From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthew Fioravante Subject: Re: [PATCH 9/9] stubdom/vtpm: Add PCR pass-through to hardware TPM Date: Tue, 04 Dec 2012 12:47:28 -0500 Message-ID: <50BE3730.2030509@jhuapl.edu> References: <1354286955-23900-1-git-send-email-dgdegra@tycho.nsa.gov> <1354286955-23900-10-git-send-email-dgdegra@tycho.nsa.gov> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0168533734265684402==" Return-path: In-Reply-To: <1354286955-23900-10-git-send-email-dgdegra@tycho.nsa.gov> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Daniel De Graaf Cc: "samuel.thibault@ens-lyon.org" , "Ian.Jackson@eu.citrix.com" , "Ian.Campbell@citrix.com" , "xen-devel@lists.xen.org" List-Id: xen-devel@lists.xenproject.org This is a cryptographically signed message in MIME format. --===============0168533734265684402== Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="------------ms090009020705090302010700" This is a cryptographically signed message in MIME format. --------------ms090009020705090302010700 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable So this maps a fixed set of PCRs always? Is there any use case where the = user might want the PCR mappings to be configurable? Might they want to=20 disable this feature to disallow Hardware PCR access in the vm? Also can you update the docs/misc/vtpm.txt documentation with a note=20 about this and the grub feature? On 11/30/2012 09:49 AM, Daniel De Graaf wrote: > This allows the hardware TPM's PCRs to be accessed from a vTPM for > debugging and as a simple alternative to a deep quote in situations > where the integrity of the vTPM's own TCB is not in question. > > Signed-off-by: Daniel De Graaf > --- > stubdom/Makefile | 1 + > stubdom/vtpm-pcr-passthrough.patch | 73 +++++++++++++++++++++++++++++= +++++++++ > stubdom/vtpm/vtpm_cmd.c | 38 ++++++++++++++++++++ > 3 files changed, 112 insertions(+) > create mode 100644 stubdom/vtpm-pcr-passthrough.patch > > diff --git a/stubdom/Makefile b/stubdom/Makefile > index 790b547..03ec07e 100644 > --- a/stubdom/Makefile > +++ b/stubdom/Makefile > @@ -210,6 +210,7 @@ tpm_emulator-$(XEN_TARGET_ARCH): tpm_emulator-$(TPM= EMU_VERSION).tar.gz > patch -d $@ -p1 < vtpm-locality.patch > patch -d $@ -p1 < vtpm-bufsize.patch > patch -d $@ -p1 < vtpm-locality5-pcrs.patch > + patch -d $@ -p1 < vtpm-pcr-passthrough.patch > mkdir $@/build > cd $@/build; $(CMAKE) .. -DCMAKE_C_COMPILER=3D${CC} -DCMAKE_C_FLAGS=3D= "-std=3Dc99 -DTPM_NO_EXTERN $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) -Wno-decl= aration-after-statement" > touch $@ > diff --git a/stubdom/vtpm-pcr-passthrough.patch b/stubdom/vtpm-pcr-pass= through.patch > new file mode 100644 > index 0000000..4e898a5 > --- /dev/null > +++ b/stubdom/vtpm-pcr-passthrough.patch > @@ -0,0 +1,73 @@ > +diff --git a/tpm/tpm_capability.c b/tpm/tpm_capability.c > +index f8f7f0f..885af52 100644 > +--- a/tpm/tpm_capability.c > ++++ b/tpm/tpm_capability.c > +@@ -72,7 +72,7 @@ static TPM_RESULT cap_property(UINT32 subCapSize, BY= TE *subCap, > + switch (property) { > + case TPM_CAP_PROP_PCR: > + debug("[TPM_CAP_PROP_PCR]"); > +- return return_UINT32(respSize, resp, TPM_NUM_PCR); > ++ return return_UINT32(respSize, resp, TPM_NUM_PCR_V); > + > + case TPM_CAP_PROP_DIR: > + debug("[TPM_CAP_PROP_DIR]"); > +diff --git a/tpm/tpm_emulator_extern.h b/tpm/tpm_emulator_extern.h > +index 36a32dd..77ed595 100644 > +--- a/tpm/tpm_emulator_extern.h > ++++ b/tpm/tpm_emulator_extern.h > +@@ -56,6 +56,7 @@ void (*tpm_free)(/*const*/ void *ptr); > + /* random numbers */ > + > + void (*tpm_get_extern_random_bytes)(void *buf, size_t nbytes); > ++void tpm_get_extern_pcr(int index, void *buf); > + > + /* usec since last call */ > + > +diff --git a/tpm/tpm_integrity.c b/tpm/tpm_integrity.c > +index 66ece83..f3c4196 100644 > +--- a/tpm/tpm_integrity.c > ++++ b/tpm/tpm_integrity.c > +@@ -56,8 +56,11 @@ TPM_RESULT TPM_Extend(TPM_PCRINDEX pcrNum, TPM_DIGE= ST *inDigest, > + TPM_RESULT TPM_PCRRead(TPM_PCRINDEX pcrIndex, TPM_PCRVALUE *outDigest= ) > + { > + info("TPM_PCRRead()"); > +- if (pcrIndex >=3D TPM_NUM_PCR) return TPM_BADINDEX; > +- memcpy(outDigest, &PCR_VALUE[pcrIndex], sizeof(TPM_PCRVALUE)); > ++ if (pcrIndex >=3D TPM_NUM_PCR_V) return TPM_BADINDEX; > ++ if (pcrIndex >=3D TPM_NUM_PCR) > ++ tpm_get_extern_pcr(pcrIndex - TPM_NUM_PCR, outDigest); > ++ else > ++ memcpy(outDigest, &PCR_VALUE[pcrIndex], sizeof(TPM_PCRVALUE)); > + return TPM_SUCCESS; > + } > + > +@@ -138,12 +141,15 @@ TPM_RESULT tpm_compute_pcr_digest(TPM_PCR_SELECT= ION *pcrSelection, > + BYTE *buf, *ptr; > + info("tpm_compute_pcr_digest()"); > + /* create PCR composite */ > +- if ((pcrSelection->sizeOfSelect * 8) > TPM_NUM_PCR > ++ if ((pcrSelection->sizeOfSelect * 8) > TPM_NUM_PCR_V > + || pcrSelection->sizeOfSelect =3D=3D 0) return TPM_INVALID_PCR_= INFO; > + for (i =3D 0, j =3D 0; i < pcrSelection->sizeOfSelect * 8; i++) { > + /* is PCR number i selected ? */ > + if (pcrSelection->pcrSelect[i >> 3] & (1 << (i & 7))) { > +- memcpy(&comp.pcrValue[j++], &PCR_VALUE[i], sizeof(TPM_PCRVALUE)= ); > ++ if (i >=3D TPM_NUM_PCR) > ++ tpm_get_extern_pcr(i - TPM_NUM_PCR, &comp.pcrValue[j++]); > ++ else > ++ memcpy(&comp.pcrValue[j++], &PCR_VALUE[i], sizeof(TPM_PCRVALU= E)); > + } > + } > + memcpy(&comp.select, pcrSelection, sizeof(TPM_PCR_SELECTION)); > +diff --git a/tpm/tpm_structures.h b/tpm/tpm_structures.h > +index 08cef1e..8c97fc5 100644 > +--- a/tpm/tpm_structures.h > ++++ b/tpm/tpm_structures.h > +@@ -677,6 +677,7 @@ typedef struct tdTPM_CMK_MA_APPROVAL { > + * Number of PCRs of the TPM (must be a multiple of eight) > + */ > + #define TPM_NUM_PCR 32 > ++#define TPM_NUM_PCR_V (TPM_NUM_PCR + 24) > + > + /* > + * TPM_PCR_SELECTION ([TPM_Part2], Section 8.1) > diff --git a/stubdom/vtpm/vtpm_cmd.c b/stubdom/vtpm/vtpm_cmd.c > index 7eae98b..ed058fb 100644 > --- a/stubdom/vtpm/vtpm_cmd.c > +++ b/stubdom/vtpm/vtpm_cmd.c > @@ -134,6 +134,44 @@ egress: > =20 > } > =20 > +extern struct tpmfront_dev* tpmfront_dev; > +void tpm_get_extern_pcr(int index, void *buf) { > + TPM_RESULT status =3D TPM_SUCCESS; > + uint8_t* cmdbuf, *resp, *bptr; > + size_t resplen =3D 0; > + UINT32 len; > + > + /*Ask the real tpm for the PCR value */ > + TPM_TAG tag =3D TPM_TAG_RQU_COMMAND; > + UINT32 size; > + TPM_COMMAND_CODE ord =3D TPM_ORD_PCRRead; > + len =3D size =3D sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMM= AND_CODE) + sizeof(UINT32); > + > + /*Create the raw tpm command */ > + bptr =3D cmdbuf =3D malloc(size); > + TRYFAILGOTO(pack_header(&bptr, &len, tag, size, ord)); > + TRYFAILGOTO(tpm_marshal_UINT32(&bptr, &len, index)); > + > + /* Send cmd, wait for response */ > + TRYFAILGOTOMSG(tpmfront_cmd(tpmfront_dev, cmdbuf, size, &resp, &res= plen), > + ERR_TPMFRONT); > + > + bptr =3D resp; len =3D resplen; > + TRYFAILGOTOMSG(unpack_header(&bptr, &len, &tag, &size, &ord), ERR_M= ALFORMED); > + > + //Check return status of command > + CHECKSTATUSGOTO(ord, "TPM_PCRRead()"); > + > + //Get the PCR value out > + TRYFAILGOTOMSG(tpm_unmarshal_BYTE_ARRAY(&bptr, &len, buf, 20), ERR_= MALFORMED); > + > + goto egress; > +abort_egress: > + memset(buf, 0x20, 20); > +egress: > + free(cmdbuf); > +} > + > TPM_RESULT VTPM_LoadHashKey(struct tpmfront_dev* tpmfront_dev, uint8_= t** data, size_t* data_length) > { > TPM_RESULT status =3D TPM_SUCCESS; --------------ms090009020705090302010700 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIDyjCC A8YwggMvoAMCAQICBD/xyf0wDQYJKoZIhvcNAQEFBQAwLzELMAkGA1UEBhMCVVMxDzANBgNV BAoTBkpIVUFQTDEPMA0GA1UECxMGQklTRENBMB4XDTEwMDYxMTE4MjIwNloXDTEzMDYxMTE4 NTIwNlowZjELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkpIVUFQTDEPMA0GA1UECxMGUGVvcGxl MTUwFgYDVQQLEw9WUE5Hcm91cC1CSVNEQ0EwGwYDVQQDExRNYXR0aGV3IEUgRmlvcmF2YW50 ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnpbwVSP6o1Nb5lcW7dd3yTo9iBJdi7qz 4nANOMFPK7JOy5npKN1iiousl28U/scUJES55gPwAWYJK3uVyQAsA4adgDKi5DoD1UHDQEwp bY7iHLJeq0NPr4BqYNqnCFPbE6HC8zSJrr4qKn+gVUQT39SIFqdiIPJwZL8FYTRQ/zsCAwEA AaOCAbYwggGyMAsGA1UdDwQEAwIHgDArBgNVHRAEJDAigA8yMDEwMDYxMTE4MjIwNlqBDzIw MTIwNzE3MjI1MjA2WjAbBg0rBgEEAbMlCwMBAQEBBAoWCGZpb3JhbWUxMBsGDSsGAQQBsyUL AwEBAQIEChIIMDAxMDQyNjEwWAYJYIZIAYb6ax4BBEsMSVRoZSBwcml2YXRlIGtleSBjb3Jy ZXNwb25kaW5nIHRvIHRoaXMgY2VydGlmaWNhdGUgbWF5IGhhdmUgYmVlbiBleHBvcnRlZC4w KAYDVR0RBCEwH4EdTWF0dGhldy5GaW9yYXZhbnRlQGpodWFwbC5lZHUwUgYDVR0fBEswSTBH oEWgQ6RBMD8xCzAJBgNVBAYTAlVTMQ8wDQYDVQQKEwZKSFVBUEwxDzANBgNVBAsTBkJJU0RD QTEOMAwGA1UEAxMFQ1JMNTYwHwYDVR0jBBgwFoAUCDUpmxH52EU2CyWmF2EJMB1yqeswHQYD VR0OBBYEFO6LYxg6r9wHZ+zdQtBHn1dZ/YTNMAkGA1UdEwQCMAAwGQYJKoZIhvZ9B0EABAww ChsEVjcuMQMCBLAwDQYJKoZIhvcNAQEFBQADgYEAJO9HQh4YNChVLzuZqK5ARJARD8JoujGZ fdo75quvg2jXFQe2sEjvLnxJZgm/pv8fdZakq48CWwjYHKuvIp7sDjTEsQfo+y7SpN/N2NvJ WU5SqfK1VgYtNLRRoGJUB5Q1aZ+Dg95g3kqpyfpUMISJL8IKVLtJVfN4fggFVUYZ9wwxggGr MIIBpwIBATA3MC8xCzAJBgNVBAYTAlVTMQ8wDQYDVQQKEwZKSFVBUEwxDzANBgNVBAsTBkJJ U0RDQQIEP/HJ/TAJBgUrDgMCGgUAoIHLMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJ KoZIhvcNAQkFMQ8XDTEyMTIwNDE3NDcyOFowIwYJKoZIhvcNAQkEMRYEFOZHczjv9pScTvxB MNFgsUq8ucbWMGwGCSqGSIb3DQEJDzFfMF0wCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBAjAK BggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYI KoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEgYB6dRzn2+ZzqPlvvB2LNG6ngmbXgzS2ceFJ oLPLtsD2nlFICePaeZ8/wGnMfjx/cycHT8ZylZnvmwmXtuvPgr9+copMCLJTHmRVENitNwDm 23aDQmloi23BeFz8Mfz57oSPpUMU7WsKg5Rbd1WxAJ7lu2WtY/gcZTJmf4P0dILJGwAAAAAA AA== --------------ms090009020705090302010700-- --===============0168533734265684402== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel --===============0168533734265684402==--