Re: [Qemu-devel] [PATCH V13 7/7] Add fd parameter for TPM passthrough driver

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Anthony Liguori <anthony@codemonkey.ws>
To: Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc: mst@redhat.com, qemu-devel@nongnu.org, andreas.niederl@iaik.tugraz.at
Subject: Re: [Qemu-devel] [PATCH V13 7/7] Add fd parameter for TPM passthrough driver
Date: Mon, 12 Dec 2011 17:30:36 -0600	[thread overview]
Message-ID: <4EE68E9C.80906@codemonkey.ws> (raw)
In-Reply-To: <1323717136-21661-8-git-send-email-stefanb@linux.vnet.ibm.com>

On 12/12/2011 01:12 PM, Stefan Berger wrote:
> Enable the passing of a file descriptor via fd=<..>  to access the host's
> TPM device using the TPM passthrough driver.
>
> Signed-off-by: Stefan Berger<stefanb@linux.vnet.ibm.com>
>
> ---
>
> v13:
>   - Only accepting a character device's file descriptor
>
> v12:
>   - added documentation part
> ---
>   hw/tpm_passthrough.c |   73 +++++++++++++++++++++++++++++++++++++-------------
>   qemu-config.c        |    5 +++
>   qemu-options.hx      |    6 +++-
>   3 files changed, 64 insertions(+), 20 deletions(-)
>
> diff --git a/hw/tpm_passthrough.c b/hw/tpm_passthrough.c
> index f9cfe3d..57bb77a 100644
> --- a/hw/tpm_passthrough.c
> +++ b/hw/tpm_passthrough.c
> @@ -361,33 +361,68 @@ static int tpm_passthrough_handle_device_opts(QemuOpts *opts, TPMBackend *tb)
>       const char *value;
>       char buf[64];
>       int n;
> +    struct stat statbuf;
>
> -    value = qemu_opt_get(opts, "path");
> -    if (!value) {
> -        value = TPM_PASSTHROUGH_DEFAULT_DEVICE;
> -    }
> +    value = qemu_opt_get(opts, "fd");
> +    if (value) {
> +        if (qemu_opt_get(opts, "path")) {
> +            error_report("fd= is invalid with path=");
> +            return -1;
> +        }
> +
> +        tb->s.tpm_pt->tpm_fd = qemu_parse_fd(value);
> +        if (tb->s.tpm_pt->tpm_fd<  0) {
> +            error_report("Illegal file descriptor for TPM device.\n");
> +            return -1;
> +        }
>
> -    n = snprintf(tb->s.tpm_pt->tpm_dev, sizeof(tb->s.tpm_pt->tpm_dev),
> -                 "%s", value);
> +        snprintf(buf, sizeof(buf), "fd=%d", tb->s.tpm_pt->tpm_fd);
>
> -    if (n>= sizeof(tb->s.tpm_pt->tpm_dev)) {
> -        error_report("TPM device path is too long.\n");
> -        goto err_exit;
> -    }
> +        tb->parameters = g_strdup(buf);
>
> -    snprintf(buf, sizeof(buf), "path=%s", tb->s.tpm_pt->tpm_dev);
> +        if (tb->parameters == NULL) {
> +            goto err_close_tpmdev;
> +        }
> +    } else {
> +        value = qemu_opt_get(opts, "path");
> +        if (!value) {
> +            value = TPM_PASSTHROUGH_DEFAULT_DEVICE;
> +        }
> +
> +        n = snprintf(tb->s.tpm_pt->tpm_dev, sizeof(tb->s.tpm_pt->tpm_dev),
> +                     "%s", value);
> +
> +        if (n>= sizeof(tb->s.tpm_pt->tpm_dev)) {
> +            error_report("TPM device path is too long.\n");
> +            goto err_exit;
> +        }
>
> -    tb->parameters = g_strdup(buf);
> +        snprintf(buf, sizeof(buf), "path=%s", tb->s.tpm_pt->tpm_dev);
>
> -    if (tb->parameters == NULL) {
> -        return 1;
> +        tb->parameters = g_strdup(buf);
> +
> +        if (tb->parameters == NULL) {
> +            return 1;
> +        }
> +
> +        tb->s.tpm_pt->tpm_fd = open(tb->s.tpm_pt->tpm_dev, O_RDWR);
> +        if (tb->s.tpm_pt->tpm_fd<  0) {
> +            error_report("Cannot access TPM device using '%s'.\n",
> +                         tb->s.tpm_pt->tpm_dev);
> +            goto err_exit;
> +        }
>       }
>
> -    tb->s.tpm_pt->tpm_fd = open(tb->s.tpm_pt->tpm_dev, O_RDWR);
> -    if (tb->s.tpm_pt->tpm_fd<  0) {
> -        error_report("Cannot access TPM device using '%s'.\n",
> -                     tb->s.tpm_pt->tpm_dev);
> -        goto err_exit;
> +    if (fstat(tb->s.tpm_pt->tpm_fd,&statbuf) != 0) {
> +        error_report("Cannot determine file descriptor type for TPM "
> +                     "device: %s", strerror(errno));
> +        goto err_close_tpmdev;
> +    }
> +
> +    /* only allow character devices for now */
> +    if (!S_ISCHR(statbuf.st_mode)) {
> +        error_report("TPM file descriptor is not a character device");
> +        goto err_close_tpmdev;
>       }

I think you're being overzealous here.  The backend only uses read/write to 
interact with the passthrough device.  You could use this as a mechanism to tie 
in an emulated VTPM by using a socket.  I'm not suggesting we do that for 
libvtpm, but I think we don't gain anything from being overly restrictive here.

I don't think a user passing the wrong type of fd is the common case to optimize 
for wrt usability.

Regards,

Anthony Liguori

next prev parent reply	other threads:[~2011-12-12 23:30 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-12-12 19:12 [Qemu-devel] [PATCH V13 0/7] Qemu Trusted Platform Module (TPM) integration Stefan Berger
2011-12-12 19:12 ` [Qemu-devel] [PATCH V13 1/7] Support for TPM command line options Stefan Berger
2011-12-12 23:16   ` Anthony Liguori
2011-12-13  2:16     ` Stefan Berger
2011-12-12 19:12 ` [Qemu-devel] [PATCH V13 2/7] Add TPM (frontend) hardware interface (TPM TIS) to Qemu Stefan Berger
2011-12-12 23:23   ` Anthony Liguori
2011-12-12 23:54     ` Stefan Berger
2011-12-12 19:12 ` [Qemu-devel] [PATCH V13 3/7] Add a debug register Stefan Berger
2011-12-12 19:12 ` [Qemu-devel] [PATCH V13 4/7] Build the TPM frontend code Stefan Berger
2011-12-12 23:24   ` Anthony Liguori
2011-12-12 23:56     ` Stefan Berger
2011-12-12 19:12 ` [Qemu-devel] [PATCH V13 5/7] Add a TPM Passthrough backend driver implementation Stefan Berger
2011-12-12 23:27   ` Anthony Liguori
2011-12-12 23:59     ` Stefan Berger
2011-12-12 19:12 ` [Qemu-devel] [PATCH V13 6/7] Introduce --enable-tpm-passthrough configure option Stefan Berger
2011-12-12 23:27   ` Anthony Liguori
2011-12-13  0:12     ` Stefan Berger
2011-12-13  4:51       ` Paul Brook
2011-12-13 12:51         ` Stefan Berger
2011-12-13 13:51           ` Michael S. Tsirkin
2011-12-13 17:41             ` Anthony Liguori
2011-12-13 17:48               ` Stefan Berger
2011-12-13 20:33                 ` Paul Brook
2011-12-13 17:25           ` Paul Brook
2011-12-12 19:12 ` [Qemu-devel] [PATCH V13 7/7] Add fd parameter for TPM passthrough driver Stefan Berger
2011-12-12 23:30   ` Anthony Liguori [this message]
2011-12-13  0:17     ` Stefan Berger
2011-12-13  5:45 ` [Qemu-devel] [PATCH V13 0/7] Qemu Trusted Platform Module (TPM) integration Stefan Weil
2011-12-13 12:43   ` Stefan Berger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4EE68E9C.80906@codemonkey.ws \
    --to=anthony@codemonkey.ws \
    --cc=andreas.niederl@iaik.tugraz.at \
    --cc=mst@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=stefanb@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).