From nobody Mon Feb 9 04:03:28 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1663088872; cv=none; d=zohomail.com; s=zohoarc; b=HBApaMzMbm6c5tsMw0COoTZXYTo7lwp9BtRz7xiDfwl1Ku1UpCaJj7+JYXfLFgcWwXWzt1W01Ho6BvqimdNZiyHzd3N2PP1XzK6GJ+bMWGkqSmV2W2LarvuNIKECEav8oHOZr9CjFWuSA2C4FSMm51BpJo20rMdO5p6+FI+bLpI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1663088872; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=trNtXEN2C6O67IBf98ymayF7nkdL6srnuvoJ1IBjsdc=; b=P4xI8CMnWiJfFdZ3vjtiGucQOBrQJQ/5OZacyt7QEsey+1Df+5SeKI+PmciCCBYBaU/AlgozAX92O4e/78LaJ6dznDqTDdtypFd0TkpRAdY/xy5rWfLP5/JKYRne+Ewzjnaqb1xxbpY2Ug67k8mTQ32T4stvev/CF1TxpgwovR4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1663088872058570.8517189215626; Tue, 13 Sep 2022 10:07:52 -0700 (PDT) Received: from localhost ([::1]:53552 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oY9O2-0005t5-Nb for importer@patchew.org; Tue, 13 Sep 2022 13:07:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45554) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oY9Gd-0000qP-Kl for qemu-devel@nongnu.org; Tue, 13 Sep 2022 13:00:13 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:35016) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oY9GZ-0002jk-7y for qemu-devel@nongnu.org; Tue, 13 Sep 2022 13:00:11 -0400 Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28DGjjQF026407; Tue, 13 Sep 2022 17:00:03 GMT Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3jjwnwrfjr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 13 Sep 2022 17:00:03 +0000 Received: from m0098409.ppops.net (m0098409.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 28DGjtCB027648; Tue, 13 Sep 2022 17:00:03 GMT Received: from ppma04wdc.us.ibm.com (1a.90.2fa9.ip4.static.sl-reverse.com [169.47.144.26]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3jjwnwrfgw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 13 Sep 2022 17:00:03 +0000 Received: from pps.filterd (ppma04wdc.us.ibm.com [127.0.0.1]) by ppma04wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 28DGpsVq008392; Tue, 13 Sep 2022 17:00:01 GMT Received: from b03cxnp07027.gho.boulder.ibm.com (b03cxnp07027.gho.boulder.ibm.com [9.17.130.14]) by ppma04wdc.us.ibm.com with ESMTP id 3jgj79d9n7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 13 Sep 2022 17:00:01 +0000 Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp07027.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 28DH01i456230176 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 13 Sep 2022 17:00:01 GMT Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F392E78067; Tue, 13 Sep 2022 17:14:30 +0000 (GMT) Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A5F6C7805E; Tue, 13 Sep 2022 17:14:30 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP; Tue, 13 Sep 2022 17:14:30 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=pp1; bh=trNtXEN2C6O67IBf98ymayF7nkdL6srnuvoJ1IBjsdc=; b=nbysuu/gxrVNGjgIwjDwFonwyKg7tUatTriPKyoqk16zEONurC/kANi6o5iHRWj8i8NW DlhvXNj5oZJa4HxKVIlJW14bohEX/3wNsUxix1Yu13G52MVHaLOJQYjgunqHvFIuDAL/ ObYzNRHfxkur6YUWQWq/twGnkLFpDVM4dNAxYcuv4MTNfFmLpQKmij1b+YMJkucbpU3c tQj4JCkyRRBZ1CTongso4XTvT4WaID8DJYGYpsQNd2rQX/rHWGtWsyoweh6KzqXxUY2/ SALhjXDqPgof5tjYFfSUEf/CMW/WZTQiB9SX4ql1/CnBbILV47F3kvre0w2RmXMzTnPf uQ== From: Stefan Berger To: qemu-devel@nongnu.org Cc: peter.maydell@linaro.org, Stefan Berger , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= Subject: [PULL 4/4] tpm_emulator: Have swtpm relock storage upon migration fall-back Date: Tue, 13 Sep 2022 12:59:45 -0400 Message-Id: <20220913165945.1635016-5-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20220913165945.1635016-1-stefanb@linux.ibm.com> References: <20220913165945.1635016-1-stefanb@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: YufKQIVjGgCPlvHZ0yogcHl5PdwNtWow X-Proofpoint-ORIG-GUID: uepNZe5JT4QRmDv_KoIpH3_ciu7nvdXn X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-13_09,2022-09-13_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 malwarescore=0 spamscore=0 impostorscore=0 priorityscore=1501 mlxlogscore=999 clxscore=1015 suspectscore=0 lowpriorityscore=0 mlxscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2207270000 definitions=main-2209130075 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=148.163.156.1; envelope-from=stefanb@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -19 X-Spam_score: -2.0 X-Spam_bar: -- X-Spam_report: (-2.0 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @ibm.com) X-ZM-MESSAGEID: 1663088873283100002 Swtpm may release the lock once the last one of its state blobs has been migrated out. In case of VM migration failure QEMU now needs to notify swtpm that it should again take the lock, which it can otherwise only do once it has received the first TPM command from the VM. Only try to send the lock command if swtpm supports it. It will not have released the lock (and support shared storage setups) if it doesn't support the locking command since the functionality of releasing the lock upon state blob reception and the lock command were added to swtpm 'together'. If QEMU sends the lock command and the storage has already been locked no error is reported. If swtpm does not receive the lock command (from older version of QEMU), it will lock the storage once the first TPM command has been received. So sending the lock command is an optimization. Signed-off-by: Stefan Berger Reviewed-by: Marc-Andr=C3=A9 Lureau Message-id: 20220912174741.1542330-3-stefanb@linux.ibm.com --- backends/tpm/tpm_emulator.c | 60 ++++++++++++++++++++++++++++++++++++- backends/tpm/trace-events | 2 ++ 2 files changed, 61 insertions(+), 1 deletion(-) diff --git a/backends/tpm/tpm_emulator.c b/backends/tpm/tpm_emulator.c index 9b50c5b3e2..49cc3d749d 100644 --- a/backends/tpm/tpm_emulator.c +++ b/backends/tpm/tpm_emulator.c @@ -35,6 +35,7 @@ #include "sysemu/runstate.h" #include "sysemu/tpm_backend.h" #include "sysemu/tpm_util.h" +#include "sysemu/runstate.h" #include "tpm_int.h" #include "tpm_ioctl.h" #include "migration/blocker.h" @@ -82,6 +83,9 @@ struct TPMEmulator { unsigned int established_flag_cached:1; =20 TPMBlobBuffers state_blobs; + + bool relock_storage; + VMChangeStateEntry *vmstate; }; =20 struct tpm_error { @@ -303,6 +307,35 @@ static int tpm_emulator_stop_tpm(TPMBackend *tb) return 0; } =20 +static int tpm_emulator_lock_storage(TPMEmulator *tpm_emu) +{ + ptm_lockstorage pls; + + if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, PTM_CAP_LOCK_STORAGE)) { + trace_tpm_emulator_lock_storage_cmd_not_supt(); + return 0; + } + + /* give failing side 300 * 10ms time to release lock */ + pls.u.req.retries =3D cpu_to_be32(300); + if (tpm_emulator_ctrlcmd(tpm_emu, CMD_LOCK_STORAGE, &pls, + sizeof(pls.u.req), sizeof(pls.u.resp)) < 0) { + error_report("tpm-emulator: Could not lock storage within 3 second= s: " + "%s", strerror(errno)); + return -1; + } + + pls.u.resp.tpm_result =3D be32_to_cpu(pls.u.resp.tpm_result); + if (pls.u.resp.tpm_result !=3D 0) { + error_report("tpm-emulator: TPM result for CMD_LOCK_STORAGE: 0x%x = %s", + pls.u.resp.tpm_result, + tpm_emulator_strerror(pls.u.resp.tpm_result)); + return -1; + } + + return 0; +} + static int tpm_emulator_set_buffer_size(TPMBackend *tb, size_t wanted_size, size_t *actual_size) @@ -853,13 +886,34 @@ static int tpm_emulator_pre_save(void *opaque) { TPMBackend *tb =3D opaque; TPMEmulator *tpm_emu =3D TPM_EMULATOR(tb); + int ret; =20 trace_tpm_emulator_pre_save(); =20 tpm_backend_finish_sync(tb); =20 /* get the state blobs from the TPM */ - return tpm_emulator_get_state_blobs(tpm_emu); + ret =3D tpm_emulator_get_state_blobs(tpm_emu); + + tpm_emu->relock_storage =3D ret =3D=3D 0; + + return ret; +} + +static void tpm_emulator_vm_state_change(void *opaque, bool running, + RunState state) +{ + TPMBackend *tb =3D opaque; + TPMEmulator *tpm_emu =3D TPM_EMULATOR(tb); + + trace_tpm_emulator_vm_state_change(running, state); + + if (!running || state !=3D RUN_STATE_RUNNING || !tpm_emu->relock_stora= ge) { + return; + } + + /* lock storage after migration fall-back */ + tpm_emulator_lock_storage(tpm_emu); } =20 /* @@ -921,6 +975,9 @@ static void tpm_emulator_inst_init(Object *obj) tpm_emu->options =3D g_new0(TPMEmulatorOptions, 1); tpm_emu->cur_locty_number =3D ~0; qemu_mutex_init(&tpm_emu->mutex); + tpm_emu->vmstate =3D + qemu_add_vm_change_state_handler(tpm_emulator_vm_state_change, + tpm_emu); =20 vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY, &vmstate_tpm_emulator, obj); @@ -970,6 +1027,7 @@ static void tpm_emulator_inst_finalize(Object *obj) tpm_sized_buffer_reset(&state_blobs->savestate); =20 qemu_mutex_destroy(&tpm_emu->mutex); + qemu_del_vm_change_state_handler(tpm_emu->vmstate); =20 vmstate_unregister(NULL, &vmstate_tpm_emulator, obj); } diff --git a/backends/tpm/trace-events b/backends/tpm/trace-events index 3298766dd7..1ecef42a07 100644 --- a/backends/tpm/trace-events +++ b/backends/tpm/trace-events @@ -20,6 +20,8 @@ tpm_emulator_set_buffer_size(uint32_t buffersize, uint32_= t minsize, uint32_t max tpm_emulator_startup_tpm_resume(bool is_resume, size_t buffersize) "is_res= ume: %d, buffer size: %zu" tpm_emulator_get_tpm_established_flag(uint8_t flag) "got established flag:= %d" tpm_emulator_cancel_cmd_not_supt(void) "Backend does not support CANCEL_TP= M_CMD" +tpm_emulator_lock_storage_cmd_not_supt(void) "Backend does not support LOC= K_STORAGE" +tpm_emulator_vm_state_change(int running, int state) "state change to runn= ing %d state %d" tpm_emulator_handle_device_opts_tpm12(void) "TPM Version 1.2" tpm_emulator_handle_device_opts_tpm2(void) "TPM Version 2" tpm_emulator_handle_device_opts_unspec(void) "TPM Version Unspecified" --=20 2.37.2