diff options
| -rw-r--r-- | backends/tpm.c | 115 | ||||
| -rw-r--r-- | block/io.c | 48 | ||||
| -rw-r--r-- | block/nbd-client.c | 18 | ||||
| -rw-r--r-- | block/qed.c | 6 | ||||
| -rw-r--r-- | block/throttle.c | 18 | ||||
| -rwxr-xr-x | configure | 13 | ||||
| -rw-r--r-- | contrib/libvhost-user/libvhost-user.c | 43 | ||||
| -rw-r--r-- | contrib/libvhost-user/libvhost-user.h | 19 | ||||
| -rw-r--r-- | docs/specs/tpm.txt | 123 | ||||
| -rw-r--r-- | hmp.c | 5 | ||||
| -rw-r--r-- | hw/tpm/Makefile.objs | 1 | ||||
| -rw-r--r-- | hw/tpm/tpm_emulator.c | 587 | ||||
| -rw-r--r-- | hw/tpm/tpm_ioctl.h | 246 | ||||
| -rw-r--r-- | hw/tpm/tpm_passthrough.c | 242 | ||||
| -rw-r--r-- | hw/tpm/tpm_tis.c | 14 | ||||
| -rw-r--r-- | hw/tpm/tpm_util.c | 35 | ||||
| -rw-r--r-- | hw/tpm/tpm_util.h | 4 | ||||
| -rw-r--r-- | include/block/block_int.h | 13 | ||||
| -rw-r--r-- | include/block/nbd.h | 21 | ||||
| -rw-r--r-- | include/sysemu/tpm_backend.h | 80 | ||||
| -rw-r--r-- | include/sysemu/tpm_backend_int.h | 41 | ||||
| -rw-r--r-- | nbd/client.c | 4 | ||||
| -rw-r--r-- | nbd/nbd-internal.h | 34 | ||||
| -rw-r--r-- | nbd/server.c | 101 | ||||
| -rw-r--r-- | nbd/trace-events | 3 | ||||
| -rw-r--r-- | qapi/tpm.json | 21 | ||||
| -rw-r--r-- | qemu-options.hx | 22 | ||||
| -rwxr-xr-x | tests/qemu-iotests/nbd-fault-injector.py | 4 | ||||
| -rw-r--r-- | tests/vhost-user-bridge.c | 1 | ||||
| -rw-r--r-- | tpm.c | 37 | ||||
| -rw-r--r-- | vl.c | 1 |
31 files changed, 1426 insertions, 494 deletions
diff --git a/backends/tpm.c b/backends/tpm.c index 536f262bb7..37c84b7c66 100644 --- a/backends/tpm.c +++ b/backends/tpm.c @@ -18,27 +18,30 @@ #include "qapi/qmp/qerror.h" #include "sysemu/tpm.h" #include "qemu/thread.h" -#include "sysemu/tpm_backend_int.h" -enum TpmType tpm_backend_get_type(TPMBackend *s) +static void tpm_backend_worker_thread(gpointer data, gpointer user_data) { - TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); + TPMBackend *s = TPM_BACKEND(user_data); + TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - return k->ops->type; + assert(k->handle_request != NULL); + k->handle_request(s, (TPMBackendCmd)data); } -const char *tpm_backend_get_desc(TPMBackend *s) +static void tpm_backend_thread_end(TPMBackend *s) { - TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - - return k->ops->desc(); + if (s->thread_pool) { + g_thread_pool_push(s->thread_pool, (gpointer)TPM_BACKEND_CMD_END, NULL); + g_thread_pool_free(s->thread_pool, FALSE, TRUE); + s->thread_pool = NULL; + } } -void tpm_backend_destroy(TPMBackend *s) +enum TpmType tpm_backend_get_type(TPMBackend *s) { TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - k->ops->destroy(s); + return k->ops->type; } int tpm_backend_init(TPMBackend *s, TPMState *state, @@ -46,48 +49,62 @@ int tpm_backend_init(TPMBackend *s, TPMState *state, { TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - return k->ops->init(s, state, datacb); + s->tpm_state = state; + s->recv_data_callback = datacb; + s->had_startup_error = false; + + return k->ops->init ? k->ops->init(s) : 0; } int tpm_backend_startup_tpm(TPMBackend *s) { + int res = 0; TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - return k->ops->startup_tpm(s); -} + /* terminate a running TPM */ + tpm_backend_thread_end(s); -bool tpm_backend_had_startup_error(TPMBackend *s) -{ - TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); + s->thread_pool = g_thread_pool_new(tpm_backend_worker_thread, s, 1, TRUE, + NULL); + g_thread_pool_push(s->thread_pool, (gpointer)TPM_BACKEND_CMD_INIT, NULL); + + res = k->ops->startup_tpm ? k->ops->startup_tpm(s) : 0; - return k->ops->had_startup_error(s); + s->had_startup_error = (res != 0); + + return res; } -size_t tpm_backend_realloc_buffer(TPMBackend *s, TPMSizedBuffer *sb) +bool tpm_backend_had_startup_error(TPMBackend *s) { - TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - - return k->ops->realloc_buffer(sb); + return s->had_startup_error; } void tpm_backend_deliver_request(TPMBackend *s) { - TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - - k->ops->deliver_request(s); + g_thread_pool_push(s->thread_pool, (gpointer)TPM_BACKEND_CMD_PROCESS_CMD, + NULL); } void tpm_backend_reset(TPMBackend *s) { TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - k->ops->reset(s); + if (k->ops->reset) { + k->ops->reset(s); + } + + tpm_backend_thread_end(s); + + s->had_startup_error = false; } void tpm_backend_cancel_cmd(TPMBackend *s) { TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); + assert(k->ops->cancel_cmd); + k->ops->cancel_cmd(s); } @@ -95,23 +112,40 @@ bool tpm_backend_get_tpm_established_flag(TPMBackend *s) { TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - return k->ops->get_tpm_established_flag(s); + return k->ops->get_tpm_established_flag ? + k->ops->get_tpm_established_flag(s) : false; } int tpm_backend_reset_tpm_established_flag(TPMBackend *s, uint8_t locty) { TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); - return k->ops->reset_tpm_established_flag(s, locty); + return k->ops->reset_tpm_established_flag ? + k->ops->reset_tpm_established_flag(s, locty) : 0; } TPMVersion tpm_backend_get_tpm_version(TPMBackend *s) { TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); + assert(k->ops->get_tpm_version); + return k->ops->get_tpm_version(s); } +TPMInfo *tpm_backend_query_tpm(TPMBackend *s) +{ + TPMInfo *info = g_new0(TPMInfo, 1); + TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); + + info->id = g_strdup(s->id); + info->model = s->fe_model; + info->options = k->ops->get_tpm_options ? + k->ops->get_tpm_options(s) : NULL; + + return info; +} + static bool tpm_backend_prop_get_opened(Object *obj, Error **errp) { TPMBackend *s = TPM_BACKEND(obj); @@ -152,33 +186,21 @@ static void tpm_backend_prop_set_opened(Object *obj, bool value, Error **errp) static void tpm_backend_instance_init(Object *obj) { + TPMBackend *s = TPM_BACKEND(obj); + object_property_add_bool(obj, "opened", tpm_backend_prop_get_opened, tpm_backend_prop_set_opened, NULL); + s->fe_model = -1; } -void tpm_backend_thread_deliver_request(TPMBackendThread *tbt) -{ - g_thread_pool_push(tbt->pool, (gpointer)TPM_BACKEND_CMD_PROCESS_CMD, NULL); -} - -void tpm_backend_thread_create(TPMBackendThread *tbt, - GFunc func, gpointer user_data) +static void tpm_backend_instance_finalize(Object *obj) { - if (!tbt->pool) { - tbt->pool = g_thread_pool_new(func, user_data, 1, TRUE, NULL); - g_thread_pool_push(tbt->pool, (gpointer)TPM_BACKEND_CMD_INIT, NULL); - } -} + TPMBackend *s = TPM_BACKEND(obj); -void tpm_backend_thread_end(TPMBackendThread *tbt) -{ - if (tbt->pool) { - g_thread_pool_push(tbt->pool, (gpointer)TPM_BACKEND_CMD_END, NULL); - g_thread_pool_free(tbt->pool, FALSE, TRUE); - tbt->pool = NULL; - } + g_free(s->id); + tpm_backend_thread_end(s); } static const TypeInfo tpm_backend_info = { @@ -186,6 +208,7 @@ static const TypeInfo tpm_backend_info = { .parent = TYPE_OBJECT, .instance_size = sizeof(TPMBackend), .instance_init = tpm_backend_instance_init, + .instance_finalize = tpm_backend_instance_finalize, .class_size = sizeof(TPMBackendClass), .abstract = true, }; diff --git a/block/io.c b/block/io.c index 8e419070b5..0854e0fdac 100644 --- a/block/io.c +++ b/block/io.c @@ -156,6 +156,7 @@ typedef struct { Coroutine *co; BlockDriverState *bs; bool done; + bool begin; } BdrvCoDrainData; static void coroutine_fn bdrv_drain_invoke_entry(void *opaque) @@ -163,18 +164,23 @@ static void coroutine_fn bdrv_drain_invoke_entry(void *opaque) BdrvCoDrainData *data = opaque; BlockDriverState *bs = data->bs; - bs->drv->bdrv_co_drain(bs); + if (data->begin) { + bs->drv->bdrv_co_drain_begin(bs); + } else { + bs->drv->bdrv_co_drain_end(bs); + } /* Set data->done before reading bs->wakeup. */ atomic_mb_set(&data->done, true); bdrv_wakeup(bs); } -static void bdrv_drain_invoke(BlockDriverState *bs) +static void bdrv_drain_invoke(BlockDriverState *bs, bool begin) { - BdrvCoDrainData data = { .bs = bs, .done = false }; + BdrvCoDrainData data = { .bs = bs, .done = false, .begin = begin}; - if (!bs->drv || !bs->drv->bdrv_co_drain) { + if (!bs->drv || (begin && !bs->drv->bdrv_co_drain_begin) || + (!begin && !bs->drv->bdrv_co_drain_end)) { return; } @@ -183,15 +189,16 @@ static void bdrv_drain_invoke(BlockDriverState *bs) BDRV_POLL_WHILE(bs, !data.done); } -static bool bdrv_drain_recurse(BlockDriverState *bs) +static bool bdrv_drain_recurse(BlockDriverState *bs, bool begin) { BdrvChild *child, *tmp; bool waited; - waited = BDRV_POLL_WHILE(bs, atomic_read(&bs->in_flight) > 0); - /* Ensure any pending metadata writes are submitted to bs->file. */ - bdrv_drain_invoke(bs); + bdrv_drain_invoke(bs, begin); + + /* Wait for drained requests to finish */ + waited = BDRV_POLL_WHILE(bs, atomic_read(&bs->in_flight) > 0); QLIST_FOREACH_SAFE(child, &bs->children, next, tmp) { BlockDriverState *bs = child->bs; @@ -208,7 +215,7 @@ static bool bdrv_drain_recurse(BlockDriverState *bs) */ bdrv_ref(bs); } - waited |= bdrv_drain_recurse(bs); + waited |= bdrv_drain_recurse(bs, begin); if (in_main_loop) { bdrv_unref(bs); } @@ -224,12 +231,18 @@ static void bdrv_co_drain_bh_cb(void *opaque) BlockDriverState *bs = data->bs; bdrv_dec_in_flight(bs); - bdrv_drained_begin(bs); + if (data->begin) { + bdrv_drained_begin(bs); + } else { + bdrv_drained_end(bs); + } + data->done = true; aio_co_wake(co); } -static void coroutine_fn bdrv_co_yield_to_drain(BlockDriverState *bs) +static void coroutine_fn bdrv_co_yield_to_drain(BlockDriverState *bs, + bool begin) { BdrvCoDrainData data; @@ -242,6 +255,7 @@ static void coroutine_fn bdrv_co_yield_to_drain(BlockDriverState *bs) .co = qemu_coroutine_self(), .bs = bs, .done = false, + .begin = begin, }; bdrv_inc_in_flight(bs); aio_bh_schedule_oneshot(bdrv_get_aio_context(bs), @@ -256,7 +270,7 @@ static void coroutine_fn bdrv_co_yield_to_drain(BlockDriverState *bs) void bdrv_drained_begin(BlockDriverState *bs) { if (qemu_in_coroutine()) { - bdrv_co_yield_to_drain(bs); + bdrv_co_yield_to_drain(bs, true); return; } @@ -265,17 +279,22 @@ void bdrv_drained_begin(BlockDriverState *bs) bdrv_parent_drained_begin(bs); } - bdrv_drain_recurse(bs); + bdrv_drain_recurse(bs, true); } void bdrv_drained_end(BlockDriverState *bs) { + if (qemu_in_coroutine()) { + bdrv_co_yield_to_drain(bs, false); + return; + } assert(bs->quiesce_counter > 0); if (atomic_fetch_dec(&bs->quiesce_counter) > 1) { return; } bdrv_parent_drained_end(bs); + bdrv_drain_recurse(bs, false); aio_enable_external(bdrv_get_aio_context(bs)); } @@ -353,7 +372,7 @@ void bdrv_drain_all_begin(void) aio_context_acquire(aio_context); for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { if (aio_context == bdrv_get_aio_context(bs)) { - waited |= bdrv_drain_recurse(bs); + waited |= bdrv_drain_recurse(bs, true); } } aio_context_release(aio_context); @@ -374,6 +393,7 @@ void bdrv_drain_all_end(void) aio_context_acquire(aio_context); aio_enable_external(aio_context); bdrv_parent_drained_end(bs); + bdrv_drain_recurse(bs, false); aio_context_release(aio_context); } diff --git a/block/nbd-client.c b/block/nbd-client.c index 72651dcdb1..c0683c3c83 100644 --- a/block/nbd-client.c +++ b/block/nbd-client.c @@ -156,7 +156,6 @@ static int nbd_co_send_request(BlockDriverState *bs, qio_channel_set_cork(s->ioc, true); rc = nbd_send_request(s->ioc, request); if (rc >= 0 && !s->quit) { - assert(request->len == iov_size(qiov->iov, qiov->niov)); if (qio_channel_writev_all(s->ioc, qiov->iov, qiov->niov, NULL) < 0) { rc = -EIO; @@ -181,11 +180,11 @@ err: } static int nbd_co_receive_reply(NBDClientSession *s, - NBDRequest *request, + uint64_t handle, QEMUIOVector *qiov) { int ret; - int i = HANDLE_TO_INDEX(s, request->handle); + int i = HANDLE_TO_INDEX(s, handle); /* Wait until we're woken up by nbd_read_reply_entry. */ s->requests[i].receiving = true; @@ -194,10 +193,9 @@ static int nbd_co_receive_reply(NBDClientSession *s, if (!s->ioc || s->quit) { ret = -EIO; } else { - assert(s->reply.handle == request->handle); + assert(s->reply.handle == handle); ret = -s->reply.error; if (qiov && s->reply.error == 0) { - assert(request->len == iov_size(qiov->iov, qiov->niov)); if (qio_channel_readv_all(s->ioc, qiov->iov, qiov->niov, NULL) < 0) { ret = -EIO; @@ -231,15 +229,19 @@ static int nbd_co_request(BlockDriverState *bs, NBDClientSession *client = nbd_get_client_session(bs); int ret; - assert(!qiov || request->type == NBD_CMD_WRITE || - request->type == NBD_CMD_READ); + if (qiov) { + assert(request->type == NBD_CMD_WRITE || request->type == NBD_CMD_READ); + assert(request->len == iov_size(qiov->iov, qiov->niov)); + } else { + assert(request->type != NBD_CMD_WRITE && request->type != NBD_CMD_READ); + } ret = nbd_co_send_request(bs, request, request->type == NBD_CMD_WRITE ? qiov : NULL); if (ret < 0) { return ret; } - return nbd_co_receive_reply(client, request, + return nbd_co_receive_reply(client, request->handle, request->type == NBD_CMD_READ ? qiov : NULL); } diff --git a/block/qed.c b/block/qed.c index 28e2ec89e8..821dcaa055 100644 --- a/block/qed.c +++ b/block/qed.c @@ -265,7 +265,7 @@ static bool qed_plug_allocating_write_reqs(BDRVQEDState *s) assert(!s->allocating_write_reqs_plugged); if (s->allocating_acb != NULL) { /* Another allocating write came concurrently. This cannot happen - * from bdrv_qed_co_drain, but it can happen when the timer runs. + * from bdrv_qed_co_drain_begin, but it can happen when the timer runs. */ qemu_co_mutex_unlock(&s->table_lock); return false; @@ -358,7 +358,7 @@ static void bdrv_qed_attach_aio_context(BlockDriverState *bs, } } -static void coroutine_fn bdrv_qed_co_drain(BlockDriverState *bs) +static void coroutine_fn bdrv_qed_co_drain_begin(BlockDriverState *bs) { BDRVQEDState *s = bs->opaque; @@ -1608,7 +1608,7 @@ static BlockDriver bdrv_qed = { .bdrv_check = bdrv_qed_check, .bdrv_detach_aio_context = bdrv_qed_detach_aio_context, .bdrv_attach_aio_context = bdrv_qed_attach_aio_context, - .bdrv_co_drain = bdrv_qed_co_drain, + .bdrv_co_drain_begin = bdrv_qed_co_drain_begin, }; static void bdrv_qed_init(void) diff --git a/block/throttle.c b/block/throttle.c index 5bca76300f..833175ac77 100644 --- a/block/throttle.c +++ b/block/throttle.c @@ -197,6 +197,21 @@ static bool throttle_recurse_is_first_non_filter(BlockDriverState *bs, return bdrv_recurse_is_first_non_filter(bs->file->bs, candidate); } +static void coroutine_fn throttle_co_drain_begin(BlockDriverState *bs) +{ + ThrottleGroupMember *tgm = bs->opaque; + if (atomic_fetch_inc(&tgm->io_limits_disabled) == 0) { + throttle_group_restart_tgm(tgm); + } +} + +static void coroutine_fn throttle_co_drain_end(BlockDriverState *bs) +{ + ThrottleGroupMember *tgm = bs->opaque; + assert(tgm->io_limits_disabled); + atomic_dec(&tgm->io_limits_disabled); +} + static BlockDriver bdrv_throttle = { .format_name = "throttle", .protocol_name = "throttle", @@ -226,6 +241,9 @@ static BlockDriver bdrv_throttle = { .bdrv_reopen_abort = throttle_reopen_abort, .bdrv_co_get_block_status = bdrv_co_get_block_status_from_file, + .bdrv_co_drain_begin = throttle_co_drain_begin, + .bdrv_co_drain_end = throttle_co_drain_end, + .is_filter = true, }; diff --git a/configure b/configure index 6587e8014b..3c733f1a53 100755 --- a/configure +++ b/configure @@ -3495,6 +3495,12 @@ else tpm_passthrough=no fi +# TPM emulator is for all posix systems +if test "$mingw32" != "yes"; then + tpm_emulator=$tpm +else + tpm_emulator=no +fi ########################################## # attr probe @@ -5412,6 +5418,7 @@ echo "gcov enabled $gcov" echo "TPM support $tpm" echo "libssh2 support $libssh2" echo "TPM passthrough $tpm_passthrough" +echo "TPM emulator $tpm_emulator" echo "QOM debugging $qom_cast_debug" echo "Live block migration $live_block_migration" echo "lzo support $lzo" @@ -6011,12 +6018,16 @@ if test "$live_block_migration" = "yes" ; then echo "CONFIG_LIVE_BLOCK_MIGRATION=y" >> $config_host_mak fi -# TPM passthrough support? if test "$tpm" = "yes"; then echo 'CONFIG_TPM=$(CONFIG_SOFTMMU)' >> $config_host_mak + # TPM passthrough support? if test "$tpm_passthrough" = "yes"; then echo "CONFIG_TPM_PASSTHROUGH=y" >> $config_host_mak fi + # TPM emulator support? + if test "$tpm_emulator" = "yes"; then + echo "CONFIG_TPM_EMULATOR=y" >> $config_host_mak + fi fi echo "TRACE_BACKENDS=$trace_backends" >> $config_host_mak diff --git a/contrib/libvhost-user/libvhost-user.c b/contrib/libvhost-user/libvhost-user.c index a0e0da4ccb..f409bd3d41 100644 --- a/contrib/libvhost-user/libvhost-user.c +++ b/contrib/libvhost-user/libvhost-user.c @@ -56,16 +56,13 @@ } while (0) static const char * -vu_request_to_string(int req) +vu_request_to_string(unsigned int req) { #define REQ(req) [req] = #req static const char *vu_request_str[] = { REQ(VHOST_USER_NONE), REQ(VHOST_USER_GET_FEATURES), REQ(VHOST_USER_SET_FEATURES), - REQ(VHOST_USER_NONE), - REQ(VHOST_USER_GET_FEATURES), - REQ(VHOST_USER_SET_FEATURES), REQ(VHOST_USER_SET_OWNER), REQ(VHOST_USER_RESET_OWNER), REQ(VHOST_USER_SET_MEM_TABLE), @@ -83,7 +80,10 @@ vu_request_to_string(int req) REQ(VHOST_USER_GET_QUEUE_NUM), REQ(VHOST_USER_SET_VRING_ENABLE), REQ(VHOST_USER_SEND_RARP), - REQ(VHOST_USER_INPUT_GET_CONFIG), + REQ(VHOST_USER_NET_SET_MTU), + REQ(VHOST_USER_SET_SLAVE_REQ_FD), + REQ(VHOST_USER_IOTLB_MSG), + REQ(VHOST_USER_SET_VRING_ENDIAN), REQ(VHOST_USER_MAX), }; #undef REQ @@ -726,7 +726,8 @@ vu_set_vring_err_exec(VuDev *dev, VhostUserMsg *vmsg) static bool vu_get_protocol_features_exec(VuDev *dev, VhostUserMsg *vmsg) { - uint64_t features = 1ULL << VHOST_USER_PROTOCOL_F_LOG_SHMFD; + uint64_t features = 1ULL << VHOST_USER_PROTOCOL_F_LOG_SHMFD | + 1ULL << VHOST_USER_PROTOCOL_F_SLAVE_REQ; if (dev->iface->get_protocol_features) { features |= dev->iface->get_protocol_features(dev); @@ -780,6 +781,23 @@ vu_set_vring_enable_exec(VuDev *dev, VhostUserMsg *vmsg) } static bool +vu_set_slave_req_fd(VuDev *dev, VhostUserMsg *vmsg) +{ + if (vmsg->fd_num != 1) { + vu_panic(dev, "Invalid slave_req_fd message (%d fd's)", vmsg->fd_num); + return false; + } + + if (dev->slave_fd != -1) { + close(dev->slave_fd); + } + dev->slave_fd = vmsg->fds[0]; + DPRINT("Got slave_fd: %d\n", vmsg->fds[0]); + + return false; +} + +static bool vu_process_message(VuDev *dev, VhostUserMsg *vmsg) { int do_reply = 0; @@ -842,6 +860,8 @@ vu_process_message(VuDev *dev, VhostUserMsg *vmsg) return vu_get_queue_num_exec(dev, vmsg); case VHOST_USER_SET_VRING_ENABLE: return vu_set_vring_enable_exec(dev, vmsg); + case VHOST_USER_SET_SLAVE_REQ_FD: + return vu_set_slave_req_fd(dev, vmsg); case VHOST_USER_NONE: break; default: @@ -915,6 +935,10 @@ vu_deinit(VuDev *dev) vu_close_log(dev); + if (dev->slave_fd != -1) { + close(dev->slave_fd); + dev->slave_fd = -1; + } if (dev->sock != -1) { close(dev->sock); @@ -945,6 +969,7 @@ vu_init(VuDev *dev, dev->remove_watch = remove_watch; dev->iface = iface; dev->log_call_fd = -1; + dev->slave_fd = -1; for (i = 0; i < VHOST_MAX_NR_VIRTQUEUE; i++) { dev->vq[i] = (VuVirtq) { .call_fd = -1, .kick_fd = -1, .err_fd = -1, @@ -966,6 +991,12 @@ vu_queue_enabled(VuDev *dev, VuVirtq *vq) return vq->enable; } +bool +vu_queue_started(const VuDev *dev, const VuVirtq *vq) +{ + return vq->started; +} + static inline uint16_t vring_avail_flags(VuVirtq *vq) { diff --git a/contrib/libvhost-user/libvhost-user.h b/contrib/libvhost-user/libvhost-user.h index 5825b66880..2f5864b5c4 100644 --- a/contrib/libvhost-user/libvhost-user.h +++ b/contrib/libvhost-user/libvhost-user.h @@ -34,6 +34,10 @@ enum VhostUserProtocolFeature { VHOST_USER_PROTOCOL_F_MQ = 0, VHOST_USER_PROTOCOL_F_LOG_SHMFD = 1, VHOST_USER_PROTOCOL_F_RARP = 2, + VHOST_USER_PROTOCOL_F_REPLY_ACK = 3, + VHOST_USER_PROTOCOL_F_NET_MTU = 4, + VHOST_USER_PROTOCOL_F_SLAVE_REQ = 5, + VHOST_USER_PROTOCOL_F_CROSS_ENDIAN = 6, VHOST_USER_PROTOCOL_F_MAX }; @@ -61,7 +65,10 @@ typedef enum VhostUserRequest { VHOST_USER_GET_QUEUE_NUM = 17, VHOST_USER_SET_VRING_ENABLE = 18, VHOST_USER_SEND_RARP = 19, - VHOST_USER_INPUT_GET_CONFIG = 20, + VHOST_USER_NET_SET_MTU = 20, + VHOST_USER_SET_SLAVE_REQ_FD = 21, + VHOST_USER_IOTLB_MSG = 22, + VHOST_USER_SET_VRING_ENDIAN = 23, VHOST_USER_MAX } VhostUserRequest; @@ -219,6 +226,7 @@ struct VuDev { VuDevRegion regions[VHOST_MEMORY_MAX_NREGIONS]; VuVirtq vq[VHOST_MAX_NR_VIRTQUEUE]; int log_call_fd; + int slave_fd; uint64_t log_size; uint8_t *log_table; uint64_t features; @@ -335,6 +343,15 @@ void vu_queue_set_notification(VuDev *dev, VuVirtq *vq, int enable); bool vu_queue_enabled(VuDev *dev, VuVirtq *vq); /** + * vu_queue_started: + * @dev: a VuDev context + * @vq: a VuVirtq queue + * + * Returns: whether the queue is started. + */ +bool vu_queue_started(const VuDev *dev, const VuVirtq *vq); + +/** * vu_queue_empty: * @dev: a VuDev context * @vq: a VuVirtq queue diff --git a/docs/specs/tpm.txt b/docs/specs/tpm.txt new file mode 100644 index 0000000000..914daaceea --- /dev/null +++ b/docs/specs/tpm.txt @@ -0,0 +1,123 @@ +QEMU TPM Device +=============== + += Guest-side Hardware Interface = + +The QEMU TPM emulation implements a TPM TIS hardware interface following the +Trusted Computing Group's specification "TCG PC Client Specific TPM Interface +Specification (TIS)", Specification Version 1.3, 21 March 2013. This +specification, or a later version of it, can be accessed from the following +URL: + +https://trustedcomputinggroup.org/pc-client-work-group-pc-client-specific-tpm-interface-specification-tis/ + +The TIS interface makes a memory mapped IO region in the area 0xfed40000 - +0xfed44fff available to the guest operating system. + + +QEMU files related to TPM TIS interface: + - hw/tpm/tpm_tis.c + - hw/tpm/tpm_tis.h + + += ACPI Interface = + +The TPM device is defined with ACPI ID "PNP0C31". QEMU builds a SSDT and passes +it into the guest through the fw_cfg device. The device description contains +the base address of the TIS interface 0xfed40000 and the size of the MMIO area +(0x5000). In case a TPM2 is used by QEMU, a TPM2 ACPI table is also provided. +The device is described to be used in polling mode rather than interrupt mode +primarily because no unused IRQ could be found. + +To support measurement logs to be written by the firmware, e.g. SeaBIOS, a TCPA +table is implemented. This table provides a 64kb buffer where the firmware can +write its log into. For TPM 2 only a more recent version of the TPM2 table +provides support for measurements logs and a TCPA table does not need to be +created. + +The TCPA and TPM2 ACPI tables follow the Trusted Computing Group specification +"TCG ACPI Specification" Family "1.2" and "2.0", Level 00 Revision 00.37. This +specification, or a later version of it, can be accessed from the following +URL: + +https://trustedcomputinggroup.org/tcg-acpi-specification/ + + +QEMU files related to TPM ACPI tables: + - hw/i386/acpi-build.c + - include/hw/acpi/tpm.h + + += TPM backend devices = + +The TPM implementation is split into two parts, frontend and backend. The +frontend part is the hardware interface, such as the TPM TIS interface +described earlier, and the other part is the TPM backend interface. The backend +interfaces implement the interaction with a TPM device, which may be a physical +or an emulated device. The split between the front- and backend devices allows +a frontend to be connected with any available backend. This enables the TIS +interface to be used with the passthrough backend or the (future) swtpm backend. + + +QEMU files related to TPM backends: + - backends/tpm.c + - include/sysemu/tpm_backend.h + - include/sysemu/tpm_backend_int.h + + +== The QEMU TPM passthrough device == + +In case QEMU is run on Linux as the host operating system it is possible to +make the hardware TPM device available to a single QEMU guest. In this case the +user must make sure that no other program is using the device, e.g., /dev/tpm0, +before trying to start QEMU with it. + +The passthrough driver uses the host's TPM device for sending TPM commands +and receiving responses from. Besides that it accesses the TPM device's sysfs +entry for support of command cancellation. Since none of the state of a +hardware TPM can be migrated between hosts, virtual machine migration is +disabled when the TPM passthrough driver is used. + +Since the host's TPM device will already be initialized by the host's firmware, +certain commands, e.g. TPM_Startup(), sent by the virtual firmware for device +initialization, will fail. In this case the firmware should not use the TPM. + +Sharing the device with the host is generally not a recommended usage scenario +for a TPM device. The primary reason for this is that two operating systems can +then access the device's single set of resources, such as platform configuration +registers (PCRs). Applications or kernel security subsystems, such as the +Linux Integrity Measurement Architecture (IMA), are not expecting to share PCRs. + + +QEMU files related to the TPM passthrough device: + - hw/tpm/tpm_passthrough.c + - hw/tpm/tpm_util.c + - hw/tpm/tpm_util.h + + +Command line to start QEMU with the TPM passthrough device using the host's +hardware TPM /dev/tpm0: + +qemu-system-x86_64 -display sdl -enable-kvm \ + -m 1024 -boot d -bios bios-256k.bin -boot menu=on \ + -tpmdev passthrough,id=tpm0,path=/dev/tpm0 \ + -device tpm-tis,tpmdev=tpm0 test.img + +The following commands should result in similar output inside the VM with a +Linux kernel that either has the TPM TIS driver built-in or available as a +module: + +#> dmesg | grep -i tpm +[ 0.711310] tpm_tis 00:06: 1.2 TPM (device=id 0x1, rev-id 1) + +#> dmesg | grep TCPA +[ 0.000000] ACPI: TCPA 0x0000000003FFD191C 000032 (v02 BOCHS \ + BXPCTCPA 0000001 BXPC 00000001) + +#> ls -l /dev/tpm* +crw-------. 1 root root 10, 224 Jul 11 10:11 /dev/tpm0 + +#> find /sys/devices/ | grep pcrs$ | xargs cat +PCR-00: 35 4E 3B CE 23 9F 38 59 ... +... +PCR-23: 00 00 00 00 00 00 00 00 ... diff --git a/hmp.c b/hmp.c index 739d330f4e..ec61329ebb 100644 --- a/hmp.c +++ b/hmp.c @@ -1000,6 +1000,7 @@ void hmp_info_tpm(Monitor *mon, const QDict *qdict) Error *err = NULL; unsigned int c = 0; TPMPassthroughOptions *tpo; + TPMEmulatorOptions *teo; info_list = qmp_query_tpm(&err); if (err) { @@ -1029,6 +1030,10 @@ void hmp_info_tpm(Monitor *mon, const QDict *qdict) tpo->has_cancel_path ? ",cancel-path=" : "", tpo->has_cancel_path ? tpo->cancel_path : ""); break; + case TPM_TYPE_OPTIONS_KIND_EMULATOR: + teo = ti->options->u.emulator.data; + monitor_printf(mon, ",chardev=%s", teo->chardev); + break; case TPM_TYPE_OPTIONS_KIND__MAX: break; } diff --git a/hw/tpm/Makefile.objs b/hw/tpm/Makefile.objs index 64cecc3b67..41f0b7a590 100644 --- a/hw/tpm/Makefile.objs +++ b/hw/tpm/Makefile.objs @@ -1,2 +1,3 @@ common-obj-$(CONFIG_TPM_TIS) += tpm_tis.o common-obj-$(CONFIG_TPM_PASSTHROUGH) += tpm_passthrough.o tpm_util.o +common-obj-$(CONFIG_TPM_EMULATOR) += tpm_emulator.o tpm_util.o diff --git a/hw/tpm/tpm_emulator.c b/hw/tpm/tpm_emulator.c new file mode 100644 index 0000000000..95e1e041cf --- /dev/null +++ b/hw/tpm/tpm_emulator.c @@ -0,0 +1,587 @@ +/* + * Emulator TPM driver + * + * Copyright (c) 2017 Intel Corporation + * Author: Amarnath Valluri <amarnath.valluri@intel.com> + * + * Copyright (c) 2010 - 2013 IBM Corporation + * Authors: + * Stefan Berger <stefanb@us.ibm.com> + * + * Copyright (C) 2011 IAIK, Graz University of Technology + * Author: Andreas Niederl + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, see <http://www.gnu.org/licenses/> + * + */ + +#include "qemu/osdep.h" +#include "qemu/error-report.h" +#include "qemu/sockets.h" +#include "io/channel-socket.h" +#include "sysemu/tpm_backend.h" +#include "tpm_int.h" +#include "hw/hw.h" +#include "hw/i386/pc.h" +#include "tpm_util.h" +#include "tpm_ioctl.h" +#include "migration/blocker.h" +#include "qapi/error.h" +#include "qapi/clone-visitor.h" +#include "chardev/char-fe.h" + +#include <fcntl.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdio.h> + +#define DEBUG_TPM 0 + +#define DPRINTF(fmt, ...) do { \ + if (DEBUG_TPM) { \ + fprintf(stderr, "tpm-emulator:"fmt"\n", ## __VA_ARGS__); \ + } \ +} while (0) + +#define TYPE_TPM_EMULATOR "tpm-emulator" +#define TPM_EMULATOR(obj) \ + OBJECT_CHECK(TPMEmulator, (obj), TYPE_TPM_EMULATOR) + +#define TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(S, cap) (((S)->caps & (cap)) == (cap)) + +static const TPMDriverOps tpm_emulator_driver; + +/* data structures */ +typedef struct TPMEmulator { + TPMBackend parent; + + TPMEmulatorOptions *options; + CharBackend ctrl_chr; + QIOChannel *data_ioc; + TPMVersion tpm_version; + ptm_cap caps; /* capabilities of the TPM */ + uint8_t cur_locty_number; /* last set locality */ + Error *migration_blocker; +} TPMEmulator; + + +static int tpm_emulator_ctrlcmd(CharBackend *dev, unsigned long cmd, void *msg, + size_t msg_len_in, size_t msg_len_out) +{ + uint32_t cmd_no = cpu_to_be32(cmd); + ssize_t n = sizeof(uint32_t) + msg_len_in; + uint8_t *buf = NULL; + + buf = g_alloca(n); + memcpy(buf, &cmd_no, sizeof(cmd_no)); + memcpy(buf + sizeof(cmd_no), msg, msg_len_in); + + n = qemu_chr_fe_write_all(dev, buf, n); + if (n <= 0) { + return -1; + } + + if (msg_len_out != 0) { + n = qemu_chr_fe_read_all(dev, msg, msg_len_out); + if (n <= 0) { + return -1; + } + } + + return 0; +} + +static int tpm_emulator_unix_tx_bufs(TPMEmulator *tpm_emu, + const uint8_t *in, uint32_t in_len, + uint8_t *out, uint32_t out_len, + bool *selftest_done, + Error **err) +{ + ssize_t ret; + bool is_selftest = false; + const struct tpm_resp_hdr *hdr = NULL; + + if (selftest_done) { + *selftest_done = false; + is_selftest = tpm_util_is_selftest(in, in_len); + } + + ret = qio_channel_write_all(tpm_emu->data_ioc, (char *)in, in_len, err); + if (ret != 0) { + return -1; + } + + ret = qio_channel_read_all(tpm_emu->data_ioc, (char *)out, sizeof(*hdr), + err); + if (ret != 0) { + return -1; + } + + hdr = (struct tpm_resp_hdr *)out; + out += sizeof(*hdr); + ret = qio_channel_read_all(tpm_emu->data_ioc, (char *)out, + be32_to_cpu(hdr->len) - sizeof(*hdr) , err); + if (ret != 0) { + return -1; + } + + if (is_selftest) { + *selftest_done = (be32_to_cpu(hdr->errcode) == 0); + } + + return 0; +} + +static int tpm_emulator_set_locality(TPMEmulator *tpm_emu, uint8_t locty_number) +{ + ptm_loc loc; + + DPRINTF("%s : locality: 0x%x", __func__, locty_number); + + if (tpm_emu->cur_locty_number == locty_number) { + return 0; + } + + DPRINTF("setting locality : 0x%x", locty_number); + loc.u.req.loc = locty_number; + if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_SET_LOCALITY, &loc, + sizeof(loc), sizeof(loc)) < 0) { + error_report("tpm-emulator: could not set locality : %s", + strerror(errno)); + return -1; + } + + loc.u.resp.tpm_result = be32_to_cpu(loc.u.resp.tpm_result); + if (loc.u.resp.tpm_result != 0) { + error_report("tpm-emulator: TPM result for set locality : 0x%x", + loc.u.resp.tpm_result); + return -1; + } + + tpm_emu->cur_locty_number = locty_number; + + return 0; +} + +static void tpm_emulator_handle_request(TPMBackend *tb, TPMBackendCmd cmd) +{ + TPMEmulator *tpm_emu = TPM_EMULATOR(tb); + TPMLocality *locty = NULL; + bool selftest_done = false; + Error *err = NULL; + + DPRINTF("processing command type %d", cmd); + + switch (cmd) { + case TPM_BACKEND_CMD_PROCESS_CMD: + locty = tb->tpm_state->locty_data; + if (tpm_emulator_set_locality(tpm_emu, + tb->tpm_state->locty_number) < 0 || + tpm_emulator_unix_tx_bufs(tpm_emu, locty->w_buffer.buffer, + locty->w_offset, locty->r_buffer.buffer, + locty->r_buffer.size, &selftest_done, + &err) < 0) { + tpm_util_write_fatal_error_response(locty->r_buffer.buffer, + locty->r_buffer.size); + error_report_err(err); + } + + tb->recv_data_callback(tb->tpm_state, tb->tpm_state->locty_number, + selftest_done); + + break; + case TPM_BACKEND_CMD_INIT: + case TPM_BACKEND_CMD_END: + case TPM_BACKEND_CMD_TPM_RESET: + /* nothing to do */ + break; + } +} + +static int tpm_emulator_probe_caps(TPMEmulator *tpm_emu) +{ + DPRINTF("%s", __func__); + if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_GET_CAPABILITY, + &tpm_emu->caps, 0, sizeof(tpm_emu->caps)) < 0) { + error_report("tpm-emulator: probing failed : %s", strerror(errno)); + return -1; + } + + tpm_emu->caps = be64_to_cpu(tpm_emu->caps); + + DPRINTF("capabilities : 0x%"PRIx64, tpm_emu->caps); + + return 0; +} + +static int tpm_emulator_check_caps(TPMEmulator *tpm_emu) +{ + ptm_cap caps = 0; + const char *tpm = NULL; + + /* check for min. required capabilities */ + switch (tpm_emu->tpm_version) { + case TPM_VERSION_1_2: + caps = PTM_CAP_INIT | PTM_CAP_SHUTDOWN | PTM_CAP_GET_TPMESTABLISHED | + PTM_CAP_SET_LOCALITY | PTM_CAP_SET_DATAFD; + tpm = "1.2"; + break; + case TPM_VERSION_2_0: + caps = PTM_CAP_INIT | PTM_CAP_SHUTDOWN | PTM_CAP_GET_TPMESTABLISHED | + PTM_CAP_SET_LOCALITY | PTM_CAP_RESET_TPMESTABLISHED | + PTM_CAP_SET_DATAFD; + tpm = "2"; + break; + case TPM_VERSION_UNSPEC: + error_report("tpm-emulator: TPM version has not been set"); + return -1; + } + + if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, caps)) { + error_report("tpm-emulator: TPM does not implement minimum set of " + "required capabilities for TPM %s (0x%x)", tpm, (int)caps); + return -1; + } + + return 0; +} + +static int tpm_emulator_startup_tpm(TPMBackend *tb) +{ + TPMEmulator *tpm_emu = TPM_EMULATOR(tb); + ptm_init init; + ptm_res res; + + DPRINTF("%s", __func__); + if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_INIT, &init, sizeof(init), + sizeof(init)) < 0) { + error_report("tpm-emulator: could not send INIT: %s", + strerror(errno)); + goto err_exit; + } + + res = be32_to_cpu(init.u.resp.tpm_result); + if (res) { + error_report("tpm-emulator: TPM result for CMD_INIT: 0x%x", res); + goto err_exit; + } + return 0; + +err_exit: + return -1; +} + +static bool tpm_emulator_get_tpm_established_flag(TPMBackend *tb) +{ + TPMEmulator *tpm_emu = TPM_EMULATOR(tb); + ptm_est est; + + DPRINTF("%s", __func__); + if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_GET_TPMESTABLISHED, &est, + 0, sizeof(est)) < 0) { + error_report("tpm-emulator: Could not get the TPM established flag: %s", + strerror(errno)); + return false; + } + DPRINTF("established flag: %0x", est.u.resp.bit); + + return (est.u.resp.bit != 0); +} + +static int tpm_emulator_reset_tpm_established_flag(TPMBackend *tb, + uint8_t locty) +{ + TPMEmulator *tpm_emu = TPM_EMULATOR(tb); + ptm_reset_est reset_est; + ptm_res res; + + /* only a TPM 2.0 will support this */ + if (tpm_emu->tpm_version != TPM_VERSION_2_0) { + return 0; + } + + reset_est.u.req.loc = tpm_emu->cur_locty_number; + if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_RESET_TPMESTABLISHED, + &reset_est, sizeof(reset_est), + sizeof(reset_est)) < 0) { + error_report("tpm-emulator: Could not reset the establishment bit: %s", + strerror(errno)); + return -1; + } + + res = be32_to_cpu(reset_est.u.resp.tpm_result); + if (res) { + error_report("tpm-emulator: TPM result for rest establixhed flag: 0x%x", + res); + return -1; + } + + return 0; +} + +static void tpm_emulator_cancel_cmd(TPMBackend *tb) +{ + TPMEmulator *tpm_emu = TPM_EMULATOR(tb); + ptm_res res; + + if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, PTM_CAP_CANCEL_TPM_CMD)) { + DPRINTF("Backend does not support CANCEL_TPM_CMD"); + return; + } + + if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_CANCEL_TPM_CMD, &res, 0, + sizeof(res)) < 0) { + error_report("tpm-emulator: Could not cancel command: %s", + strerror(errno)); + } else if (res != 0) { + error_report("tpm-emulator: Failed to cancel TPM: 0x%x", + be32_to_cpu(res)); + } +} + +static TPMVersion tpm_emulator_get_tpm_version(TPMBackend *tb) +{ + TPMEmulator *tpm_emu = TPM_EMULATOR(tb); + + return tpm_emu->tpm_version; +} + +static int tpm_emulator_block_migration(TPMEmulator *tpm_emu) +{ + Error *err = NULL; + + error_setg(&tpm_emu->migration_blocker, + "Migration disabled: TPM emulator not yet migratable"); + migrate_add_blocker(tpm_emu->migration_blocker, &err); + if (err) { + error_report_err(err); + error_free(tpm_emu->migration_blocker); + tpm_emu->migration_blocker = NULL; + + return -1; + } + + return 0; +} + +static int tpm_emulator_prepare_data_fd(TPMEmulator *tpm_emu) +{ + ptm_res res; + Error *err = NULL; + int fds[2] = { -1, -1 }; + + if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds) < 0) { + error_report("tpm-emulator: Failed to create socketpair"); + return -1; + } + + qemu_chr_fe_set_msgfds(&tpm_emu->ctrl_chr, fds + 1, 1); + + if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_SET_DATAFD, &res, 0, + sizeof(res)) || res != 0) { + error_report("tpm-emulator: Failed to send CMD_SET_DATAFD: %s", + strerror(errno)); + goto err_exit; + } + + tpm_emu->data_ioc = QIO_CHANNEL(qio_channel_socket_new_fd(fds[0], &err)); + if (err) { + error_prepend(&err, "tpm-emulator: Failed to create io channel: "); + error_report_err(err); + goto err_exit; + } + + closesocket(fds[1]); + + return 0; + +err_exit: + closesocket(fds[0]); + closesocket(fds[1]); + return -1; +} + +static int tpm_emulator_handle_device_opts(TPMEmulator *tpm_emu, QemuOpts *opts) +{ + const char *value; + + value = qemu_opt_get(opts, "chardev"); + if (value) { + Error *err = NULL; + Chardev *dev = qemu_chr_find(value); + + if (!dev) { + error_report("tpm-emulator: tpm chardev '%s' not found.", value); + goto err; + } + + if (!qemu_chr_fe_init(&tpm_emu->ctrl_chr, dev, &err)) { + error_prepend(&err, "tpm-emulator: No valid chardev found at '%s':", + value); + error_report_err(err); + goto err; + } + + tpm_emu->options->chardev = g_strdup(value); + } + + if (tpm_emulator_prepare_data_fd(tpm_emu) < 0) { + goto err; + } + + /* FIXME: tpm_util_test_tpmdev() accepts only on socket fd, as it also used + * by passthrough driver, which not yet using GIOChannel. + */ + if (tpm_util_test_tpmdev(QIO_CHANNEL_SOCKET(tpm_emu->data_ioc)->fd, + &tpm_emu->tpm_version)) { + error_report("'%s' is not emulating TPM device. Error: %s", + tpm_emu->options->chardev, strerror(errno)); + goto err; + } + + DPRINTF("TPM Version %s", tpm_emu->tpm_version == TPM_VERSION_1_2 ? "1.2" : + (tpm_emu->tpm_version == TPM_VERSION_2_0 ? "2.0" : "Unspecified")); + + if (tpm_emulator_probe_caps(tpm_emu) || + tpm_emulator_check_caps(tpm_emu)) { + goto err; + } + + return tpm_emulator_block_migration(tpm_emu); + +err: + DPRINTF("Startup error"); + return -1; +} + +static TPMBackend *tpm_emulator_create(QemuOpts *opts, const char *id) +{ + TPMBackend *tb = TPM_BACKEND(object_new(TYPE_TPM_EMULATOR)); + + tb->id = g_strdup(id); + + if (tpm_emulator_handle_device_opts(TPM_EMULATOR(tb), opts)) { + goto err_exit; + } + + return tb; + +err_exit: + object_unref(OBJECT(tb)); + + return NULL; +} + +static TpmTypeOptions *tpm_emulator_get_tpm_options(TPMBackend *tb) +{ + TPMEmulator *tpm_emu = TPM_EMULATOR(tb); + TpmTypeOptions *options = g_new0(TpmTypeOptions, 1); + + options->type = TPM_TYPE_OPTIONS_KIND_EMULATOR; + options->u.emulator.data = QAPI_CLONE(TPMEmulatorOptions, tpm_emu->options); + + return options; +} + +static const QemuOptDesc tpm_emulator_cmdline_opts[] = { + TPM_STANDARD_CMDLINE_OPTS, + { + .name = "chardev", + .type = QEMU_OPT_STRING, + .help = "Character device to use for out-of-band control messages", + }, + { /* end of list */ }, +}; + +static const TPMDriverOps tpm_emulator_driver = { + .type = TPM_TYPE_EMULATOR, + .opts = tpm_emulator_cmdline_opts, + .desc = "TPM emulator backend driver", + + .create = tpm_emulator_create, + .startup_tpm = tpm_emulator_startup_tpm, + .cancel_cmd = tpm_emulator_cancel_cmd, + .get_tpm_established_flag = tpm_emulator_get_tpm_established_flag, + .reset_tpm_established_flag = tpm_emulator_reset_tpm_established_flag, + .get_tpm_version = tpm_emulator_get_tpm_version, + .get_tpm_options = tpm_emulator_get_tpm_options, +}; + +static void tpm_emulator_inst_init(Object *obj) +{ + TPMEmulator *tpm_emu = TPM_EMULATOR(obj); + + DPRINTF("%s", __func__); + tpm_emu->options = g_new0(TPMEmulatorOptions, 1); + tpm_emu->cur_locty_number = ~0; +} + +/* + * Gracefully shut down the external TPM + */ +static void tpm_emulator_shutdown(TPMEmulator *tpm_emu) +{ + ptm_res res; + + if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_SHUTDOWN, &res, 0, + sizeof(res)) < 0) { + error_report("tpm-emulator: Could not cleanly shutdown the TPM: %s", + strerror(errno)); + } else if (res != 0) { + error_report("tpm-emulator: TPM result for sutdown: 0x%x", + be32_to_cpu(res)); + } +} + +static void tpm_emulator_inst_finalize(Object *obj) +{ + TPMEmulator *tpm_emu = TPM_EMULATOR(obj); + + tpm_emulator_shutdown(tpm_emu); + + object_unref(OBJECT(tpm_emu->data_ioc)); + + qemu_chr_fe_deinit(&tpm_emu->ctrl_chr, false); + + qapi_free_TPMEmulatorOptions(tpm_emu->options); + + if (tpm_emu->migration_blocker) { + migrate_del_blocker(tpm_emu->migration_blocker); + error_free(tpm_emu->migration_blocker); + } +} + +static void tpm_emulator_class_init(ObjectClass *klass, void *data) +{ + TPMBackendClass *tbc = TPM_BACKEND_CLASS(klass); + tbc->ops = &tpm_emulator_driver; + tbc->handle_request = tpm_emulator_handle_request; +} + +static const TypeInfo tpm_emulator_info = { + .name = TYPE_TPM_EMULATOR, + .parent = TYPE_TPM_BACKEND, + .instance_size = sizeof(TPMEmulator), + .class_init = tpm_emulator_class_init, + .instance_init = tpm_emulator_inst_init, + .instance_finalize = tpm_emulator_inst_finalize, +}; + +static void tpm_emulator_register(void) +{ + type_register_static(&tpm_emulator_info); + tpm_register_driver(&tpm_emulator_driver); +} + +type_init(tpm_emulator_register) diff --git a/hw/tpm/tpm_ioctl.h b/hw/tpm/tpm_ioctl.h new file mode 100644 index 0000000000..33564b11de --- /dev/null +++ b/hw/tpm/tpm_ioctl.h @@ -0,0 +1,246 @@ +/* + * tpm_ioctl.h + * + * (c) Copyright IBM Corporation 2014, 2015. + * + * This file is licensed under the terms of the 3-clause BSD license + */ +#ifndef _TPM_IOCTL_H_ +#define _TPM_IOCTL_H_ + +#include <stdint.h> +#include <sys/uio.h> +#include <sys/types.h> +#include <sys/ioctl.h> + +/* + * Every response from a command involving a TPM command execution must hold + * the ptm_res as the first element. + * ptm_res corresponds to the error code of a command executed by the TPM. + */ + +typedef uint32_t ptm_res; + +/* PTM_GET_TPMESTABLISHED: get the establishment bit */ +struct ptm_est { + union { + struct { + ptm_res tpm_result; + unsigned char bit; /* TPM established bit */ + } resp; /* response */ + } u; +}; + +/* PTM_RESET_TPMESTABLISHED: reset establishment bit */ +struct ptm_reset_est { + union { + struct { + uint8_t loc; /* locality to use */ + } req; /* request */ + struct { + ptm_res tpm_result; + } resp; /* response */ + } u; +}; + +/* PTM_INIT */ +struct ptm_init { + union { + struct { + uint32_t init_flags; /* see definitions below */ + } req; /* request */ + struct { + ptm_res tpm_result; + } resp; /* response */ + } u; +}; + +/* above init_flags */ +#define PTM_INIT_FLAG_DELETE_VOLATILE (1 << 0) + /* delete volatile state file after reading it */ + +/* PTM_SET_LOCALITY */ +struct ptm_loc { + union { + struct { + uint8_t loc; /* locality to set */ + } req; /* request */ + struct { + ptm_res tpm_result; + } resp; /* response */ + } u; +}; + +/* PTM_HASH_DATA: hash given data */ +struct ptm_hdata { + union { + struct { + uint32_t length; + uint8_t data[4096]; + } req; /* request */ + struct { + ptm_res tpm_result; + } resp; /* response */ + } u; +}; + +/* + * size of the TPM state blob to transfer; x86_64 can handle 8k, + * ppc64le only ~7k; keep the response below a 4k page size + */ +#define PTM_STATE_BLOB_SIZE (3 * 1024) + +/* + * The following is the data structure to get state blobs from the TPM. + * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple reads + * with this ioctl and with adjusted offset are necessary. All bytes + * must be transferred and the transfer is done once the last byte has been + * returned. + * It is possible to use the read() interface for reading the data; however, the + * first bytes of the state blob will be part of the response to the ioctl(); a + * subsequent read() is only necessary if the total length (totlength) exceeds + * the number of received bytes. seek() is not supported. + */ +struct ptm_getstate { + union { + struct { + uint32_t state_flags; /* may be: PTM_STATE_FLAG_DECRYPTED */ + uint32_t type; /* which blob to pull */ + uint32_t offset; /* offset from where to read */ + } req; /* request */ + struct { + ptm_res tpm_result; + uint32_t state_flags; /* may be: PTM_STATE_FLAG_ENCRYPTED */ + uint32_t totlength; /* total length that will be transferred */ + uint32_t length; /* number of bytes in following buffer */ + uint8_t data[PTM_STATE_BLOB_SIZE]; + } resp; /* response */ + } u; +}; + +/* TPM state blob types */ +#define PTM_BLOB_TYPE_PERMANENT 1 +#define PTM_BLOB_TYPE_VOLATILE 2 +#define PTM_BLOB_TYPE_SAVESTATE 3 + +/* state_flags above : */ +#define PTM_STATE_FLAG_DECRYPTED 1 /* on input: get decrypted state */ +#define PTM_STATE_FLAG_ENCRYPTED 2 /* on output: state is encrypted */ + +/* + * The following is the data structure to set state blobs in the TPM. + * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple + * 'writes' using this ioctl are necessary. The last packet is indicated + * by the length being smaller than the PTM_STATE_BLOB_SIZE. + * The very first packet may have a length indicator of '0' enabling + * a write() with all the bytes from a buffer. If the write() interface + * is used, a final ioctl with a non-full buffer must be made to indicate + * that all data were transferred (a write with 0 bytes would not work). + */ +struct ptm_setstate { + union { + struct { + uint32_t state_flags; /* may be PTM_STATE_FLAG_ENCRYPTED */ + uint32_t type; /* which blob to set */ + uint32_t length; /* length of the data; + use 0 on the first packet to + transfer using write() */ + uint8_t data[PTM_STATE_BLOB_SIZE]; + } req; /* request */ + struct { + ptm_res tpm_result; + } resp; /* response */ + } u; +}; + +/* + * PTM_GET_CONFIG: Data structure to get runtime configuration information + * such as which keys are applied. + */ +struct ptm_getconfig { + union { + struct { + ptm_res tpm_result; + uint32_t flags; + } resp; /* response */ + } u; +}; + +#define PTM_CONFIG_FLAG_FILE_KEY 0x1 +#define PTM_CONFIG_FLAG_MIGRATION_KEY 0x2 + + +typedef uint64_t ptm_cap; +typedef struct ptm_est ptm_est; +typedef struct ptm_reset_est ptm_reset_est; +typedef struct ptm_loc ptm_loc; +typedef struct ptm_hdata ptm_hdata; +typedef struct ptm_init ptm_init; +typedef struct ptm_getstate ptm_getstate; +typedef struct ptm_setstate ptm_setstate; +typedef struct ptm_getconfig ptm_getconfig; + +/* capability flags returned by PTM_GET_CAPABILITY */ +#define PTM_CAP_INIT (1) +#define PTM_CAP_SHUTDOWN (1 << 1) +#define PTM_CAP_GET_TPMESTABLISHED (1 << 2) +#define PTM_CAP_SET_LOCALITY (1 << 3) +#define PTM_CAP_HASHING (1 << 4) +#define PTM_CAP_CANCEL_TPM_CMD (1 << 5) +#define PTM_CAP_STORE_VOLATILE (1 << 6) +#define PTM_CAP_RESET_TPMESTABLISHED (1 << 7) +#define PTM_CAP_GET_STATEBLOB (1 << 8) +#define PTM_CAP_SET_STATEBLOB (1 << 9) +#define PTM_CAP_STOP (1 << 10) +#define PTM_CAP_GET_CONFIG (1 << 11) +#define PTM_CAP_SET_DATAFD (1 << 12) + +enum { + PTM_GET_CAPABILITY = _IOR('P', 0, ptm_cap), + PTM_INIT = _IOWR('P', 1, ptm_init), + PTM_SHUTDOWN = _IOR('P', 2, ptm_res), + PTM_GET_TPMESTABLISHED = _IOR('P', 3, ptm_est), + PTM_SET_LOCALITY = _IOWR('P', 4, ptm_loc), + PTM_HASH_START = _IOR('P', 5, ptm_res), + PTM_HASH_DATA = _IOWR('P', 6, ptm_hdata), + PTM_HASH_END = _IOR('P', 7, ptm_res), + PTM_CANCEL_TPM_CMD = _IOR('P', 8, ptm_res), + PTM_STORE_VOLATILE = _IOR('P', 9, ptm_res), + PTM_RESET_TPMESTABLISHED = _IOWR('P', 10, ptm_reset_est), + PTM_GET_STATEBLOB = _IOWR('P', 11, ptm_getstate), + PTM_SET_STATEBLOB = _IOWR('P', 12, ptm_setstate), + PTM_STOP = _IOR('P', 13, ptm_res), + PTM_GET_CONFIG = _IOR('P', 14, ptm_getconfig), + PTM_SET_DATAFD = _IOR('P', 15, ptm_res), +}; + +/* + * Commands used by the non-CUSE TPMs + * + * All messages container big-endian data. + * + * The return messages only contain the 'resp' part of the unions + * in the data structures above. Besides that the limits in the + * buffers above (ptm_hdata:u.req.data and ptm_get_state:u.resp.data + * and ptm_set_state:u.req.data) are 0xffffffff. + */ +enum { + CMD_GET_CAPABILITY = 1, + CMD_INIT, + CMD_SHUTDOWN, + CMD_GET_TPMESTABLISHED, + CMD_SET_LOCALITY, + CMD_HASH_START, + CMD_HASH_DATA, + CMD_HASH_END, + CMD_CANCEL_TPM_CMD, + CMD_STORE_VOLATILE, + CMD_RESET_TPMESTABLISHED, + CMD_GET_STATEBLOB, + CMD_SET_STATEBLOB, + CMD_STOP, + CMD_GET_CONFIG, + CMD_SET_DATAFD +}; + +#endif /* _TPM_IOCTL_H */ diff --git a/hw/tpm/tpm_passthrough.c b/hw/tpm/tpm_passthrough.c index 9234eb3459..e6ace28b04 100644 --- a/hw/tpm/tpm_passthrough.c +++ b/hw/tpm/tpm_passthrough.c @@ -30,7 +30,7 @@ #include "tpm_int.h" #include "hw/hw.h" #include "hw/i386/pc.h" -#include "sysemu/tpm_backend_int.h" +#include "qapi/clone-visitor.h" #include "tpm_tis.h" #include "tpm_util.h" @@ -46,29 +46,16 @@ #define TPM_PASSTHROUGH(obj) \ OBJECT_CHECK(TPMPassthruState, (obj), TYPE_TPM_PASSTHROUGH) -static const TPMDriverOps tpm_passthrough_driver; - /* data structures */ -typedef struct TPMPassthruThreadParams { - TPMState *tpm_state; - - TPMRecvDataCB *recv_data_callback; - TPMBackend *tb; -} TPMPassthruThreadParams; - struct TPMPassthruState { TPMBackend parent; - TPMBackendThread tbt; - - TPMPassthruThreadParams tpm_thread_params; - - char *tpm_dev; + TPMPassthroughOptions *options; + const char *tpm_dev; int tpm_fd; bool tpm_executing; bool tpm_op_canceled; int cancel_fd; - bool had_startup_error; TPMVersion tpm_version; }; @@ -81,27 +68,6 @@ typedef struct TPMPassthruState TPMPassthruState; static void tpm_passthrough_cancel_cmd(TPMBackend *tb); -static int tpm_passthrough_unix_write(int fd, const uint8_t *buf, uint32_t len) -{ - int ret, remain; - - remain = len; - while (remain > 0) { - ret = write(fd, buf, remain); - if (ret < 0) { - if (errno != EINTR && errno != EAGAIN) { - return -1; - } - } else if (ret == 0) { - break; - } else { - buf += ret; - remain -= ret; - } - } - return len - remain; -} - static int tpm_passthrough_unix_read(int fd, uint8_t *buf, uint32_t len) { int ret; @@ -115,45 +81,12 @@ static int tpm_passthrough_unix_read(int fd, uint8_t *buf, uint32_t len) } return ret; } - -static uint32_t tpm_passthrough_get_size_from_buffer(const uint8_t *buf) -{ - struct tpm_resp_hdr *resp = (struct tpm_resp_hdr *)buf; - - return be32_to_cpu(resp->len); -} - -/* - * Write an error message in the given output buffer. - */ -static void tpm_write_fatal_error_response(uint8_t *out, uint32_t out_len) -{ - if (out_len >= sizeof(struct tpm_resp_hdr)) { - struct tpm_resp_hdr *resp = (struct tpm_resp_hdr *)out; - - resp->tag = cpu_to_be16(TPM_TAG_RSP_COMMAND); - resp->len = cpu_to_be32(sizeof(struct tpm_resp_hdr)); - resp->errcode = cpu_to_be32(TPM_FAIL); - } -} - -static bool tpm_passthrough_is_selftest(const uint8_t *in, uint32_t in_len) -{ - struct tpm_req_hdr *hdr = (struct tpm_req_hdr *)in; - - if (in_len >= sizeof(*hdr)) { - return (be32_to_cpu(hdr->ordinal) == TPM_ORD_ContinueSelfTest); - } - - return false; -} - static int tpm_passthrough_unix_tx_bufs(TPMPassthruState *tpm_pt, const uint8_t *in, uint32_t in_len, uint8_t *out, uint32_t out_len, bool *selftest_done) { - int ret; + ssize_t ret; bool is_selftest; const struct tpm_resp_hdr *hdr; @@ -161,9 +94,9 @@ static int tpm_passthrough_unix_tx_bufs(TPMPassthruState *tpm_pt, tpm_pt->tpm_executing = true; *selftest_done = false; - is_selftest = tpm_passthrough_is_selftest(in, in_len); + is_selftest = tpm_util_is_selftest(in, in_len); - ret = tpm_passthrough_unix_write(tpm_pt->tpm_fd, in, in_len); + ret = qemu_write_full(tpm_pt->tpm_fd, (const void *)in, (size_t)in_len); if (ret != in_len) { if (!tpm_pt->tpm_op_canceled || errno != ECANCELED) { error_report("tpm_passthrough: error while transmitting data " @@ -183,7 +116,7 @@ static int tpm_passthrough_unix_tx_bufs(TPMPassthruState *tpm_pt, strerror(errno), errno); } } else if (ret < sizeof(struct tpm_resp_hdr) || - tpm_passthrough_get_size_from_buffer(out) != ret) { + be32_to_cpu(((struct tpm_resp_hdr *)out)->len) != ret) { ret = -1; error_report("tpm_passthrough: received invalid response " "packet from TPM"); @@ -196,7 +129,7 @@ static int tpm_passthrough_unix_tx_bufs(TPMPassthruState *tpm_pt, err_exit: if (ret < 0) { - tpm_write_fatal_error_response(out, out_len); + tpm_util_write_fatal_error_response(out, out_len); } tpm_pt->tpm_executing = false; @@ -216,12 +149,9 @@ static int tpm_passthrough_unix_transfer(TPMPassthruState *tpm_pt, selftest_done); } -static void tpm_passthrough_worker_thread(gpointer data, - gpointer user_data) +static void tpm_passthrough_handle_request(TPMBackend *tb, TPMBackendCmd cmd) { - TPMPassthruThreadParams *thr_parms = user_data; - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(thr_parms->tb); - TPMBackendCmd cmd = (TPMBackendCmd)data; + TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); bool selftest_done = false; DPRINTF("tpm_passthrough: processing command type %d\n", cmd); @@ -229,12 +159,12 @@ static void tpm_passthrough_worker_thread(gpointer data, switch (cmd) { case TPM_BACKEND_CMD_PROCESS_CMD: tpm_passthrough_unix_transfer(tpm_pt, - thr_parms->tpm_state->locty_data, + tb->tpm_state->locty_data, &selftest_done); - thr_parms->recv_data_callback(thr_parms->tpm_state, - thr_parms->tpm_state->locty_number, - selftest_done); + tb->recv_data_callback(tb->tpm_state, + tb->tpm_state->locty_number, + selftest_done); break; case TPM_BACKEND_CMD_INIT: case TPM_BACKEND_CMD_END: @@ -244,47 +174,11 @@ static void tpm_passthrough_worker_thread(gpointer data, } } -/* - * Start the TPM (thread). If it had been started before, then terminate - * and start it again. - */ -static int tpm_passthrough_startup_tpm(TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - /* terminate a running TPM */ - tpm_backend_thread_end(&tpm_pt->tbt); - - tpm_backend_thread_create(&tpm_pt->tbt, - tpm_passthrough_worker_thread, - &tpm_pt->tpm_thread_params); - - return 0; -} - static void tpm_passthrough_reset(TPMBackend *tb) { - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - DPRINTF("tpm_passthrough: CALL TO TPM_RESET!\n"); tpm_passthrough_cancel_cmd(tb); - - tpm_backend_thread_end(&tpm_pt->tbt); - - tpm_pt->had_startup_error = false; -} - -static int tpm_passthrough_init(TPMBackend *tb, TPMState *s, - TPMRecvDataCB *recv_data_cb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - tpm_pt->tpm_thread_params.tpm_state = s; - tpm_pt->tpm_thread_params.recv_data_callback = recv_data_cb; - tpm_pt->tpm_thread_params.tb = tb; - - return 0; } static bool tpm_passthrough_get_tpm_established_flag(TPMBackend *tb) @@ -299,31 +193,6 @@ static int tpm_passthrough_reset_tpm_established_flag(TPMBackend *tb, return 0; } -static bool tpm_passthrough_get_startup_error(TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - return tpm_pt->had_startup_error; -} - -static size_t tpm_passthrough_realloc_buffer(TPMSizedBuffer *sb) -{ - size_t wanted_size = 4096; /* Linux tpm.c buffer size */ - - if (sb->size != wanted_size) { - sb->buffer = g_realloc(sb->buffer, wanted_size); - sb->size = wanted_size; - } - return sb->size; -} - -static void tpm_passthrough_deliver_request(TPMBackend *tb) -{ - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); - - tpm_backend_thread_deliver_request(&tpm_pt->tbt); -} - static void tpm_passthrough_cancel_cmd(TPMBackend *tb) { TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); @@ -351,11 +220,6 @@ static void tpm_passthrough_cancel_cmd(TPMBackend *tb) } } -static const char *tpm_passthrough_create_desc(void) -{ - return "Passthrough TPM backend driver"; -} - static TPMVersion tpm_passthrough_get_tpm_version(TPMBackend *tb) { TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); @@ -369,15 +233,14 @@ static TPMVersion tpm_passthrough_get_tpm_version(TPMBackend *tb) * in Documentation/ABI/stable/sysfs-class-tpm. * From /dev/tpm0 create /sys/class/misc/tpm0/device/cancel */ -static int tpm_passthrough_open_sysfs_cancel(TPMBackend *tb) +static int tpm_passthrough_open_sysfs_cancel(TPMPassthruState *tpm_pt) { - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); int fd = -1; char *dev; char path[PATH_MAX]; - if (tb->cancel_path) { - fd = qemu_open(tb->cancel_path, O_WRONLY); + if (tpm_pt->options->cancel_path) { + fd = qemu_open(tpm_pt->options->cancel_path, O_WRONLY); if (fd < 0) { error_report("Could not open TPM cancel path : %s", strerror(errno)); @@ -392,7 +255,7 @@ static int tpm_passthrough_open_sysfs_cancel(TPMBackend *tb) dev) < sizeof(path)) { fd = qemu_open(path, O_WRONLY); if (fd >= 0) { - tb->cancel_path = g_strdup(path); + tpm_pt->options->cancel_path = g_strdup(path); } else { error_report("tpm_passthrough: Could not open TPM cancel " "path %s : %s", path, strerror(errno)); @@ -412,17 +275,18 @@ static int tpm_passthrough_handle_device_opts(QemuOpts *opts, TPMBackend *tb) const char *value; value = qemu_opt_get(opts, "cancel-path"); - tb->cancel_path = g_strdup(value); + if (value) { + tpm_pt->options->cancel_path = g_strdup(value); + tpm_pt->options->has_cancel_path = true; + } value = qemu_opt_get(opts, "path"); - if (!value) { - value = TPM_PASSTHROUGH_DEFAULT_DEVICE; + if (value) { + tpm_pt->options->has_path = true; + tpm_pt->options->path = g_strdup(value); } - tpm_pt->tpm_dev = g_strdup(value); - - tb->path = g_strdup(tpm_pt->tpm_dev); - + tpm_pt->tpm_dev = value ? value : TPM_PASSTHROUGH_DEFAULT_DEVICE; tpm_pt->tpm_fd = qemu_open(tpm_pt->tpm_dev, O_RDWR); if (tpm_pt->tpm_fd < 0) { error_report("Cannot access TPM device using '%s': %s", @@ -443,10 +307,8 @@ static int tpm_passthrough_handle_device_opts(QemuOpts *opts, TPMBackend *tb) tpm_pt->tpm_fd = -1; err_free_parameters: - g_free(tb->path); - tb->path = NULL; - - g_free(tpm_pt->tpm_dev); + qapi_free_TPMPassthroughOptions(tpm_pt->options); + tpm_pt->options = NULL; tpm_pt->tpm_dev = NULL; return 1; @@ -459,16 +321,12 @@ static TPMBackend *tpm_passthrough_create(QemuOpts *opts, const char *id) TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); tb->id = g_strdup(id); - /* let frontend set the fe_model to proper value */ - tb->fe_model = -1; - - tb->ops = &tpm_passthrough_driver; if (tpm_passthrough_handle_device_opts(opts, tb)) { goto err_exit; } - tpm_pt->cancel_fd = tpm_passthrough_open_sysfs_cancel(tb); + tpm_pt->cancel_fd = tpm_passthrough_open_sysfs_cancel(tpm_pt); if (tpm_pt->cancel_fd < 0) { goto err_exit; } @@ -476,26 +334,20 @@ static TPMBackend *tpm_passthrough_create(QemuOpts *opts, const char *id) return tb; err_exit: - g_free(tb->id); + object_unref(obj); return NULL; } -static void tpm_passthrough_destroy(TPMBackend *tb) +static TpmTypeOptions *tpm_passthrough_get_tpm_options(TPMBackend *tb) { - TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); + TpmTypeOptions *options = g_new0(TpmTypeOptions, 1); - tpm_passthrough_cancel_cmd(tb); - - tpm_backend_thread_end(&tpm_pt->tbt); - - qemu_close(tpm_pt->tpm_fd); - qemu_close(tpm_pt->cancel_fd); + options->type = TPM_TYPE_OPTIONS_KIND_PASSTHROUGH; + options->u.passthrough.data = QAPI_CLONE(TPMPassthroughOptions, + TPM_PASSTHROUGH(tb)->options); - g_free(tb->id); - g_free(tb->path); - g_free(tb->cancel_path); - g_free(tpm_pt->tpm_dev); + return options; } static const QemuOptDesc tpm_passthrough_cmdline_opts[] = { @@ -516,27 +368,34 @@ static const QemuOptDesc tpm_passthrough_cmdline_opts[] = { static const TPMDriverOps tpm_passthrough_driver = { .type = TPM_TYPE_PASSTHROUGH, .opts = tpm_passthrough_cmdline_opts, - .desc = tpm_passthrough_create_desc, + .desc = "Passthrough TPM backend driver", .create = tpm_passthrough_create, - .destroy = tpm_passthrough_destroy, - .init = tpm_passthrough_init, - .startup_tpm = tpm_passthrough_startup_tpm, - .realloc_buffer = tpm_passthrough_realloc_buffer, .reset = tpm_passthrough_reset, - .had_startup_error = tpm_passthrough_get_startup_error, - .deliver_request = tpm_passthrough_deliver_request, .cancel_cmd = tpm_passthrough_cancel_cmd, .get_tpm_established_flag = tpm_passthrough_get_tpm_established_flag, .reset_tpm_established_flag = tpm_passthrough_reset_tpm_established_flag, .get_tpm_version = tpm_passthrough_get_tpm_version, + .get_tpm_options = tpm_passthrough_get_tpm_options, }; static void tpm_passthrough_inst_init(Object *obj) { + TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(obj); + + tpm_pt->options = g_new0(TPMPassthroughOptions, 1); + tpm_pt->tpm_fd = -1; + tpm_pt->cancel_fd = -1; } static void tpm_passthrough_inst_finalize(Object *obj) { + TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(obj); + + tpm_passthrough_cancel_cmd(TPM_BACKEND(obj)); + + qemu_close(tpm_pt->tpm_fd); + qemu_close(tpm_pt->cancel_fd); + qapi_free_TPMPassthroughOptions(tpm_pt->options); } static void tpm_passthrough_class_init(ObjectClass *klass, void *data) @@ -544,6 +403,7 @@ static void tpm_passthrough_class_init(ObjectClass *klass, void *data) TPMBackendClass *tbc = TPM_BACKEND_CLASS(klass); tbc->ops = &tpm_passthrough_driver; + tbc->handle_request = tpm_passthrough_handle_request; } static const TypeInfo tpm_passthrough_info = { diff --git a/hw/tpm/tpm_tis.c b/hw/tpm/tpm_tis.c index a6440fef91..d5118e7f60 100644 --- a/hw/tpm/tpm_tis.c +++ b/hw/tpm/tpm_tis.c @@ -963,6 +963,16 @@ static int tpm_tis_do_startup_tpm(TPMState *s) return tpm_backend_startup_tpm(s->be_driver); } +static void tpm_tis_realloc_buffer(TPMSizedBuffer *sb) +{ + size_t wanted_size = 4096; /* Linux tpm.c buffer size */ + + if (sb->size != wanted_size) { + sb->buffer = g_realloc(sb->buffer, wanted_size); + sb->size = wanted_size; + } +} + /* * Get the TPMVersion of the backend device being used */ @@ -1010,9 +1020,9 @@ static void tpm_tis_reset(DeviceState *dev) tis->loc[c].state = TPM_TIS_STATE_IDLE; tis->loc[c].w_offset = 0; - tpm_backend_realloc_buffer(s->be_driver, &tis->loc[c].w_buffer); + tpm_tis_realloc_buffer(&tis->loc[c].w_buffer); tis->loc[c].r_offset = 0; - tpm_backend_realloc_buffer(s->be_driver, &tis->loc[c].r_buffer); + tpm_tis_realloc_buffer(&tis->loc[c].r_buffer); } tpm_tis_do_startup_tpm(s); diff --git a/hw/tpm/tpm_util.c b/hw/tpm/tpm_util.c index 7b35429725..73d77965fd 100644 --- a/hw/tpm/tpm_util.c +++ b/hw/tpm/tpm_util.c @@ -24,6 +24,31 @@ #include "tpm_int.h" /* + * Write an error message in the given output buffer. + */ +void tpm_util_write_fatal_error_response(uint8_t *out, uint32_t out_len) +{ + if (out_len >= sizeof(struct tpm_resp_hdr)) { + struct tpm_resp_hdr *resp = (struct tpm_resp_hdr *)out; + + resp->tag = cpu_to_be16(TPM_TAG_RSP_COMMAND); + resp->len = cpu_to_be32(sizeof(struct tpm_resp_hdr)); + resp->errcode = cpu_to_be32(TPM_FAIL); + } +} + +bool tpm_util_is_selftest(const uint8_t *in, uint32_t in_len) +{ + struct tpm_req_hdr *hdr = (struct tpm_req_hdr *)in; + + if (in_len >= sizeof(*hdr)) { + return (be32_to_cpu(hdr->ordinal) == TPM_ORD_ContinueSelfTest); + } + + return false; +} + +/* * A basic test of a TPM device. We expect a well formatted response header * (error response is fine) within one second. */ @@ -43,10 +68,10 @@ static int tpm_util_test(int fd, n = write(fd, request, requestlen); if (n < 0) { - return errno; + return -errno; } if (n != requestlen) { - return EFAULT; + return -EFAULT; } FD_ZERO(&readfds); @@ -55,18 +80,18 @@ static int tpm_util_test(int fd, /* wait for a second */ n = select(fd + 1, &readfds, NULL, NULL, &tv); if (n != 1) { - return errno; + return -errno; } n = read(fd, &buf, sizeof(buf)); if (n < sizeof(struct tpm_resp_hdr)) { - return EFAULT; + return -EFAULT; } resp = (struct tpm_resp_hdr *)buf; /* check the header */ if (be32_to_cpu(resp->len) != n) { - return EBADMSG; + return -EMSGSIZE; } *return_tag = be16_to_cpu(resp->tag); diff --git a/hw/tpm/tpm_util.h b/hw/tpm/tpm_util.h index df76245e6e..2f7c96146d 100644 --- a/hw/tpm/tpm_util.h +++ b/hw/tpm/tpm_util.h @@ -24,6 +24,10 @@ #include "sysemu/tpm_backend.h" +void tpm_util_write_fatal_error_response(uint8_t *out, uint32_t out_len); + +bool tpm_util_is_selftest(const uint8_t *in, uint32_t in_len); + int tpm_util_test_tpmdev(int tpm_fd, TPMVersion *tpm_version); #endif /* TPM_TPM_UTIL_H */ diff --git a/include/block/block_int.h b/include/block/block_int.h index 7e8a206239..885c08e989 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -354,10 +354,17 @@ struct BlockDriver { int (*bdrv_probe_geometry)(BlockDriverState *bs, HDGeometry *geo); /** - * Drain and stop any internal sources of requests in the driver, and - * remain so until next I/O callback (e.g. bdrv_co_writev) is called. + * bdrv_co_drain_begin is called if implemented in the beginning of a + * drain operation to drain and stop any internal sources of requests in + * the driver. + * bdrv_co_drain_end is called if implemented at the end of the drain. + * + * They should be used by the driver to e.g. manage scheduled I/O + * requests, or toggle an internal state. After the end of the drain new + * requests will continue normally. */ - void coroutine_fn (*bdrv_co_drain)(BlockDriverState *bs); + void coroutine_fn (*bdrv_co_drain_begin)(BlockDriverState *bs); + void coroutine_fn (*bdrv_co_drain_end)(BlockDriverState *bs); void (*bdrv_add_child)(BlockDriverState *parent, BlockDriverState *child, Error **errp); diff --git a/include/block/nbd.h b/include/block/nbd.h index 707fd37575..a6df5ce8b5 100644 --- a/include/block/nbd.h +++ b/include/block/nbd.h @@ -63,15 +63,22 @@ struct NBDReply { }; typedef struct NBDReply NBDReply; +typedef struct NBDSimpleReply { + uint32_t magic; /* NBD_SIMPLE_REPLY_MAGIC */ + uint32_t error; + uint64_t handle; +} QEMU_PACKED NBDSimpleReply; + /* Transmission (export) flags: sent from server to client during handshake, but describe what will happen during transmission */ -#define NBD_FLAG_HAS_FLAGS (1 << 0) /* Flags are there */ -#define NBD_FLAG_READ_ONLY (1 << 1) /* Device is read-only */ -#define NBD_FLAG_SEND_FLUSH (1 << 2) /* Send FLUSH */ -#define NBD_FLAG_SEND_FUA (1 << 3) /* Send FUA (Force Unit Access) */ -#define NBD_FLAG_ROTATIONAL (1 << 4) /* Use elevator algorithm - rotational media */ -#define NBD_FLAG_SEND_TRIM (1 << 5) /* Send TRIM (discard) */ -#define NBD_FLAG_SEND_WRITE_ZEROES (1 << 6) /* Send WRITE_ZEROES */ +#define NBD_FLAG_HAS_FLAGS (1 << 0) /* Flags are there */ +#define NBD_FLAG_READ_ONLY (1 << 1) /* Device is read-only */ +#define NBD_FLAG_SEND_FLUSH (1 << 2) /* Send FLUSH */ +#define NBD_FLAG_SEND_FUA (1 << 3) /* Send FUA (Force Unit Access) */ +#define NBD_FLAG_ROTATIONAL (1 << 4) /* Use elevator algorithm - + rotational media */ +#define NBD_FLAG_SEND_TRIM (1 << 5) /* Send TRIM (discard) */ +#define NBD_FLAG_SEND_WRITE_ZEROES (1 << 6) /* Send WRITE_ZEROES */ /* New-style handshake (global) flags, sent from server to client, and control what will happen during handshake phase. */ diff --git a/include/sysemu/tpm_backend.h b/include/sysemu/tpm_backend.h index b0a9731aee..2c798a1eb4 100644 --- a/include/sysemu/tpm_backend.h +++ b/include/sysemu/tpm_backend.h @@ -29,33 +29,42 @@ typedef struct TPMBackendClass TPMBackendClass; typedef struct TPMBackend TPMBackend; - typedef struct TPMDriverOps TPMDriverOps; +typedef void (TPMRecvDataCB)(TPMState *, uint8_t locty, bool selftest_done); -struct TPMBackendClass { - ObjectClass parent_class; - - const TPMDriverOps *ops; - - void (*opened)(TPMBackend *s, Error **errp); -}; +typedef enum TPMBackendCmd { + TPM_BACKEND_CMD_INIT = 1, + TPM_BACKEND_CMD_PROCESS_CMD, + TPM_BACKEND_CMD_END, + TPM_BACKEND_CMD_TPM_RESET, +} TPMBackendCmd; struct TPMBackend { Object parent; /*< protected >*/ bool opened; + TPMState *tpm_state; + GThreadPool *thread_pool; + TPMRecvDataCB *recv_data_callback; + bool had_startup_error; + /* <public> */ char *id; enum TpmModel fe_model; - char *path; - char *cancel_path; - const TPMDriverOps *ops; QLIST_ENTRY(TPMBackend) list; }; -typedef void (TPMRecvDataCB)(TPMState *, uint8_t locty, bool selftest_done); +struct TPMBackendClass { + ObjectClass parent_class; + + const TPMDriverOps *ops; + + void (*opened)(TPMBackend *s, Error **errp); + + void (*handle_request)(TPMBackend *s, TPMBackendCmd cmd); +}; typedef struct TPMSizedBuffer { uint32_t size; @@ -66,21 +75,14 @@ struct TPMDriverOps { enum TpmType type; const QemuOptDesc *opts; /* get a descriptive text of the backend to display to the user */ - const char *(*desc)(void); + const char *desc; TPMBackend *(*create)(QemuOpts *opts, const char *id); - void (*destroy)(TPMBackend *t); /* initialize the backend */ - int (*init)(TPMBackend *t, TPMState *s, TPMRecvDataCB *datacb); + int (*init)(TPMBackend *t); /* start up the TPM on the backend */ int (*startup_tpm)(TPMBackend *t); - /* returns true if nothing will ever answer TPM requests */ - bool (*had_startup_error)(TPMBackend *t); - - size_t (*realloc_buffer)(TPMSizedBuffer *sb); - - void (*deliver_request)(TPMBackend *t); void (*reset)(TPMBackend *t); @@ -91,6 +93,8 @@ struct TPMDriverOps { int (*reset_tpm_established_flag)(TPMBackend *t, uint8_t locty); TPMVersion (*get_tpm_version)(TPMBackend *t); + + TpmTypeOptions *(*get_tpm_options)(TPMBackend *t); }; @@ -103,20 +107,6 @@ struct TPMDriverOps { enum TpmType tpm_backend_get_type(TPMBackend *s); /** - * tpm_backend_get_desc: - * @s: the backend - * - * Returns a human readable description of the backend. - */ -const char *tpm_backend_get_desc(TPMBackend *s); - -/** - * tpm_backend_destroy: - * @s: the backend to destroy - */ -void tpm_backend_destroy(TPMBackend *s); - -/** * tpm_backend_init: * @s: the backend to initialized * @state: TPMState @@ -148,16 +138,6 @@ int tpm_backend_startup_tpm(TPMBackend *s); bool tpm_backend_had_startup_error(TPMBackend *s); /** - * tpm_backend_realloc_buffer: - * @s: the backend - * @sb: the TPMSizedBuffer to re-allocated to the size suitable for the - * backend. - * - * This function returns the size of the allocated buffer - */ -size_t tpm_backend_realloc_buffer(TPMBackend *s, TPMSizedBuffer *sb); - -/** * tpm_backend_deliver_request: * @s: the backend to send the request to * @@ -223,6 +203,16 @@ void tpm_backend_open(TPMBackend *s, Error **errp); */ TPMVersion tpm_backend_get_tpm_version(TPMBackend *s); +/** + * tpm_backend_query_tpm: + * @s: the backend + * + * Query backend tpm info + * + * Returns newly allocated TPMInfo + */ +TPMInfo *tpm_backend_query_tpm(TPMBackend *s); + TPMBackend *qemu_find_tpm(const char *id); const TPMDriverOps *tpm_get_backend_driver(const char *type); diff --git a/include/sysemu/tpm_backend_int.h b/include/sysemu/tpm_backend_int.h deleted file mode 100644 index 00639dd7de..0000000000 --- a/include/sysemu/tpm_backend_int.h +++ /dev/null @@ -1,41 +0,0 @@ -/* - * common TPM backend driver functions - * - * Copyright (c) 2012-2013 IBM Corporation - * Authors: - * Stefan Berger <stefanb@us.ibm.com> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, see <http://www.gnu.org/licenses/> - */ - -#ifndef TPM_BACKEND_INT_H -#define TPM_BACKEND_INT_H - -typedef struct TPMBackendThread { - GThreadPool *pool; -} TPMBackendThread; - -void tpm_backend_thread_deliver_request(TPMBackendThread *tbt); -void tpm_backend_thread_create(TPMBackendThread *tbt, - GFunc func, gpointer user_data); -void tpm_backend_thread_end(TPMBackendThread *tbt); - -typedef enum TPMBackendCmd { - TPM_BACKEND_CMD_INIT = 1, - TPM_BACKEND_CMD_PROCESS_CMD, - TPM_BACKEND_CMD_END, - TPM_BACKEND_CMD_TPM_RESET, -} TPMBackendCmd; - -#endif /* TPM_BACKEND_INT_H */ diff --git a/nbd/client.c b/nbd/client.c index 68a0bc1ffc..cd5a2c80ac 100644 --- a/nbd/client.c +++ b/nbd/client.c @@ -931,7 +931,7 @@ int nbd_receive_reply(QIOChannel *ioc, NBDReply *reply, Error **errp) } /* Reply - [ 0 .. 3] magic (NBD_REPLY_MAGIC) + [ 0 .. 3] magic (NBD_SIMPLE_REPLY_MAGIC) [ 4 .. 7] error (0 == no error) [ 7 .. 15] handle */ @@ -949,7 +949,7 @@ int nbd_receive_reply(QIOChannel *ioc, NBDReply *reply, Error **errp) } trace_nbd_receive_reply(magic, reply->error, reply->handle); - if (magic != NBD_REPLY_MAGIC) { + if (magic != NBD_SIMPLE_REPLY_MAGIC) { error_setg(errp, "invalid magic (got 0x%" PRIx32 ")", magic); return -EINVAL; } diff --git a/nbd/nbd-internal.h b/nbd/nbd-internal.h index 8a609a227f..11a130d050 100644 --- a/nbd/nbd-internal.h +++ b/nbd/nbd-internal.h @@ -46,23 +46,23 @@ /* Size of oldstyle negotiation */ #define NBD_OLDSTYLE_NEGOTIATE_SIZE (8 + 8 + 8 + 4 + 124) -#define NBD_REQUEST_MAGIC 0x25609513 -#define NBD_REPLY_MAGIC 0x67446698 -#define NBD_OPTS_MAGIC 0x49484156454F5054LL -#define NBD_CLIENT_MAGIC 0x0000420281861253LL -#define NBD_REP_MAGIC 0x0003e889045565a9LL - -#define NBD_SET_SOCK _IO(0xab, 0) -#define NBD_SET_BLKSIZE _IO(0xab, 1) -#define NBD_SET_SIZE _IO(0xab, 2) -#define NBD_DO_IT _IO(0xab, 3) -#define NBD_CLEAR_SOCK _IO(0xab, 4) -#define NBD_CLEAR_QUE _IO(0xab, 5) -#define NBD_PRINT_DEBUG _IO(0xab, 6) -#define NBD_SET_SIZE_BLOCKS _IO(0xab, 7) -#define NBD_DISCONNECT _IO(0xab, 8) -#define NBD_SET_TIMEOUT _IO(0xab, 9) -#define NBD_SET_FLAGS _IO(0xab, 10) +#define NBD_REQUEST_MAGIC 0x25609513 +#define NBD_SIMPLE_REPLY_MAGIC 0x67446698 +#define NBD_OPTS_MAGIC 0x49484156454F5054LL +#define NBD_CLIENT_MAGIC 0x0000420281861253LL +#define NBD_REP_MAGIC 0x0003e889045565a9LL + +#define NBD_SET_SOCK _IO(0xab, 0) +#define NBD_SET_BLKSIZE _IO(0xab, 1) +#define NBD_SET_SIZE _IO(0xab, 2) +#define NBD_DO_IT _IO(0xab, 3) +#define NBD_CLEAR_SOCK _IO(0xab, 4) +#define NBD_CLEAR_QUE _IO(0xab, 5) +#define NBD_PRINT_DEBUG _IO(0xab, 6) +#define NBD_SET_SIZE_BLOCKS _IO(0xab, 7) +#define NBD_DISCONNECT _IO(0xab, 8) +#define NBD_SET_TIMEOUT _IO(0xab, 9) +#define NBD_SET_FLAGS _IO(0xab, 10) /* NBD errors are based on errno numbers, so there is a 1:1 mapping, * but only a limited set of errno values is specified in the protocol. diff --git a/nbd/server.c b/nbd/server.c index 993ade30bb..3df3548d6d 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -902,26 +902,6 @@ static int nbd_receive_request(QIOChannel *ioc, NBDRequest *request, return 0; } -static int nbd_send_reply(QIOChannel *ioc, NBDReply *reply, Error **errp) -{ - uint8_t buf[NBD_REPLY_SIZE]; - - reply->error = system_errno_to_nbd_errno(reply->error); - - trace_nbd_send_reply(reply->error, reply->handle); - - /* Reply - [ 0 .. 3] magic (NBD_REPLY_MAGIC) - [ 4 .. 7] error (0 == no error) - [ 7 .. 15] handle - */ - stl_be_p(buf, NBD_REPLY_MAGIC); - stl_be_p(buf + 4, reply->error); - stq_be_p(buf + 8, reply->handle); - - return nbd_write(ioc, buf, sizeof(buf), errp); -} - #define MAX_NBD_REQUESTS 16 void nbd_client_get(NBDClient *client) @@ -1047,7 +1027,7 @@ NBDExport *nbd_export_new(BlockDriverState *bs, off_t dev_offset, off_t size, { AioContext *ctx; BlockBackend *blk; - NBDExport *exp = g_malloc0(sizeof(NBDExport)); + NBDExport *exp = g_new0(NBDExport, 1); uint64_t perm; int ret; @@ -1208,38 +1188,51 @@ void nbd_export_close_all(void) } } -static int nbd_co_send_reply(NBDRequestData *req, NBDReply *reply, int len, - Error **errp) +static int coroutine_fn nbd_co_send_iov(NBDClient *client, struct iovec *iov, + unsigned niov, Error **errp) { - NBDClient *client = req->client; int ret; g_assert(qemu_in_coroutine()); - - trace_nbd_co_send_reply(reply->handle, reply->error, len); - qemu_co_mutex_lock(&client->send_lock); client->send_coroutine = qemu_coroutine_self(); - if (!len) { - ret = nbd_send_reply(client->ioc, reply, errp); - } else { - qio_channel_set_cork(client->ioc, true); - ret = nbd_send_reply(client->ioc, reply, errp); - if (ret == 0) { - ret = nbd_write(client->ioc, req->data, len, errp); - if (ret < 0) { - ret = -EIO; - } - } - qio_channel_set_cork(client->ioc, false); - } + ret = qio_channel_writev_all(client->ioc, iov, niov, errp) < 0 ? -EIO : 0; client->send_coroutine = NULL; qemu_co_mutex_unlock(&client->send_lock); + return ret; } +static inline void set_be_simple_reply(NBDSimpleReply *reply, uint64_t error, + uint64_t handle) +{ + stl_be_p(&reply->magic, NBD_SIMPLE_REPLY_MAGIC); + stl_be_p(&reply->error, error); + stq_be_p(&reply->handle, handle); +} + +static int nbd_co_send_simple_reply(NBDClient *client, + uint64_t handle, + uint32_t error, + void *data, + size_t len, + Error **errp) +{ + NBDSimpleReply reply; + int nbd_err = system_errno_to_nbd_errno(error); + struct iovec iov[] = { + {.iov_base = &reply, .iov_len = sizeof(reply)}, + {.iov_base = data, .iov_len = len} + }; + + trace_nbd_co_send_simple_reply(handle, nbd_err, len); + set_be_simple_reply(&reply, nbd_err, handle); + + return nbd_co_send_iov(client, iov, len ? 2 : 1, errp); +} + /* nbd_co_receive_request * Collect a client request. Return 0 if request looks valid, -EIO to drop * connection right away, and any other negative value to report an error to @@ -1331,7 +1324,6 @@ static coroutine_fn void nbd_trip(void *opaque) NBDExport *exp = client->exp; NBDRequestData *req; NBDRequest request = { 0 }; /* GCC thinks it can be used uninitialized */ - NBDReply reply; int ret; int flags; int reply_data_len = 0; @@ -1351,11 +1343,7 @@ static coroutine_fn void nbd_trip(void *opaque) goto disconnect; } - reply.handle = request.handle; - reply.error = 0; - if (ret < 0) { - reply.error = -ret; goto reply; } @@ -1374,7 +1362,6 @@ static coroutine_fn void nbd_trip(void *opaque) ret = blk_co_flush(exp->blk); if (ret < 0) { error_setg_errno(&local_err, -ret, "flush failed"); - reply.error = -ret; break; } } @@ -1383,7 +1370,6 @@ static coroutine_fn void nbd_trip(void *opaque) req->data, request.len); if (ret < 0) { error_setg_errno(&local_err, -ret, "reading from file failed"); - reply.error = -ret; break; } @@ -1392,7 +1378,7 @@ static coroutine_fn void nbd_trip(void *opaque) break; case NBD_CMD_WRITE: if (exp->nbdflags & NBD_FLAG_READ_ONLY) { - reply.error = EROFS; + ret = -EROFS; break; } @@ -1404,14 +1390,13 @@ static coroutine_fn void nbd_trip(void *opaque) req->data, request.len, flags); if (ret < 0) { error_setg_errno(&local_err, -ret, "writing to file failed"); - reply.error = -ret; } break; case NBD_CMD_WRITE_ZEROES: if (exp->nbdflags & NBD_FLAG_READ_ONLY) { error_setg(&local_err, "Server is read-only, return error"); - reply.error = EROFS; + ret = -EROFS; break; } @@ -1426,7 +1411,6 @@ static coroutine_fn void nbd_trip(void *opaque) request.len, flags); if (ret < 0) { error_setg_errno(&local_err, -ret, "writing to file failed"); - reply.error = -ret; } break; @@ -1438,7 +1422,6 @@ static coroutine_fn void nbd_trip(void *opaque) ret = blk_co_flush(exp->blk); if (ret < 0) { error_setg_errno(&local_err, -ret, "flush failed"); - reply.error = -ret; } break; @@ -1447,25 +1430,27 @@ static coroutine_fn void nbd_trip(void *opaque) request.len); if (ret < 0) { error_setg_errno(&local_err, -ret, "discard failed"); - reply.error = -ret; } break; default: error_setg(&local_err, "invalid request type (%" PRIu32 ") received", request.type); - reply.error = EINVAL; + ret = -EINVAL; } reply: if (local_err) { - /* If we are here local_err is not fatal error, already stored in - * reply.error */ + /* If we get here, local_err was not a fatal error, and should be sent + * to the client. */ error_report_err(local_err); local_err = NULL; } - if (nbd_co_send_reply(req, &reply, reply_data_len, &local_err) < 0) { + if (nbd_co_send_simple_reply(req->client, request.handle, + ret < 0 ? -ret : 0, + req->data, reply_data_len, &local_err) < 0) + { error_prepend(&local_err, "Failed to send reply: "); goto disconnect; } @@ -1539,7 +1524,7 @@ void nbd_client_new(NBDExport *exp, NBDClient *client; Coroutine *co; - client = g_malloc0(sizeof(NBDClient)); + client = g_new0(NBDClient, 1); client->refcount = 1; client->exp = exp; client->tlscreds = tlscreds; diff --git a/nbd/trace-events b/nbd/trace-events index 48a4f27682..e27614f050 100644 --- a/nbd/trace-events +++ b/nbd/trace-events @@ -51,10 +51,9 @@ nbd_negotiate_old_style(uint64_t size, unsigned flags) "advertising size %" PRIu nbd_negotiate_new_style_size_flags(uint64_t size, unsigned flags) "advertising size %" PRIu64 " and flags 0x%x" nbd_negotiate_success(void) "Negotiation succeeded" nbd_receive_request(uint32_t magic, uint16_t flags, uint16_t type, uint64_t from, uint32_t len) "Got request: { magic = 0x%" PRIx32 ", .flags = 0x%" PRIx16 ", .type = 0x%" PRIx16 ", from = %" PRIu64 ", len = %" PRIu32 " }" -nbd_send_reply(int32_t error, uint64_t handle) "Sending response to client: { .error = %" PRId32 ", handle = %" PRIu64 " }" nbd_blk_aio_attached(const char *name, void *ctx) "Export %s: Attaching clients to AIO context %p\n" nbd_blk_aio_detach(const char *name, void *ctx) "Export %s: Detaching clients from AIO context %p\n" -nbd_co_send_reply(uint64_t handle, uint32_t error, int len) "Send reply: handle = %" PRIu64 ", error = %" PRIu32 ", len = %d" +nbd_co_send_simple_reply(uint64_t handle, uint32_t error, int len) "Send simple reply: handle = %" PRIu64 ", error = %" PRIu32 ", len = %d" nbd_co_receive_request_decode_type(uint64_t handle, uint16_t type, const char *name) "Decoding type: handle = %" PRIu64 ", type = %" PRIu16 " (%s)" nbd_co_receive_request_payload_received(uint64_t handle, uint32_t len) "Payload received: handle = %" PRIu64 ", len = %" PRIu32 nbd_co_receive_request_cmd_write(uint32_t len) "Reading %" PRIu32 " byte(s)" diff --git a/qapi/tpm.json b/qapi/tpm.json index e8b2d8dcb7..7093f268fb 100644 --- a/qapi/tpm.json +++ b/qapi/tpm.json @@ -39,10 +39,12 @@ # An enumeration of TPM types # # @passthrough: TPM passthrough type +# @emulator: Software Emulator TPM type +# Since: 2.11 # # Since: 1.5 ## -{ 'enum': 'TpmType', 'data': [ 'passthrough' ] } +{ 'enum': 'TpmType', 'data': [ 'passthrough', 'emulator' ] } ## # @query-tpm-types: @@ -56,7 +58,7 @@ # Example: # # -> { "execute": "query-tpm-types" } -# <- { "return": [ "passthrough" ] } +# <- { "return": [ "passthrough", "emulator" ] } # ## { 'command': 'query-tpm-types', 'returns': ['TpmType'] } @@ -77,16 +79,29 @@ '*cancel-path' : 'str'} } ## +# @TPMEmulatorOptions: +# +# Information about the TPM emulator type +# +# @chardev: Name of a unix socket chardev +# +# Since: 2.11 +## +{ 'struct': 'TPMEmulatorOptions', 'data': { 'chardev' : 'str' } } + +## # @TpmTypeOptions: # # A union referencing different TPM backend types' configuration options # # @type: 'passthrough' The configuration options for the TPM passthrough type +# 'emulator' The configuration options for TPM emulator backend type # # Since: 1.5 ## { 'union': 'TpmTypeOptions', - 'data': { 'passthrough' : 'TPMPassthroughOptions' } } + 'data': { 'passthrough' : 'TPMPassthroughOptions', + 'emulator': 'TPMEmulatorOptions' } } ## # @TPMInfo: diff --git a/qemu-options.hx b/qemu-options.hx index 981742d191..3728e9b4dd 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -3121,7 +3121,9 @@ DEF("tpmdev", HAS_ARG, QEMU_OPTION_tpmdev, \ "-tpmdev passthrough,id=id[,path=path][,cancel-path=path]\n" " use path to provide path to a character device; default is /dev/tpm0\n" " use cancel-path to provide path to TPM's cancel sysfs entry; if\n" - " not provided it will be searched for in /sys/class/misc/tpm?/device\n", + " not provided it will be searched for in /sys/class/misc/tpm?/device\n" + "-tpmdev emulator,id=id,chardev=dev\n" + " configure the TPM device using chardev backend\n", QEMU_ARCH_ALL) STEXI @@ -3130,8 +3132,8 @@ The general form of a TPM device option is: @item -tpmdev @var{backend} ,id=@var{id} [,@var{options}] @findex -tpmdev -Backend type must be: -@option{passthrough}. +Backend type must be either one of the following: +@option{passthrough}, @option{emulator}. The specific backend type will determine the applicable options. The @code{-tpmdev} option creates the TPM backend and requires a @@ -3181,6 +3183,20 @@ To create a passthrough TPM use the following two options: Note that the @code{-tpmdev} id is @code{tpm0} and is referenced by @code{tpmdev=tpm0} in the device option. +@item -tpmdev emulator, id=@var{id}, chardev=@var{dev} + +(Linux-host only) Enable access to a TPM emulator using Unix domain socket based +chardev backend. + +@option{chardev} specifies the unique ID of a character device backend that provides connection to the software TPM server. + +To create a TPM emulator backend device with chardev socket backend: +@example + +-chardev socket,id=chrtpm,path=/tmp/swtpm-sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0 + +@end example + @end table ETEXI diff --git a/tests/qemu-iotests/nbd-fault-injector.py b/tests/qemu-iotests/nbd-fault-injector.py index 1c10dcb51c..8a04d979aa 100755 --- a/tests/qemu-iotests/nbd-fault-injector.py +++ b/tests/qemu-iotests/nbd-fault-injector.py @@ -56,7 +56,7 @@ NBD_CMD_READ = 0 NBD_CMD_WRITE = 1 NBD_CMD_DISC = 2 NBD_REQUEST_MAGIC = 0x25609513 -NBD_REPLY_MAGIC = 0x67446698 +NBD_SIMPLE_REPLY_MAGIC = 0x67446698 NBD_PASSWD = 0x4e42444d41474943 NBD_OPTS_MAGIC = 0x49484156454F5054 NBD_CLIENT_MAGIC = 0x0000420281861253 @@ -166,7 +166,7 @@ def read_request(conn): return req def write_reply(conn, error, handle): - buf = reply_struct.pack(NBD_REPLY_MAGIC, error, handle) + buf = reply_struct.pack(NBD_SIMPLE_REPLY_MAGIC, error, handle) conn.send(buf, event='reply') def handle_connection(conn, use_export): diff --git a/tests/vhost-user-bridge.c b/tests/vhost-user-bridge.c index f922cc75ae..d820033a72 100644 --- a/tests/vhost-user-bridge.c +++ b/tests/vhost-user-bridge.c @@ -277,6 +277,7 @@ vubr_backend_recv_cb(int sock, void *ctx) DPRINT(" hdrlen = %d\n", hdrlen); if (!vu_queue_enabled(dev, vq) || + !vu_queue_started(dev, vq) || !vu_queue_avail_bytes(dev, vq, hdrlen, 0)) { DPRINT("Got UDP packet, but no available descriptors on RX virtq.\n"); return; diff --git a/tpm.c b/tpm.c index 2d830d072a..3122227156 100644 --- a/tpm.c +++ b/tpm.c @@ -62,7 +62,7 @@ static void tpm_display_backend_drivers(void) continue; } fprintf(stderr, "%12s %s\n", - TpmType_str(i), be_drivers[i]->desc()); + TpmType_str(i), be_drivers[i]->desc); } fprintf(stderr, "\n"); } @@ -157,7 +157,7 @@ void tpm_cleanup(void) QLIST_FOREACH_SAFE(drv, &tpm_backends, list, next) { QLIST_REMOVE(drv, list); - tpm_backend_destroy(drv); + object_unref(OBJECT(drv)); } } @@ -172,7 +172,6 @@ int tpm_init(void) return -1; } - atexit(tpm_cleanup); return 0; } @@ -202,36 +201,6 @@ static const TPMDriverOps *tpm_driver_find_by_type(enum TpmType type) return be_drivers[type]; } -static TPMInfo *qmp_query_tpm_inst(TPMBackend *drv) -{ - TPMInfo *res = g_new0(TPMInfo, 1); - TPMPassthroughOptions *tpo; - - res->id = g_strdup(drv->id); - res->model = drv->fe_model; - res->options = g_new0(TpmTypeOptions, 1); - - switch (drv->ops->type) { - case TPM_TYPE_PASSTHROUGH: - res->options->type = TPM_TYPE_OPTIONS_KIND_PASSTHROUGH; - tpo = g_new0(TPMPassthroughOptions, 1); - res->options->u.passthrough.data = tpo; - if (drv->path) { - tpo->path = g_strdup(drv->path); - tpo->has_path = true; - } - if (drv->cancel_path) { - tpo->cancel_path = g_strdup(drv->cancel_path); - tpo->has_cancel_path = true; - } - break; - case TPM_TYPE__MAX: - break; - } - - return res; -} - /* * Walk the list of active TPM backends and collect information about them * following the schema description in qapi-schema.json. @@ -246,7 +215,7 @@ TPMInfoList *qmp_query_tpm(Error **errp) continue; } info = g_new0(TPMInfoList, 1); - info->value = qmp_query_tpm_inst(drv); + info->value = tpm_backend_query_tpm(drv); if (!cur_item) { head = cur_item = info; diff --git a/vl.c b/vl.c index d7c349233f..0723835bbf 100644 --- a/vl.c +++ b/vl.c @@ -4905,6 +4905,7 @@ int main(int argc, char **argv, char **envp) res_free(); /* vhost-user must be cleaned up before chardevs. */ + tpm_cleanup(); net_cleanup(); audio_cleanup(); monitor_cleanup(); |