From: Matthew Fioravante <matthew.fioravante@jhuapl.edu>
To: Ian Campbell <Ian.Campbell@citrix.com>,
"xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>
Subject: PATCH [base vtpm and libxl patches 1/6] Upgrade vtpmd from 0.5.1 to 0.7.4
Date: Fri, 21 Sep 2012 14:53:07 -0400 [thread overview]
Message-ID: <505CB793.1010405@jhuapl.edu> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 177628 bytes --]
Update vtpmd from 0.5.1 to 0.7.4. Also adds checks for cmake
and gmp to the configure script if vtpm is enabled.
Signed off by Matthew Fioravante matthew.fioravante@jhuapl.edu
---
Changed since previous:
* added checks for libgmp and gmp.h if vtpm is enabled
* small documentation updates
diff --git a/tools/configure.ac b/tools/configure.ac
--- a/tools/configure.ac
+++ b/tools/configure.ac
@@ -72,6 +72,7 @@ AC_ARG_VAR([AS86], [Path to as86 tool])
AC_ARG_VAR([LD86], [Path to ld86 tool])
AC_ARG_VAR([BCC], [Path to bcc tool])
AC_ARG_VAR([IASL], [Path to iasl tool])
+AC_ARG_VAR([CMAKE], [Path to cmake binary])
# Checks for programs.
AC_PROG_CC
@@ -101,6 +102,9 @@ AS_IF([echo "$PYTHON" | grep -q "^/"], [
AX_PATH_PROG_OR_FAIL([PYTHONPATH], [$PYTHON])
AX_CHECK_PYTHON_VERSION([2], [3])
AX_CHECK_PYTHON_DEVEL()
+AS_IF([test "x$vtpm" = "xy"], [
+ AX_PATH_PROG_OR_FAIL([CMAKE], [cmake])
+])
AX_PATH_PROG_OR_FAIL([XGETTEXT], [xgettext])
dnl as86, ld86, bcc and iasl are only required when the host system is
x86*.
dnl "host" here means the platform on which the hypervisor and tools is
@@ -142,6 +146,10 @@ AC_CHECK_LIB([yajl], [yajl_alloc], [],
AC_CHECK_LIB([z], [deflateCopy], [], [AC_MSG_ERROR([Could not find zlib])])
AC_CHECK_LIB([iconv], [libiconv_open], [libiconv="y"], [libiconv="n"])
AC_SUBST(libiconv)
+AS_IF([test "x$vtpm" = "xy"], [
+ AC_CHECK_HEADER([gmp.h], [], [AC_MSG_ERROR([Could not find gmp.h])])
+ AC_CHECK_LIB([gmp], [__gmpz_init], [], [AC_MSG_ERROR([Could not
find libgmp])])
+])
# Checks for header files.
AC_CHECK_HEADERS([yajl/yajl_version.h])
diff --git a/tools/vtpm/Makefile b/tools/vtpm/Makefile
--- a/tools/vtpm/Makefile
+++ b/tools/vtpm/Makefile
@@ -1,19 +1,15 @@
XEN_ROOT = $(CURDIR)/../..
+include $(XEN_ROOT)/tools/Rules.mk
-# Base definitions and rules
-include $(XEN_ROOT)/tools/vtpm/Rules.mk
-
-# Dir name for emulator (as dom0 tpm driver)
-TPM_EMULATOR_DIR = tpm_emulator
# Dir name for vtpm instance
VTPM_DIR = vtpm
-ORIG_DIR = orig
# Emulator tarball name
-TPM_EMULATOR_NAME = tpm_emulator-0.5.1
+TPM_EMULATOR_URL = http://download.berlios.de/tpm-emulator
+TPM_EMULATOR_NAME = tpm_emulator-0.7.4
TPM_EMULATOR_TARFILE = $(TPM_EMULATOR_NAME).tar.gz
-GMP_HEADER = /usr/include/gmp.h
+VTPM_PATCH = vtpm-0.7.4.patch
.PHONY: all
all: build
@@ -23,52 +19,39 @@ build: build_sub
.PHONY: install
install: build
- $(MAKE) -C $(VTPM_DIR) install-recursive
+ $(INSTALL_PROG) -m 0755 $(VTPM_DIR)/build/tpmd/unix/tpmd
$(DESTDIR)$(BINDIR)/vtpmd
.PHONY: clean
clean:
- @if [ -d $(TPM_EMULATOR_DIR) ]; \
- then $(MAKE) -C $(TPM_EMULATOR_DIR) clean; \
- fi
- @if [ -d $(VTPM_DIR) ]; \
- then $(MAKE) -C $(VTPM_DIR) clean; \
+ @-if [ -d $(VTPM_DIR)/build ]; \
+ then $(MAKE) -C $(VTPM_DIR)/build clean; \
fi
-.PHONY: mrproper
-mrproper:
- rm -f $(TPM_EMULATOR_TARFILE) tpm_emulator.patch.old vtpm.patch.old
- rm -rf $(TPM_EMULATOR_DIR) $(VTPM_DIR) $(ORIG_DIR)
+.PHONY: distclean
+mdistclean:
+ rm -f $(TPM_EMULATOR_TARFILE)
+ rm -rf $(VTPM_DIR) $(ORIG_DIR)
# Download Swiss emulator
$(TPM_EMULATOR_TARFILE):
- wget http://download.berlios.de/tpm-emulator/$(TPM_EMULATOR_TARFILE)
+ wget $(TPM_EMULATOR_URL)/$(TPM_EMULATOR_TARFILE)
# Create vtpm dirs
-$(VTPM_DIR)/tpmd/tpmd: $(TPM_EMULATOR_TARFILE) vtpm-0.5.1.patch
+$(VTPM_DIR)/build: $(TPM_EMULATOR_TARFILE) $(VTPM_PATCH)
rm -rf $(VTPM_DIR)
tar -xzf $(TPM_EMULATOR_TARFILE)
mv $(TPM_EMULATOR_NAME) $(VTPM_DIR)
-
set -e; cd $(VTPM_DIR); \
- patch -p1 < ../vtpm-0.5.1.patch; \
- patch -p1 < ../vtpm-0.5.1-LDLIBS.patch
+ patch -p1 < ../$(VTPM_PATCH);
+ mkdir $@
+ touch $@
-orig: $(TPM_EMULATOR_TARFILE)
- mkdir $(ORIG_DIR);
- set -e; cd $(ORIG_DIR); \
- tar -xzf ../$(TPM_EMULATOR_TARFILE);
-
-updatepatches: clean orig
- find $(VTPM_DIR) -name "*.orig" -print | xargs rm -f;
- mv vtpm.patch vtpm.patch.old;
- diff -uprN $(TPM_EMULATOR_DIR) $(VTPM_DIR) > vtpm.patch || true;
+$(VTPM_DIR)/build/Makefile: $(VTPM_DIR)/build
+ set -e; cd $(VTPM_DIR)/build; \
+ cmake -DCMAKE_INSTALL_PREFIX=${PREFIX} ..
+ touch $@
.PHONY: build_sub
-build_sub: $(VTPM_DIR)/tpmd/tpmd
- set -e; if [ -e $(GMP_HEADER) ]; then \
- $(MAKE) -C $(VTPM_DIR) version; \
- $(MAKE) -C $(VTPM_DIR) all-recursive; \
- else \
- echo "=== Unable to build VTPMs. libgmp could not be found."; \
- fi
-
+build_sub: $(VTPM_DIR)/build/Makefile
+ set -e; \
+ cd $(VTPM_DIR)/build; $(MAKE) tpmd
diff --git a/tools/vtpm/README b/tools/vtpm/README
--- a/tools/vtpm/README
+++ b/tools/vtpm/README
@@ -1,27 +1,19 @@
Directory Structure
===================
-tools/vtpm/tpm_emulator-0.2b.tar.gz -> TPM Emulator downloaded at
build time that will
+tools/vtpm/tpm_emulator-0.7.4.tar.gz -> TPM Emulator downloaded at
build time that will
be patched and used for our vtpms
-tools/vtpm/vtpm.patch -> patch applied to tpm_emulator
to make vtpm
+tools/vtpm/vtpm-0.7.4.patch -> patch applied to
tpm_emulator to make vtpm
tools/vtpm/vtpm/ -> (created on build)
tpm_emulator moved to ring 3,
listens on a pair of fifos
for TPM commands,
persistent state is sent via
named fifo to vtpm
manager, which encrypts it
and protects it.
-tools/vtpm/tpm_emulator.patch -> To allow for debugging and
testing on non-TPM
- platforms, this patches the
emulator to allow
- it to be inserted into the
dom0 kernel
-tools/vtpm/tpm_emulator-0.2 -> (created on build) directory
containing patched emulator
-
-Compile Flags
-===================
-VTPM_MULTI_VM -> Defined (not finished): VTPMs run in
their own VMs
- Not Defined (default): VTPMs are processes
+tools/vtpm/tpm_emulator-0.7.4 -> (created on build) directory
containing patched emulator
Requirements
============
- xen-unstable
-- IBM frontend/backend vtpm driver patch
+- IBM frontend/backend vtpm driver patch for the linux kernel
- vtpm_managerd
- GNU MP Big number library (GMP)
@@ -42,4 +34,4 @@ vtpmd Flow (for vtpm_manager. vtpmd never run by default)
tpm_emulator flow
==================
-Read documentation in tpm_emulator-0.2 directory
+Read documentation in tpm_emulator directory
diff --git a/tools/vtpm/Rules.mk b/tools/vtpm/Rules.mk
--- a/tools/vtpm/Rules.mk
+++ /dev/null
@@ -1,26 +0,0 @@
-# Base definitions and rules (XEN_ROOT must be defined in including
Makefile)
-include $(XEN_ROOT)/tools/Rules.mk
-
-#
-# Tool definitions
-#
-
-# General compiler flags
-CFLAGS = -Werror -g3
-
-# Generic project files
-HDRS = $(wildcard *.h)
-SRCS = $(wildcard *.c)
-OBJS = $(patsubst %.c,%.o,$(SRCS))
-
-# Generic (non-header) dependencies
-$(SRCS): Makefile $(XEN_ROOT)/tools/Rules.mk
$(XEN_ROOT)/tools/vtpm/Rules.mk
-
-$(OBJS): $(SRCS)
-
--include $(DEPS)
-
-BUILD_EMULATOR = y
-
-# Make sure these are just rules
-.PHONY : all build install clean
diff --git a/tools/vtpm/tpm_emulator.patch b/tools/vtpm/tpm_emulator.patch
--- a/tools/vtpm/tpm_emulator.patch
+++ /dev/null
@@ -1,1919 +0,0 @@
-diff -uprN orig/tpm_emulator-0.4/AUTHORS tpm_emulator/AUTHORS
---- orig/tpm_emulator-0.4/AUTHORS 2006-06-23 03:37:07.000000000 -0700
-+++ tpm_emulator/AUTHORS 2006-07-24 14:35:35.000000000 -0700
-@@ -1,2 +1,3 @@
- Mario Strasser <mast@gmx.net>
- Heiko Stamer <stamer@gaos.org> [DAA]
-+INTEL Corp <> [Dropped to Ring3]
-diff -uprN orig/tpm_emulator-0.4/ChangeLog tpm_emulator/ChangeLog
---- orig/tpm_emulator-0.4/ChangeLog 2006-06-23 03:37:07.000000000 -0700
-+++ tpm_emulator/ChangeLog 2006-07-24 14:35:35.000000000 -0700
-@@ -1,3 +1,6 @@
-+????-??-?? Intel Corp
-+ * Moved module out of kernel to run as a ring 3 app
-+
- 2006-06-23 Mario Strasser <mast@gmx.net>
- * tpm_startup.c: behaviour of ST_CLEAR and storage of
- persistent data adapted
-diff -uprN orig/tpm_emulator-0.4/crypto/gmp_kernel_wrapper.c
tpm_emulator/crypto/gmp_kernel_wrapper.c
---- orig/tpm_emulator-0.4/crypto/gmp_kernel_wrapper.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/crypto/gmp_kernel_wrapper.c 2006-07-24
14:35:35.000000000 -0700
-@@ -1,5 +1,6 @@
- /* Software-Based Trusted Platform Module (TPM) Emulator for Linux
- * Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
-+ * Copyright (C) 2005 INTEL Corp
- *
- * This module is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
-@@ -24,15 +25,10 @@ int __gmp_junk;
- void __attribute__ ((regparm(0))) __gmp_assert_fail(const char *filename,
- int linenum, const char *expr)
- {
-- panic(KERN_CRIT TPM_MODULE_NAME "%s:%d: GNU MP assertion failed: %s\n",
-+ error("%s:%d: GNU MP assertion failed: %s\n",
- filename, linenum, expr);
- }
-
--void __attribute__ ((regparm(0))) abort(void)
--{
-- panic(KERN_CRIT TPM_MODULE_NAME "GNU MP abort() was called\n");
--}
--
- /* overwrite GNU MP random functions (used by mpz/millerrabin.c) */
-
- void __attribute__ ((regparm(0))) gmp_randinit(gmp_randstate_t rstate,
-@@ -77,20 +73,19 @@ void __attribute__ ((regparm(0))) mpz_ur
-
- void __attribute__ ((regparm(0))) *kernel_allocate(size_t size)
- {
-- void *ret = (void*)kmalloc(size, GFP_KERNEL);
-- if (!ret) panic(KERN_CRIT TPM_MODULE_NAME
-- "GMP: cannot allocate memory (size=%u)\n", size);
-+ void *ret = (void*)malloc(size);
-+ if (!ret) error("GMP: cannot allocate memory (size=%Zu)\n", size);
- return ret;
- }
-
- void __attribute__ ((regparm(0))) *kernel_reallocate(void *oldptr,
- size_t old_size, size_t new_size)
- {
-- void *ret = (void*)kmalloc(new_size, GFP_KERNEL);
-- if (!ret) panic(KERN_CRIT TPM_MODULE_NAME "GMP: Cannot reallocate
memory "
-- "(old_size=%u new_size=%u)\n", old_size, new_size);
-+ void *ret = (void*)malloc(new_size);
-+ if (!ret) error("GMP: Cannot reallocate memory "
-+ "(old_size=%Zu new_size=%Zu)\n", old_size, new_size);
- memcpy(ret, oldptr, old_size);
-- kfree(oldptr);
-+ free(oldptr);
- return ret;
- }
-
-@@ -99,7 +94,7 @@ void __attribute__ ((regparm(0))) kernel
- /* overwrite used memory */
- if (blk_ptr != NULL) {
- memset(blk_ptr, 0, blk_size);
-- kfree(blk_ptr);
-+ free(blk_ptr);
- }
- }
-
-diff -uprN orig/tpm_emulator-0.4/crypto/rsa.c tpm_emulator/crypto/rsa.c
---- orig/tpm_emulator-0.4/crypto/rsa.c 2006-06-23 03:37:07.000000000
-0700
-+++ tpm_emulator/crypto/rsa.c 2006-07-24 14:35:35.000000000 -0700
-@@ -1,5 +1,6 @@
- /* Software-Based Trusted Platform Module (TPM) Emulator for Linux
- * Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
-+ * Copyright (C) 2005 INTEL Corp
- *
- * This module is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
-@@ -381,7 +382,7 @@ static int encode_message(int type, uint
- msg[0] = 0x00;
- get_random_bytes(&msg[1], SHA1_DIGEST_LENGTH);
- sha1_init(&ctx);
-- sha1_update(&ctx, "TCPA", 4);
-+ sha1_update(&ctx, (uint8_t *) "TCPA", 4);
- sha1_final(&ctx, &msg[1 + SHA1_DIGEST_LENGTH]);
- memset(&msg[1 + 2 * SHA1_DIGEST_LENGTH], 0x00,
- msg_len - data_len - 2 * SHA1_DIGEST_LENGTH - 2);
-@@ -429,7 +430,7 @@ static int decode_message(int type, uint
- mask_generation(&msg[1], SHA1_DIGEST_LENGTH,
- &msg[1 + SHA1_DIGEST_LENGTH], msg_len - SHA1_DIGEST_LENGTH - 1);
- sha1_init(&ctx);
-- sha1_update(&ctx, "TCPA", 4);
-+ sha1_update(&ctx, (uint8_t *) "TCPA", 4);
- sha1_final(&ctx, &msg[1]);
- if (memcmp(&msg[1], &msg[1 + SHA1_DIGEST_LENGTH],
- SHA1_DIGEST_LENGTH) != 0) return -1;
-diff -uprN orig/tpm_emulator-0.4/linux_module.c tpm_emulator/linux_module.c
---- orig/tpm_emulator-0.4/linux_module.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/linux_module.c 1969-12-31 16:00:00.000000000 -0800
-@@ -1,195 +0,0 @@
--/* Software-Based Trusted Platform Module (TPM) Emulator for Linux
-- * Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
-- *
-- * This module is free software; you can redistribute it and/or modify
-- * it under the terms of the GNU General Public License as published
-- * by the Free Software Foundation; either version 2 of the License,
-- * or (at your option) any later version.
-- *
-- * This module is distributed in the hope that it will be useful,
-- * but WITHOUT ANY WARRANTY; without even the implied warranty of
-- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- * GNU General Public License for more details.
-- *
-- * $Id: linux_module.c 91 2006-03-13 13:51:41Z mast $
-- */
--
--#include <linux/module.h>
--#include <linux/kernel.h>
--#include <linux/init.h>
--#include <linux/miscdevice.h>
--#include <linux/poll.h>
--#include "linux_module.h"
--#include "tpm/tpm_emulator.h"
--
--MODULE_LICENSE("GPL");
--MODULE_AUTHOR("Mario Strasser <mast@gmx.net>");
--MODULE_DESCRIPTION("Trusted Platform Module (TPM) Emulator");
--MODULE_SUPPORTED_DEVICE(TPM_DEVICE_NAME);
--
--/* module startup parameters */
--char *startup = "save";
--module_param(startup, charp, 0444);
--MODULE_PARM_DESC(startup, " Sets the startup mode of the TPM. "
-- "Possible values are 'clear', 'save' (default) and 'deactivated.");
--char *storage_file = "/var/tpm/tpm_emulator-1.2.0.2";
--module_param(storage_file, charp, 0644);
--MODULE_PARM_DESC(storage_file, " Sets the persistent-data storage "
-- "file of the TPM.");
--
--/* TPM lock */
--static struct semaphore tpm_mutex;
--
--/* TPM command response */
--static struct {
-- uint8_t *data;
-- uint32_t size;
--} tpm_response;
--
--/* module state */
--#define STATE_IS_OPEN 0
--static uint32_t module_state;
--static struct timespec old_time;
--
--static int tpm_open(struct inode *inode, struct file *file)
--{
-- debug("%s()", __FUNCTION__);
-- if (test_and_set_bit(STATE_IS_OPEN, (void*)&module_state)) return
-EBUSY;
-- return 0;
--}
--
--static int tpm_release(struct inode *inode, struct file *file)
--{
-- debug("%s()", __FUNCTION__);
-- clear_bit(STATE_IS_OPEN, (void*)&module_state);
-- down(&tpm_mutex);
-- if (tpm_response.data != NULL) {
-- kfree(tpm_response.data);
-- tpm_response.data = NULL;
-- }
-- up(&tpm_mutex);
-- return 0;
--}
--
--static ssize_t tpm_read(struct file *file, char *buf, size_t count,
loff_t *ppos)
--{
-- debug("%s(%d)", __FUNCTION__, count);
-- down(&tpm_mutex);
-- if (tpm_response.data != NULL) {
-- count = min(count, (size_t)tpm_response.size - (size_t)*ppos);
-- count -= copy_to_user(buf, &tpm_response.data[*ppos], count);
-- *ppos += count;
-- if ((size_t)tpm_response.size == (size_t)*ppos) {
-- kfree(tpm_response.data);
-- tpm_response.data = NULL;
-- }
-- } else {
-- count = 0;
-- }
-- up(&tpm_mutex);
-- return count;
--}
--
--static ssize_t tpm_write(struct file *file, const char *buf, size_t
count, loff_t *ppos)
--{
-- debug("%s(%d)", __FUNCTION__, count);
-- down(&tpm_mutex);
-- *ppos = 0;
-- if (tpm_response.data != NULL) kfree(tpm_response.data);
-- if (tpm_handle_command(buf, count, &tpm_response.data,
-- &tpm_response.size) != 0) {
-- count = -EILSEQ;
-- tpm_response.data = NULL;
-- }
-- up(&tpm_mutex);
-- return count;
--}
--
--#define TPMIOC_CANCEL _IO('T', 0x00)
--#define TPMIOC_TRANSMIT _IO('T', 0x01)
--
--static int tpm_ioctl(struct inode *inode, struct file *file, unsigned
int cmd, unsigned long arg)
--{
-- debug("%s(%d, %p)", __FUNCTION__, cmd, (char*)arg);
-- if (cmd == TPMIOC_TRANSMIT) {
-- uint32_t count = ntohl(*(uint32_t*)(arg + 2));
-- down(&tpm_mutex);
-- if (tpm_response.data != NULL) kfree(tpm_response.data);
-- if (tpm_handle_command((char*)arg, count, &tpm_response.data,
-- &tpm_response.size) == 0) {
-- tpm_response.size -= copy_to_user((char*)arg, tpm_response.data,
-- tpm_response.size);
-- kfree(tpm_response.data);
-- tpm_response.data = NULL;
-- } else {
-- tpm_response.size = 0;
-- tpm_response.data = NULL;
-- }
-- up(&tpm_mutex);
-- return tpm_response.size;
-- }
-- return -1;
--}
--
--struct file_operations fops = {
-- .owner = THIS_MODULE,
-- .open = tpm_open,
-- .release = tpm_release,
-- .read = tpm_read,
-- .write = tpm_write,
-- .ioctl = tpm_ioctl,
--};
--
--static struct miscdevice tpm_dev = {
-- .minor = TPM_DEVICE_MINOR,
-- .name = TPM_DEVICE_NAME,
-- .fops = &fops,
--};
--
--int __init init_tpm_module(void)
--{
-- int res = misc_register(&tpm_dev);
-- if (res != 0) {
-- error("misc_register() failed for minor %d\n", TPM_DEVICE_MINOR);
-- return res;
-- }
-- /* initialize variables */
-- sema_init(&tpm_mutex, 1);
-- module_state = 0;
-- tpm_response.data = NULL;
-- old_time = current_kernel_time();
-- /* initialize TPM emulator */
-- if (!strcmp(startup, "clear")) {
-- tpm_emulator_init(1);
-- } else if (!strcmp(startup, "save")) {
-- tpm_emulator_init(2);
-- } else if (!strcmp(startup, "deactivated")) {
-- tpm_emulator_init(3);
-- } else {
-- error("invalid startup mode '%s'; must be 'clear', "
-- "'save' (default) or 'deactivated", startup);
-- misc_deregister(&tpm_dev);
-- return -EINVAL;
-- }
-- return 0;
--}
--
--void __exit cleanup_tpm_module(void)
--{
-- tpm_emulator_shutdown();
-- misc_deregister(&tpm_dev);
-- if (tpm_response.data != NULL) kfree(tpm_response.data);
--}
--
--module_init(init_tpm_module);
--module_exit(cleanup_tpm_module);
--
--uint64_t tpm_get_ticks(void)
--{
-- struct timespec new_time = current_kernel_time();
-- uint64_t ticks = (uint64_t)(new_time.tv_sec - old_time.tv_sec) * 1000000
-- + (new_time.tv_nsec - old_time.tv_nsec) / 1000;
-- old_time = new_time;
-- return (ticks > 0) ? ticks : 1;
--}
--
-diff -uprN orig/tpm_emulator-0.4/linux_module.h tpm_emulator/linux_module.h
---- orig/tpm_emulator-0.4/linux_module.h 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/linux_module.h 2006-07-24 14:35:35.000000000 -0700
-@@ -1,5 +1,6 @@
- /* Software-Based Trusted Platform Module (TPM) Emulator for Linux
- * Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
-+ * Copyright (C) 2005 INTEL Corp
- *
- * This module is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
-@@ -17,54 +18,62 @@
- #ifndef _LINUX_MODULE_H_
- #define _LINUX_MODULE_H_
-
--#include <linux/version.h>
--#include <linux/kernel.h>
--#include <linux/slab.h>
-+#include <malloc.h>
-+#include <stdint.h>
-+#include <stdio.h>
-+#include <string.h>
- #include <linux/types.h>
--#include <linux/string.h>
--#include <linux/random.h>
--#include <linux/time.h>
--#include <asm/byteorder.h>
-
--/* module settings */
-+#include <endian.h>
-+#define __BYTEORDER_HAS_U64__
-+#ifdef LITTLE_ENDIAN
-+ #include <linux/byteorder/little_endian.h>
-+#else
-+ #include <linux/byteorder/big_endian.h>
-+#endif
-
-+/* module settings */
-+#define min(A,B) ((A)<(B)?(A):(B))
-+#ifndef STR
- #define STR(s) __STR__(s)
- #define __STR__(s) #s
-+#endif
- #include "tpm_version.h"
-
- #define TPM_DEVICE_MINOR 224
- #define TPM_DEVICE_NAME "tpm"
- #define TPM_MODULE_NAME "tpm_emulator"
-
--/* debug and log output functions */
--
- #ifdef DEBUG
--#define debug(fmt, ...) printk(KERN_DEBUG "%s %s:%d: Debug: " fmt "\n", \
-- TPM_MODULE_NAME, __FILE__, __LINE__, ##
__VA_ARGS__)
-+#define debug(fmt, ...) printf("TPMD: %s:%d: Debug: " fmt "\n", \
-+ __FILE__, __LINE__, ## __VA_ARGS__)
- #else
- #define debug(fmt, ...)
- #endif
--#define info(fmt, ...) printk(KERN_INFO "%s %s:%d: Info: " fmt "\n", \
-- TPM_MODULE_NAME, __FILE__, __LINE__, ##
__VA_ARGS__)
--#define error(fmt, ...) printk(KERN_ERR "%s %s:%d: Error: " fmt "\n", \
-- TPM_MODULE_NAME, __FILE__, __LINE__, ##
__VA_ARGS__)
--#define alert(fmt, ...) printk(KERN_ALERT "%s %s:%d: Alert: " fmt "\n", \
-- TPM_MODULE_NAME, __FILE__, __LINE__, ##
__VA_ARGS__)
-+#define info(fmt, ...) printf("TPMD: %s:%d: Info: " fmt "\n", \
-+ __FILE__, __LINE__, ## __VA_ARGS__)
-+#define error(fmt, ...) printf("TPMD: %s:%d: Error: " fmt "\n", \
-+ __FILE__, __LINE__, ## __VA_ARGS__)
-+#define alert(fmt, ...) printf("TPMD: %s:%d: Alert: " fmt "\n", \
-+ __FILE__, __LINE__, ## __VA_ARGS__)
-
- /* memory allocation */
-
- static inline void *tpm_malloc(size_t size)
- {
-- return kmalloc(size, GFP_KERNEL);
-+ return malloc(size);
- }
-
- static inline void tpm_free(const void *ptr)
- {
-- if (ptr != NULL) kfree(ptr);
-+ if (ptr != NULL) free( (void *) ptr);
- }
-
- /* random numbers */
-
-+//FIXME;
-+void get_random_bytes(void *buf, int nbytes);
-+
- static inline void tpm_get_random_bytes(void *buf, int nbytes)
- {
- get_random_bytes(buf, nbytes);
-@@ -84,9 +93,9 @@ uint64_t tpm_get_ticks(void);
- #define CPU_TO_LE16(x) __cpu_to_le16(x)
-
- #define BE64_TO_CPU(x) __be64_to_cpu(x)
--#define LE64_TO_CPU(x) __be64_to_cpu(x)
-+#define LE64_TO_CPU(x) __le64_to_cpu(x)
- #define BE32_TO_CPU(x) __be32_to_cpu(x)
--#define LE32_TO_CPU(x) __be32_to_cpu(x)
-+#define LE32_TO_CPU(x) __le32_to_cpu(x)
- #define BE16_TO_CPU(x) __be16_to_cpu(x)
- #define LE16_TO_CPU(x) __le16_to_cpu(x)
-
-diff -uprN orig/tpm_emulator-0.4/Makefile tpm_emulator/Makefile
---- orig/tpm_emulator-0.4/Makefile 2006-06-23 03:37:07.000000000 -0700
-+++ tpm_emulator/Makefile 2006-07-24 14:35:35.000000000 -0700
-@@ -1,24 +1,40 @@
- # Software-Based Trusted Platform Module (TPM) Emulator for Linux
- # Copyright (C) 2004 Mario Strasser <mast@gmx.net>
-+# Copyright (C) 2006 INTEL Corp.
- #
- # $Id: Makefile 115 2006-06-23 10:36:44Z mast $
-
--# kernel settings
--KERNEL_RELEASE := $(shell uname -r)
--KERNEL_BUILD := /lib/modules/$(KERNEL_RELEASE)/build
--MOD_SUBDIR := misc
-+COMPILE_ARCH ?= $(shell uname -m | sed -e s/i.86/x86_32/)
-
- # module settings
--MODULE_NAME := tpm_emulator
-+BIN := tpm_emulator
- VERSION_MAJOR := 0
- VERSION_MINOR := 4
- VERSION_BUILD := $(shell date +"%s")
-
--# enable/disable DEBUG messages
--EXTRA_CFLAGS += -Wall -DDEBUG -g
-+# Installation program and options
-+INSTALL = install
-+INSTALL_PROG = $(INSTALL) -m0755
-+INSTALL_DIR = $(INSTALL) -d -m0755
-+
-+# Xen tools installation directory
-+TOOLS_INSTALL_DIR = $(DESTDIR)/usr/bin
-+
-+CC := gcc
-+CFLAGS += -g -Wall $(INCLUDE) -DDEBUG
-+CFLAGS += -I. -Itpm
-+
-+# Is the simulator running in it's own vm?
-+#CFLAGS += -DVTPM_MULTI_VM
-+
-+ifeq ($(COMPILE_ARCH),x86_64)
-+LIBDIR = lib64
-+else
-+LIBDIR = lib
-+endif
-
- # GNU MP configuration
--GMP_LIB := /usr/lib/libgmp.a
-+GMP_LIB := /usr/$(LIBDIR)/libgmp.a
- GMP_HEADER := /usr/include/gmp.h
-
- # sources and objects
-@@ -27,38 +43,32 @@ DIRS := . crypto tpm
- SRCS := $(foreach dir, $(DIRS), $(wildcard $(src)/$(dir)/*.c))
- OBJS := $(patsubst %.c, %.o, $(SRCS))
- SRCS += $(foreach dir, $(DIRS), $(wildcard $(src)/$(dir)/*.h))
--DISTSRC := ./README ./AUTHORS ./ChangeLog ./Makefile $(SRCS)
--DISTDIR := tpm_emulator-$(VERSION_MAJOR).$(VERSION_MINOR)
-
--obj-m := $(MODULE_NAME).o
--$(MODULE_NAME)-objs := $(patsubst $(src)/%.o, %.o, $(OBJS))
crypto/libgmp.a
-+obj-m := $(BIN)
-+$(BIN)-objs := $(patsubst $(src)/%.o, %.o, $(OBJS)) crypto/libgmp.a
-
- EXTRA_CFLAGS += -I$(src) -I$(src)/crypto -I$(src)/tpm
-
- # do not print "Entering directory ..."
- MAKEFLAGS += --no-print-directory
-
--all: $(src)/crypto/gmp.h $(src)/crypto/libgmp.a version
-- @$(MAKE) -C $(KERNEL_BUILD) M=$(CURDIR) modules
-+all: $(BIN)
-
--install:
-- @$(MAKE) -C $(KERNEL_BUILD) M=$(CURDIR) modules_install
-- test -d /var/tpm || mkdir /var/tpm
-- test -c /dev/tpm || mknod /dev/tpm c 10 224
-- chmod 666 /dev/tpm
-- depmod -a
-+$(BIN): $(src)/crypto/gmp.h $(src)/crypto/libgmp.a version $(SRCS)
$(OBJS)
-+ $(CC) $(CFLAGS) $(OBJS) $(src)/crypto/libgmp.a -o $(BIN)
-+
-+%.o: %.c
-+ $(CC) $(CFLAGS) -c $< -o $@
-+
-+install: $(BIN)
-+ $(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR)
-+ @if [ ! -d "/var/tpm" ]; then mkdir /var/tpm; fi
-
- clean:
-- @$(MAKE) -C $(KERNEL_BUILD) M=$(CURDIR) clean
-- rm -f $(src)/crypto/gmp.h $(src)/crypto/libgmp.a
-+ rm -f $(src)/crypto/gmp.h $(src)/crypto/libgmp.a $(OBJS)
-
--dist: $(DISTSRC)
-- rm -rf $(DISTDIR)
-- mkdir $(DISTDIR)
-- cp --parents $(DISTSRC) $(DISTDIR)/
-- rm -f $(DISTDIR)/crypto/gmp.h
-- tar -chzf $(DISTDIR).tar.gz $(DISTDIR)
-- rm -rf $(DISTDIR)
-+mrproper: clean
-+ rm -f $(BIN) tpm_version.h
-
- $(src)/crypto/libgmp.a:
- test -f $(src)/crypto/libgmp.a || ln -s $(GMP_LIB)
$(src)/crypto/libgmp.a
-@@ -88,4 +98,3 @@ version:
- @echo "#endif /* _TPM_VERSION_H_ */" >> $(src)/tpm_version.h
-
- .PHONY: all install clean dist gmp version
--
-diff -uprN orig/tpm_emulator-0.4/README tpm_emulator/README
---- orig/tpm_emulator-0.4/README 2006-06-23 03:37:07.000000000 -0700
-+++ tpm_emulator/README 2006-07-24 14:35:35.000000000 -0700
-@@ -13,7 +13,8 @@ $Id: README 113 2006-06-18 12:38:13Z hst
- Copyright
- --------------------------------------------------------------------------
- Copyright (C) 2004 Mario Strasser <mast@gmx.net> and Swiss Federal
--Institute of Technology (ETH) Zurich.
-+ Institute of Technology (ETH) Zurich.
-+Copyright (C) 2005 INTEL Corp
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
-@@ -43,6 +44,12 @@ Example:
- GMP_LIB := /usr/lib/libgmp.a
- GMP_HEADER := /usr/include/gmp.h
-
-+GNU MP Library on 64 bit Systems
-+--------------------------------------------------------------------------
-+Some 64-bit kernels have problems with importing the user-space gmp
-+library (/usr/lib*/libgmp.a) into kernel space. These kernels will
require
-+that the gmp library be recompiled for kernel space with -mcmodel=kernel.
-+
- Installation
- --------------------------------------------------------------------------
- The compilation and installation process uses the build environment for
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_capability.c
tpm_emulator/tpm/tpm_capability.c
---- orig/tpm_emulator-0.4/tpm/tpm_capability.c 2006-06-23
19:37:07.000000000 +0900
-+++ tpm_emulator/tpm/tpm_capability.c 2007-12-28 22:50:19.000000000
+0900
-@@ -701,7 +701,10 @@ TPM_RESULT TPM_GetCapabilityOwner(TPM_VE
- TPM_RESULT res;
-
- info("TPM_GetCapabilityOwner()");
--
-+
-+ if (!tpmData.permanent.flags.owned) {
-+ return TPM_NOSRK;
-+ }
- /* Verify owner authorization */
- res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth,
TPM_KH_OWNER);
- if (res != TPM_SUCCESS) return res;
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_cmd_handler.c
tpm_emulator/tpm/tpm_cmd_handler.c
---- orig/tpm_emulator-0.4/tpm/tpm_cmd_handler.c 2006-06-23
19:37:07.000000000 +0900
-+++ tpm_emulator/tpm/tpm_cmd_handler.c 2007-09-12 20:23:00.000000000
+0900
-@@ -565,7 +565,7 @@ static TPM_RESULT execute_TPM_Seal(TPM_R
- if (tpm_unmarshal_TPM_KEY_HANDLE(&ptr, &len, &keyHandle)
- || tpm_unmarshal_TPM_ENCAUTH(&ptr, &len, &encAuth)
- || tpm_unmarshal_UINT32(&ptr, &len, &pcrInfoSize)
-- || tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, &pcrInfo)
-+ || (pcrInfoSize >0 && tpm_unmarshal_TPM_PCR_INFO(&ptr, &len,
&pcrInfo))
- || tpm_unmarshal_UINT32(&ptr, &len, &inDataSize)
- || tpm_unmarshal_BLOB(&ptr, &len, &inData, inDataSize)
- || len != 0) return TPM_BAD_PARAMETER;
-@@ -798,7 +798,7 @@ static TPM_RESULT execute_TPM_Sealx(TPM_
- if (tpm_unmarshal_TPM_KEY_HANDLE(&ptr, &len, &keyHandle)
- || tpm_unmarshal_TPM_ENCAUTH(&ptr, &len, &encAuth)
- || tpm_unmarshal_UINT32(&ptr, &len, &pcrInfoSize)
-- || tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, &pcrInfo)
-+ || (pcrInfoSize > 0 && tpm_unmarshal_TPM_PCR_INFO(&ptr, &len,
&pcrInfo))
- || tpm_unmarshal_UINT32(&ptr, &len, &inDataSize)
- || tpm_unmarshal_BLOB(&ptr, &len, &inData, inDataSize)
- || len != 0) return TPM_BAD_PARAMETER;
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_credentials.c
tpm_emulator/tpm/tpm_credentials.c
---- orig/tpm_emulator-0.4/tpm/tpm_credentials.c 2006-06-23
19:37:07.000000000 +0900
-+++ tpm_emulator/tpm/tpm_credentials.c 2007-09-12 20:23:30.000000000
+0900
-@@ -47,20 +47,20 @@ int tpm_compute_pubkey_checksum(TPM_NONC
-
- TPM_RESULT tpm_get_pubek(TPM_PUBKEY *pubEndorsementKey)
- {
-- UINT32 key_length;
-+ size_t key_length;
- if (!tpmData.permanent.data.endorsementKey.size) return
TPM_NO_ENDORSEMENT;
- /* setup TPM_PUBKEY structure */
-- key_length = tpmData.permanent.data.endorsementKey.size;
-- pubEndorsementKey->pubKey.keyLength = key_length >> 3;
-+ pubEndorsementKey->pubKey.keyLength =
tpmData.permanent.data.endorsementKey.size >> 3;
- pubEndorsementKey->pubKey.key =
tpm_malloc(pubEndorsementKey->pubKey.keyLength);
- if (pubEndorsementKey->pubKey.key == NULL) return TPM_FAIL;
- rsa_export_modulus(&tpmData.permanent.data.endorsementKey,
-- pubEndorsementKey->pubKey.key,
-- &pubEndorsementKey->pubKey.keyLength);
-+ pubEndorsementKey->pubKey.key,
-+ &key_length);
-+ pubEndorsementKey->pubKey.keyLength = key_length;
- pubEndorsementKey->algorithmParms.algorithmID = TPM_ALG_RSA;
- pubEndorsementKey->algorithmParms.encScheme =
TPM_ES_RSAESOAEP_SHA1_MGF1;
- pubEndorsementKey->algorithmParms.sigScheme = TPM_SS_NONE;
-- pubEndorsementKey->algorithmParms.parms.rsa.keyLength = key_length;
-+ pubEndorsementKey->algorithmParms.parms.rsa.keyLength = key_length << 3;
- pubEndorsementKey->algorithmParms.parms.rsa.numPrimes = 2;
- pubEndorsementKey->algorithmParms.parms.rsa.exponentSize = 0;
- pubEndorsementKey->algorithmParms.parms.rsa.exponent = NULL;
-@@ -175,6 +175,7 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_
- {
- TPM_RESULT res;
- TPM_KEY_DATA *srk = &tpmData.permanent.data.srk;
-+ size_t key_length;
- info("TPM_OwnerReadInternalPub()");
- /* verify authorization */
- res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth,
TPM_KH_OWNER);
-@@ -186,7 +187,8 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_
- publicPortion->pubKey.key =
tpm_malloc(publicPortion->pubKey.keyLength);
- if (publicPortion->pubKey.key == NULL) return TPM_FAIL;
- rsa_export_modulus(&srk->key, publicPortion->pubKey.key,
-- &publicPortion->pubKey.keyLength);
-+ &key_length);
-+ publicPortion->pubKey.keyLength = key_length;
- publicPortion->algorithmParms.algorithmID = TPM_ALG_RSA;
- publicPortion->algorithmParms.encScheme = srk->encScheme;
- publicPortion->algorithmParms.sigScheme = srk->sigScheme;
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_crypto.c
tpm_emulator/tpm/tpm_crypto.c
---- orig/tpm_emulator-0.4/tpm/tpm_crypto.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_crypto.c 2006-07-24 14:35:35.000000000 -0700
-@@ -182,7 +182,8 @@ TPM_RESULT TPM_CertifyKey(TPM_KEY_HANDLE
- TPM_KEY_DATA *cert, *key;
- sha1_ctx_t sha1_ctx;
- BYTE *buf, *p;
-- UINT32 length;
-+ UINT32 length32;
-+ size_t length;
- info("TPM_CertifyKey()");
- /* get keys */
- cert = tpm_get_key(certHandle);
-@@ -264,14 +265,15 @@ TPM_RESULT TPM_CertifyKey(TPM_KEY_HANDLE
- /* compute the digest of the CERTIFY_INFO[2] structure and sign it */
- length = sizeof_TPM_CERTIFY_INFO((*certifyInfo));
- p = buf = tpm_malloc(length);
-+ length32=(UINT32) length;
- if (buf == NULL
-- || tpm_marshal_TPM_CERTIFY_INFO(&p, &length, certifyInfo)) {
-+ || tpm_marshal_TPM_CERTIFY_INFO(&p, &length32, certifyInfo)) {
- free_TPM_KEY_PARMS(certifyInfo->algorithmParms);
- return TPM_FAIL;
- }
- length = sizeof_TPM_CERTIFY_INFO((*certifyInfo));
- sha1_init(&sha1_ctx);
-- sha1_update(&sha1_ctx, buf, length);
-+ sha1_update(&sha1_ctx, buf, (size_t) length);
- sha1_final(&sha1_ctx, buf);
- res = tpm_sign(cert, auth1, FALSE, buf, SHA1_DIGEST_LENGTH, outData,
outDataSize);
- tpm_free(buf);
-@@ -292,7 +294,8 @@ TPM_RESULT TPM_CertifyKey2(TPM_KEY_HANDL
- TPM_KEY_DATA *cert, *key;
- sha1_ctx_t sha1_ctx;
- BYTE *buf, *p;
-- UINT32 length;
-+ size_t length;
-+ UINT32 length32;
- info("TPM_CertifyKey2()");
- /* get keys */
- cert = tpm_get_key(certHandle);
-@@ -362,8 +365,9 @@ TPM_RESULT TPM_CertifyKey2(TPM_KEY_HANDL
- /* compute the digest of the CERTIFY_INFO[2] structure and sign it */
- length = sizeof_TPM_CERTIFY_INFO((*certifyInfo));
- p = buf = tpm_malloc(length);
-+ length32 = (UINT32) length;
- if (buf == NULL
-- || tpm_marshal_TPM_CERTIFY_INFO(&p, &length, certifyInfo)) {
-+ || tpm_marshal_TPM_CERTIFY_INFO(&p, &length32, certifyInfo)) {
- free_TPM_KEY_PARMS(certifyInfo->algorithmParms);
- return TPM_FAIL;
- }
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_daa.c tpm_emulator/tpm/tpm_daa.c
---- orig/tpm_emulator-0.4/tpm/tpm_daa.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_daa.c 2006-07-24 14:35:35.000000000 -0700
-@@ -716,14 +716,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x00", 1);
-+ sha1_update(&sha1, (BYTE *) "\x00", 1);
- sha1_final(&sha1, scratch);
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey,
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x01", 1);
-+ sha1_update(&sha1, (BYTE *) "\x01", 1);
- sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH);
- mpz_init(f), mpz_init(q);
- mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch);
-@@ -805,14 +805,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x00", 1);
-+ sha1_update(&sha1, (BYTE *) "\x00", 1);
- sha1_final(&sha1, scratch);
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey,
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x01", 1);
-+ sha1_update(&sha1, (BYTE *) "\x01", 1);
- sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH);
- mpz_init(f), mpz_init(q);
- mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch);
-@@ -1489,14 +1489,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x00", 1);
-+ sha1_update(&sha1, (BYTE *) "\x00", 1);
- sha1_final(&sha1, scratch);
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey,
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x01", 1);
-+ sha1_update(&sha1, (BYTE *) "\x01", 1);
- sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH);
- mpz_init(f), mpz_init(q);
- mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch);
-@@ -1712,14 +1712,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x00", 1);
-+ sha1_update(&sha1, (BYTE *) "\x00", 1);
- sha1_final(&sha1, scratch);
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey,
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x01", 1);
-+ sha1_update(&sha1, (BYTE *) "\x01", 1);
- sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH);
- mpz_init(f), mpz_init(q);
- mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch);
-@@ -1793,14 +1793,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x00", 1);
-+ sha1_update(&sha1, (BYTE *) "\x00", 1);
- sha1_final(&sha1, scratch);
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey,
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x01", 1);
-+ sha1_update(&sha1, (BYTE *) "\x01", 1);
- sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH);
- mpz_init(f), mpz_init(q);
- mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch);
-@@ -2918,14 +2918,14 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x00", 1);
-+ sha1_update(&sha1, (BYTE *) "\x00", 1);
- sha1_final(&sha1, scratch);
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey,
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x01", 1);
-+ sha1_update(&sha1, (BYTE *) "\x01", 1);
- sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH);
- mpz_init(f), mpz_init(q);
- mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch);
-@@ -3143,7 +3143,7 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_session.DAA_digest,
- sizeof(session->DAA_session.DAA_digest));
-- sha1_update(&sha1, "\x01", 1);
-+ sha1_update(&sha1, (BYTE *) "\x01", 1);
- sha1_update(&sha1, inputData1, inputSize1);
- sha1_final(&sha1, (BYTE*) &session->DAA_session.DAA_digest);
- }
-@@ -3172,7 +3172,7 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_session.DAA_digest,
- sizeof(session->DAA_session.DAA_digest));
-- sha1_update(&sha1, "\x00", 1);
-+ sha1_update(&sha1, (BYTE*) "\x00", 1);
- rsa_export_modulus(&aikData->key, scratch, &size);
- sha1_update(&sha1, scratch, size);
- sha1_final(&sha1, (BYTE*) &session->DAA_session.DAA_digest);
-@@ -3229,14 +3229,14 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x00", 1);
-+ sha1_update(&sha1, (BYTE *) "\x00", 1);
- sha1_final(&sha1, scratch);
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey,
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x01", 1);
-+ sha1_update(&sha1, (BYTE *) "\x01", 1);
- sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH);
- mpz_init(f), mpz_init(q);
- mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch);
-@@ -3309,14 +3309,14 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x00", 1);
-+ sha1_update(&sha1, (BYTE *) "\x00", 1);
- sha1_final(&sha1, scratch);
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey,
- sizeof(session->DAA_tpmSpecific.DAA_rekey));
- sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count,
- sizeof(session->DAA_tpmSpecific.DAA_count));
-- sha1_update(&sha1, "\x01", 1);
-+ sha1_update(&sha1, (BYTE *) "\x01", 1);
- sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH);
- mpz_init(f), mpz_init(q);
- mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch);
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_data.c tpm_emulator/tpm/tpm_data.c
---- orig/tpm_emulator-0.4/tpm/tpm_data.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_data.c 2006-07-24 14:35:35.000000000 -0700
-@@ -40,6 +40,7 @@ static inline void init_pcr_attr(int pcr
- void tpm_init_data(void)
- {
- /* endorsement key */
-+#ifndef TPM_GENERATE_EK
- uint8_t ek_n[] =
"\xa8\xdb\xa9\x42\xa8\xf3\xb8\x06\x85\x90\x76\x93\xad\xf7"
- "\x74\xec\x3f\xd3\x3d\x9d\xe8\x2e\xff\x15\xed\x0e\xce\x5f\x93"
- "\x92\xeb\xd1\x96\x2b\x72\x18\x81\x79\x12\x9d\x9c\x40\xd7\x1a"
-@@ -77,6 +78,8 @@ void tpm_init_data(void)
- "\xd1\xc0\x8b\x5b\xa2\x2e\xa7\x15\xca\x50\x75\x10\x48\x9c\x2b"
- "\x18\xb9\x67\x8f\x5d\x64\xc3\x28\x9f\x2f\x16\x2f\x08\xda\x47"
- "\xec\x86\x43\x0c\x80\x99\x07\x34\x0f";
-+#endif
-+
- int i;
- /* reset all data to NULL, FALSE or 0 */
- memset(&tpmData, 0, sizeof(tpmData));
-@@ -152,44 +155,43 @@ void tpm_release_data(void)
-
- #ifdef TPM_STORE_TO_FILE
-
--#include <linux/fs.h>
--#include <linux/unistd.h>
--#include <asm/uaccess.h>
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-
- #define TPM_STORAGE_FILE "/var/tpm/tpm_emulator-1.2."
STR(VERSION_MAJOR) "." STR(VERSION_MINOR)
-
- static int write_to_file(uint8_t *data, size_t data_length)
- {
- int res;
-- struct file *fp;
-- mm_segment_t old_fs = get_fs();
-- fp = filp_open(TPM_STORAGE_FILE, O_WRONLY | O_TRUNC | O_CREAT,
S_IRUSR | S_IWUSR);
-- if (IS_ERR(fp)) return -1;
-- set_fs(get_ds());
-- res = fp->f_op->write(fp, data, data_length, &fp->f_pos);
-- set_fs(old_fs);
-- filp_close(fp, NULL);
-+ int fp;
-+ fp = open(TPM_STORAGE_FILE, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR |
S_IWUSR);
-+ res = write(fp, data, data_length);
-+ close(fp);
- return (res == data_length) ? 0 : -1;
- }
-
- static int read_from_file(uint8_t **data, size_t *data_length)
- {
- int res;
-- struct file *fp;
-- mm_segment_t old_fs = get_fs();
-- fp = filp_open(TPM_STORAGE_FILE, O_RDONLY, 0);
-- if (IS_ERR(fp)) return -1;
-- *data_length = (size_t)fp->f_dentry->d_inode->i_size;
-- /* *data_length = i_size_read(fp->f_dentry->d_inode); */
-+ int fp, file_status;
-+ struct stat file_info;
-+ fp = open(TPM_STORAGE_FILE, O_RDONLY, 0);
-+ file_status = fstat(fp, &file_info);
-+ if (file_status < 0) {
-+ close(fp);
-+ return -1;
-+ }
-+
-+ *data_length = file_info.st_size;
- *data = tpm_malloc(*data_length);
- if (*data == NULL) {
-- filp_close(fp, NULL);
-+ close(fp);
- return -1;
- }
-- set_fs(get_ds());
-- res = fp->f_op->read(fp, *data, *data_length, &fp->f_pos);
-- set_fs(old_fs);
-- filp_close(fp, NULL);
-+ res = read(fp, *data, *data_length);
-+ close(fp);
- if (res != *data_length) {
- tpm_free(*data);
- return -1;
-@@ -216,23 +218,30 @@ static int read_from_file(uint8_t **data
- int tpm_store_permanent_data(void)
- {
- uint8_t *buf, *ptr;
-- size_t buf_length, len;
-+ UINT32 buf_length, len;
-
- /* marshal data */
-- buf_length = len = sizeof_TPM_STCLEAR_FLAGS(tpmData.stclear.flags)
-- + sizeof_TPM_PERMANENT_FLAGS(tpmData.permanent.flags) + 2
-- + sizeof_TPM_PERMANENT_DATA(tpmData.permanent.data);
-+ buf_length = len = 4 + sizeof_TPM_STCLEAR_FLAGS(tpmData.stclear.flags)
-+ + sizeof_TPM_PERMANENT_FLAGS(tpmData.permanent.flags)
-+ + sizeof_TPM_STANY_FLAGS(tpmData.stany.flags) + 2
-+ + sizeof_TPM_STCLEAR_DATA(tpmData.stclear.data)
-+ + sizeof_TPM_PERMANENT_DATA(tpmData.permanent.data)
-+ + sizeof_TPM_STANY_DATA(tpmData.stany.data);
- buf = ptr = tpm_malloc(buf_length);
- if (buf == NULL
- || tpm_marshal_TPM_VERSION(&ptr, &len,
&tpmData.permanent.data.version)
- || tpm_marshal_TPM_STCLEAR_FLAGS(&ptr, &len, &tpmData.stclear.flags)
- || tpm_marshal_TPM_PERMANENT_FLAGS(&ptr, &len,
&tpmData.permanent.flags)
-+ || tpm_marshal_TPM_STANY_FLAGS(&ptr, &len, &tpmData.stany.flags)
- || tpm_marshal_BOOL(&ptr, &len,
tpmData.permanent.flags.selfTestSucceeded)
- || tpm_marshal_BOOL(&ptr, &len, tpmData.permanent.flags.owned)
-- || tpm_marshal_TPM_PERMANENT_DATA(&ptr, &len,
&tpmData.permanent.data)) {
-+ || tpm_marshal_TPM_STCLEAR_DATA(&ptr, &len, &tpmData.stclear.data)
-+ || tpm_marshal_TPM_PERMANENT_DATA(&ptr, &len,
&tpmData.permanent.data)
-+ || tpm_marshal_TPM_STANY_DATA(&ptr, &len, &tpmData.stany.data)) {
- tpm_free(buf);
- return -1;
- }
-+
- if (write_to_file(buf, buf_length - len)) {
- tpm_free(buf);
- return -1;
-@@ -244,31 +253,36 @@ int tpm_store_permanent_data(void)
- int tpm_restore_permanent_data(void)
- {
- uint8_t *buf, *ptr;
-- size_t buf_length, len;
-+ size_t buf_length;
-+ UINT32 len;
- TPM_VERSION ver;
-
- /* read data */
- if (read_from_file(&buf, &buf_length)) return -1;
- ptr = buf;
-- len = buf_length;
-+ len = (uint32_t) buf_length;
- /* unmarshal data */
- if (tpm_unmarshal_TPM_VERSION(&ptr, &len, &ver)
- || memcmp(&ver, &tpmData.permanent.data.version,
sizeof(TPM_VERSION))
- || tpm_unmarshal_TPM_STCLEAR_FLAGS(&ptr, &len,
&tpmData.stclear.flags)
- || tpm_unmarshal_TPM_PERMANENT_FLAGS(&ptr, &len,
&tpmData.permanent.flags)
-+ || tpm_unmarshal_TPM_STANY_FLAGS(&ptr, &len, &tpmData.stany.flags)
- || tpm_unmarshal_BOOL(&ptr, &len,
&tpmData.permanent.flags.selfTestSucceeded)
- || tpm_unmarshal_BOOL(&ptr, &len, &tpmData.permanent.flags.owned)
-- || tpm_unmarshal_TPM_PERMANENT_DATA(&ptr, &len,
&tpmData.permanent.data)) {
-+ || tpm_unmarshal_TPM_STCLEAR_DATA(&ptr, &len, &tpmData.stclear.data)
-+ || tpm_unmarshal_TPM_PERMANENT_DATA(&ptr, &len,
&tpmData.permanent.data)
-+ || tpm_unmarshal_TPM_STANY_DATA(&ptr, &len, &tpmData.stany.data)) {
- tpm_free(buf);
- return -1;
- }
-+
- tpm_free(buf);
- return 0;
- }
-
- int tpm_erase_permanent_data(void)
- {
-- int res = write_to_file("", 0);
-+ int res = write_to_file((uint8_t *) "", 0);
- return res;
- }
-
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_deprecated.c
tpm_emulator/tpm/tpm_deprecated.c
---- orig/tpm_emulator-0.4/tpm/tpm_deprecated.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_deprecated.c 2006-07-24 14:35:35.000000000
-0700
-@@ -1,6 +1,7 @@
- /* Software-Based Trusted Platform Module (TPM) Emulator for Linux
- * Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
- * Swiss Federal Institute of Technology (ETH) Zurich
-+ * Copyright (C) 2005 INTEL Corp
- *
- * This module is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
-@@ -50,7 +51,7 @@ TPM_RESULT TPM_SaveKeyContext(TPM_KEY_HA
- BYTE *ptr;
- UINT32 len;
- info("TPM_SaveKeyContext()");
-- res = TPM_SaveContext(keyHandle, TPM_RT_KEY, "SaveKeyContext..",
-+ res = TPM_SaveContext(keyHandle, TPM_RT_KEY, (BYTE*)"SaveKeyContext..",
- keyContextSize, &contextBlob);
- if (res != TPM_SUCCESS) return res;
- len = *keyContextSize;
-@@ -82,7 +83,7 @@ TPM_RESULT TPM_SaveAuthContext(TPM_AUTHH
- BYTE *ptr;
- UINT32 len;
- info("TPM_SaveAuthContext()");
-- res = TPM_SaveContext(authHandle, TPM_RT_KEY, "SaveAuthContext.",
-+ res = TPM_SaveContext(authHandle, TPM_RT_KEY,
(BYTE*)"SaveAuthContext.",
- authContextSize, &contextBlob);
- if (res != TPM_SUCCESS) return res;
- len = *authContextSize;
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_emulator.h
tpm_emulator/tpm/tpm_emulator.h
---- orig/tpm_emulator-0.4/tpm/tpm_emulator.h 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_emulator.h 2006-07-24 14:35:35.000000000 -0700
-@@ -1,5 +1,6 @@
- /* Software-Based Trusted Platform Module (TPM) Emulator for Linux
- * Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
-+ * Copyright (C) 2005 INTEL Corp
- *
- * This module is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
-@@ -22,7 +23,8 @@
- /* TPM configuration */
- #define TPM_STORE_TO_FILE 1
- #undef TPM_STRONG_PERSISTENCE
--#undef TPM_GENERATE_EK
-+//#undef TPM_GENERATE_EK
-+#define TPM_GENERATE_EK
- #undef TPM_GENERATE_SEED_DAA
-
- #define TPM_MANUFACTURER 0x4554485A /* 'ETHZ' */
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_marshalling.c
tpm_emulator/tpm/tpm_marshalling.c
---- orig/tpm_emulator-0.4/tpm/tpm_marshalling.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_marshalling.c 2006-07-24 14:35:35.000000000
-0700
-@@ -1312,7 +1312,7 @@ int tpm_unmarshal_TPM_STANY_FLAGS(BYTE *
-
- int tpm_marshal_RSA(BYTE **ptr, UINT32 *length, rsa_private_key_t *v)
- {
-- UINT32 m_len, e_len, q_len;
-+ size_t m_len, e_len, q_len;
- if (*length < sizeof_RSA((*v))) return -1;
- if (v->size > 0) {
- rsa_export_modulus(v, &(*ptr)[6], &m_len);
-@@ -1460,6 +1460,66 @@ int tpm_unmarshal_TPM_PERMANENT_DATA(BYT
- return 0;
- }
-
-+int tpm_marshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length,
TPM_STCLEAR_DATA *v)
-+{
-+ if (tpm_marshal_TPM_STRUCTURE_TAG(ptr, length, v->tag)
-+ || tpm_marshal_TPM_NONCE(ptr, length, &v->contextNonceKey)
-+ || tpm_marshal_TPM_COUNT_ID(ptr, length, v->countID) ) return -1;
-+
-+ return 0;
-+}
-+
-+int tpm_unmarshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length,
TPM_STCLEAR_DATA *v)
-+{
-+ if (tpm_unmarshal_TPM_STRUCTURE_TAG(ptr, length, &v->tag)
-+ || tpm_unmarshal_TPM_NONCE(ptr, length, &v->contextNonceKey)
-+ || tpm_unmarshal_TPM_COUNT_ID(ptr, length, &v->countID) ) return -1;
-+
-+ return 0;
-+}
-+
-+int tpm_marshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length,
TPM_STANY_DATA *v)
-+{
-+ UINT32 i;
-+ if (tpm_marshal_TPM_STRUCTURE_TAG(ptr, length, v->tag)
-+ || tpm_marshal_TPM_NONCE(ptr, length, &v->contextNonceSession)
-+ || tpm_marshal_TPM_DIGEST(ptr, length, &v->auditDigest)
-+ || tpm_marshal_BOOL(ptr, length, v->auditSession)
-+ || tpm_marshal_TPM_CURRENT_TICKS(ptr, length, &v->currentTicks)
-+ || tpm_marshal_UINT32(ptr, length, v->contextCount)
-+ || tpm_marshal_UINT32_ARRAY(ptr, length, v->contextList,
TPM_MAX_SESSION_LIST)) return -1;
-+ for (i = 0; i < TPM_MAX_SESSIONS; i++) {
-+ if (tpm_marshal_TPM_SESSION_DATA(ptr, length, &v->sessions[i]))
return -1;
-+ }
-+ for (i = 0; i < TPM_MAX_SESSIONS_DAA; i++) {
-+ if (tpm_marshal_TPM_DAA_SESSION_DATA(ptr, length,
&v->sessionsDAA[i])) return -1;
-+ }
-+ if (tpm_marshal_TPM_TRANSHANDLE(ptr, length, v->transExclusive))
return -1;
-+
-+ return 0;
-+}
-+
-+int tpm_unmarshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length,
TPM_STANY_DATA *v)
-+{
-+ UINT32 i;
-+ if (tpm_unmarshal_TPM_STRUCTURE_TAG(ptr, length, &v->tag)
-+ || tpm_unmarshal_TPM_NONCE(ptr, length, &v->contextNonceSession)
-+ || tpm_unmarshal_TPM_DIGEST(ptr, length, &v->auditDigest)
-+ || tpm_unmarshal_BOOL(ptr, length, &v->auditSession)
-+ || tpm_unmarshal_TPM_CURRENT_TICKS(ptr, length, &v->currentTicks)
-+ || tpm_unmarshal_UINT32(ptr, length, &v->contextCount)
-+ || tpm_unmarshal_UINT32_ARRAY(ptr, length, v->contextList,
TPM_MAX_SESSION_LIST)) return -1;
-+ for (i = 0; i < TPM_MAX_SESSIONS; i++) {
-+ if (tpm_unmarshal_TPM_SESSION_DATA(ptr, length, &v->sessions[i]))
return -1;
-+ }
-+ for (i = 0; i < TPM_MAX_SESSIONS_DAA; i++) {
-+ if (tpm_unmarshal_TPM_DAA_SESSION_DATA(ptr, length,
&v->sessionsDAA[i])) return -1;
-+ }
-+ if (tpm_unmarshal_TPM_TRANSHANDLE(ptr, length, &v->transExclusive))
return -1;
-+
-+ return 0;
-+}
-+
- int tpm_marshal_TPM_SESSION_DATA(BYTE **ptr, UINT32 *length,
TPM_SESSION_DATA *v)
- {
- if (tpm_marshal_BYTE(ptr, length, v->type)
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_marshalling.h
tpm_emulator/tpm/tpm_marshalling.h
---- orig/tpm_emulator-0.4/tpm/tpm_marshalling.h 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_marshalling.h 2006-07-24 14:35:35.000000000
-0700
-@@ -432,6 +432,12 @@ int tpm_unmarshal_TPM_KEY_DATA(BYTE **pt
- int tpm_marshal_TPM_PERMANENT_DATA(BYTE **ptr, UINT32 *length,
TPM_PERMANENT_DATA *);
- int tpm_unmarshal_TPM_PERMANENT_DATA(BYTE **ptr, UINT32 *length,
TPM_PERMANENT_DATA *);
-
-+int tpm_marshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length,
TPM_STCLEAR_DATA *v);
-+int tpm_unmarshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length,
TPM_STCLEAR_DATA *v);
-+
-+int tpm_marshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length,
TPM_STANY_DATA *v);
-+int tpm_unmarshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length,
TPM_STANY_DATA *v);
-+
- int tpm_marshal_TPM_SESSION_DATA(BYTE **ptr, UINT32 *length,
TPM_SESSION_DATA *v);
- int tpm_unmarshal_TPM_SESSION_DATA(BYTE **ptr, UINT32 *length,
TPM_SESSION_DATA *v);
-
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_owner.c
tpm_emulator/tpm/tpm_owner.c
---- orig/tpm_emulator-0.4/tpm/tpm_owner.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_owner.c 2006-07-24 14:35:35.000000000 -0700
-@@ -108,7 +108,7 @@ TPM_RESULT TPM_TakeOwnership(TPM_PROTOCO
- TPM_RESULT res;
- rsa_private_key_t *ek = &tpmData.permanent.data.endorsementKey;
- TPM_KEY_DATA *srk = &tpmData.permanent.data.srk;
-- UINT32 buf_size = ek->size >> 3;
-+ size_t buf_size = ek->size >> 3, key_length;
- BYTE buf[buf_size];
-
- info("TPM_TakeOwnership()");
-@@ -173,7 +173,8 @@ TPM_RESULT TPM_TakeOwnership(TPM_PROTOCO
- return TPM_FAIL;
- }
- rsa_export_modulus(&srk->key, srkPub->pubKey.key,
-- &srkPub->pubKey.keyLength);
-+ &key_length);
-+ srkPub->pubKey.keyLength = (UINT32) key_length;
- /* setup tpmProof and set state to owned */
- tpm_get_random_bytes(tpmData.permanent.data.tpmProof.nonce,
- sizeof(tpmData.permanent.data.tpmProof.nonce));
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_startup.c
tpm_emulator/tpm/tpm_startup.c
---- orig/tpm_emulator-0.4/tpm/tpm_startup.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_startup.c 2006-07-24 14:35:35.000000000 -0700
-@@ -41,26 +41,29 @@ void TPM_Init(TPM_STARTUP_TYPE startupTy
- TPM_RESULT TPM_Startup(TPM_STARTUP_TYPE startupType)
- {
- int i;
-+ int restore_fail;
- info("TPM_Startup(%d)", startupType);
- if (tpmData.stany.flags.postInitialise == FALSE) return
TPM_INVALID_POSTINIT;
-- /* reset STANY_FLAGS */
-- SET_TO_ZERO(&tpmData.stany.flags);
-- tpmData.stany.flags.tag = TPM_TAG_STANY_FLAGS;
-- /* reset STANY_DATA (invalidates ALL sessions) */
-- SET_TO_ZERO(&tpmData.stany.data);
-- tpmData.stany.data.tag = TPM_TAG_STANY_DATA;
-- /* init session-context nonce */
-- SET_TO_RAND(&tpmData.stany.data.contextNonceSession);
-+
-+ /* try and restore state to get EK, SRK, etc */
-+ restore_fail = tpm_restore_permanent_data();
-+
- /* set data and flags according to the given startup type */
- if (startupType == TPM_ST_CLEAR) {
-- /* if available, restore permanent data */
-- tpm_restore_permanent_data();
-+ /* reset STANY_FLAGS */
-+ SET_TO_ZERO(&tpmData.stany.flags);
-+ tpmData.stany.flags.tag = TPM_TAG_STANY_FLAGS;
-+ /* reset STANY_DATA (invalidates ALL sessions) */
-+ SET_TO_ZERO(&tpmData.stany.data);
-+ tpmData.stany.data.tag = TPM_TAG_STANY_DATA;
-+ /* init session-context nonce */
-+ SET_TO_RAND(&tpmData.stany.data.contextNonceSession);
- /* reset PCR values */
- for (i = 0; i < TPM_NUM_PCR; i++) {
-- if (tpmData.permanent.data.pcrAttrib[i].pcrReset)
-- SET_TO_ZERO(tpmData.permanent.data.pcrValue[i].digest);
-+ if (!tpmData.permanent.data.pcrAttrib[i].pcrReset)
-+ SET_TO_ZERO(&tpmData.permanent.data.pcrValue[i].digest);
- else
-- SET_TO_0xFF(tpmData.permanent.data.pcrValue[i].digest);
-+ SET_TO_0xFF(&tpmData.permanent.data.pcrValue[i].digest);
- }
- /* reset STCLEAR_FLAGS */
- SET_TO_ZERO(&tpmData.stclear.flags);
-@@ -79,7 +82,8 @@ TPM_RESULT TPM_Startup(TPM_STARTUP_TYPE
- /* init key-context nonce */
- SET_TO_RAND(&tpmData.stclear.data.contextNonceKey);
- } else if (startupType == TPM_ST_STATE) {
-- if (tpm_restore_permanent_data()) {
-+ /* restore must have been successful for TPM_ST_STATE */
-+ if (restore_fail) {
- error("restoring permanent data failed");
- tpmData.permanent.data.testResult =
"tpm_restore_permanent_data() failed";
- tpmData.permanent.flags.selfTestSucceeded = FALSE;
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_storage.c
tpm_emulator/tpm/tpm_storage.c
---- orig/tpm_emulator-0.4/tpm/tpm_storage.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_storage.c 2006-07-24 14:35:35.000000000 -0700
-@@ -58,6 +58,7 @@ int encrypt_sealed_data(TPM_KEY_DATA *ke
- BYTE *enc, UINT32 *enc_size)
- {
- UINT32 len;
-+ size_t enc_size32 = *enc_size;
- BYTE *buf, *ptr;
- rsa_public_key_t pub_key;
- int scheme;
-@@ -72,7 +73,7 @@ int encrypt_sealed_data(TPM_KEY_DATA *ke
- if (buf == NULL
- || tpm_marshal_TPM_SEALED_DATA(&ptr, &len, seal)
- || rsa_encrypt(&pub_key, scheme, buf,
sizeof_TPM_SEALED_DATA((*seal)),
-- enc, enc_size)) {
-+ enc, &enc_size32)) {
- tpm_free(buf);
- rsa_release_public_key(&pub_key);
- return -1;
-@@ -85,7 +86,8 @@ int encrypt_sealed_data(TPM_KEY_DATA *ke
- int decrypt_sealed_data(TPM_KEY_DATA *key, BYTE *enc, UINT32 enc_size,
- TPM_SEALED_DATA *seal, BYTE **buf)
- {
-- UINT32 len;
-+ size_t len;
-+ UINT32 len32;
- BYTE *ptr;
- int scheme;
- switch (key->encScheme) {
-@@ -96,8 +98,12 @@ int decrypt_sealed_data(TPM_KEY_DATA *ke
- len = enc_size;
- *buf = ptr = tpm_malloc(len);
- if (*buf == NULL
-- || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len)
-- || tpm_unmarshal_TPM_SEALED_DATA(&ptr, &len, seal)) {
-+ || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) ){
-+ tpm_free(*buf);
-+ return -1;
-+ }
-+ len32 = len;
-+ if (tpm_unmarshal_TPM_SEALED_DATA(&ptr, &len32, seal)) {
- tpm_free(*buf);
- return -1;
- }
-@@ -240,11 +246,12 @@ TPM_RESULT TPM_Unseal(TPM_KEY_HANDLE par
-
- TPM_RESULT TPM_UnBind(TPM_KEY_HANDLE keyHandle, UINT32 inDataSize,
- BYTE *inData, TPM_AUTH *auth1,
-- UINT32 *outDataSize, BYTE **outData)
-+ UINT32 *outDataSize32, BYTE **outData)
- {
- TPM_RESULT res;
- TPM_KEY_DATA *key;
- int scheme;
-+ size_t outDataSize;
-
- info("TPM_UnBind()");
- /* get key */
-@@ -262,8 +269,8 @@ TPM_RESULT TPM_UnBind(TPM_KEY_HANDLE key
- /* the size of the input data muss be greater than zero */
- if (inDataSize == 0) return TPM_BAD_PARAMETER;
- /* decrypt data */
-- *outDataSize = inDataSize;
-- *outData = tpm_malloc(*outDataSize);
-+ outDataSize = inDataSize;
-+ *outData = tpm_malloc(outDataSize);
- if (*outData == NULL) return TPM_NOSPACE;
- switch (key->encScheme) {
- case TPM_ES_RSAESOAEP_SHA1_MGF1: scheme = RSA_ES_OAEP_SHA1; break;
-@@ -271,20 +278,21 @@ TPM_RESULT TPM_UnBind(TPM_KEY_HANDLE key
- default: tpm_free(*outData); return TPM_DECRYPT_ERROR;
- }
- if (rsa_decrypt(&key->key, scheme, inData, inDataSize,
-- *outData, outDataSize)) {
-+ *outData, &outDataSize)) {
- tpm_free(*outData);
- return TPM_DECRYPT_ERROR;
- }
- /* verify data if it is of type TPM_BOUND_DATA */
- if (key->encScheme == TPM_ES_RSAESOAEP_SHA1_MGF1
- || key->keyUsage != TPM_KEY_LEGACY) {
-- if (*outDataSize < 5 || memcmp(*outData, "\x01\x01\00\x00\x02", 5)
!= 0) {
-+ if (outDataSize < 5 || memcmp(*outData, "\x01\x01\00\x00\x02", 5)
!= 0) {
- tpm_free(*outData);
- return TPM_DECRYPT_ERROR;
- }
-- *outDataSize -= 5;
-- memmove(*outData, &(*outData)[5], *outDataSize);
-+ outDataSize -= 5;
-+ memmove(*outData, &(*outData)[5], outDataSize);
- }
-+ *outDataSize32 = (UINT32) outDataSize;
- return TPM_SUCCESS;
- }
-
-@@ -334,12 +342,13 @@ int compute_pubkey_digest(TPM_PUBKEY *ke
- }
-
- int encrypt_private_key(TPM_KEY_DATA *key, TPM_STORE_ASYMKEY *store,
-- BYTE *enc, UINT32 *enc_size)
-+ BYTE *enc, UINT32 *enc_size32)
- {
- UINT32 len;
- BYTE *buf, *ptr;
- rsa_public_key_t pub_key;
- int scheme;
-+ size_t enc_size;
- switch (key->encScheme) {
- case TPM_ES_RSAESOAEP_SHA1_MGF1: scheme = RSA_ES_OAEP_SHA1; break;
- case TPM_ES_RSAESPKCSv15: scheme = RSA_ES_PKCSV15; break;
-@@ -351,11 +360,12 @@ int encrypt_private_key(TPM_KEY_DATA *ke
- if (buf == NULL
- || tpm_marshal_TPM_STORE_ASYMKEY(&ptr, &len, store)
- || rsa_encrypt(&pub_key, scheme, buf,
sizeof_TPM_STORE_ASYMKEY((*store)),
-- enc, enc_size)) {
-+ enc, &enc_size)) {
- tpm_free(buf);
- rsa_release_public_key(&pub_key);
- return -1;
- }
-+ *enc_size32 = (UINT32) enc_size;
- tpm_free(buf);
- rsa_release_public_key(&pub_key);
- return 0;
-@@ -364,7 +374,8 @@ int encrypt_private_key(TPM_KEY_DATA *ke
- int decrypt_private_key(TPM_KEY_DATA *key, BYTE *enc, UINT32 enc_size,
- TPM_STORE_ASYMKEY *store, BYTE **buf)
- {
-- UINT32 len;
-+ UINT32 len32;
-+ size_t len;
- BYTE *ptr;
- int scheme;
- switch (key->encScheme) {
-@@ -375,8 +386,12 @@ int decrypt_private_key(TPM_KEY_DATA *ke
- len = enc_size;
- *buf = ptr = tpm_malloc(len);
- if (*buf == NULL
-- || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len)
-- || tpm_unmarshal_TPM_STORE_ASYMKEY(&ptr, &len, store)) {
-+ || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) ) {
-+ tpm_free(*buf);
-+ return -1;
-+ }
-+ len32 = (UINT32) len;
-+ if (tpm_unmarshal_TPM_STORE_ASYMKEY(&ptr, &len32, store)) {
- tpm_free(*buf);
- return -1;
- }
-@@ -394,7 +409,7 @@ TPM_RESULT TPM_CreateWrapKey(TPM_KEY_HAN
- TPM_SESSION_DATA *session;
- TPM_STORE_ASYMKEY store;
- rsa_private_key_t rsa;
-- UINT32 key_length;
-+ size_t key_length;
-
- info("TPM_CreateWrapKey()");
- /* get parent key */
-@@ -450,11 +465,11 @@ TPM_RESULT TPM_CreateWrapKey(TPM_KEY_HAN
- }
- }
- /* generate key and store it */
-- key_length = keyInfo->algorithmParms.parms.rsa.keyLength;
-- if (rsa_generate_key(&rsa, key_length)) return TPM_FAIL;
-- wrappedKey->pubKey.keyLength = key_length >> 3;
-+ if (rsa_generate_key(&rsa,
keyInfo->algorithmParms.parms.rsa.keyLength))
-+ return TPM_FAIL;
-+ wrappedKey->pubKey.keyLength =
keyInfo->algorithmParms.parms.rsa.keyLength >> 3;
- wrappedKey->pubKey.key = tpm_malloc(wrappedKey->pubKey.keyLength);
-- store.privKey.keyLength = key_length >> 4;
-+ store.privKey.keyLength =
keyInfo->algorithmParms.parms.rsa.keyLength >> 4;
- store.privKey.key = tpm_malloc(store.privKey.keyLength);
- wrappedKey->encDataSize = parent->key.size >> 3;
- wrappedKey->encData = tpm_malloc(wrappedKey->encDataSize);
-@@ -466,9 +481,11 @@ TPM_RESULT TPM_CreateWrapKey(TPM_KEY_HAN
- tpm_free(wrappedKey->encData);
- return TPM_NOSPACE;
- }
-- rsa_export_modulus(&rsa, wrappedKey->pubKey.key,
-- &wrappedKey->pubKey.keyLength);
-- rsa_export_prime1(&rsa, store.privKey.key, &store.privKey.keyLength);
-+ rsa_export_modulus(&rsa, wrappedKey->pubKey.key,
-+ &key_length);
-+ wrappedKey->pubKey.keyLength = (UINT32) key_length;
-+ rsa_export_prime1(&rsa, store.privKey.key, &key_length);
-+ store.privKey.keyLength = (UINT32) key_length;
- rsa_release_private_key(&rsa);
- /* compute the digest of the wrapped key (without encData) */
- if (compute_key_digest(wrappedKey, &store.pubDataDigest)) {
-@@ -602,6 +619,7 @@ TPM_RESULT TPM_LoadKey2(TPM_KEY_HANDLE p
-
- int tpm_setup_key_parms(TPM_KEY_DATA *key, TPM_KEY_PARMS *parms)
- {
-+ size_t key_length;
- parms->algorithmID = TPM_ALG_RSA;
- parms->encScheme = key->encScheme;
- parms->sigScheme = key->sigScheme;
-@@ -611,7 +629,8 @@ int tpm_setup_key_parms(TPM_KEY_DATA *ke
- parms->parms.rsa.exponent = tpm_malloc(parms->parms.rsa.exponentSize);
- if (parms->parms.rsa.exponent == NULL) return -1;
- rsa_export_exponent(&key->key, parms->parms.rsa.exponent,
-- &parms->parms.rsa.exponentSize);
-+ &key_length);
-+ parms->parms.rsa.exponentSize = (UINT32) key_length;
- parms->parmSize = 12 + parms->parms.rsa.exponentSize;
- return 0;
- }
-@@ -622,6 +641,7 @@ TPM_RESULT TPM_GetPubKey(TPM_KEY_HANDLE
- TPM_RESULT res;
- TPM_KEY_DATA *key;
- TPM_DIGEST digest;
-+ size_t key_length;
- info("TPM_GetPubKey()");
- /* get key */
- if (keyHandle == TPM_KH_SRK
-@@ -650,8 +670,8 @@ TPM_RESULT TPM_GetPubKey(TPM_KEY_HANDLE
- pubKey->pubKey.keyLength = key->key.size >> 3;
- pubKey->pubKey.key = tpm_malloc(pubKey->pubKey.keyLength);
- if (pubKey->pubKey.key == NULL) return TPM_NOSPACE;
-- rsa_export_modulus(&key->key, pubKey->pubKey.key,
-- &pubKey->pubKey.keyLength);
-+ rsa_export_modulus(&key->key, pubKey->pubKey.key, &key_length);
-+ pubKey->pubKey.keyLength = (UINT32) key_length;
- if (tpm_setup_key_parms(key, &pubKey->algorithmParms) != 0) {
- error("TPM_GetPubKey(): tpm_setup_key_parms() failed.");
- tpm_free(pubKey->pubKey.key);
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_structures.h
tpm_emulator/tpm/tpm_structures.h
---- orig/tpm_emulator-0.4/tpm/tpm_structures.h 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_structures.h 2006-07-24 14:35:35.000000000
-0700
-@@ -1958,6 +1958,7 @@ typedef struct tdTPM_DAA_ISSUER {
- TPM_DIGEST DAA_digest_gamma;
- BYTE DAA_generic_q[26];
- } TPM_DAA_ISSUER;
-+#define sizeof_TPM_DAA_ISSUER(s) (2 + (20 * 6) + 26 )
-
- /*
- * TPM_DAA_TPM ([TPM_Part2], Section 22.4)
-@@ -1973,6 +1974,7 @@ typedef struct tdTPM_DAA_TPM {
- TPM_DIGEST DAA_rekey;
- UINT32 DAA_count;
- } TPM_DAA_TPM;
-+#define sizeof_TPM_DAA_TPM(s) (2 + (4 * 20) + 4)
-
- /*
- * TPM_DAA_CONTEXT ([TPM_Part2], Section 22.5)
-@@ -1987,6 +1989,7 @@ typedef struct tdTPM_DAA_CONTEXT {
- BYTE DAA_scratch[256];
- BYTE DAA_stage;
- } TPM_DAA_CONTEXT;
-+#define sizeof_TPM_DAA_CONTEXT(s) (2 + (3 * 20) + 256 + 1)
-
- /*
- * TPM_DAA_JOINDATA ([TPM_Part2], Section 22.6)
-@@ -1998,6 +2001,7 @@ typedef struct tdTPM_DAA_JOINDATA {
- BYTE DAA_join_u1[138];
- TPM_DIGEST DAA_digest_n0;
- } TPM_DAA_JOINDATA;
-+#define sizeof_TPM_DAA_JOINDATA(s) (1 + 1 + 20)
-
- /*
- * TPM_DAA_BLOB ([TPM_Part2], Section 22.8)
-@@ -2202,6 +2206,7 @@ typedef struct tdTPM_STCLEAR_DATA {
- //UINT32 ownerReference;
- //BOOL disableResetLock;
- } TPM_STCLEAR_DATA;
-+#define sizeof_TPM_STCLEAR_DATA(s) (2 + 20 + 4)
-
- /*
- * TPM_SESSION_DATA
-@@ -2238,6 +2243,11 @@ typedef struct tdTPM_DAA_SESSION_DATA {
- TPM_DAA_JOINDATA DAA_joinSession;
- TPM_HANDLE handle;
- } TPM_DAA_SESSION_DATA;
-+#define sizeof_TPM_DAA_SESSION_DATA(s) ( 1 \
-+ + sizeof_TPM_DAA_ISSUER(s.DAA_issuerSettings) \
-+ + sizeof_TPM_DAA_TPM(s.DAA_tpmSpecific) \
-+ + sizeof_TPM_DAA_CONTEXT(s.DAA_session) \
-+ + sizeof_TPM_DAA_JOINDATA(s.DAA_joinSession) + 4)
-
- /*
- * TPM_STANY_DATA ([TPM_Part2], Section 7.6)
-@@ -2262,6 +2272,11 @@ typedef struct tdTPM_STANY_DATA {
- TPM_DAAHANDLE currentDAA;
- TPM_TRANSHANDLE transExclusive;
- } TPM_STANY_DATA;
-+#define sizeof_TPM_STANY_DATA(s) (2 + 20 + 20 + 1 \
-+ + sizeof_TPM_CURRENT_TICKS(s.currentTicks) \
-+ + 4 + (4 * TPM_MAX_SESSION_LIST) \
-+ + (sizeof_TPM_SESSION_DATA(s.sessions[0]) * TPM_MAX_SESSION_LIST) \
-+ + (sizeof_TPM_DAA_SESSION_DATA(s.sessionsDAA[0]) *
TPM_MAX_SESSIONS_DAA) + 4)
-
- /*
- * TPM_DATA
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_testing.c
tpm_emulator/tpm/tpm_testing.c
---- orig/tpm_emulator-0.4/tpm/tpm_testing.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_testing.c 2006-07-24 14:35:35.000000000 -0700
-@@ -1,6 +1,7 @@
- /* Software-Based Trusted Platform Module (TPM) Emulator for Linux
- * Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
- * Swiss Federal Institute of Technology (ETH) Zurich
-+ * Copyright (C) 2005 INTEL Corp
- *
- * This module is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
-@@ -95,24 +96,24 @@ static int tpm_test_sha1(void)
- struct {
- uint8_t *data; uint32_t repetitions; uint8_t *digest;
- } test_cases[] = {{
-- "abc", 1,
--
"\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D"
-+ (uint8_t*)"abc", 1,
-+
(uint8_t*)"\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D"
- }, {
-- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,
--
"\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1"
-+
(uint8_t*)"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,
-+
(uint8_t*)"\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1"
- }, {
-- "a", 1000000,
--
"\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F"
-+ (uint8_t*)"a", 1000000,
-+
(uint8_t*)"\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F"
- }, {
--
"0123456701234567012345670123456701234567012345670123456701234567", 10,
--
"\xDE\xA3\x56\xA2\xCD\xDD\x90\xC7\xA7\xEC\xED\xC5\xEB\xB5\x63\x93\x4F\x46\x04\x52"
-+
(uint8_t*)"0123456701234567012345670123456701234567012345670123456701234567",
10,
-+
(uint8_t*)"\xDE\xA3\x56\xA2\xCD\xDD\x90\xC7\xA7\xEC\xED\xC5\xEB\xB5\x63\x93\x4F\x46\x04\x52"
- }};
-
- debug("tpm_test_sha1()");
- for (i = 0; i < sizeof(test_cases) / sizeof(test_cases[0]); i++) {
- sha1_init(&ctx);
- for (j = 0; j < test_cases[i].repetitions; j++)
-- sha1_update(&ctx, test_cases[i].data, strlen(test_cases[i].data));
-+ sha1_update(&ctx, test_cases[i].data,
strlen((char*)test_cases[i].data));
- sha1_final(&ctx, digest);
- if (memcmp(digest, test_cases[i].digest, SHA1_DIGEST_LENGTH) != 0)
return -1;
- }
-@@ -128,41 +129,41 @@ static int tpm_test_hmac(void)
- struct {
- uint8_t *key, key_len, *data, data_len, *digest;
- } test_cases[] = {{
-- "\x0b", 20, "Hi There", 8,
--
"\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00"
-+ (uint8_t*)"\x0b", 20, (uint8_t*)"Hi There", 8,
-+
(uint8_t*)"\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00"
- }, {
-- "Jefe", 4, "what do ya want for nothing?", 28,
--
"\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79"
-+ (uint8_t*)"Jefe", 4, (uint8_t*)"what do ya want for nothing?", 28,
-+
(uint8_t*)"\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79"
- }, {
-- "\xaa", 20, "\xdd", 50,
--
"\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f\x63\xf1\x75\xd3"
-+ (uint8_t*)"\xaa", 20, (uint8_t*)"\xdd", 50,
-+
(uint8_t*)"\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f\x63\xf1\x75\xd3"
- }, {
--
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14"
-- "\x15\x16\x17\x18\x19", 25, "\xcd", 50,
--
"\x4c\x90\x07\xf4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c\x2d\x72\x35\xda"
-+
(uint8_t*)"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14"
-+ "\x15\x16\x17\x18\x19", 25, (uint8_t*)"\xcd", 50,
-+
(uint8_t*)"\x4c\x90\x07\xf4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c\x2d\x72\x35\xda"
- }, {
-- "\x0c", 20, "Test With Truncation", 20,
--
"\x4c\x1a\x03\x42\x4b\x55\xe0\x7f\xe7\xf2\x7b\xe1\xd5\x8b\xb9\x32\x4a\x9a\x5a\x04"
-+ (uint8_t*)"\x0c", 20, (uint8_t*)"Test With Truncation", 20,
-+
(uint8_t*)"\x4c\x1a\x03\x42\x4b\x55\xe0\x7f\xe7\xf2\x7b\xe1\xd5\x8b\xb9\x32\x4a\x9a\x5a\x04"
- }, {
-- "\xaa", 80, "Test Using Larger Than Block-Size Key - Hash Key
First", 54,
--
"\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55\xed\x40\x21\x12"
-+ (uint8_t*)"\xaa", 80, (uint8_t*)"Test Using Larger Than Block-Size
Key - Hash Key First", 54,
-+
(uint8_t*)"\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55\xed\x40\x21\x12"
- }, {
-- "\xaa", 80,
-- "Test Using Larger Than Block-Size Key and Larger Than One
Block-Size Data", 73,
--
"\xe8\xe9\x9d\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08\xbb\xff\x1a\x91"
-+ (uint8_t*)"\xaa", 80,
-+ (uint8_t*)"Test Using Larger Than Block-Size Key and Larger Than
One Block-Size Data", 73,
-+
(uint8_t*)"\xe8\xe9\x9d\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08\xbb\xff\x1a\x91"
- }};
-
- debug("tpm_test_hmac()");
- for (i = 0; i < sizeof(test_cases) / sizeof(test_cases[0]); i++) {
-- if (strlen(test_cases[i].key) < test_cases[i].key_len) {
-+ if (strlen((char*)test_cases[i].key) < test_cases[i].key_len) {
- uint8_t key[test_cases[i].key_len];
- memset(key, test_cases[i].key[0], test_cases[i].key_len);
- hmac_init(&ctx, key, test_cases[i].key_len);
- } else {
- hmac_init(&ctx, test_cases[i].key, test_cases[i].key_len);
- }
-- for (j = 0; j < test_cases[i].data_len; j +=
strlen(test_cases[i].data)) {
-- hmac_update(&ctx, test_cases[i].data, strlen(test_cases[i].data));
-+ for (j = 0; j < test_cases[i].data_len; j +=
strlen((char*)test_cases[i].data)) {
-+ hmac_update(&ctx, test_cases[i].data,
strlen((char*)test_cases[i].data));
- }
- hmac_final(&ctx, digest);
- if (memcmp(digest, test_cases[i].digest, SHA1_DIGEST_LENGTH) != 0)
return -1;
-@@ -173,9 +174,9 @@ static int tpm_test_hmac(void)
- static int tpm_test_rsa_EK(void)
- {
- int res = 0;
-- char *data = "RSA PKCS #1 v1.5 Test-String";
-+ uint8_t *data = (uint8_t*)"RSA PKCS #1 v1.5 Test-String";
- uint8_t buf[256];
-- size_t buf_len, data_len = strlen(data);
-+ size_t buf_len, data_len = strlen((char*)data);
- rsa_private_key_t priv_key;
- rsa_public_key_t pub_key;
-
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_ticks.c
tpm_emulator/tpm/tpm_ticks.c
---- orig/tpm_emulator-0.4/tpm/tpm_ticks.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_ticks.c 2006-07-24 14:35:35.000000000 -0700
-@@ -1,6 +1,7 @@
- /* Software-Based Trusted Platform Module (TPM) Emulator for Linux
- * Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
- * Swiss Federal Institute of Technology (ETH) Zurich
-+ * Copyright (C) 2005 INTEL Corp
- *
- * This module is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
-@@ -39,9 +40,7 @@ TPM_RESULT TPM_SetTickType(TPM_TICKTYPE
- TPM_RESULT TPM_GetTicks(TPM_CURRENT_TICKS *currentTime)
- {
- info("TPM_GetTicks()");
-- memcpy(currentTime, &tpmData.stany.data.currentTicks,
-- sizeof(TPM_CURRENT_TICKS));
-- return TPM_SUCCESS;
-+ return TPM_DISABLED_CMD;
- }
-
- TPM_RESULT TPM_TickStampBlob(TPM_KEY_HANDLE keyHandle, TPM_NONCE
*antiReplay,
-@@ -49,64 +48,11 @@ TPM_RESULT TPM_TickStampBlob(TPM_KEY_HAN
- TPM_CURRENT_TICKS *currentTicks,
- UINT32 *sigSize, BYTE **sig)
- {
-- TPM_RESULT res;
-- TPM_KEY_DATA *key;
-- BYTE *info, *p;
-- UINT32 info_length, length;
- info("TPM_TickStampBlob()");
-- /* get key */
-- key = tpm_get_key(keyHandle);
-- if (key == NULL) return TPM_INVALID_KEYHANDLE;
-- /* verify authorization */
-- res = tpm_verify_auth(auth1, key->usageAuth, keyHandle);
-- if (res != TPM_SUCCESS) return res;
-- if (key->keyUsage != TPM_KEY_SIGNING && key->keyUsage != TPM_KEY_LEGACY
-- && key->keyUsage != TPM_KEY_IDENTITY) return TPM_INVALID_KEYUSAGE;
-- /* get current ticks */
-- TPM_GetTicks(currentTicks);
-- /* sign data using signature scheme PKCS1_SHA1 and TPM_SIGN_INFO
container */
-- *sigSize = key->key.size >> 3;
-- *sig = tpm_malloc(*sigSize);
-- if (*sig == NULL) return TPM_FAIL;
-- /* setup TPM_SIGN_INFO structure */
-- info_length = 30 + sizeof(TPM_DIGEST) +
sizeof_TPM_CURRENT_TICKS(currentTicks);
-- info = tpm_malloc(info_length);
-- if (info == NULL) {
-- tpm_free(*sig);
-- return TPM_FAIL;
-- }
-- memcpy(&info[0], "\x05\x00TSTP", 6);
-- memcpy(&info[6], antiReplay->nonce, 20);
-- *(UINT32*)&info[26] = CPU_TO_BE32(20
-- + sizeof_TPM_CURRENT_TICKS(currentTicks));
-- memcpy(&info[30], digestToStamp->digest, sizeof(TPM_DIGEST));
-- p = &info[30 + sizeof(TPM_DIGEST)];
-- length = sizeof_TPM_CURRENT_TICKS(currentTicks);
-- if (tpm_marshal_TPM_CURRENT_TICKS(&p, &length, currentTicks)
-- || rsa_sign(&key->key, RSA_SSA_PKCS1_SHA1, info, info_length,
*sig)) {
-- tpm_free(*sig);
-- tpm_free(info);
-- return TPM_FAIL;
-- }
-- return TPM_SUCCESS;
-+ return TPM_DISABLED_CMD;
- }
-
- void tpm_update_ticks(void)
- {
-- if (tpmData.stany.data.currentTicks.tag == 0) {
-- tpmData.stany.data.currentTicks.tag = TPM_TAG_CURRENT_TICKS;
-- tpmData.stany.data.currentTicks.currentTicks += tpm_get_ticks();
--/* removed since v1.2 rev 94
-- tpmData.stany.data.currentTicks.tickType =
tpmData.permanent.data.tickType;
--*/
-- tpm_get_random_bytes(tpmData.stany.data.currentTicks.tickNonce.nonce,
-- sizeof(TPM_NONCE));
-- tpmData.stany.data.currentTicks.tickRate = 1;
--/* removed since v1.2 rev 94
-- tpmData.stany.data.currentTicks.tickSecurity = TICK_SEC_NO_CHECK;
--*/
-- } else {
-- tpmData.stany.data.currentTicks.currentTicks += tpm_get_ticks();
-- }
- }
-
-diff -uprN orig/tpm_emulator-0.4/tpm/tpm_transport.c
tpm_emulator/tpm/tpm_transport.c
---- orig/tpm_emulator-0.4/tpm/tpm_transport.c 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm/tpm_transport.c 2006-07-24 14:35:35.000000000 -0700
-@@ -189,7 +189,7 @@ static void decrypt_wrapped_command(BYTE
- sha1_init(&sha1);
- sha1_update(&sha1, auth->nonceEven.nonce,
sizeof(auth->nonceEven.nonce));
- sha1_update(&sha1, auth->nonceOdd.nonce,
sizeof(auth->nonceOdd.nonce));
-- sha1_update(&sha1, "in", 2);
-+ sha1_update(&sha1, (BYTE*)"in", 2);
- sha1_update(&sha1, secret, sizeof(TPM_SECRET));
- j = CPU_TO_BE32(i);
- sha1_update(&sha1, (BYTE*)&j, 4);
-@@ -211,7 +211,7 @@ static void encrypt_wrapped_command(BYTE
- sha1_init(&sha1);
- sha1_update(&sha1, auth->nonceEven.nonce,
sizeof(auth->nonceEven.nonce));
- sha1_update(&sha1, auth->nonceOdd.nonce,
sizeof(auth->nonceOdd.nonce));
-- sha1_update(&sha1, "out", 3);
-+ sha1_update(&sha1, (BYTE*)"out", 3);
- sha1_update(&sha1, secret, sizeof(TPM_SECRET));
- j = CPU_TO_BE32(i);
- sha1_update(&sha1, (BYTE*)&j, 4);
-diff -uprN orig/tpm_emulator-0.4/tpmd.c tpm_emulator/tpmd.c
---- orig/tpm_emulator-0.4/tpmd.c 1969-12-31 16:00:00.000000000 -0800
-+++ tpm_emulator/tpmd.c 2006-07-24 14:35:35.000000000 -0700
-@@ -0,0 +1,156 @@
-+/* Software-Based Trusted Platform Module (TPM) Emulator for Linux
-+ * Copyright (C) 2005 INTEL Corp
-+ *
-+ * This module is free software; you can redistribute it and/or modify
-+ * it under the terms of the GNU General Public License as published
-+ * by the Free Software Foundation; either version 2 of the License,
-+ * or (at your option) any later version.
-+ *
-+ * This module is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ * GNU General Public License for more details.
-+ *
-+ */
-+
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <unistd.h>
-+#include <string.h>
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
-+#include <sys/time.h>
-+
-+#include "tpm_emulator.h"
-+
-+#define TPM_RX_FNAME "/var/tpm/tpm_in.fifo"
-+#define TPM_TX_FNAME "/var/tpm/tpm_out.fifo"
-+
-+#define BUFFER_SIZE 2048
-+
-+static int devurandom=0;
-+
-+void get_random_bytes(void *buf, int nbytes) {
-+
-+ if (devurandom == 0) {
-+ devurandom = open("/dev/urandom", O_RDONLY);
-+ }
-+
-+ if (read(devurandom, buf, nbytes) != nbytes) {
-+ printf("Can't get random number.\n");
-+ exit(-1);
-+ }
-+}
-+
-+uint64_t tpm_get_ticks(void)
-+{
-+ //struct timeval tv;
-+ //int gettimeofday(&tv, struct timezone *tz);
-+ return 0;
-+}
-+
-+int main(int argc, char **argv)
-+{
-+ uint8_t in[BUFFER_SIZE], *out;
-+ uint32_t out_size;
-+ int in_size, written;
-+ int i;
-+ struct stat file_info;
-+
-+ int tpm_tx_fh=-1, tpm_rx_fh=-1;
-+ if (argc < 2) {
-+ printf("Usage: tpmd clear|save|deactivated\n" );
-+ return -1;
-+ }
-+
-+ /* initialize TPM emulator */
-+ if (!strcmp(argv[1], "clear")) {
-+ printf("Initializing tpm: %s\n", argv[1]);
-+ tpm_emulator_init(1);
-+ } else if (!strcmp(argv[1], "save")) {
-+ printf("Initializing tpm: %s\n", argv[1]);
-+ tpm_emulator_init(2);
-+ } else if (!strcmp(argv[1], "deactivated")) {
-+ printf("Initializing tpm: %s\n", argv[1]);
-+ tpm_emulator_init(3);
-+ } else {
-+ printf("invalid startup mode '%s'; must be 'clear', "
-+ "'save' (default) or 'deactivated", argv[1]);
-+ return -1;
-+ }
-+
-+ if ( stat(TPM_RX_FNAME, &file_info) == -1) {
-+ if ( mkfifo(TPM_RX_FNAME, S_IWUSR | S_IRUSR ) ) {
-+ printf("Failed to create fifo %s.\n", TPM_RX_FNAME);
-+ return -1;
-+ }
-+ }
-+
-+ if ( stat(TPM_TX_FNAME, &file_info) == -1) {
-+ if ( mkfifo(TPM_TX_FNAME, S_IWUSR | S_IRUSR ) ) {
-+ printf("Failed to create fifo %s.\n", TPM_TX_FNAME);
-+ return -1;
-+ }
-+ }
-+
-+ while (1) {
-+abort_command:
-+ if (tpm_rx_fh < 0) {
-+ tpm_rx_fh = open(TPM_RX_FNAME, O_RDONLY);
-+ }
-+
-+ if (tpm_rx_fh < 0) {
-+ printf("ERROR: failed to open devices to listen to guest.\n");
-+ return -1;
-+ }
-+
-+ if (tpm_tx_fh < 0) {
-+ tpm_tx_fh = open(TPM_TX_FNAME, O_WRONLY);
-+ }
-+
-+ if (tpm_tx_fh < 0) {
-+ printf("ERROR: failed to open devices to respond to guest.\n");
-+ return -1;
-+ }
-+
-+ in_size = read(tpm_rx_fh, in, BUFFER_SIZE);
-+ if (in_size < 6) { // Magic size of minium TPM command
-+ printf("Recv[%d] to small: 0x", in_size);
-+ if (in_size <= 0) {
-+ close(tpm_rx_fh);
-+ tpm_rx_fh = -1;
-+ goto abort_command;
-+ }
-+ } else {
-+ printf("Recv[%d]: 0x", in_size);
-+ for (i=0; i< in_size; i++)
-+ printf("%x ", in[i]);
-+ printf("\n");
-+ }
-+
-+
-+ if (tpm_handle_command(in, in_size, &out, &out_size) != 0) {
-+ printf("ERROR: Handler Failed.\n");
-+ }
-+
-+ written = write(tpm_tx_fh, out, out_size);
-+
-+ if (written != out_size ) {
-+ printf("ERROR: Part of response not written %d/%d.\nAttempt: ",
written, out_size);
-+ } else {
-+ printf("Sent[%Zu]: ", out_size);
-+ }
-+ for (i=0; i< out_size; i++)
-+ printf("%x ", out[i]);
-+ printf("\n");
-+ tpm_free(out);
-+
-+ } // loop
-+
-+ tpm_emulator_shutdown();
-+
-+ close(tpm_tx_fh);
-+ close(tpm_rx_fh);
-+
-+}
-Binary files orig/tpm_emulator-0.4/tpm_emulator and
tpm_emulator/tpm_emulator differ
-diff -uprN orig/tpm_emulator-0.4/tpm_version.h tpm_emulator/tpm_version.h
---- orig/tpm_emulator-0.4/tpm_version.h 2006-06-23
03:37:07.000000000 -0700
-+++ tpm_emulator/tpm_version.h 2006-07-24 14:35:41.000000000 -0700
-@@ -2,5 +2,5 @@
- #define _TPM_VERSION_H_
- #define VERSION_MAJOR 0
- #define VERSION_MINOR 4
--#define VERSION_BUILD 1151058734
-+#define VERSION_BUILD 1153776940
- #endif /* _TPM_VERSION_H_ */
diff --git a/tools/vtpm/vtpm-0.5.1-LDLIBS.patch
b/tools/vtpm/vtpm-0.5.1-LDLIBS.patch
--- a/tools/vtpm/vtpm-0.5.1-LDLIBS.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -Naurp tpm_emulator-0.5.1/tpmd/Makefile
tpm_emulator-0.5.1/tpmd/Makefile
---- tpm_emulator-0.5.1/tpmd/Makefile
-+++ tpm_emulator-0.5.1/tpmd/Makefile
-@@ -8,7 +8,7 @@ WFLAGS := -Wall -Wno-unused -Wpointer-a
- #WFLAGS += -Wextra -Wcast-qual -Wmissing-prototypes
-Wmissing-declarations -Wstrict-aliasing
- CFLAGS += $(WFLAGS) -g -I.. -I. -O2 -fno-strict-aliasing
- CFLAGS += -I../../../../tools/vtpm_manager/manager
--LDFLAGS += -lgmp
-+LDLIBS += -lgmp
-
- BINDIR := /usr/bin/
-
diff --git a/tools/vtpm/vtpm-0.5.1.patch b/tools/vtpm/vtpm-0.5.1.patch
--- a/tools/vtpm/vtpm-0.5.1.patch
+++ /dev/null
@@ -1,766 +0,0 @@
-diff -Naurp tpm_emulator-0.5.1/Makefile tpm5-test/Makefile
---- tpm_emulator-0.5.1/Makefile 2008-02-14 03:22:48.000000000 -0500
-+++ tpm5-test/Makefile 2009-07-15 09:45:28.000000000 -0400
-@@ -10,7 +10,7 @@ VERSION_MINOR := 5
- VERSION_BUILD := $(shell date +"%s")
- VERSION_SUFFIX := .1
-
--SUBDIRS := tpmd tpmd_dev tddl
-+SUBDIRS := tpmd
-
- all: version all-recursive
-
-@@ -48,12 +48,12 @@ user_install: user
- modules_install: modules
- @$(MAKE) -C tpmd_dev install || exit -1
-
--DIRS := . tpm crypto tpmd tpmd_dev tddl tpmd_dev_openbsd
-+DIRS := . tpm crypto tpmd
- DISTSRC := $(foreach dir, $(DIRS), $(wildcard $(dir)/*.c))
- DISTSRC += $(foreach dir, $(DIRS), $(wildcard $(dir)/*.h))
--DIRS := . tpmd tpmd_dev tddl tpmd_dev_openbsd
-+DIRS := . tpmd
- DISTSRC += $(foreach dir, $(DIRS), $(dir)/Makefile)
--DISTSRC += ./README ./AUTHORS ./ChangeLog tpmd_dev/tpmd_dev.rules.in
-+DISTSRC += ./README ./AUTHORS ./ChangeLog
- DISTDIR := tpm_emulator-$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_SUFFIX)
-
- dist: $(DISTSRC)
-diff -Naurp tpm_emulator-0.5.1/tpm/tpm_capability.c
tpm5-test/tpm/tpm_capability.c
---- tpm_emulator-0.5.1/tpm/tpm_capability.c 2008-02-14
03:22:48.000000000 -0500
-+++ tpm5-test/tpm/tpm_capability.c 2009-07-16 12:04:20.000000000 -0400
-@@ -136,8 +136,19 @@ static TPM_RESULT cap_property(UINT32 su
-
- case TPM_CAP_PROP_TIS_TIMEOUT:
- debug("[TPM_CAP_PROP_TIS_TIMEOUT]");
-- /* TODO: TPM_CAP_PROP_TIS_TIMEOUT */
-- return TPM_FAIL;
-+ /* TODO: TPM_CAP_PROP_TIS_TIMEOUT: Measure these values and
determine correct ones */
-+ UINT32 len = *respSize = 16;
-+ BYTE *ptr = *resp = tpm_malloc(*respSize);
-+ if (ptr == NULL ||
-+ tpm_marshal_UINT32(&ptr, &len, 200000) ||
-+ tpm_marshal_UINT32(&ptr, &len, 200000) ||
-+ tpm_marshal_UINT32(&ptr, &len, 200000) ||
-+ tpm_marshal_UINT32(&ptr, &len, 200000)) {
-+ tpm_free(*resp);
-+ return TPM_FAIL;
-+ }
-+ return TPM_SUCCESS;
-+
-
- case TPM_CAP_PROP_STARTUP_EFFECT:
- debug("[TPM_CAP_PROP_STARTUP_EFFECT]");
-@@ -189,8 +200,12 @@ static TPM_RESULT cap_property(UINT32 su
-
- case TPM_CAP_PROP_DURATION:
- debug("[TPM_CAP_PROP_DURATION]");
-- /* TODO: TPM_CAP_PROP_DURATION */
-- return TPM_FAIL;
-+ /* TODO: TPM_CAP_PROP_DURATION: Measure these values and return
accurate ones */
-+ BYTE dur[]=
{0x0,0x0,0x0,0xc,0x0,0x7,0xa1,0x20,0x0,0x1e,0x84,0x80,0x11,0xe1,0xa3,0x0};
-+ *respSize = 16;
-+ *resp = tpm_malloc(*respSize);
-+ memcpy(*resp,dur,16);
-+
-
- case TPM_CAP_PROP_ACTIVE_COUNTER:
- debug("[TPM_CAP_PROP_ACTIVE_COUNTER]");
-diff -Naurp tpm_emulator-0.5.1/tpmd/Makefile tpm5-test/tpmd/Makefile
---- tpm_emulator-0.5.1/tpmd/Makefile 2008-02-14 03:22:48.000000000 -0500
-+++ tpm5-test/tpmd/Makefile 2009-07-16 12:08:26.000000000 -0400
-@@ -8,9 +8,10 @@ WFLAGS := -Wall -Wno-unused -Wpointer-a
- -Wwrite-strings -Wsign-compare -Wno-multichar
- #WFLAGS += -Wextra -Wcast-qual -Wmissing-prototypes
-Wmissing-declarations -Wstrict-aliasing
- CFLAGS += $(WFLAGS) -g -I.. -I. -O2 -fno-strict-aliasing
-+CFLAGS += -I../../../../tools/vtpm_manager/manager
- LDFLAGS += -lgmp
-
--BINDIR := /usr/sbin/
-+BINDIR := /usr/bin/
-
- TPMD := tpmd
- DIRS := ../tpm ../crypto
-@@ -18,6 +19,8 @@ SRCS := $(foreach dir, $(DIRS), $(wil
- OBJS := $(patsubst %.c, %.o, $(SRCS))
- OBJS := $(foreach dir, $(DIRS), $(patsubst $(dir)/%.o, %.o,
$(filter $(dir)/%.o, $(OBJS))))
-
-+VTPM_BIN := vtpmd
-+
- vpath %.c $(strip $(DIRS))
-
- all: $(TPMD)
-@@ -32,10 +35,8 @@ TPMD_GROUP ?= tss
- INSTALL ?= install
-
- install: $(TPMD)
-- $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d
$(DESTDIR)/var/lib/tpm
-- $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d
$(DESTDIR)/var/run/tpm
- $(INSTALL) -D -d $(DESTDIR)/$(BINDIR)
-- $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR)
-+ $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR)/$(VTPM_BIN)
-
- .PHONY: all clean install
-
-diff -Naurp tpm_emulator-0.5.1/tpmd/tpmd.c tpm5-test/tpmd/tpmd.c
---- tpm_emulator-0.5.1/tpmd/tpmd.c 2008-02-14 03:22:48.000000000 -0500
-+++ tpm5-test/tpmd/tpmd.c 2009-07-16 11:19:05.000000000 -0400
-@@ -32,6 +32,9 @@
- #include <grp.h>
- #include "tpm_emulator_config.h"
- #include "tpm/tpm_emulator.h"
-+#include "tpm/tpm_structures.h"
-+#include "tpm/tpm_marshalling.h"
-+#include "vtpm_manager.h"
-
- #define TPM_DAEMON_NAME "tpmd"
- #define TPM_CMD_BUF_SIZE 4096
-@@ -39,6 +42,24 @@
- #define TPM_RANDOM_DEVICE "/dev/urandom"
- #undef TPM_MKDIRS
-
-+#ifdef VTPM_MULTI_VM
-+ #define DEV_BE "/dev/vtpm"
-+ #define DEV_FE "/dev/tpm"
-+#else
-+ #define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo"
-+ #define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo"
-+ #define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket"
-+
-+ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo"
-+ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo"
-+
-+ static char *vtpm_rx_name=NULL;
-+#endif
-+
-+ static int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
-+
-+#define BUFFER_SIZE 2048
-+
- static volatile int stopflag = 0;
- static int is_daemon = 0;
- static int opt_debug = 0;
-@@ -49,6 +70,8 @@ static const char *opt_storage_file = "/
- static uid_t opt_uid = 0;
- static gid_t opt_gid = 0;
- static int tpm_startup = 2;
-+static int vtpm_type = VTPM_TYPE_PVM;
-+int dmi_id = 0;
- static int rand_fh;
-
- void tpm_log(int priority, const char *fmt, ...)
-@@ -90,56 +113,241 @@ uint64_t tpm_get_ticks(void)
-
- int tpm_write_to_file(uint8_t *data, size_t data_length)
- {
-- int fh;
-- ssize_t res;
-- fh = open(opt_storage_file, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR
| S_IWUSR);
-- if (fh < 0) return -1;
-- while (data_length > 0) {
-- res = write(fh, data, data_length);
-- if (res < 0) {
-- close(fh);
-- return -1;
-- }
-- data_length -= res;
-- data += res;
-+ int res, out_data_size, in_header_size;
-+ BYTE *ptr, *out_data, *in_header;
-+ UINT32 result, len, in_rsp_size;
-+ UINT16 tag = VTPM_TAG_REQ;
-+
-+ printf("Saving NVM\n");
-+ if (vtpm_tx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_tx_fh = open(DEV_FE, O_RDWR);
-+#else
-+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
-+#endif
-+ }
-+
-+ if (vtpm_tx_fh < 0) {
-+ return -1;
-+ }
-+
-+ // Send request to VTPM Manager to encrypt data
-+#ifdef VTPM_MUTLI_VM
-+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT + data_length;
-+#else
-+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length;
-+#endif
-+
-+ out_data = ptr = (BYTE *) malloc(len);
-+
-+ if (ptr == NULL
-+#ifndef VTPM_MUTLI_VM
-+ || tpm_marshal_UINT32(&ptr, &len, dmi_id)
-+#endif
-+ || tpm_marshal_UINT16(&ptr, &len, tag)
-+#ifdef VTPM_MUTLI_VM
-+ || tpm_marshal_UINT32(&ptr, &len, out_data_size)
-+#else
-+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
-+#endif
-+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM)
-+ || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) {
-+ free(out_data);
-+ return -1;
-+ }
-+
-+ printf("\tSending SaveNVM Command.\n");
-+ res = write(vtpm_tx_fh, out_data, out_data_size);
-+ free(out_data);
-+ if (res != out_data_size) return -1;
-+
-+ if (vtpm_rx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_rx_fh = vtpm_tx_fh
-+#else
-+ if (vtpm_rx_name == NULL) {
-+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
-+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
- }
-- close(fh);
-- return 0;
-+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
-+#endif
-+ }
-+
-+ if (vtpm_rx_fh < 0) {
-+ return -1;
-+ }
-+
-+ // Read Header of response so we can get the size & status
-+#ifdef VTPM_MUTLI_VM
-+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
-+#else
-+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
-+#endif
-+ in_header = ptr = malloc(in_header_size);
-+
-+ printf("\tReading SaveNVM header.\n");
-+ res = read(vtpm_rx_fh, in_header, in_header_size);
-+
-+ if ( (res != in_header_size)
-+#ifndef VTPM_MUTLI_VM
-+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
-+#endif
-+ || tpm_unmarshal_UINT16(&ptr, &len, &tag)
-+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
-+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
-+ free(in_header);
-+ return -1;
-+ }
-+ free(in_header);
-+
-+ if (result != VTPM_SUCCESS) {
-+ return -1;
-+ }
-+
-+#ifdef VTPM_MUTLI_VM
-+ close(vtpm_tx_fh); close(vtpm_rx_fh);
-+#endif
-+
-+ printf("\tFinishing up SaveNVM\n");
-+ return (0);
- }
-
- int tpm_read_from_file(uint8_t **data, size_t *data_length)
- {
-- int fh;
-- ssize_t res;
-- size_t total_length;
-- fh = open(opt_storage_file, O_RDONLY);
-- if (fh < 0) return -1;
-- total_length = lseek(fh, 0, SEEK_END);
-- lseek(fh, 0, SEEK_SET);
-- *data = tpm_malloc(total_length);
-- if (*data == NULL) {
-- close(fh);
-- return -1;
-- }
-- *data_length = 0;
-- while (total_length > 0) {
-- res = read(fh, &(*data)[*data_length], total_length);
-- if (res < 0) {
-- close(fh);
-- tpm_free(*data);
-- return -1;
-- }
-- *data_length += res;
-- total_length -= res;
-+ int res, out_data_size, in_header_size;
-+ uint8_t *ptr, *out_data, *in_header;
-+ UINT16 tag = VTPM_TAG_REQ;
-+ UINT32 len, in_rsp_size, result;
-+#ifdef VTPM_MUTLI_VM
-+ int vtpm_rx_fh, vtpm_tx_fh;
-+#endif
-+
-+ printf("Loading NVM.\n");
-+ if (vtpm_tx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_tx_fh = open(DEV_FE, O_RDWR);
-+#else
-+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
-+#endif
-+ }
-+
-+ if (vtpm_tx_fh < 0) {
-+ printf("Error in read_from_file:301\n");
-+ return -1;
-+ }
-+
-+ // Send request to VTPM Manager to encrypt data
-+#ifdef VTPM_MUTLI_VM
-+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
-+#else
-+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
-+#endif
-+ out_data = ptr = (BYTE *) malloc(len);
-+
-+ if (ptr == NULL
-+#ifndef VTPM_MUTLI_VM
-+ || tpm_marshal_UINT32(&ptr, &len, dmi_id)
-+#endif
-+ || tpm_marshal_UINT16(&ptr, &len, tag)
-+#ifdef VTPM_MUTLI_VM
-+ || tpm_marshal_UINT32(&ptr, &len, out_data_size)
-+#else
-+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
-+#endif
-+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) {
-+ free(out_data);
-+ printf("Error in read_from_file:325\n");
-+
-+ return -1;
-+ }
-+
-+ printf("\tSending LoadNVM command\n");
-+ res = write(vtpm_tx_fh, out_data, out_data_size);
-+ free(out_data);
-+ if (res != out_data_size)
-+ {
-+ printf("Error in read_from_file:335\n");
-+ return -1;
-+ }
-+
-+ if (vtpm_rx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_rx_fh = vtpm_tx_fh;
-+#else
-+ if (vtpm_rx_name == NULL) {
-+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
-+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
- }
-- close(fh);
-- return 0;
-+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
-+#endif
-+ }
-+
-+ if (vtpm_rx_fh < 0) {
-+ printf("Error in read_from_file:352\n");
-+ return -1;
-+ }
-+
-+ // Read Header of response so we can get the size & status
-+#ifdef VTPM_MUTLI_VM
-+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
-+#else
-+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
-+#endif
-+ in_header = ptr = malloc(in_header_size);
-+
-+ printf("\tReading LoadNVM header\n");
-+ res = read(vtpm_rx_fh, in_header, in_header_size);
-+
-+ if ( (res != in_header_size)
-+#ifndef VTPM_MUTLI_VM
-+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
-+#endif
-+ || tpm_unmarshal_UINT16(&ptr, &len, &tag)
-+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
-+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
-+ free(in_header);
-+ printf("Error in read_from_file:375\n");
-+ return -1;
-+ }
-+ free(in_header);
-+
-+ if (result != VTPM_SUCCESS) {
-+ printf("Error in read_from_file:381\n");
-+ return -1;
-+ }
-+
-+ // Read Encrypted data from VTPM Manager
-+ *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT;
-+ *data = (uint8_t *) malloc(*data_length);
-+
-+ printf("\tReading clear data from LoadNVM.\n");
-+ res = read(vtpm_rx_fh, *data, *data_length);
-+#ifdef VTPM_MUTLI_VM
-+ close(vtpm_rx_fh);close(vtpm_tx_fh);
-+#endif
-+
-+ printf("\tReturing from loading NVM\n");
-+ if (res != (int)*data_length) {
-+ free(*data);
-+ printf("Error in read_from_file:398\n");
-+ return -1;
-+ } else {
-+ return 0;
-+ }
-+
-+
-+
- }
-
- static void print_usage(char *name)
- {
- printf("usage: %s [-d] [-f] [-s storage file] [-u unix socket name] "
-- "[-o user name] [-g group name] [-h] [startup mode]\n", name);
-+ "[-o user name] [-g group name] [-h]"
-+#ifdef VTPM_MULTI_VM
-+ "clear|save|deactivated\n", name);
-+#else
-+ "clear|save|deactivated pvm|hvm vtpmid\n", name);
-+#endif
- printf(" d : enable debug mode\n");
- printf(" f : forces the application to run in the foreground\n");
- printf(" s : storage file to use (default: %s)\n", opt_storage_file);
-@@ -205,7 +413,13 @@ static void parse_options(int argc, char
- exit(EXIT_SUCCESS);
- }
- }
-- if (optind < argc) {
-+ /*Make sure we have all required options*/
-+#ifdef VTPM_MULTI_VM
-+#define EXTRA_OPTS 0
-+#else
-+#define EXTRA_OPTS 2
-+#endif
-+ if (optind < argc - EXTRA_OPTS ) {
- debug("startup mode = '%s'", argv[optind]);
- if (!strcmp(argv[optind], "clear")) {
- tpm_startup = 1;
-@@ -219,6 +433,25 @@ static void parse_options(int argc, char
- print_usage(argv[0]);
- exit(EXIT_SUCCESS);
- }
-+#ifndef VTPM_MULTI_VM
-+ ++optind;
-+ if(!strcmp(argv[optind], "pvm")) {
-+ vtpm_type = VTPM_TYPE_PVM; // Get commands from vTPM
Manager through fifo
-+ } else if (!strcmp(argv[optind], "hvm")) {
-+ vtpm_type = VTPM_TYPE_HVM; // Get commands from qemu via socket
-+ } else {
-+ error("Invalid vm mode '%s'; must be 'pvm', "
-+ "or 'hvm' ", argv[optind]);
-+ print_usage(argv[0]);
-+ exit(EXIT_SUCCESS);
-+ }
-+ ++optind;
-+ dmi_id = atoi(argv[optind]);
-+#endif
-+ } else {
-+ error("Invalid number of arguments");
-+ print_usage(argv[0]);
-+ exit(EXIT_SUCCESS);
- }
- }
-
-@@ -348,93 +581,180 @@ static int init_socket(const char *name)
-
- static void main_loop(void)
- {
-- int sock, fh, res;
-- int32_t in_len;
-+ int32_t in_len, written;
- uint32_t out_len;
-- uint8_t in[TPM_CMD_BUF_SIZE], *out;
-+ uint8_t in[TPM_CMD_BUF_SIZE], *out, *addressed_out;
-+ int guest_id=-1;
-+ int i;
-+ char *vtpm_rx_file=NULL;
-+ int res;
-+
-+#ifndef VTPM_MULTI_VM
-+ int sockfd = -1;
- struct sockaddr_un addr;
-- socklen_t addr_len;
-- fd_set rfds;
-- struct timeval tv;
-+ struct sockaddr_un client_addr;
-+ unsigned int client_length;
-+#endif
-+
-+ int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
-+
-+#ifndef VTPM_MULTI_VM
-+ if (vtpm_type == VTPM_TYPE_PVM) {
-+ vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D));
-+ sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id);
-+ } else {
-+ vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D));
-+ sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id);
-+
-+ if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) {
-+ error("Unable to create socket. errno = %d\n", errno);
-+ exit (-1);
-+ }
-+
-+ memset(&addr, 0, sizeof(addr));
-+ addr.sun_family = AF_UNIX;
-+ strcpy(addr.sun_path,vtpm_rx_file );
-+ unlink(addr.sun_path);
-+ }
-+#endif
-
- info("staring main loop");
-- /* open UNIX socket */
-- sock = init_socket(opt_socket_name);
-- if (sock < 0) exit(EXIT_FAILURE);
- /* init tpm emulator */
-- debug("initializing TPM emulator: %d", tpm_startup);
-+#ifdef VTPM_MULTI_VM
-+ debug("initializing TPM emulator: state=%d", tpm_startup);
-+#else
-+ debug("initializing TPM emulator: state=%d, type=%d, id=%d",
tpm_startup, vtpm_type, dmi_id);
-+#endif
- tpm_emulator_init(tpm_startup);
- /* start command processing */
- while (!stopflag) {
- /* wait for incomming connections */
- debug("waiting for connections...");
-- FD_ZERO(&rfds);
-- FD_SET(sock, &rfds);
-- tv.tv_sec = 10;
-- tv.tv_usec = 0;
-- res = select(sock + 1, &rfds, NULL, NULL, &tv);
-- if (res < 0) {
-- error("select(sock) failed: %s", strerror(errno));
-- break;
-- } else if (res == 0) {
-- continue;
-- }
-- addr_len = sizeof(addr);
-- fh = accept(sock, (struct sockaddr*)&addr, &addr_len);
-- if (fh < 0) {
-- error("accept() failed: %s", strerror(errno));
-- continue;
-- }
-+ if (vtpm_rx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_rx_fh = open(DEV_BE, O_RDWR);
-+#else
-+ if (vtpm_type == VTPM_TYPE_PVM)
-+ {
-+ vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY);
-+ } else {
-+ if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
-+ error("Unable to bind(). errno = %d\n", errno);
-+ exit (-1);
-+ }
-+
-+ if (listen(sockfd, 10) <0) {
-+ error("Unable to listen(). errno = %d\n", errno);
-+ exit (-1);
-+ }
-+
-+ memset(&client_addr, 0, sizeof(client_addr));
-+ client_length = sizeof(client_addr);
-+
-+ vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct sockaddr
*)&client_addr, &client_length);
-+ }
-+#endif
-+ }
-+
-+ /*Error Checking*/
-+ if (vtpm_rx_fh < 0) {
-+ error("Failed to open devices to listen to guest.\n");
-+ exit(-1);
-+ }
-+
- /* receive and handle commands */
- in_len = 0;
- do {
- debug("waiting for commands...");
-- FD_ZERO(&rfds);
-- FD_SET(fh, &rfds);
-- tv.tv_sec = TPM_COMMAND_TIMEOUT;
-- tv.tv_usec = 0;
-- res = select(fh + 1, &rfds, NULL, NULL, &tv);
-- if (res < 0) {
-- error("select(fh) failed: %s", strerror(errno));
-- close(fh);
-- break;
-- } else if (res == 0) {
--#ifdef TPMD_DISCONNECT_IDLE_CLIENTS
-- info("connection closed due to inactivity");
-- close(fh);
-- break;
--#else
-- continue;
--#endif
-- }
-- in_len = read(fh, in, sizeof(in));
-- if (in_len > 0) {
-+
-+ in_len = read(vtpm_rx_fh, in, sizeof(in));
-+ /*Magic size of minimum TPM command is 6*/
-+ //FIXME Magic size check may not be required anymore
-+ if (in_len < 6) {
-+ info("Recv incomplete command of %d bytes.", in_len);
-+ if (in_len <= 0) {
-+ close(vtpm_rx_fh);
-+ vtpm_rx_fh = -1;
-+ continue;
-+ }
-+ } else {
-+ /*Debug Printouts*/
- debug("received %d bytes", in_len);
-+ debug_nostop("Recv[%d]: 0x", in_len);
-+ for (i=0; i< in_len; i++)
-+ debug_more("%x ", in[i]);
-+ debug_more("\n");
-+ /*Multiple Guest check*/
-+ if (guest_id == -1) {
-+ guest_id = *((int32_t *) in);
-+ } else {
-+ if (guest_id != *((int32_t *) in) ) {
-+ error("WARNING: More than one guest attached\n");
-+ }
-+ }
-+
-+ /*Open tx handle now*/
-+ if (vtpm_tx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_tx_fh = open(DEV_BE, O_RDWR);
-+ vtpm_rx_fh = vtpm_tx_fh;
-+#else
-+ if (vtpm_type == VTPM_TYPE_PVM) {
-+ vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY);
-+ } // No need to open the other direction for HVM
-+#endif
-+ }
-+ if (vtpm_tx_fh < 0) {
-+ error("Failed to open devices to respond to guest.\n");
-+ exit(-1);
-+ }
-+
-+ /*Handle the TPM command now*/
- out = NULL;
-- res = tpm_handle_command(in, in_len, &out, &out_len);
-+ res = tpm_handle_command(in + sizeof(uint32_t), in_len
- sizeof(uint32_t), &out, &out_len);
- if (res < 0) {
- error("tpm_handle_command() failed");
- } else {
- debug("sending %d bytes", out_len);
-+ //FIXME this prepending may or may not be needed
-+ /*Prepend the first 4 bytes of the in buffer.. why?*/
-+ addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) +
out_len);
-+ *(uint32_t *) addressed_out = *(uint32_t *) in;
-+ memcpy(addressed_out + sizeof(uint32_t), out, out_len);
-+ out_len += sizeof(uint32_t);
-+ /*End Prepend*/
-+
-+ /*Perform write operation now*/
- while (out_len > 0) {
-- res = write(fh, out, out_len);
-+ res = write(vtpm_tx_fh, addressed_out, out_len);
-+
- if (res < 0) {
- error("write(%d) failed: %s", out_len,
strerror(errno));
- break;
-- }
-+ } else {
-+ debug_nostop("Sent[%Zu]: ", out_len);
-+ for (i=0; (unsigned int)i< out_len; i++)
-+ debug_more("%x ", addressed_out[i]);
-+ debug_more("\n");
-+ }
- out_len -= res;
- }
- tpm_free(out);
-+ tpm_free(addressed_out);
- }
- }
- } while (in_len > 0);
-- close(fh);
-+ //close(fh);
- }
-+
- /* shutdown tpm emulator */
- tpm_emulator_shutdown();
-- /* close socket */
-- close(sock);
-- unlink(opt_socket_name);
-+ /* Close handles */
-+ close(vtpm_tx_fh);
-+#ifndef VTPM_MULTI_VM
-+ close(vtpm_rx_fh);
-+ free(vtpm_rx_file);
-+#endif
- info("main loop stopped");
- }
-
-@@ -450,12 +770,13 @@ int main(int argc, char **argv)
- /* open random device */
- init_random();
- /* init signal handlers */
-- init_signal_handler();
-+ //init_signal_handler();
- /* unless requested otherwiese, fork and daemonize process */
-- if (!opt_foreground) daemonize();
-+ //if (!opt_foreground) daemonize();
- /* start main processing loop */
- main_loop();
- info("stopping TPM Emulator daemon");
- closelog();
- return 0;
- }
-+
-diff -Naurp tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h
tpm5-test/tpmd/tpm_emulator_config.h
---- tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h 2008-02-14
03:22:48.000000000 -0500
-+++ tpm5-test/tpmd/tpm_emulator_config.h 2009-07-16
11:25:26.000000000 -0400
-@@ -29,23 +29,28 @@
-
- /* TPM emulator configuration */
-
--#undef TPM_STRONG_PERSISTENCE
--#undef TPM_GENERATE_EK
-+#define TPM_STRONG_PERSISTENCE
-+#define TPM_GENERATE_EK
- #undef TPM_GENERATE_SEED_DAA
- #undef TPM_MEMORY_ALIGNMENT_MANDATORY
-
-+extern int dmi_id;
-+
- /* log macros */
-
- void tpm_log(int priority, const char *fmt, ...);
-
--#define debug(fmt, ...) tpm_log(LOG_DEBUG, "%s:%d: Debug: " fmt "\n", \
-- __FILE__, __LINE__, ## __VA_ARGS__)
--#define info(fmt, ...) tpm_log(LOG_INFO, "%s:%d: Info: " fmt "\n", \
-- __FILE__, __LINE__, ## __VA_ARGS__)
--#define error(fmt, ...) tpm_log(LOG_ERR, "%s:%d: Error: " fmt "\n", \
-- __FILE__, __LINE__, ## __VA_ARGS__)
--#define alert(fmt, ...) tpm_log(LOG_ALERT, "%s:%d: Alert: " fmt "\n", \
-- __FILE__, __LINE__, ## __VA_ARGS__)
-+#define debug(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: "
fmt "\n", \
-+ dmi_id, __FILE__, __LINE__, ##
__VA_ARGS__)
-+#define info(fmt, ...) tpm_log(LOG_INFO, "VTPMD[%d]: %s:%d: Info: "
fmt "\n", \
-+ dmi_id, __FILE__, __LINE__, ##
__VA_ARGS__)
-+#define error(fmt, ...) tpm_log(LOG_ERR, "VTPMD[%d]: %s:%d: Error: "
fmt "\n", \
-+ dmi_id, __FILE__, __LINE__, ##
__VA_ARGS__)
-+#define alert(fmt, ...) tpm_log(LOG_ALERT, "VTPMD[%d]: %s:%d: Alert: "
fmt "\n", \
-+ dmi_id, __FILE__, __LINE__, ##
__VA_ARGS__)
-+#define debug_nostop(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d:
Debug: " fmt, \
-+ dmi_id, __FILE__, __LINE__, ##
__VA_ARGS__)
-+#define debug_more(fmt, ...) tpm_log(LOG_DEBUG, fmt, ## __VA_ARGS__)
-
- /* min/max macros that also do strict type-checking */
-
diff --git a/tools/vtpm/vtpm-0.7.4.patch b/tools/vtpm/vtpm-0.7.4.patch
--- /dev/null
+++ b/tools/vtpm/vtpm-0.7.4.patch
@@ -0,0 +1,1138 @@
+diff -Naur tpm_emulator-0.7.4-orig/CMakeLists.txt
tpm_emulator-0.7.4/CMakeLists.txt
+--- tpm_emulator-0.7.4-orig/CMakeLists.txt 2012-09-17
13:16:27.832582475 -0400
++++ tpm_emulator-0.7.4/CMakeLists.txt 2012-09-17 13:16:41.621654594
-0400
+@@ -63,6 +63,7 @@
+ # include root directories
+ include_directories(${CMAKE_SOURCE_DIR})
+ include_directories(${CMAKE_BINARY_DIR})
++include_directories(../../vtpm_manager/manager)
+
+ # add internal libraries
+ add_subdirectory(tpm)
+diff -Naur tpm_emulator-0.7.4-orig/CMakeLists.txt.orig
tpm_emulator-0.7.4/CMakeLists.txt.orig
+--- tpm_emulator-0.7.4-orig/CMakeLists.txt.orig 1969-12-31
19:00:00.000000000 -0500
++++ tpm_emulator-0.7.4/CMakeLists.txt.orig 2011-12-20
13:30:06.000000000 -0500
+@@ -0,0 +1,80 @@
++# Software-based Trusted Platform Module (TPM) Emulator
++# Copyright (C) 2004-2010 Mario Strasser <mast@gmx.net>
++#
++# $Id: CMakeLists.txt 475 2011-12-20 18:21:19Z mast $
++
++project(TPM_Emulator C)
++
++cmake_minimum_required(VERSION 2.4)
++set(CMAKE_ALLOW_LOOSE_LOOP_CONSTRUCTS true)
++if(COMMAND cmake_policy)
++cmake_policy(SET CMP0003 NEW)
++endif()
++
++# enforce out of source build
++string(COMPARE EQUAL "${CMAKE_SOURCE_DIR}" "${CMAKE_BINARY_DIR}"
IS_INSOURCE)
++if(IS_INSOURCE)
++ message(FATAL_ERROR "${PROJECT_NAME} requires an out of source
build.")
++endif()
++
++# set project and build version
++set(${PROJECT_NAME}_VERSION_MAJOR 0)
++set(${PROJECT_NAME}_VERSION_MINOR 7)
++string(REGEX REPLACE ".*Revision: ([0-9]+).*" "\\1"
${PROJECT_NAME}_VERSION_BUILD "$Revision: 475 $")
++
++# create project configuration
++if(WIN32)
++STRING(REGEX REPLACE "\\\\" "/" PROGRAMFILES
"$ENV{PROGRAMFILES}/${PROJECT_NAME}")
++set(TPM_LOG_FILE "${PROGRAMFILES}/tpmd.log")
++set(TPM_STORAGE_NAME
"${PROGRAMFILES}/tpm_emulator-1_2_${${PROJECT_NAME}_VERSION_MAJOR}_${${PROJECT_NAME}_VERSION_MINOR}")
++set(TPM_DEVICE_NAME "//./pipe/tpmd:0")
++elseif(APPLE)
++set(TPM_LOG_FILE "/private/var/log/tpmd.log")
++set(TPM_SOCKET_NAME "/private/var/run/tpm/tpmd_socket:0")
++set(TPM_STORAGE_NAME
"/private/var/lib/tpm/tpm_emulator-1_2_${${PROJECT_NAME}_VERSION_MAJOR}_${${PROJECT_NAME}_VERSION_MINOR}")
++set(TPM_DEVICE_NAME "/dev/tpm")
++else()
++set(TPM_LOG_FILE "/var/log/tpmd.log")
++set(TPM_SOCKET_NAME "/var/run/tpm/tpmd_socket:0")
++set(TPM_STORAGE_NAME
"/var/lib/tpm/tpm_emulator-1_2_${${PROJECT_NAME}_VERSION_MAJOR}_${${PROJECT_NAME}_VERSION_MINOR}")
++set(TPM_DEVICE_NAME "/dev/tpm")
++endif()
++configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config.h.in
${CMAKE_CURRENT_BINARY_DIR}/config.h)
++add_definitions(-Wall -Werror -Wno-unused-parameter -Wpointer-arith
-Wcast-align -Wwrite-strings)
++if("${CMAKE_SYSTEM}" MATCHES "Linux")
++ add_definitions(-Wextra)
++endif()
++if(USE_OPENSSL)
++ add_definitions(-DUSE_OPENSSL)
++endif()
++include_directories("/opt/local/include")
++link_directories("/opt/local/lib")
++
++# configure CPack
++set(CPACK_PACKAGE_VERSION_MAJOR ${${PROJECT_NAME}_VERSION_MAJOR})
++set(CPACK_PACKAGE_VERSION_MINOR ${${PROJECT_NAME}_VERSION_MINOR})
++set(CPACK_SOURCE_PACKAGE_FILE_NAME
"tpm_emulator-${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.4")
++set(CPACK_SOURCE_GENERATOR "TGZ")
++set(CPACK_SOURCE_IGNORE_FILES ".svn/" "/build/" "/.project" "/.cproject")
++set(CPACK_GENERATOR "ZIP")
++set(CPACK_SET_DESTDIR ON)
++include(CPack)
++
++# include root directories
++include_directories(${CMAKE_SOURCE_DIR})
++include_directories(${CMAKE_BINARY_DIR})
++
++# add internal libraries
++add_subdirectory(tpm)
++add_subdirectory(mtm)
++add_subdirectory(crypto)
++
++# add TDDL
++add_subdirectory(tddl)
++
++# add kernel modules
++add_subdirectory(tpmd_dev)
++
++# add executables
++add_subdirectory(tpmd)
++
+diff -Naur tpm_emulator-0.7.4-orig/tpm/tpm_emulator_extern.h
tpm_emulator-0.7.4/tpm/tpm_emulator_extern.h
+--- tpm_emulator-0.7.4-orig/tpm/tpm_emulator_extern.h 2012-09-17
13:16:27.834582486 -0400
++++ tpm_emulator-0.7.4/tpm/tpm_emulator_extern.h 2012-09-17
13:16:41.621654594 -0400
+@@ -29,6 +29,8 @@
+ TPM_LOG_ERROR
+ };
+
++extern int dmi_id;
++
+ void (*tpm_log)(int priority, const char *fmt, ...);
+
+ #if defined(_WIN32) || defined(_WIN64)
+@@ -37,12 +39,16 @@
+ #define __BFILE__ ((strrchr(__FILE__, '/') ? : __FILE__ - 1) + 1)
+ #endif
+
+-#define debug(fmt, ...) tpm_log(TPM_LOG_DEBUG, "%s:%d: Debug: " fmt
"\n", \
+- __BFILE__, __LINE__, ## __VA_ARGS__)
+-#define info(fmt, ...) tpm_log(TPM_LOG_INFO, "%s:%d: Info: " fmt "\n", \
+- __BFILE__, __LINE__, ## __VA_ARGS__)
+-#define error(fmt, ...) tpm_log(TPM_LOG_ERROR, "%s:%d: Error: " fmt
"\n", \
+- __BFILE__, __LINE__, ## __VA_ARGS__)
++#define debug(fmt, ...) tpm_log(TPM_LOG_DEBUG, "VTPMD[%d]: %s:%d:
Debug: " fmt "\n", \
++ dmi_id, __BFILE__, __LINE__, ##
__VA_ARGS__)
++#define info(fmt, ...) tpm_log(TPM_LOG_INFO, "VTPMD[%d]: %s:%d: Info:
" fmt "\n", \
++ dmi_id, __BFILE__, __LINE__, ##
__VA_ARGS__)
++#define error(fmt, ...) tpm_log(TPM_LOG_ERROR, "VTPMD[%d]: %s:%d:
Error: " fmt "\n", \
++ dmi_id, __BFILE__, __LINE__, ##
__VA_ARGS__)
++#define debug_nostop(fmt, ...) tpm_log(TPM_LOG_DEBUG, "VTPMD[%d]:
%s:%d: Debug: " fmt, \
++ dmi_id, __BFILE__, __LINE__, ##
__VA_ARGS__)
++#define debug_more(fmt, ...) tpm_log(TPM_LOG_DEBUG, fmt, ## __VA_ARGS__)
++
+ /* initialization */
+ int (*tpm_extern_init)(void);
+ void (*tpm_extern_release)(void);
+diff -Naur tpm_emulator-0.7.4-orig/tpmd/unix/tpmd.c
tpm_emulator-0.7.4/tpmd/unix/tpmd.c
+--- tpm_emulator-0.7.4-orig/tpmd/unix/tpmd.c 2012-09-17
13:16:27.839582511 -0400
++++ tpm_emulator-0.7.4/tpmd/unix/tpmd.c 2012-09-17
13:16:41.623654604 -0400
+@@ -30,9 +30,31 @@
+ #include <grp.h>
+ #include "config.h"
+ #include "tpm/tpm_emulator.h"
++#include "tpm/tpm_structures.h"
++#include "tpm/tpm_marshalling.h"
++#include "vtpm_manager.h"
+
+ #define TPM_COMMAND_TIMEOUT 30
+
++#define TPM_DAEMON_NAME "tpmd"
++#define TPM_CMD_BUF_SIZE 4096
++#define TPM_RANDOM_DEVICE "/dev/urandom"
++#undef TPM_MKDIRS
++
++#define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo"
++#define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo"
++#define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket"
++
++#define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo"
++#define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo"
++
++static char *vtpm_rx_name=NULL;
++
++static int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
++
++#define BUFFER_SIZE 2048
++
++
+ static volatile int stopflag = 0;
+ static int is_daemon = 0;
+ static int opt_debug = 0;
+@@ -44,6 +66,9 @@
+ static uint32_t tpm_config = 0;
+ extern const char *tpm_storage_file;
+
++static int vtpm_type = VTPM_TYPE_PVM;
++int dmi_id;
++
+ void my_log(int priority, const char *fmt, ...)
+ {
+ va_list ap, bp;
+@@ -156,35 +181,218 @@
+ exit(EXIT_SUCCESS);
+ }
+ } else {
+- /* if no startup mode is given assume save if a configuration
+- file is available, clear otherwise */
+- int fh = open(tpm_storage_file, O_RDONLY);
+- if (fh < 0) {
+- tpm_startup = 1;
+- info("no startup mode was specified; asuming 'clear'");
+- } else {
+- tpm_startup = 2;
+- close(fh);
+- }
++ tpm_startup = 1;
++ info("no startup mode was specified; asuming 'clear'");
+ }
++ /* GET VM TYPE */
++ ++optind;
++ if (optind < argc) {
++ if(!strcmp(argv[optind], "pvm")) {
++ vtpm_type = VTPM_TYPE_PVM; // Get commands from vTPM
Manager through fifo
++ } else if (!strcmp(argv[optind], "hvm")) {
++ vtpm_type = VTPM_TYPE_HVM; // Get commands from qemu via socket
++ } else {
++ error("Invalid vm mode '%s'; must be 'pvm', "
++ "or 'hvm' ", argv[optind]);
++ print_usage(argv[0]);
++ exit(EXIT_SUCCESS);
++ }
++ } else {
++ vtpm_type = VTPM_TYPE_PVM;
++ info("no vm mode specified; assuming 'pvm'");
++ }
++ /* GET DMI ID */
++ ++optind;
++ if(optind >= argc || sscanf(argv[optind], "%d", &dmi_id) != 1) {
++ error("Missing or non-integer dmi_id specified!");
++ print_usage(argv[0]);
++ exit(EXIT_SUCCESS);
++ }
++}
++
++int vtpm_write_to_file(uint8_t *data, size_t data_length)
++{
++ int res, out_data_size, in_header_size;
++ BYTE *ptr, *out_data, *in_header;
++ UINT32 result, len, in_rsp_size;
++ UINT16 tag = VTPM_TAG_REQ;
++
++ printf("Saving NVM\n");
++ if (vtpm_tx_fh < 0) {
++ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
++ }
++
++ if (vtpm_tx_fh < 0) {
++ return -1;
++ }
++
++ // Send request to VTPM Manager to encrypt data
++ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length;
++
++ out_data = ptr = (BYTE *) malloc(len);
++
++ if (ptr == NULL
++ || tpm_marshal_UINT32(&ptr, &len, dmi_id)
++ || tpm_marshal_UINT16(&ptr, &len, tag)
++ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
++ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM)
++ || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) {
++ free(out_data);
++ return -1;
++ }
++
++ printf("\tSending SaveNVM Command.\n");
++ res = write(vtpm_tx_fh, out_data, out_data_size);
++ free(out_data);
++ if (res != out_data_size) return -1;
++
++ if (vtpm_rx_fh < 0) {
++ if (vtpm_rx_name == NULL) {
++ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
++ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
++ }
++ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
++ }
++
++ if (vtpm_rx_fh < 0) {
++ return -1;
++ }
++
++ // Read Header of response so we can get the size & status
++ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
++ in_header = ptr = malloc(in_header_size);
++
++ printf("\tReading SaveNVM header.\n");
++ res = read(vtpm_rx_fh, in_header, in_header_size);
++
++ if ( (res != in_header_size)
++ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
++ || tpm_unmarshal_UINT16(&ptr, &len, &tag)
++ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
++ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
++ free(in_header);
++ return -1;
++ }
++ free(in_header);
++
++ if (result != VTPM_SUCCESS) {
++ return -1;
++ }
++
++ printf("\tFinishing up SaveNVM\n");
++ return (0);
++}
++
++int vtpm_read_from_file(uint8_t **data, size_t *data_length)
++{
++ int res, out_data_size, in_header_size;
++ uint8_t *ptr, *out_data, *in_header;
++ UINT16 tag = VTPM_TAG_REQ;
++ UINT32 len, in_rsp_size, result;
++
++ printf("Loading NVM.\n");
++ if (vtpm_tx_fh < 0) {
++ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
++ }
++
++ if (vtpm_tx_fh < 0) {
++ printf("Error in read_from_file:301\n");
++ return -1;
++ }
++
++ // Send request to VTPM Manager to encrypt data
++ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
++ out_data = ptr = (BYTE *) malloc(len);
++
++ if (ptr == NULL
++ || tpm_marshal_UINT32(&ptr, &len, dmi_id)
++ || tpm_marshal_UINT16(&ptr, &len, tag)
++ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
++ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) {
++ free(out_data);
++ printf("Error in read_from_file:325\n");
++
++ return -1;
++ }
++
++ printf("\tSending LoadNVM command\n");
++ res = write(vtpm_tx_fh, out_data, out_data_size);
++ free(out_data);
++ if (res != out_data_size)
++ {
++ printf("Error in read_from_file:335\n");
++ return -1;
++ }
++
++ if (vtpm_rx_fh < 0) {
++ if (vtpm_rx_name == NULL) {
++ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
++ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
++ }
++ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
++ }
++
++ if (vtpm_rx_fh < 0) {
++ printf("Error in read_from_file:352\n");
++ return -1;
++ }
++
++ // Read Header of response so we can get the size & status
++ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
++ in_header = ptr = malloc(in_header_size);
++
++ printf("\tReading LoadNVM header\n");
++ res = read(vtpm_rx_fh, in_header, in_header_size);
++
++ if ( (res != in_header_size)
++ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
++ || tpm_unmarshal_UINT16(&ptr, &len, &tag)
++ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
++ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
++ free(in_header);
++ printf("Error in read_from_file:375\n");
++ return -1;
++ }
++ free(in_header);
++
++ if (result != VTPM_SUCCESS) {
++ printf("Error in read_from_file:381\n");
++ return -1;
++ }
++
++ // Read Encrypted data from VTPM Manager
++ *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT;
++ *data = (uint8_t *) malloc(*data_length);
++
++ printf("\tReading clear data from LoadNVM.\n");
++ res = read(vtpm_rx_fh, *data, *data_length);
++
++ printf("\tReturing from loading NVM\n");
++ if (res != (int)*data_length) {
++ free(*data);
++ printf("Error in read_from_file:398\n");
++ return -1;
++ } else {
++ return 0;
++ }
+ }
+
+ static void switch_uid_gid(void)
+ {
+- if (opt_gid != getgid()) {
+- info("switching effective group ID to %d", opt_gid);
+- if (setgid(opt_gid) == -1) {
+- error("switching effective group ID to %d failed: %s",
opt_gid, strerror(errno));
+- exit(EXIT_FAILURE);
+- }
+- }
+- if (opt_uid != getuid()) {
+- info("switching effective user ID to %d", opt_uid);
+- if (setuid(opt_uid) == -1) {
+- error("switching effective user ID to %d failed: %s",
opt_uid, strerror(errno));
+- exit(EXIT_FAILURE);
+- }
+- }
++ if (opt_gid != getgid()) {
++ info("switching effective group ID to %d", opt_gid);
++ if (setgid(opt_gid) == -1) {
++ error("switching effective group ID to %d failed: %s", opt_gid,
strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ }
++ if (opt_uid != getuid()) {
++ info("switching effective user ID to %d", opt_uid);
++ if (setuid(opt_uid) == -1) {
++ error("switching effective user ID to %d failed: %s", opt_uid,
strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ }
+ }
+
+ static void signal_handler(int sig)
+@@ -214,174 +422,175 @@
+ }
+ }
+
+-static void daemonize(void)
+-{
+- pid_t sid, pid;
+- info("daemonizing process");
+- pid = fork();
+- if (pid < 0) {
+- error("fork() failed: %s", strerror(errno));
+- exit(EXIT_FAILURE);
+- }
+- if (pid > 0) exit(EXIT_SUCCESS);
+- pid = getpid();
+- sid = setsid();
+- if (sid < 0) {
+- error("setsid() failed: %s", strerror(errno));
+- exit(EXIT_FAILURE);
+- }
+- if (chdir("/") < 0) {
+- error("chdir() failed: %s", strerror(errno));
+- exit(EXIT_FAILURE);
+- }
+- close(STDIN_FILENO);
+- close(STDOUT_FILENO);
+- close(STDERR_FILENO);
+- is_daemon = 1;
+- info("process was successfully daemonized: pid=%d sid=%d", pid, sid);
+-}
+-
+-static int mkdirs(const char *path)
+-{
+- char *copy = strdup(path);
+- char *p = strchr(copy + 1, '/');
+- while (p != NULL) {
+- *p = '\0';
+- if ((mkdir(copy, 0755) == -1) && (errno != EEXIST)) {
+- free(copy);
+- return errno;
+- }
+- *p = '/';
+- p = strchr(p + 1, '/');
+- }
+- free(copy);
+- return 0;
+-}
+-
+-static int init_socket(const char *name)
+-{
+- int sock;
+- struct sockaddr_un addr;
+- info("initializing socket %s", name);
+- sock = socket(AF_UNIX, SOCK_STREAM, 0);
+- if (sock < 0) {
+- error("socket(AF_UNIX) failed: %s", strerror(errno));
+- return -1;
+- }
+- mkdirs(name);
+- addr.sun_family = AF_UNIX;
+- strncpy(addr.sun_path, name, sizeof(addr.sun_path));
+- umask(0177);
+- if (bind(sock, (struct sockaddr*)&addr, sizeof(addr)) < 0) {
+- error("bind(%s) failed: %s", addr.sun_path, strerror(errno));
+- close(sock);
+- return -1;
+- }
+- listen(sock, 1);
+- return sock;
+-}
+-
+ static void main_loop(void)
+ {
+- int sock, fh, res;
+ int32_t in_len;
+ uint32_t out_len;
+- uint8_t in[TPM_CMD_BUF_SIZE], *out;
++ uint8_t in[TPM_CMD_BUF_SIZE], *out, *addressed_out;
++ int guest_id=-1;
++ int i;
++ char *vtpm_rx_file=NULL;
++ int res;
++
++ int sockfd = -1;
+ struct sockaddr_un addr;
+- socklen_t addr_len;
+- fd_set rfds;
+- struct timeval tv;
++ struct sockaddr_un client_addr;
++ unsigned int client_length;
++
++ int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
++
++ if (vtpm_type == VTPM_TYPE_PVM) {
++ vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D));
++ sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id);
++ } else {
++ vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D));
++ sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id);
++
++ if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) {
++ error("Unable to create socket. errno = %d\n", errno);
++ exit (-1);
++ }
++
++ memset(&addr, 0, sizeof(addr));
++ addr.sun_family = AF_UNIX;
++ strcpy(addr.sun_path,vtpm_rx_file );
++ unlink(addr.sun_path);
++ }
+
+ info("staring main loop");
+- /* open UNIX socket */
+- sock = init_socket(opt_socket_name);
+- if (sock < 0) exit(EXIT_FAILURE);
+ /* init tpm emulator */
+- debug("initializing TPM emulator");
+- if (tpm_emulator_init(tpm_startup, tpm_config) != 0) {
+- error("tpm_emulator_init() failed");
+- close(sock);
+- unlink(opt_socket_name);
+- exit(EXIT_FAILURE);
+- }
++ debug("initializing TPM emulator: state=%d, type=%d, id=%d",
tpm_startup, vtpm_type, dmi_id);
++ /* Set config flags that must be on for vtpm operation */
++ tpm_config |= TPM_CONF_STRONG_PERSISTENCE;
++ tpm_config &= ~TPM_CONF_USE_INTERNAL_PRNG;
++ tpm_config |= TPM_CONF_GENERATE_EK;
++ tpm_config |= TPM_CONF_GENERATE_SEED_DAA;
++ /*Start the emulator */
++ tpm_emulator_init(tpm_startup, tpm_config);
+ /* start command processing */
+ while (!stopflag) {
+ /* wait for incomming connections */
+ debug("waiting for connections...");
+- FD_ZERO(&rfds);
+- FD_SET(sock, &rfds);
+- tv.tv_sec = 10;
+- tv.tv_usec = 0;
+- res = select(sock + 1, &rfds, NULL, NULL, &tv);
+- if (res < 0) {
+- error("select(sock) failed: %s", strerror(errno));
+- break;
+- } else if (res == 0) {
+- continue;
++ if (vtpm_rx_fh < 0) {
++ if (vtpm_type == VTPM_TYPE_PVM)
++ {
++ vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY);
++ } else {
++ if (bind(sockfd, (struct sockaddr *)&addr,
sizeof(addr)) < 0) {
++ error("Unable to bind(). errno = %d\n", errno);
++ exit (-1);
++ }
++
++ if (listen(sockfd, 10) <0) {
++ error("Unable to listen(). errno = %d\n", errno);
++ exit (-1);
++ }
++
++ memset(&client_addr, 0, sizeof(client_addr));
++ client_length = sizeof(client_addr);
++
++ vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct
sockaddr *)&client_addr, &client_length);
++ }
+ }
+- addr_len = sizeof(addr);
+- fh = accept(sock, (struct sockaddr*)&addr, &addr_len);
+- if (fh < 0) {
+- error("accept() failed: %s", strerror(errno));
+- continue;
++
++ /*Error Checking*/
++ if (vtpm_rx_fh < 0) {
++ error("Failed to open devices to listen to guest.\n");
++ exit(-1);
+ }
++
+ /* receive and handle commands */
+ in_len = 0;
+ do {
+ debug("waiting for commands...");
+- FD_ZERO(&rfds);
+- FD_SET(fh, &rfds);
+- tv.tv_sec = TPM_COMMAND_TIMEOUT;
+- tv.tv_usec = 0;
+- res = select(fh + 1, &rfds, NULL, NULL, &tv);
+- if (res < 0) {
+- error("select(fh) failed: %s", strerror(errno));
+- close(fh);
+- break;
+- } else if (res == 0) {
+-#ifdef TPMD_DISCONNECT_IDLE_CLIENTS
+- info("connection closed due to inactivity");
+- close(fh);
+- break;
+-#else
+- continue;
+-#endif
+- }
+- in_len = read(fh, in, sizeof(in));
+- if (in_len > 0) {
++
++ in_len = read(vtpm_rx_fh, in, sizeof(in));
++ /*Magic size of minimum TPM command is 6*/
++ if (in_len < 6) {
++ info("Recv incomplete command of %d bytes.", in_len);
++ if (in_len <= 0) {
++ close(vtpm_rx_fh);
++ vtpm_rx_fh = -1;
++ continue;
++ }
++ } else {
++ /*Debug Printouts*/
+ debug("received %d bytes", in_len);
++ debug_nostop("Recv[%d]: 0x", in_len);
++ for (i=0; i< in_len; i++)
++ debug_more("%02x ", in[i]);
++ debug_more("\n");
++ /*Multiple Guest check*/
++ if (guest_id == -1) {
++ guest_id = *((int32_t *) in);
++ } else {
++ if (guest_id != *((int32_t *) in) ) {
++ error("WARNING: More than one guest attached\n");
++ }
++ }
++
++ /*Open tx handle now*/
++ if (vtpm_tx_fh < 0) {
++ if (vtpm_type == VTPM_TYPE_PVM) {
++ vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY);
++ } // No need to open the other direction for HVM
++ }
++ if (vtpm_tx_fh < 0) {
++ error("Failed to open devices to respond to guest.\n");
++ exit(-1);
++ }
++
++ /*Handle the TPM command now*/
+ out = NULL;
+- res = tpm_handle_command(in, in_len, &out, &out_len);
++ res = tpm_handle_command(in + sizeof(uint32_t), in_len
- sizeof(uint32_t), &out, &out_len);
+ if (res < 0) {
+ error("tpm_handle_command() failed");
+ } else {
+ debug("sending %d bytes", out_len);
+- uint32_t len = 0;
+- while (len < out_len) {
+- res = write(fh, &out[len], out_len - len);
++ //Prepend the dmi_id
++ addressed_out = (uint8_t *)
tpm_malloc(sizeof(uint32_t) + out_len);
++ *(uint32_t *) addressed_out = *(uint32_t *) in;
++ memcpy(addressed_out + sizeof(uint32_t), out,
out_len);
++ out_len += sizeof(uint32_t);
++ /*End Prepend*/
++
++ /*Perform write operation now*/
++ while (out_len > 0) {
++ res = write(vtpm_tx_fh, addressed_out, out_len);
++
+ if (res < 0) {
+- error("write(%d) failed: %s",
+- out_len - len, strerror(errno));
++ error("write(%d) failed: %s", out_len,
strerror(errno));
+ break;
++ } else {
++ debug_nostop("Sent[%Zu]: ", out_len);
++ for (i=0; (unsigned int)i< out_len; i++)
++ debug_more("%02x ", addressed_out[i]);
++ debug_more("\n");
+ }
+- len += res;
++ out_len -= res;
+ }
+ tpm_free(out);
++ tpm_free(addressed_out);
+ }
+ }
+ } while (in_len > 0);
+- close(fh);
+ }
++
+ /* shutdown tpm emulator */
+ tpm_emulator_shutdown();
+- /* close socket */
+- close(sock);
+- unlink(opt_socket_name);
++ /* Close handles */
++ close(vtpm_tx_fh);
++ close(vtpm_rx_fh);
++ free(vtpm_rx_file);
+ info("main loop stopped");
+ }
+
+ int main(int argc, char **argv)
+ {
++ //Set load/store functions
++ tpm_write_to_storage = vtpm_write_to_file;
++ tpm_read_from_storage = vtpm_read_from_file;
++
+ openlog(argv[0], 0, LOG_DAEMON);
+ setlogmask(~LOG_MASK(LOG_DEBUG));
+ syslog(LOG_INFO, "--- separator ---\n");
+@@ -393,8 +602,6 @@
+ switch_uid_gid();
+ /* init signal handlers */
+ init_signal_handler();
+- /* unless requested otherwiese, fork and daemonize process */
+- if (!opt_foreground) daemonize();
+ /* start main processing loop */
+ main_loop();
+ info("stopping TPM Emulator daemon");
+diff -Naur tpm_emulator-0.7.4-orig/tpmd/unix/tpmd.c.orig
tpm_emulator-0.7.4/tpmd/unix/tpmd.c.orig
+--- tpm_emulator-0.7.4-orig/tpmd/unix/tpmd.c.orig 1969-12-31
19:00:00.000000000 -0500
++++ tpm_emulator-0.7.4/tpmd/unix/tpmd.c.orig 2011-12-20
13:30:06.000000000 -0500
+@@ -0,0 +1,403 @@
++/* Software-based Trusted Platform Module (TPM) Emulator
++ * Copyright (C) 2004-2010 Mario Strasser <mast@gmx.net>
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published
++ * by the Free Software Foundation; either version 2 of the License,
++ * or (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * $Id: tpmd.c 463 2011-06-08 14:25:04Z mast $
++ */
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <unistd.h>
++#include <signal.h>
++#include <string.h>
++#include <errno.h>
++#include <syslog.h>
++#include <stdarg.h>
++#include <fcntl.h>
++#include <sys/stat.h>
++#include <sys/socket.h>
++#include <sys/un.h>
++#include <pwd.h>
++#include <grp.h>
++#include "config.h"
++#include "tpm/tpm_emulator.h"
++
++#define TPM_COMMAND_TIMEOUT 30
++
++static volatile int stopflag = 0;
++static int is_daemon = 0;
++static int opt_debug = 0;
++static int opt_foreground = 0;
++static const char *opt_socket_name = TPM_SOCKET_NAME;
++static uid_t opt_uid = 0;
++static gid_t opt_gid = 0;
++static int tpm_startup = 2;
++static uint32_t tpm_config = 0;
++extern const char *tpm_storage_file;
++
++void my_log(int priority, const char *fmt, ...)
++{
++ va_list ap, bp;
++ va_start(ap, fmt);
++ va_copy(bp, ap);
++ switch (priority) {
++ case TPM_LOG_DEBUG:
++ vsyslog(LOG_DEBUG, fmt, ap);
++ break;
++ case TPM_LOG_ERROR:
++ vsyslog(LOG_ERR, fmt, ap);
++ break;
++ case TPM_LOG_INFO:
++ default:
++ vsyslog(LOG_INFO, fmt, ap);
++ break;
++ }
++ va_end(ap);
++ if (!is_daemon && (priority != TPM_LOG_DEBUG || opt_debug)) {
++ vprintf(fmt, bp);
++ }
++ va_end(bp);
++}
++
++static void print_usage(char *name)
++{
++ printf("usage: %s [-d] [-f] [-s storage file] [-u unix socket name] "
++ "[-o user name] [-g group name] [-h] [startup mode]\n", name);
++ printf(" d : enable debug mode\n");
++ printf(" f : forces the application to run in the foreground\n");
++ printf(" s : storage file to use (default: %s)\n", tpm_storage_file);
++ printf(" u : unix socket name to use (default: %s)\n",
opt_socket_name);
++ printf(" o : effective user the application should run as\n");
++ printf(" g : effective group the application should run as\n");
++ printf(" h : print this help message\n");
++ printf(" startup mode : must be 'clear', "
++ "'save' (default) or 'deactivated\n");
++}
++
++static void parse_options(int argc, char **argv)
++{
++ char c;
++ struct passwd *pwd;
++ struct group *grp;
++ opt_uid = getuid();
++ opt_gid = getgid();
++ info("parsing options");
++ while ((c = getopt (argc, argv, "dfs:u:o:g:c:h")) != -1) {
++ debug("handling option '-%c'", c);
++ switch (c) {
++ case 'd':
++ opt_debug = 1;
++ setlogmask(setlogmask(0) | LOG_MASK(LOG_DEBUG));
++ debug("debug mode enabled");
++ break;
++ case 'f':
++ debug("application is forced to run in foreground");
++ opt_foreground = 1;
++ break;
++ case 's':
++ tpm_storage_file = optarg;
++ debug("using storage file '%s'", tpm_storage_file);
++ break;
++ case 'u':
++ opt_socket_name = optarg;
++ debug("using unix socket '%s'", opt_socket_name);
++ break;
++ case 'o':
++ pwd = getpwnam(optarg);
++ if (pwd == NULL) {
++ error("invalid user name '%s'\n", optarg);
++ exit(EXIT_FAILURE);
++ }
++ opt_uid = pwd->pw_uid;
++ break;
++ case 'g':
++ grp = getgrnam(optarg);
++ if (grp == NULL) {
++ error("invalid group name '%s'\n", optarg);
++ exit(EXIT_FAILURE);
++ }
++ opt_gid = grp->gr_gid;
++ break;
++ case 'c':
++ tpm_config = strtol(optarg, NULL, 0);
++ debug("tpm_config = %04x", tpm_config);
++ break;
++ case '?':
++ error("unknown option '-%c'", optopt);
++ print_usage(argv[0]);
++ exit(EXIT_FAILURE);
++ case 'h':
++ default:
++ print_usage(argv[0]);
++ exit(EXIT_SUCCESS);
++ }
++ }
++ if (optind < argc) {
++ debug("startup mode = '%s'", argv[optind]);
++ if (!strcmp(argv[optind], "clear")) {
++ tpm_startup = 1;
++ } else if (!strcmp(argv[optind], "save")) {
++ tpm_startup = 2;
++ } else if (!strcmp(argv[optind], "deactivated")) {
++ tpm_startup = 3;
++ } else {
++ error("invalid startup mode '%s'; must be 'clear', "
++ "'save' (default) or 'deactivated", argv[optind]);
++ print_usage(argv[0]);
++ exit(EXIT_SUCCESS);
++ }
++ } else {
++ /* if no startup mode is given assume save if a configuration
++ file is available, clear otherwise */
++ int fh = open(tpm_storage_file, O_RDONLY);
++ if (fh < 0) {
++ tpm_startup = 1;
++ info("no startup mode was specified; asuming 'clear'");
++ } else {
++ tpm_startup = 2;
++ close(fh);
++ }
++ }
++}
++
++static void switch_uid_gid(void)
++{
++ if (opt_gid != getgid()) {
++ info("switching effective group ID to %d", opt_gid);
++ if (setgid(opt_gid) == -1) {
++ error("switching effective group ID to %d failed: %s",
opt_gid, strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ }
++ if (opt_uid != getuid()) {
++ info("switching effective user ID to %d", opt_uid);
++ if (setuid(opt_uid) == -1) {
++ error("switching effective user ID to %d failed: %s",
opt_uid, strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ }
++}
++
++static void signal_handler(int sig)
++{
++ info("signal received: %d", sig);
++ if (sig == SIGTERM || sig == SIGQUIT || sig == SIGINT) stopflag = 1;
++}
++
++static void init_signal_handler(void)
++{
++ info("installing signal handlers");
++ if (signal(SIGTERM, signal_handler) == SIG_ERR) {
++ error("signal(SIGTERM) failed: %s", strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ if (signal(SIGQUIT, signal_handler) == SIG_ERR) {
++ error("signal(SIGQUIT) failed: %s", strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ if (signal(SIGINT, signal_handler) == SIG_ERR) {
++ error("signal(SIGINT) failed: %s", strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ if (signal(SIGPIPE, signal_handler) == SIG_ERR) {
++ error("signal(SIGPIPE) failed: %s", strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++}
++
++static void daemonize(void)
++{
++ pid_t sid, pid;
++ info("daemonizing process");
++ pid = fork();
++ if (pid < 0) {
++ error("fork() failed: %s", strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ if (pid > 0) exit(EXIT_SUCCESS);
++ pid = getpid();
++ sid = setsid();
++ if (sid < 0) {
++ error("setsid() failed: %s", strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ if (chdir("/") < 0) {
++ error("chdir() failed: %s", strerror(errno));
++ exit(EXIT_FAILURE);
++ }
++ close(STDIN_FILENO);
++ close(STDOUT_FILENO);
++ close(STDERR_FILENO);
++ is_daemon = 1;
++ info("process was successfully daemonized: pid=%d sid=%d", pid, sid);
++}
++
++static int mkdirs(const char *path)
++{
++ char *copy = strdup(path);
++ char *p = strchr(copy + 1, '/');
++ while (p != NULL) {
++ *p = '\0';
++ if ((mkdir(copy, 0755) == -1) && (errno != EEXIST)) {
++ free(copy);
++ return errno;
++ }
++ *p = '/';
++ p = strchr(p + 1, '/');
++ }
++ free(copy);
++ return 0;
++}
++
++static int init_socket(const char *name)
++{
++ int sock;
++ struct sockaddr_un addr;
++ info("initializing socket %s", name);
++ sock = socket(AF_UNIX, SOCK_STREAM, 0);
++ if (sock < 0) {
++ error("socket(AF_UNIX) failed: %s", strerror(errno));
++ return -1;
++ }
++ mkdirs(name);
++ addr.sun_family = AF_UNIX;
++ strncpy(addr.sun_path, name, sizeof(addr.sun_path));
++ umask(0177);
++ if (bind(sock, (struct sockaddr*)&addr, sizeof(addr)) < 0) {
++ error("bind(%s) failed: %s", addr.sun_path, strerror(errno));
++ close(sock);
++ return -1;
++ }
++ listen(sock, 1);
++ return sock;
++}
++
++static void main_loop(void)
++{
++ int sock, fh, res;
++ int32_t in_len;
++ uint32_t out_len;
++ uint8_t in[TPM_CMD_BUF_SIZE], *out;
++ struct sockaddr_un addr;
++ socklen_t addr_len;
++ fd_set rfds;
++ struct timeval tv;
++
++ info("staring main loop");
++ /* open UNIX socket */
++ sock = init_socket(opt_socket_name);
++ if (sock < 0) exit(EXIT_FAILURE);
++ /* init tpm emulator */
++ debug("initializing TPM emulator");
++ if (tpm_emulator_init(tpm_startup, tpm_config) != 0) {
++ error("tpm_emulator_init() failed");
++ close(sock);
++ unlink(opt_socket_name);
++ exit(EXIT_FAILURE);
++ }
++ /* start command processing */
++ while (!stopflag) {
++ /* wait for incomming connections */
++ debug("waiting for connections...");
++ FD_ZERO(&rfds);
++ FD_SET(sock, &rfds);
++ tv.tv_sec = 10;
++ tv.tv_usec = 0;
++ res = select(sock + 1, &rfds, NULL, NULL, &tv);
++ if (res < 0) {
++ error("select(sock) failed: %s", strerror(errno));
++ break;
++ } else if (res == 0) {
++ continue;
++ }
++ addr_len = sizeof(addr);
++ fh = accept(sock, (struct sockaddr*)&addr, &addr_len);
++ if (fh < 0) {
++ error("accept() failed: %s", strerror(errno));
++ continue;
++ }
++ /* receive and handle commands */
++ in_len = 0;
++ do {
++ debug("waiting for commands...");
++ FD_ZERO(&rfds);
++ FD_SET(fh, &rfds);
++ tv.tv_sec = TPM_COMMAND_TIMEOUT;
++ tv.tv_usec = 0;
++ res = select(fh + 1, &rfds, NULL, NULL, &tv);
++ if (res < 0) {
++ error("select(fh) failed: %s", strerror(errno));
++ close(fh);
++ break;
++ } else if (res == 0) {
++#ifdef TPMD_DISCONNECT_IDLE_CLIENTS
++ info("connection closed due to inactivity");
++ close(fh);
++ break;
++#else
++ continue;
++#endif
++ }
++ in_len = read(fh, in, sizeof(in));
++ if (in_len > 0) {
++ debug("received %d bytes", in_len);
++ out = NULL;
++ res = tpm_handle_command(in, in_len, &out, &out_len);
++ if (res < 0) {
++ error("tpm_handle_command() failed");
++ } else {
++ debug("sending %d bytes", out_len);
++ uint32_t len = 0;
++ while (len < out_len) {
++ res = write(fh, &out[len], out_len - len);
++ if (res < 0) {
++ error("write(%d) failed: %s",
++ out_len - len, strerror(errno));
++ break;
++ }
++ len += res;
++ }
++ tpm_free(out);
++ }
++ }
++ } while (in_len > 0);
++ close(fh);
++ }
++ /* shutdown tpm emulator */
++ tpm_emulator_shutdown();
++ /* close socket */
++ close(sock);
++ unlink(opt_socket_name);
++ info("main loop stopped");
++}
++
++int main(int argc, char **argv)
++{
++ openlog(argv[0], 0, LOG_DAEMON);
++ setlogmask(~LOG_MASK(LOG_DEBUG));
++ syslog(LOG_INFO, "--- separator ---\n");
++ tpm_log = my_log;
++ info("starting TPM Emulator daemon (1.2.%d.%d-%d)",
++ VERSION_MAJOR, VERSION_MINOR, VERSION_BUILD);
++ parse_options(argc, argv);
++ /* switch uid/gid if required */
++ switch_uid_gid();
++ /* init signal handlers */
++ init_signal_handler();
++ /* unless requested otherwiese, fork and daemonize process */
++ if (!opt_foreground) daemonize();
++ /* start main processing loop */
++ main_loop();
++ info("stopping TPM Emulator daemon");
++ closelog();
++ return EXIT_SUCCESS;
++}
diff --git a/tools/vtpm/vtpm.patch b/tools/vtpm/vtpm.patch
--- a/tools/vtpm/vtpm.patch
+++ /dev/null
@@ -1,716 +0,0 @@
-diff -uprN tpm_emulator/AUTHORS vtpm/AUTHORS
---- tpm_emulator/AUTHORS 2006-12-08 12:51:29.000000000 -0800
-+++ vtpm/AUTHORS 2006-12-13 16:38:52.000000000 -0800
-@@ -1,3 +1,3 @@
- Mario Strasser <mast@gmx.net>
- Heiko Stamer <stamer@gaos.org> [DAA]
--INTEL Corp <> [Dropped to Ring3]
-+INTEL Corp <> [VTPM Extensions]
-diff -uprN tpm_emulator/ChangeLog vtpm/ChangeLog
---- tpm_emulator/ChangeLog 2006-12-08 12:51:29.000000000 -0800
-+++ vtpm/ChangeLog 2006-12-13 16:38:52.000000000 -0800
-@@ -1,5 +1,6 @@
- ????-??-?? Intel Corp
- * Moved module out of kernel to run as a ring 3 app
-+ * Modified save_to_file and load_from_file to call xen VTPM manager
-
- 2006-06-23 Mario Strasser <mast@gmx.net>
- * tpm_startup.c: behaviour of ST_CLEAR and storage of
-diff -uprN tpm_emulator/linux_module.h vtpm/linux_module.h
---- tpm_emulator/linux_module.h 2006-12-08 12:51:29.000000000 -0800
-+++ vtpm/linux_module.h 2007-01-09 14:49:06.000000000 -0800
-@@ -44,18 +44,26 @@
- #define TPM_DEVICE_NAME "tpm"
- #define TPM_MODULE_NAME "tpm_emulator"
-
-+/* debug and log output functions */
-+extern int dmi_id;
-+
- #ifdef DEBUG
--#define debug(fmt, ...) printf("TPMD: %s:%d: Debug: " fmt "\n", \
-- __FILE__, __LINE__, ## __VA_ARGS__)
-+#define debug(fmt, ...) printf("TPMD[%d]: %s:%d: Debug: " fmt "\n", \
-+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
-+#define debug_nostop(fmt, ...) printf("TPMD[%d]: %s:%d: Debug: " fmt, \
-+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
-+#define debug_more(fmt, ...) printf( fmt, ## __VA_ARGS__ )
- #else
- #define debug(fmt, ...)
-+#define debug_nostop(fmt, ...)
-+#define debug_more(fmt, ...)
- #endif
--#define info(fmt, ...) printf("TPMD: %s:%d: Info: " fmt "\n", \
-- __FILE__, __LINE__, ## __VA_ARGS__)
--#define error(fmt, ...) printf("TPMD: %s:%d: Error: " fmt "\n", \
-- __FILE__, __LINE__, ## __VA_ARGS__)
--#define alert(fmt, ...) printf("TPMD: %s:%d: Alert: " fmt "\n", \
-- __FILE__, __LINE__, ## __VA_ARGS__)
-+#define info(fmt, ...) printf("TPMD[%d]: %s:%d: Info: " fmt "\n", \
-+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
-+#define error(fmt, ...) printf("TPMD[%d]: %s:%d: Error: " fmt "\n", \
-+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
-+#define alert(fmt, ...) printf("TPMD[%d]: %s:%d: Alert: " fmt "\n", \
-+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__)
-
- /* memory allocation */
-
-diff -uprN tpm_emulator/Makefile vtpm/Makefile
---- tpm_emulator/Makefile 2006-12-08 12:51:29.000000000 -0800
-+++ vtpm/Makefile 2006-12-13 16:38:52.000000000 -0800
-@@ -7,7 +7,7 @@
- COMPILE_ARCH ?= $(shell uname -m | sed -e s/i.86/x86_32/)
-
- # module settings
--BIN := tpm_emulator
-+BIN := vtpmd
- VERSION_MAJOR := 0
- VERSION_MINOR := 4
- VERSION_BUILD := $(shell date +"%s")
-@@ -22,7 +22,7 @@ TOOLS_INSTALL_DIR = $(DESTDIR)/usr/bin
-
- CC := gcc
- CFLAGS += -g -Wall $(INCLUDE) -DDEBUG
--CFLAGS += -I. -Itpm
-+CFLAGS += -I. -Itpm -I../../vtpm_manager/manager
-
- # Is the simulator running in it's own vm?
- #CFLAGS += -DVTPM_MULTI_VM
-@@ -62,7 +62,6 @@ $(BIN): $(src)/crypto/gmp.h $(src)/crypt
-
- install: $(BIN)
- $(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR)
-- @if [ ! -d "/var/tpm" ]; then mkdir /var/tpm; fi
-
- clean:
- rm -f $(src)/crypto/gmp.h $(src)/crypto/libgmp.a $(OBJS)
-@@ -98,3 +97,4 @@ version:
- @echo "#endif /* _TPM_VERSION_H_ */" >> $(src)/tpm_version.h
-
- .PHONY: all install clean dist gmp version
-+
-diff -uprN tpm_emulator/tpm/tpm_capability.c vtpm/tpm/tpm_capability.c
---- tpm_emulator/tpm/tpm_capability.c 2006-06-23 03:37:07.000000000
-0700
-+++ vtpm/tpm/tpm_capability.c 2007-01-10 10:00:49.000000000 -0800
-@@ -136,8 +136,18 @@ static TPM_RESULT cap_property(UINT32 su
-
- case TPM_CAP_PROP_TIS_TIMEOUT:
- debug("[TPM_CAP_PROP_TIS_TIMEOUT]");
-- /* TODO: TPM_CAP_PROP_TIS_TIMEOUT */
-- return TPM_FAIL;
-+ /* TODO: TPM_CAP_PROP_TIS_TIMEOUT: Measure these values and
determine correct ones */
-+ UINT32 len = *respSize = 16;
-+ BYTE *ptr = *resp = tpm_malloc(*respSize);
-+ if (ptr == NULL ||
-+ tpm_marshal_UINT32(&ptr, &len, 200000) ||
-+ tpm_marshal_UINT32(&ptr, &len, 200000) ||
-+ tpm_marshal_UINT32(&ptr, &len, 200000) ||
-+ tpm_marshal_UINT32(&ptr, &len, 200000)) {
-+ tpm_free(*resp);
-+ return TPM_FAIL;
-+ }
-+ return TPM_SUCCESS;
-
- case TPM_CAP_PROP_STARTUP_EFFECT:
- debug("[TPM_CAP_PROP_STARTUP_EFFECT]");
-@@ -190,7 +200,11 @@ static TPM_RESULT cap_property(UINT32 su
-
- case TPM_CAP_PROP_DURATION:
- debug("[TPM_CAP_PROP_DURATION]");
-- /* TODO: TPM_CAP_PROP_DURATION */
-+ /* TODO: TPM_CAP_PROP_DURATION: Measure these values and return
accurate ones */
-+ BYTE dur[]=
{0x0,0x0,0x0,0xc,0x0,0x7,0xa1,0x20,0x0,0x1e,0x84,0x80,0x11,0xe1,0xa3,0x0};
-+ *respSize = 16;
-+ *resp = tpm_malloc(*respSize);
-+ memcpy(*resp,dur,16);
- return TPM_FAIL;
-
- case TPM_CAP_PROP_ACTIVE_COUNTER:
-diff -uprN tpm_emulator/tpm/tpm_cmd_handler.c vtpm/tpm/tpm_cmd_handler.c
---- tpm_emulator/tpm/tpm_cmd_handler.c 2008-02-27 16:35:41.000000000
-0500
-+++ vtpm/tpm/tpm_cmd_handler.c 2008-02-28 14:43:28.000000000 -0500
-@@ -94,12 +94,18 @@ void tpm_compute_out_param_digest(TPM_CO
- sha1_ctx_t sha1;
- UINT32 res = CPU_TO_BE32(rsp->result);
- UINT32 ord = CPU_TO_BE32(ordinal);
-+ UINT32 offset = 0;
-
- /* compute SHA1 hash */
- sha1_init(&sha1);
- sha1_update(&sha1, (BYTE*)&res, 4);
- sha1_update(&sha1, (BYTE*)&ord, 4);
-- sha1_update(&sha1, rsp->param, rsp->paramSize);
-+ if (ordinal == TPM_ORD_LoadKey2) {
-+ offset = 4;
-+ }
-+ if (rsp->paramSize - offset > 0) {
-+ sha1_update(&sha1, rsp->param + offset, rsp->paramSize - offset);
-+ }
- sha1_final(&sha1, rsp->auth1->digest);
- if (rsp->auth2 != NULL) memcpy(rsp->auth2->digest,
- rsp->auth1->digest, sizeof(rsp->auth1->digest));
-diff -uprN tpm_emulator/tpm/tpm_data.c vtpm/tpm/tpm_data.c
---- tpm_emulator/tpm/tpm_data.c 2008-02-27 16:35:41.000000000 -0500
-+++ vtpm/tpm/tpm_data.c 2008-02-27 16:35:40.000000000 -0500
-@@ -1,6 +1,7 @@
- /* Software-Based Trusted Platform Module (TPM) Emulator for Linux
- * Copyright (C) 2004 Mario Strasser <mast@gmx.net>,
- * Swiss Federal Institute of Technology (ETH) Zurich
-+ * Copyright (C) 2005 INTEL Corp
- *
- * This module is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
-@@ -15,10 +16,15 @@
- * $Id: tpm_data.c 98 2006-05-07 14:16:29Z hstamer $
- */
-
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+
- #include "tpm_emulator.h"
- #include "tpm_structures.h"
- #include "tpm_marshalling.h"
--#include "linux_module.h"
-+#include "vtpm_manager.h"
-
- TPM_DATA tpmData;
-
-@@ -158,45 +164,232 @@ void tpm_release_data(void)
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <fcntl.h>
--#include <unistd.h>
-
--#define TPM_STORAGE_FILE "/var/tpm/tpm_emulator-1.2."
STR(VERSION_MAJOR) "." STR(VERSION_MINOR)
-+ static int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
-+
-+#ifdef VTPM_MUTLI_VM
-+ #define DEV_FE "/dev/tpm"
-+#else
-+ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo"
-+ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo"
-+
-+ extern int dmi_id;
-+ static char *vtpm_rx_name=NULL;
-+#endif
-
- static int write_to_file(uint8_t *data, size_t data_length)
- {
-- int res;
-- int fp;
-- fp = open(TPM_STORAGE_FILE, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR |
S_IWUSR);
-- res = write(fp, data, data_length);
-- close(fp);
-- return (res == data_length) ? 0 : -1;
-+ int res, out_data_size, in_header_size;
-+ BYTE *ptr, *out_data, *in_header;
-+ UINT32 result, len, in_rsp_size;
-+ UINT16 tag = VTPM_TAG_REQ;
-+
-+ printf("Saving NVM\n");
-+ if (vtpm_tx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_tx_fh = open(DEV_FE, O_RDWR);
-+#else
-+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
-+#endif
-+ }
-+
-+ if (vtpm_tx_fh < 0) {
-+ return -1;
-+ }
-+
-+ // Send request to VTPM Manager to encrypt data
-+#ifdef VTPM_MUTLI_VM
-+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT + data_length;
-+#else
-+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length;
-+#endif
-+
-+ out_data = ptr = (BYTE *) malloc(len);
-+
-+ if (ptr == NULL
-+#ifndef VTPM_MUTLI_VM
-+ || tpm_marshal_UINT32(&ptr, &len, dmi_id)
-+#endif
-+ || tpm_marshal_UINT16(&ptr, &len, tag)
-+#ifdef VTPM_MUTLI_VM
-+ || tpm_marshal_UINT32(&ptr, &len, out_data_size)
-+#else
-+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
-+#endif
-+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM)
-+ || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) {
-+ free(out_data);
-+ return -1;
-+ }
-+
-+ printf("\tSending SaveNVM Command.\n");
-+ res = write(vtpm_tx_fh, out_data, out_data_size);
-+ free(out_data);
-+ if (res != out_data_size) return -1;
-+
-+ if (vtpm_rx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_rx_fh = vtpm_tx_fh
-+#else
-+ if (vtpm_rx_name == NULL) {
-+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
-+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
-+ }
-+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
-+#endif
-+ }
-+
-+ if (vtpm_rx_fh < 0) {
-+ return -1;
-+ }
-+
-+ // Read Header of response so we can get the size & status
-+#ifdef VTPM_MUTLI_VM
-+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
-+#else
-+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
-+#endif
-+ in_header = ptr = malloc(in_header_size);
-+
-+ printf("\tReading SaveNVM header.\n");
-+ res = read(vtpm_rx_fh, in_header, in_header_size);
-+
-+ if ( (res != in_header_size)
-+#ifndef VTPM_MUTLI_VM
-+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
-+#endif
-+ || tpm_unmarshal_UINT16(&ptr, &len, &tag)
-+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
-+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
-+ free(in_header);
-+ return -1;
-+ }
-+ free(in_header);
-+
-+ if (result != VTPM_SUCCESS) {
-+ return -1;
-+ }
-+
-+#ifdef VTPM_MUTLI_VM
-+ close(vtpm_tx_fh); close(vtpm_rx_fh);
-+#endif
-+
-+ printf("\tFinishing up SaveNVM\n");
-+ return (0);
- }
-
- static int read_from_file(uint8_t **data, size_t *data_length)
- {
-- int res;
-- int fp, file_status;
-- struct stat file_info;
-- fp = open(TPM_STORAGE_FILE, O_RDONLY, 0);
-- file_status = fstat(fp, &file_info);
-- if (file_status < 0) {
-- close(fp);
-- return -1;
-- }
-+ int res, out_data_size, in_header_size;
-+ uint8_t *ptr, *out_data, *in_header;
-+ UINT16 tag = VTPM_TAG_REQ;
-+ UINT32 len, in_rsp_size, result;
-+#ifdef VTPM_MUTLI_VM
-+ int vtpm_rx_fh, vtpm_tx_fh;
-+#endif
-+
-+ printf("Loading NVM.\n");
-+ if (vtpm_tx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_tx_fh = open(DEV_FE, O_RDWR);
-+#else
-+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY);
-+#endif
-+ }
-
-- *data_length = file_info.st_size;
-- *data = tpm_malloc(*data_length);
-- if (*data == NULL) {
-- close(fp);
-+ if (vtpm_tx_fh < 0) {
-+ return -1;
-+ }
-+
-+ // Send request to VTPM Manager to encrypt data
-+#ifdef VTPM_MUTLI_VM
-+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
-+#else
-+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
-+#endif
-+ out_data = ptr = (BYTE *) malloc(len);
-+
-+ if (ptr == NULL
-+#ifndef VTPM_MUTLI_VM
-+ || tpm_marshal_UINT32(&ptr, &len, dmi_id)
-+#endif
-+ || tpm_marshal_UINT16(&ptr, &len, tag)
-+#ifdef VTPM_MUTLI_VM
-+ || tpm_marshal_UINT32(&ptr, &len, out_data_size)
-+#else
-+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t))
-+#endif
-+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) {
-+ free(out_data);
- return -1;
- }
-- res = read(fp, *data, *data_length);
-- close(fp);
-+
-+ printf("\tSending LoadNVM command\n");
-+ res = write(vtpm_tx_fh, out_data, out_data_size);
-+ free(out_data);
-+ if (res != out_data_size) return -1;
-+
-+ if (vtpm_rx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_rx_fh = vtpm_tx_fh;
-+#else
-+ if (vtpm_rx_name == NULL) {
-+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D));
-+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id);
-+ }
-+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY);
-+#endif
-+ }
-+
-+ if (vtpm_rx_fh < 0) {
-+ return -1;
-+ }
-+
-+ // Read Header of response so we can get the size & status
-+#ifdef VTPM_MUTLI_VM
-+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT;
-+#else
-+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV;
-+#endif
-+ in_header = ptr = malloc(in_header_size);
-+
-+ printf("\tReading LoadNVM header\n");
-+ res = read(vtpm_rx_fh, in_header, in_header_size);
-+
-+ if ( (res != in_header_size)
-+#ifndef VTPM_MUTLI_VM
-+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id)
-+#endif
-+ || tpm_unmarshal_UINT16(&ptr, &len, &tag)
-+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size)
-+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) {
-+ free(in_header);
-+ return -1;
-+ }
-+ free(in_header);
-+
-+ if (result != VTPM_SUCCESS) {
-+ return -1;
-+ }
-+
-+ // Read Encrypted data from VTPM Manager
-+ *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT;
-+ *data = (uint8_t *) malloc(*data_length);
-+
-+ printf("\tReading clear data from LoadNVM.\n");
-+ res = read(vtpm_rx_fh, *data, *data_length);
-+#ifdef VTPM_MUTLI_VM
-+ close(vtpm_rx_fh);close(vtpm_tx_fh);
-+#endif
-+
-+ printf("\tReturing from loading NVM\n");
- if (res != *data_length) {
-- tpm_free(*data);
-- return -1;
-+ free(*data);
-+ return -1;
-+ } else {
-+ return 0;
- }
-- return 0;
-+
- }
-
- #else
-diff -uprN tpm_emulator/tpmd.c vtpm/tpmd.c
---- tpm_emulator/tpmd.c 2006-12-08 12:51:29.000000000 -0800
-+++ vtpm/tpmd.c 2007-01-09 14:48:56.000000000 -0800
-@@ -21,12 +21,24 @@
- #include <sys/stat.h>
- #include <fcntl.h>
- #include <sys/time.h>
-+#include <sys/socket.h>
-+#include <sys/un.h>
-+#include <errno.h>
-
- #include "tpm_emulator.h"
-+#include "vtpm_manager.h"
-
--#define TPM_RX_FNAME "/var/tpm/tpm_in.fifo"
--#define TPM_TX_FNAME "/var/tpm/tpm_out.fifo"
-+#ifdef VTPM_MULTI_VM
-+ #define DEV_BE "/dev/vtpm"
-+#else
-+ #define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo"
-+ #define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo"
-
-+ #define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket"
-+#endif
-+
-+ int dmi_id;
-+
- #define BUFFER_SIZE 2048
-
- static int devurandom=0;
-@@ -38,7 +50,7 @@ void get_random_bytes(void *buf, int nby
- }
-
- if (read(devurandom, buf, nbytes) != nbytes) {
-- printf("Can't get random number.\n");
-+ error("Can't get random number.\n");
- exit(-1);
- }
- }
-@@ -52,105 +64,182 @@ uint64_t tpm_get_ticks(void)
-
- int main(int argc, char **argv)
- {
-- uint8_t in[BUFFER_SIZE], *out;
-+ uint8_t type, in[BUFFER_SIZE], *out, *addressed_out;
-+ char *vtpm_rx_file=NULL;
- uint32_t out_size;
- int in_size, written;
-- int i;
-- struct stat file_info;
-+ int i, guest_id=-1;
-
-- int tpm_tx_fh=-1, tpm_rx_fh=-1;
-+#ifndef VTPM_MULTI_VM
-+ int sockfd = -1;
-+ struct sockaddr_un addr;
-+ struct sockaddr_un client_addr;
-+ unsigned int client_length;
-+
-+#endif
-+
-+ int vtpm_tx_fh=-1, vtpm_rx_fh=-1;
-+#ifdef VTPM_MULTI_VM
- if (argc < 2) {
-- printf("Usage: tpmd clear|save|deactivated\n" );
-+ error("Usage: tpmd clear|save|deactivated\n" );
-+#else
-+ if (argc < 4) {
-+ error("Usage: tpmd clear|save|deactivated pvm|hvm vtpmid\n" );
-+#endif
- return -1;
- }
-
-+#ifndef VTPM_MULTI_VM
-+ /* setup type of vm */
-+ if (!strcmp(argv[2], "pvm")) {
-+ type = VTPM_TYPE_PVM; // Get commands from vTPM Manager through fifo
-+ } else if (!strcmp(argv[2], "hvm")) {
-+ type = VTPM_TYPE_HVM; // Get commands from qemu via socket
-+ } else {
-+ error("invalid vTPM type '%s'.\n", argv[2]);
-+ }
-+
-+ dmi_id = atoi(argv[3]);
-+
-+ if (type == VTPM_TYPE_PVM) {
-+ vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D));
-+ sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id);
-+ } else {
-+ vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D));
-+ sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id);
-+
-+ if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) {
-+ error("Unable to create socket. errno = %d\n", errno);
-+ exit (-1);
-+ }
-+
-+ memset(&addr, 0, sizeof(addr));
-+ addr.sun_family = AF_UNIX;
-+ strcpy(addr.sun_path,vtpm_rx_file );
-+ unlink(addr.sun_path);
-+ }
-+#endif
-+
-+#ifdef VTPM_MULTI_VM
-+ info("Initializing tpm state: %s\n", argv[1]);
-+#else
-+ info("Initializing tpm state: %s, type: %s, id: %d\n", argv[1],
argv[2], dmi_id);
-+#endif
-+
- /* initialize TPM emulator */
- if (!strcmp(argv[1], "clear")) {
-- printf("Initializing tpm: %s\n", argv[1]);
- tpm_emulator_init(1);
-- } else if (!strcmp(argv[1], "save")) {
-- printf("Initializing tpm: %s\n", argv[1]);
-+ } else if (!strcmp(argv[1], "save")) {
- tpm_emulator_init(2);
- } else if (!strcmp(argv[1], "deactivated")) {
-- printf("Initializing tpm: %s\n", argv[1]);
- tpm_emulator_init(3);
- } else {
-- printf("invalid startup mode '%s'; must be 'clear', "
-+ error("invalid startup mode '%s'; must be 'clear', "
- "'save' (default) or 'deactivated", argv[1]);
- return -1;
- }
--
-- if ( stat(TPM_RX_FNAME, &file_info) == -1) {
-- if ( mkfifo(TPM_RX_FNAME, S_IWUSR | S_IRUSR ) ) {
-- printf("Failed to create fifo %s.\n", TPM_RX_FNAME);
-- return -1;
-- }
-- }
--
-- if ( stat(TPM_TX_FNAME, &file_info) == -1) {
-- if ( mkfifo(TPM_TX_FNAME, S_IWUSR | S_IRUSR ) ) {
-- printf("Failed to create fifo %s.\n", TPM_TX_FNAME);
-- return -1;
-- }
-- }
--
-+
- while (1) {
- abort_command:
-- if (tpm_rx_fh < 0) {
-- tpm_rx_fh = open(TPM_RX_FNAME, O_RDONLY);
-+ if (vtpm_rx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_rx_fh = open(DEV_BE, O_RDWR);
-+#else
-+ if (type == VTPM_TYPE_PVM) {
-+ vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY);
-+ } else {
-+ if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
-+ error("Unable to bind(). errno = %d\n", errno);
-+ exit (-1);
-+ }
-+
-+ if (listen(sockfd, 10) <0) {
-+ error("Unable to listen(). errno = %d\n", errno);
-+ exit (-1);
-+ }
-+
-+ memset(&client_addr, 0, sizeof(client_addr));
-+ client_length = sizeof(client_addr);
-+
-+ vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct sockaddr
*)&client_addr, &client_length);
-+ }
-+#endif
- }
-
-- if (tpm_rx_fh < 0) {
-- printf("ERROR: failed to open devices to listen to guest.\n");
-+ if (vtpm_rx_fh < 0) {
-+ error("Failed to open devices to listen to guest.\n");
- return -1;
- }
-
-- if (tpm_tx_fh < 0) {
-- tpm_tx_fh = open(TPM_TX_FNAME, O_WRONLY);
-- }
--
-- if (tpm_tx_fh < 0) {
-- printf("ERROR: failed to open devices to respond to guest.\n");
-- return -1;
-- }
--
-- in_size = read(tpm_rx_fh, in, BUFFER_SIZE);
-+ in_size = read(vtpm_rx_fh, in, BUFFER_SIZE);
- if (in_size < 6) { // Magic size of minium TPM command
-- printf("Recv[%d] to small: 0x", in_size);
-+ info("Recv incomplete command of %d bytes.", in_size);
- if (in_size <= 0) {
-- close(tpm_rx_fh);
-- tpm_rx_fh = -1;
-+ close(vtpm_rx_fh);
-+ vtpm_rx_fh = -1;
- goto abort_command;
- }
- } else {
-- printf("Recv[%d]: 0x", in_size);
-+ debug_nostop("Recv[%d]: 0x", in_size);
- for (i=0; i< in_size; i++)
-- printf("%x ", in[i]);
-- printf("\n");
-+ debug_more("%x ", in[i]);
-+ debug_more("\n");
- }
-
--
-- if (tpm_handle_command(in, in_size, &out, &out_size) != 0) {
-- printf("ERROR: Handler Failed.\n");
-+ if (guest_id == -1) {
-+ guest_id = *((uint32_t *) in);
-+ } else {
-+ if (guest_id != *((uint32_t *) in) ) {
-+ error("WARNING: More than one guest attached\n");
-+ }
-+ }
-+
-+ if (vtpm_tx_fh < 0) {
-+#ifdef VTPM_MUTLI_VM
-+ vtpm_tx_fh = open(DEV_BE, O_RDWR);
-+ vtpm_rx_fh = vtpm_tx_fh;
-+#else
-+ if (type == VTPM_TYPE_PVM) {
-+ vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY);
-+ } // No need to open the other direction for HVM
-+#endif
-+ }
-+
-+ if (vtpm_tx_fh < 0) {
-+ error("Failed to open devices to respond to guest.\n");
-+ return -1;
-+ }
-+
-+ // Handle the command, but skip the domain id header
-+ if (tpm_handle_command(in + sizeof(uint32_t), in_size -
sizeof(uint32_t), &out, &out_size) != 0) {
-+ error("Handler Failed.\n");
- }
-
-- written = write(tpm_tx_fh, out, out_size);
-+ addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + out_size);
-+ *(uint32_t *) addressed_out = *(uint32_t *) in;
-+ memcpy(addressed_out + sizeof(uint32_t), out, out_size);
-+
-+ written = write(vtpm_tx_fh, addressed_out, out_size +
sizeof(uint32_t));
-
-- if (written != out_size ) {
-- printf("ERROR: Part of response not written %d/%d.\nAttempt: ",
written, out_size);
-+ if (written != out_size + sizeof(uint32_t)) {
-+ error("Part of response not written %d/%d.\n", written, out_size);
- } else {
-- printf("Sent[%Zu]: ", out_size);
-+ debug_nostop("Sent[%Zu]: ", out_size + sizeof(uint32_t));
-+ for (i=0; i< out_size+ sizeof(uint32_t); i++)
-+ debug_more("%x ", addressed_out[i]);
-+ debug_more("\n");
- }
-- for (i=0; i< out_size; i++)
-- printf("%x ", out[i]);
-- printf("\n");
- tpm_free(out);
-+ tpm_free(addressed_out);
-
- } // loop
-
- tpm_emulator_shutdown();
-
-- close(tpm_tx_fh);
-- close(tpm_rx_fh);
-+ close(vtpm_tx_fh);
-+#ifndef VTPM_MUTLI_VM
-+ close(vtpm_rx_fh);
-+ free (vtpm_rx_file);
-+#endif
-
- }
[-- Attachment #1.2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 1459 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next reply other threads:[~2012-09-21 18:53 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-21 18:53 Matthew Fioravante [this message]
2012-09-25 10:08 ` PATCH [base vtpm and libxl patches 1/6] Upgrade vtpmd from 0.5.1 to 0.7.4 Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=505CB793.1010405@jhuapl.edu \
--to=matthew.fioravante@jhuapl.edu \
--cc=Ian.Campbell@citrix.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).