Commits
Commits on Nov 21, 2017
-
tpm_crb is a device for TPM 2.0 Command Response Buffer (CRB) Interface as defined in TCG PC Client Platform TPM Profile (PTP) Specification Family “2.0” Level 00 Revision 01.03 v22. The PTP allows device implementation to switch between TIS and CRB model at run time, but given that CRB is a simpler device to implement, I chose to implement it as a different device. The device doesn't implement other locality than 0 for now (my laptop TPM doesn't either, so I assume this isn't so bad) The command/reply memory region is statically allocated after the CRB registers address TPM_CRB_ADDR_BASE + sizeof(struct crb_regs) (I wonder if the BIOS could or should allocate it instead, or what size to use, again this seems to fit well expectations) The PTP doesn't specify a particular bus to put the device. So I added it on the system bus directly, so it could hopefully be used easily on a different platform than x86. Currently, it fails to init on piix, because error_on_sysbus_device() check. The check may be changed in a near future, see discussion on the qemu-devel ML. Tested with some success with Linux upstream and Windows 10, seabios & modified ovmf. The device is recognized and correctly transmit command/response with passthrough & emu. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
-
tpm: tpm_passthrough: Fail startup if FE buffer size < BE buffer size
If the requested buffer size of the frontend is smaller than the fixed buffer size of the host's TPM, fail the startup_tpm() interface function, which will make the device unusable. We fail it because the backend TPM could produce larger packets than what the frontend could pass to the OS. The current combination of TIS frontend and either passthrough or emulator backend will not lead to this case since the TIS can support any size of buffer. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Message-Id: <1510167719-4357-6-git-send-email-stefanb@linux.vnet.ibm.com>
-
tpm: tpm_emulator: get and set buffer size of device
Convert the tpm_emulator backend to get the current buffer size of the external device and set it to the buffer size that the frontend (TIS) requests. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Message-Id: <1510167719-4357-5-git-send-email-stefanb@linux.vnet.ibm.com>
-
tpm: tpm_passthrough: Read the buffer size from the host device
Rather than hard coding the buffer size in the tpm_passthrough backend read the TPM I/O buffer size from the host device. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Message-Id: <1510167719-4357-4-git-send-email-stefanb@linux.vnet.ibm.com>
-
tpm: pull tpm_util_request() out of tpm_util_test()
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Message-Id: <1510167719-4357-3-git-send-email-stefanb@linux.vnet.ibm.com>
-
tpm: Move getting TPM buffer size to backends
Rather than setting the size of the TPM buffer in the front-end, query the backend for the size of the buffer. In this patch we just move the hard-coded buffer size of 4096 to the backends. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Message-Id: <1510167719-4357-2-git-send-email-stefanb@linux.vnet.ibm.com>
-
tpm: remove tpm_register_model()
Query object classes that implements TPMIf instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-tis: use DEFINE_PROP_TPMBE
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
A property to lookup a tpm backend. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-tis: check that at most one TPM device exists
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-tis: remove redundant 'tpm_tis:' in error messages
The reported error message is already prefixed with the -device name & arguments. Before: qemu-system-x86_64: -device tpm-tis,id=foo,tpmdev=foo,irq=21: tpm_tis: IRQ 21 is outside valid range of 0 to 15 After: qemu-system-x86_64: -device tpm-tis,id=foo,tpmdev=foo,irq=21: IRQ 21 is outside valid range of 0 to 15 Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-emulator: add a FIXME comment about blocking cancel
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
acpi: change TPM TIS data conditions
The device should be exposed if present. It shouldn't have an undefined version (or else backend init failed, and device should fail too). Finally, make the fields specific to TIS device model. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm: add tpm_cmd_get_size() to tpm_util
The function is generally useful and used in the following patches. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm: add TPM interface to lookup TPM version
Do not hardcode TPM device model to lookup version, use an interface instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm: lookup the the TPM interface instead of TIS device
This will allow to introduce new devices implementing TPM. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm: rename qemu_find_tpm() -> qemu_find_tpm_be()
find_tpm() will be introduced to lookup the TPM device. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-tis: simplify header inclusion
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-passthrough: workaround a possible race
The TPM backend processing thread has common shared variable race issues. (they should not be so easy to reach since guest interaction with the device is slow compared to host emulation) An obvious one is setting op_cancelled from device thread after calling write(cancel_fd). The backend thread may return before the device thread has set the variable. Instead set it before cancellation. Even if the write() failed, the end result is command get possibly cancelled (even if cancellation came from external sources it doesn't matter much). It's worth to consider removing the backend processing thread for now. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-passthrough: simplify create()
Use a similar code as tpm_emulator_create(), call handle_opts() and handle failure cleanup with object_unref() in create(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-passthrough: make it safer to destroy after creation
Check fds values before closing, to avoid close(-1). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-backend: move set 'id' to common code
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-passthrough: pass TPMPassthruState to handle_device_opts
It doesn't need TPMBackend. Also reorder arguments for consistency. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-be: update optional function pointers
QEMU code doesn't generally have assert() for mandatory callbacks/function pointers, probably because the crash is pretty obvious. Document the methods instead of going into the code. Make get_tpm_options() mandatory to implement (since all backend implementation have it). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-passthrough: don't save guessed cancel_path in options
The value is later unneeded, and may leak if the free visitor doesn't consider it since has_cancel_path is false. And for consistency with "path" it shouldn't be returned in get_tpm_options(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm: remove unused opened code
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-be: ask model to the TPM interface
No need to store the mode in the backend, or to let the frontend set it itself. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-be: report error instead of front-end
Backend can give more accurate error description, and lift out the job from the frontend. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-be: call request_completed() out of thread
Lift from the backend implementation the responsability to call the request_completed() callback outside of thread context. This also simplify frontend/interface work, as they no longer need to care whether the callback is called from a different thread. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-tis: no longer expose TPMState
Now that there is an interface instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-backend: store TPMIf interface, improve backend_init()
Store the TPM interface, the actual object may be different from TPMState. Keep a reference on the interface, and check the backend wasn't already initialized. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm: move TpmIf in include/sysemu/tpm.h
This is a better location than hw/tpm, since we are going to use the interface from outside hw/tpm. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
tpm-tis: remove unused locty_number
This field slipped in commit 5086bf9. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
-
scripts/make-release: ship u-boot source as a tarball
The u-boot sources we ship currently cause problems with unpacking on a case-insensitive filesystem due to path conflicts. This has been fixed in upstream u-boot via commit 610eec7f, but since it is not yet included in an official release we implement this approach as a temporary workaround. Once we move to a u-boot containing commit 610eec7f we should revert this patch. Cc: qemu-stable@nongnu.org Cc: Alexander Graf <agraf@suse.de> Cc: Richard Henderson <richard.henderson@linaro.org> Cc: Thomas Huth <thuth@redhat.com> Cc: Peter Maydell <peter.maydell@linaro.org> Suggested-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-id: 20171107205201.10207-1-mdroth@linux.vnet.ibm.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
