante <matthew.fioravante@jhuapl.edu>
Cc: "Ian.Campbell@citrix.com" <Ian.Campbell@citrix.com>,
"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
Subject: Re: [PATCH 4/4] stubdom/vtpm: Support multiple backends and locality
Date: Thu, 29 Nov 2012 14:20:19 -0500 [thread overview]
Message-ID: <50B7B573.6000506@tycho.nsa.gov> (raw)
In-Reply-To: <50B7B2FD.5080205@jhuapl.edu>
On 11/29/2012 02:09 PM, Matthew Fioravante wrote:
> Looks good. I'm actually kind of surprised that the emulator doesn't provide
> an interface to set the requested locality.
It does; however, it's a rather bad interface: you can send a vendor-specific
command to change the entire STANY_FLAGS data structure, which contains the
locality field along with some others that really shouldn't be changed. This
patch restricts that vendor-specific command interface to locality 8, which
can itself be restricted or unavailable once locality restrictions are
implemented. The number 8 was chosen because it's not usable as a quoting
locality since (1<<8) won't fit in uint8_t.
> Acked by: Matthew Fioravante <matthew.fioravante@jhuapl.edu>
>
> On 11/27/2012 10:14 AM, Daniel De Graaf wrote:
>> The vTPM protocol now contains a field allowing the locality of a
>> command to be specified; pass this to the TPM when processing a packet.
>> This also enables a single vTPM to provide multiple tpmback interfaces
>> so that several closely related domains can share a vTPM (for example, a
>> qemu device stubdom and its target domain).
>>
>> Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
>> ---
>> stubdom/tpmemu-0.7.4.patch | 61 ++++++++++++++++++++++++++++++++++++++++++----
>> stubdom/vtpm/vtpm.c | 16 +++---------
>> 2 files changed, 59 insertions(+), 18 deletions(-)
>>
>> diff --git a/stubdom/tpmemu-0.7.4.patch b/stubdom/tpmemu-0.7.4.patch
>> index b84eff1..31ace1a 100644
>> --- a/stubdom/tpmemu-0.7.4.patch
>> +++ b/stubdom/tpmemu-0.7.4.patch
>> @@ -1,9 +1,60 @@
>> -diff -Naur tpm_emulator-x86_64-back/tpm/tpm_emulator_extern.c tpm_emulator-x86_64/tpm/tpm_emulator_extern.c
>> ---- tpm_emulator-x86_64-back/tpm/tpm_emulator_extern.c 2012-04-27 10:55:46.581963398 -0400
>> -+++ tpm_emulator-x86_64/tpm/tpm_emulator_extern.c 2012-04-27 10:56:02.193034152 -0400
>> -@@ -249,7 +249,7 @@
>> +diff --git a/tpm/tpm_capability.c b/tpm/tpm_capability.c
>> +index 60bbb90..f8f7f0f 100644
>> +--- a/tpm/tpm_capability.c
>> ++++ b/tpm/tpm_capability.c
>> +@@ -949,6 +949,8 @@ static TPM_RESULT set_vendor(UINT32 subCap, BYTE *setValue,
>> + UINT32 setValueSize, BOOL ownerAuth,
>> + BOOL deactivated, BOOL disabled)
>> + {
>> ++ if (tpmData.stany.flags.localityModifier != 8)
>> ++ return TPM_BAD_PARAMETER;
>> + /* set the capability area with the specified data, on failure
>> + deactivate the TPM */
>> + switch (subCap) {
>> +diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c
>> +index 288d1ce..9e1cfb4 100644
>> +--- a/tpm/tpm_cmd_handler.c
>> ++++ b/tpm/tpm_cmd_handler.c
>> +@@ -4132,7 +4132,7 @@ void tpm_emulator_shutdown()
>> + tpm_extern_release();
>> + }
>> +
>> +-int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size)
>> ++int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality)
>> + {
>> + TPM_REQUEST req;
>> + TPM_RESPONSE rsp;
>> +@@ -4140,7 +4140,9 @@ int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint3
>> + UINT32 len;
>> + BOOL free_out;
>> +
>> +- debug("tpm_handle_command()");
>> ++ debug("tpm_handle_command(%d)", locality);
>> ++ if (locality != -1)
>> ++ tpmData.stany.flags.localityModifier = locality;
>> +
>> + /* we need the whole packet at once, otherwise unmarshalling will fail */
>> + if (tpm_unmarshal_TPM_REQUEST((uint8_t**)&in, &in_size, &req) != 0) {
>> +diff --git a/tpm/tpm_emulator.h b/tpm/tpm_emulator.h
>> +index eed749e..4c228bd 100644
>> +--- a/tpm/tpm_emulator.h
>> ++++ b/tpm/tpm_emulator.h
>> +@@ -59,7 +59,7 @@ void tpm_emulator_shutdown(void);
>> + * its usage. In case of an error, all internally allocated memory
>> + * is released and the the state of out and out_size is unspecified.
>> + */
>> +-int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size);
>> ++int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality);
>> +
>> + #endif /* _TPM_EMULATOR_H_ */
>> +
>> +diff --git a/tpm/tpm_emulator_extern.c b/tpm/tpm_emulator_extern.c
>> +index aabe6c3..440a01b 100644
>> +--- a/tpm/tpm_emulator_extern.c
>> ++++ b/tpm/tpm_emulator_extern.c
>> +@@ -249,7 +249,7 @@ int (*tpm_read_from_storage)(uint8_t **data, size_t *data_length) = _tpm_read_fr
>> #else /* TPM_NO_EXTERN */
>> -
>> +
>> int (*tpm_extern_init)(void) = NULL;
>> -int (*tpm_extern_release)(void) = NULL;
>> +void (*tpm_extern_release)(void) = NULL;
>> diff --git a/stubdom/vtpm/vtpm.c b/stubdom/vtpm/vtpm.c
>> index c33e078..dcfc3b9 100644
>> --- a/stubdom/vtpm/vtpm.c
>> +++ b/stubdom/vtpm/vtpm.c
>> @@ -141,8 +141,6 @@ int check_ordinal(tpmcmd_t* tpmcmd) {
>> static void main_loop(void) {
>> tpmcmd_t* tpmcmd = NULL;
>> - domid_t domid; /* Domid of frontend */
>> - unsigned int handle; /* handle of frontend */
>> int res = -1;
>> info("VTPM Initializing\n");
>> @@ -162,15 +160,7 @@ static void main_loop(void) {
>> goto abort_postpcrs;
>> }
>> - /* Wait for the frontend domain to connect */
>> - info("Waiting for frontend domain to connect..");
>> - if(tpmback_wait_for_frontend_connect(&domid, &handle) == 0) {
>> - info("VTPM attached to Frontend %u/%u", (unsigned int) domid, handle);
>> - } else {
>> - error("Unable to attach to a frontend");
>> - }
>> -
>> - tpmcmd = tpmback_req(domid, handle);
>> + tpmcmd = tpmback_req_any();
>> while(tpmcmd) {
>> /* Handle the request */
>> if(tpmcmd->req_len) {
>> @@ -183,7 +173,7 @@ static void main_loop(void) {
>> }
>> /* If not disabled, do the command */
>> else {
>> - if((res = tpm_handle_command(tpmcmd->req, tpmcmd->req_len, &tpmcmd->resp, &tpmcmd->resp_len)) != 0) {
>> + if((res = tpm_handle_command(tpmcmd->req, tpmcmd->req_len, &tpmcmd->resp, &tpmcmd->resp_len, tpmcmd->locality)) != 0) {
>> error("tpm_handle_command() failed");
>> create_error_response(tpmcmd, TPM_FAIL);
>> }
>> @@ -194,7 +184,7 @@ static void main_loop(void) {
>> tpmback_resp(tpmcmd);
>> /* Wait for the next request */
>> - tpmcmd = tpmback_req(domid, handle);
>> + tpmcmd = tpmback_req_any();
>> }
>>
>
>
--
Daniel De Graaf
National Security Agency
next prev parent reply other threads:[~2012-11-29 19:20 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-20 16:11 [PATCH RFC] stubdom: Change vTPM shared page ABI Daniel De Graaf
2012-11-20 16:16 ` Fioravante, Matthew E.
2012-11-20 18:24 ` [PATCH] drivers/tpm-xen: " Daniel De Graaf
2012-11-23 11:04 ` [PATCH RFC] stubdom: " Ian Campbell
2012-11-23 16:15 ` Daniel De Graaf
2012-11-23 16:30 ` Ian Campbell
2012-11-23 17:37 ` Samuel Thibault
2012-11-26 13:03 ` Fioravante, Matthew E.
2012-11-26 13:11 ` Fioravante, Matthew E.
2012-11-28 20:46 ` Konrad Rzeszutek Wilk
2012-11-28 22:22 ` Matthew Fioravante
2012-11-29 7:53 ` Ian Campbell
2012-11-30 16:11 ` Konrad Rzeszutek Wilk
2012-11-27 14:38 ` Matthew Fioravante
2012-11-27 15:14 ` [PATCH 0/4] stubdom/vtpm improvements Daniel De Graaf
2012-11-27 15:14 ` [PATCH 1/4] stubdom: Change vTPM shared page ABI Daniel De Graaf
2012-11-27 21:29 ` Matthew Fioravante
2012-11-27 22:08 ` Daniel De Graaf
2012-11-29 14:14 ` Matthew Fioravante
2012-12-07 21:25 ` Konrad Rzeszutek Wilk
2012-12-10 9:58 ` Ian Campbell
2012-12-10 15:03 ` Matthew Fioravante
2012-11-27 15:14 ` [PATCH 2/4] stubdom/vtpm: Add reconfiguration support Daniel De Graaf
2012-11-27 16:44 ` Samuel Thibault
2012-11-29 18:53 ` Matthew Fioravante
2012-11-29 19:28 ` Daniel De Graaf
2012-11-29 19:47 ` Matthew Fioravante
2012-11-29 21:37 ` Samuel Thibault
2012-11-30 9:59 ` Ian Campbell
2012-11-27 15:14 ` [PATCH 3/4] stubdom/grub: send kernel measurements to vTPM Daniel De Graaf
2012-11-27 16:41 ` Samuel Thibault
2012-11-27 18:08 ` Matthew Fioravante
2012-11-27 18:36 ` Samuel Thibault
2012-11-27 18:53 ` Daniel De Graaf
2012-11-27 15:14 ` [PATCH 4/4] stubdom/vtpm: Support multiple backends and locality Daniel De Graaf
2012-11-27 16:42 ` Samuel Thibault
2012-11-27 18:19 ` Matthew Fioravante
2012-11-27 19:02 ` Daniel De Graaf
2012-11-27 19:48 ` Matthew Fioravante
2012-11-27 20:04 ` Samuel Thibault
2012-11-27 20:11 ` Daniel De Graaf
2012-11-27 20:21 ` Matthew Fioravante
2012-11-27 20:30 ` Daniel De Graaf
2012-11-27 20:34 ` Matthew Fioravante
2012-11-27 20:40 ` Daniel De Graaf
2012-11-27 22:16 ` [PATCH] stubdom/vtpm: make state save operation atomic Daniel De Graaf
2012-11-29 18:07 ` Matthew Fioravante
2012-11-29 20:24 ` Daniel De Graaf
2012-11-29 20:48 ` Matthew Fioravante
2012-11-28 21:58 ` [PATCH 4/4] stubdom/vtpm: Support multiple backends and locality Samuel Thibault
2012-11-29 19:09 ` Matthew Fioravante
2012-11-29 19:20 ` Daniel De Graaf [this message]
2012-11-27 16:46 ` [PATCH 0/4] stubdom/vtpm improvements Samuel Thibault
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50B7B573.6000506@tycho.nsa.gov \
--to=dgdegra@tycho.nsa.gov \
--cc=Ian.Campbell@citrix.com \
--cc=matthew.fioravante@jhuapl.edu \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.