aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--qemu-options.hx13
-rw-r--r--tpm/tpm_passthrough.c169
-rw-r--r--vl.c5
3 files changed, 171 insertions, 16 deletions
diff --git a/qemu-options.hx b/qemu-options.hx
index 0be16b4..30fb85d 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -2221,8 +2221,10 @@ DEFHEADING()
DEFHEADING(TPM device options:)
DEF("tpmdev", HAS_ARG, QEMU_OPTION_tpmdev, \
- "-tpmdev passthrough,id=id[,path=path]\n"
- " use path to provide path to a character device; default is /dev/tpm0\n",
+ "-tpmdev passthrough,id=id[,path=path][,cancel-path=path]\n"
+ " use path to provide path to a character device; default is /dev/tpm0\n"
+ " use cancel-path to provide path to TPM's cancel sysfs entry; if\n"
+ " not provided it will be searched for in /sys/class/misc/tpm?/device\n",
QEMU_ARCH_ALL)
STEXI
@@ -2244,7 +2246,7 @@ Use 'help' to print all available TPM backend types.
qemu -tpmdev help
@end example
-@item -tpmdev passthrough, id=@var{id}, path=@var{path}
+@item -tpmdev passthrough, id=@var{id}, path=@var{path}, cancel-path=@var{cancel-path}
(Linux-host only) Enable access to the host's TPM using the passthrough
driver.
@@ -2253,6 +2255,11 @@ driver.
a Linux host this would be @code{/dev/tpm0}.
@option{path} is optional and by default @code{/dev/tpm0} is used.
+@option{cancel-path} specifies the path to the host TPM device's sysfs
+entry allowing for cancellation of an ongoing TPM command.
+@option{cancel-path} is optional and by default QEMU will search for the
+sysfs entry to use.
+
Some notes about using the host's TPM with the passthrough driver:
The TPM device accessed by the passthrough driver must not be
diff --git a/tpm/tpm_passthrough.c b/tpm/tpm_passthrough.c
index 760e18f..24aff4d 100644
--- a/tpm/tpm_passthrough.c
+++ b/tpm/tpm_passthrough.c
@@ -22,6 +22,8 @@
* License along with this library; if not, see <http://www.gnu.org/licenses/>
*/
+#include <dirent.h>
+
#include "qemu-common.h"
#include "qapi/error.h"
#include "qemu/sockets.h"
@@ -57,11 +59,18 @@ struct TPMPassthruState {
char *tpm_dev;
int tpm_fd;
+ bool tpm_executing;
+ bool tpm_op_canceled;
+ int cancel_fd;
bool had_startup_error;
};
#define TPM_PASSTHROUGH_DEFAULT_DEVICE "/dev/tpm0"
+/* functions */
+
+static void tpm_passthrough_cancel_cmd(TPMBackend *tb);
+
static int tpm_passthrough_unix_write(int fd, const uint8_t *buf, uint32_t len)
{
return send_all(fd, buf, len);
@@ -79,25 +88,36 @@ static uint32_t tpm_passthrough_get_size_from_buffer(const uint8_t *buf)
return be32_to_cpu(resp->len);
}
-static int tpm_passthrough_unix_tx_bufs(int tpm_fd,
+static int tpm_passthrough_unix_tx_bufs(TPMPassthruState *tpm_pt,
const uint8_t *in, uint32_t in_len,
uint8_t *out, uint32_t out_len)
{
int ret;
- ret = tpm_passthrough_unix_write(tpm_fd, in, in_len);
+ tpm_pt->tpm_op_canceled = false;
+ tpm_pt->tpm_executing = true;
+
+ ret = tpm_passthrough_unix_write(tpm_pt->tpm_fd, in, in_len);
if (ret != in_len) {
- error_report("tpm_passthrough: error while transmitting data "
- "to TPM: %s (%i)\n",
- strerror(errno), errno);
+ if (!tpm_pt->tpm_op_canceled ||
+ (tpm_pt->tpm_op_canceled && errno != ECANCELED)) {
+ error_report("tpm_passthrough: error while transmitting data "
+ "to TPM: %s (%i)\n",
+ strerror(errno), errno);
+ }
goto err_exit;
}
- ret = tpm_passthrough_unix_read(tpm_fd, out, out_len);
+ tpm_pt->tpm_executing = false;
+
+ ret = tpm_passthrough_unix_read(tpm_pt->tpm_fd, out, out_len);
if (ret < 0) {
- error_report("tpm_passthrough: error while reading data from "
- "TPM: %s (%i)\n",
- strerror(errno), errno);
+ if (!tpm_pt->tpm_op_canceled ||
+ (tpm_pt->tpm_op_canceled && errno != ECANCELED)) {
+ error_report("tpm_passthrough: error while reading data from "
+ "TPM: %s (%i)\n",
+ strerror(errno), errno);
+ }
} else if (ret < sizeof(struct tpm_resp_hdr) ||
tpm_passthrough_get_size_from_buffer(out) != ret) {
ret = -1;
@@ -110,13 +130,15 @@ err_exit:
tpm_write_fatal_error_response(out, out_len);
}
+ tpm_pt->tpm_executing = false;
+
return ret;
}
-static int tpm_passthrough_unix_transfer(int tpm_fd,
+static int tpm_passthrough_unix_transfer(TPMPassthruState *tpm_pt,
const TPMLocality *locty_data)
{
- return tpm_passthrough_unix_tx_bufs(tpm_fd,
+ return tpm_passthrough_unix_tx_bufs(tpm_pt,
locty_data->w_buffer.buffer,
locty_data->w_offset,
locty_data->r_buffer.buffer,
@@ -134,7 +156,7 @@ static void tpm_passthrough_worker_thread(gpointer data,
switch (cmd) {
case TPM_BACKEND_CMD_PROCESS_CMD:
- tpm_passthrough_unix_transfer(tpm_pt->tpm_fd,
+ tpm_passthrough_unix_transfer(tpm_pt,
thr_parms->tpm_state->locty_data);
thr_parms->recv_data_callback(thr_parms->tpm_state,
@@ -172,6 +194,8 @@ static void tpm_passthrough_reset(TPMBackend *tb)
DPRINTF("tpm_passthrough: CALL TO TPM_RESET!\n");
+ tpm_passthrough_cancel_cmd(tb);
+
tpm_backend_thread_end(&tpm_pt->tbt);
tpm_pt->had_startup_error = false;
@@ -221,7 +245,29 @@ static void tpm_passthrough_deliver_request(TPMBackend *tb)
static void tpm_passthrough_cancel_cmd(TPMBackend *tb)
{
- /* cancelling an ongoing command is known not to work with some TPMs */
+ TPMPassthruState *tpm_pt = tb->s.tpm_pt;
+ int n;
+
+ /*
+ * As of Linux 3.7 the tpm_tis driver does not properly cancel
+ * commands on all TPM manufacturers' TPMs.
+ * Only cancel if we're busy so we don't cancel someone else's
+ * command, e.g., a command executed on the host.
+ */
+ if (tpm_pt->tpm_executing) {
+ if (tpm_pt->cancel_fd >= 0) {
+ n = write(tpm_pt->cancel_fd, "-", 1);
+ if (n != 1) {
+ error_report("Canceling TPM command failed: %s\n",
+ strerror(errno));
+ } else {
+ tpm_pt->tpm_op_canceled = true;
+ }
+ } else {
+ error_report("Cannot cancel TPM command due to missing "
+ "TPM sysfs cancel entry");
+ }
+ }
}
static const char *tpm_passthrough_create_desc(void)
@@ -281,10 +327,98 @@ static int tpm_passthrough_test_tpmdev(int fd)
return 0;
}
+/*
+ * Check whether the given base path, e.g., /sys/class/misc/tpm0/device,
+ * is the sysfs directory of a TPM. A TPM sysfs directory should be uniquely
+ * recognizable by the file entries 'pcrs' and 'cancel'.
+ * Upon success 'true' is returned and the basebath buffer has '/cancel'
+ * appended.
+ */
+static bool tpm_passthrough_check_sysfs_cancel(char *basepath, size_t bufsz)
+{
+ char path[PATH_MAX];
+ struct stat statbuf;
+
+ snprintf(path, sizeof(path), "%s/pcrs", basepath);
+ if (stat(path, &statbuf) == -1 || !S_ISREG(statbuf.st_mode)) {
+ return false;
+ }
+
+ snprintf(path, sizeof(path), "%s/cancel", basepath);
+ if (stat(path, &statbuf) == -1 || !S_ISREG(statbuf.st_mode)) {
+ return false;
+ }
+
+ strncpy(basepath, path, bufsz);
+
+ return true;
+}
+
+/*
+ * Unless path or file descriptor set has been provided by user,
+ * determine the sysfs cancel file following kernel documentation
+ * in Documentation/ABI/stable/sysfs-class-tpm.
+ */
+static int tpm_passthrough_open_sysfs_cancel(TPMBackend *tb)
+{
+ int fd = -1;
+ unsigned int idx;
+ DIR *pnp_dir;
+ char path[PATH_MAX];
+ struct dirent entry, *result;
+ int len;
+
+ if (tb->cancel_path) {
+ fd = qemu_open(tb->cancel_path, O_WRONLY);
+ if (fd < 0) {
+ error_report("Could not open TPM cancel path : %s",
+ strerror(errno));
+ }
+ return fd;
+ }
+
+ snprintf(path, sizeof(path), "/sys/class/misc");
+ pnp_dir = opendir(path);
+ if (pnp_dir != NULL) {
+ while (readdir_r(pnp_dir, &entry, &result) == 0 &&
+ result != NULL) {
+ /*
+ * only allow /sys/class/misc/tpm%u type of paths
+ */
+ if (sscanf(entry.d_name, "tpm%u%n", &idx, &len) < 1 ||
+ len <= strlen("tpm") ||
+ len != strlen(entry.d_name)) {
+ continue;
+ }
+
+ snprintf(path, sizeof(path), "/sys/class/misc/%s/device",
+ entry.d_name);
+ if (!tpm_passthrough_check_sysfs_cancel(path, sizeof(path))) {
+ continue;
+ }
+
+ fd = qemu_open(path, O_WRONLY);
+ break;
+ }
+ closedir(pnp_dir);
+ }
+
+ if (fd >= 0) {
+ tb->cancel_path = g_strdup(path);
+ }
+
+ return fd;
+}
+
static int tpm_passthrough_handle_device_opts(QemuOpts *opts, TPMBackend *tb)
{
const char *value;
+ value = qemu_opt_get(opts, "cancel-path");
+ if (value) {
+ tb->cancel_path = g_strdup(value);
+ }
+
value = qemu_opt_get(opts, "path");
if (!value) {
value = TPM_PASSTHROUGH_DEFAULT_DEVICE;
@@ -339,6 +473,11 @@ static TPMBackend *tpm_passthrough_create(QemuOpts *opts, const char *id)
goto err_exit;
}
+ tb->s.tpm_pt->cancel_fd = tpm_passthrough_open_sysfs_cancel(tb);
+ if (tb->s.tpm_pt->cancel_fd < 0) {
+ goto err_exit;
+ }
+
return tb;
err_exit:
@@ -353,12 +492,16 @@ static void tpm_passthrough_destroy(TPMBackend *tb)
{
TPMPassthruState *tpm_pt = tb->s.tpm_pt;
+ tpm_passthrough_cancel_cmd(tb);
+
tpm_backend_thread_end(&tpm_pt->tbt);
qemu_close(tpm_pt->tpm_fd);
+ qemu_close(tb->s.tpm_pt->cancel_fd);
g_free(tb->id);
g_free(tb->path);
+ g_free(tb->cancel_path);
g_free(tb->s.tpm_pt->tpm_dev);
g_free(tb->s.tpm_pt);
g_free(tb);
diff --git a/vl.c b/vl.c
index 0c6c2bf..3822d99 100644
--- a/vl.c
+++ b/vl.c
@@ -503,6 +503,11 @@ static QemuOptsList qemu_tpmdev_opts = {
.help = "Type of TPM backend",
},
{
+ .name = "cancel-path",
+ .type = QEMU_OPT_STRING,
+ .help = "Sysfs file entry for canceling TPM commands",
+ },
+ {
.name = "path",
.type = QEMU_OPT_STRING,
.help = "Path to TPM device on the host",