threading).

v3 pulls out more unneeded code in the visitor conversion, makes

migration work on external state preservation of the simulator and

adds documentation

v4 puts back the wrapper options (but doesn't add any for mssim since

it post dates the necessity)

v5 rebases to the latest master branch and adjusts for removed use_FOO ptrs

v5 updates help to exit zero; does some checkpatch tidying

v7 merge review feedback and add acks.

v8 adds better error handling, more code tidies and adds command

socket disconnection/reconnection (instead of trying to keep the

socket open the whole time). This adds overhead, but makes

debugging guest kernel TPM issues much easier.

v9 Fix merge conflict with optarg->optstr conversion

v10 Fix more merge conflicts and update API versions

v11 Fix another merge conflict and correct a warm reboot problem where

the TPM isn't getting reset (meaning the PCR values are wrong).

MAINTAINERS | 6 +

backends/tpm/tpm_emulator.c | 25 +--

backends/tpm/tpm_mssim.c | 335 +++++++++++++++++++++++++++++++++

backends/tpm/tpm_mssim.h | 44 +++++

backends/tpm/tpm_passthrough.c | 23 +--

docs/specs/tpm.rst | 39 ++++

include/sysemu/tpm.h | 5 +-

qapi/tpm.json | 50 ++++-

system/tpm-hmp-cmds.c | 9 +

system/tpm.c | 91 ++++-----

system/vl.c | 19 +-

14 files changed, 546 insertions(+), 108 deletions(-)

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Tested-by: Stefan Berger <stefanb@linux.ibm.com>

Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>

v4: add TpmConfiOptions

v5: exit(0) for help

v7: adjust line lengths, free options

v8: minor updates; add tested/reviewed-by

v9: optarg->optstr

---

backends/tpm/tpm_emulator.c | 25 ++++------

backends/tpm/tpm_passthrough.c | 23 +++------

include/sysemu/tpm.h | 5 +-

qapi/tpm.json | 21 ++++++++

system/tpm.c | 91 ++++++++++++++--------------------

system/vl.c | 19 +------

7 files changed, 81 insertions(+), 105 deletions(-)

+static int tpm_emulator_handle_device_opts(TPMEmulator *tpm_emu,

+ TpmCreateOptions *opts)

+ tpm_emu->options = QAPI_CLONE(TPMEmulatorOptions, &opts->u.emulator);

+ opts->u.emulator.chardev);

+static TPMBackend *tpm_emulator_create(TpmCreateOptions *opts)

}

+tpm_passthrough_handle_device_opts(TPMPassthruState *tpm_pt,

+ TpmCreateOptions *opts)

+ tpm_pt->options = QAPI_CLONE(TPMPassthroughOptions, &opts->u.passthrough);

+ tpm_pt->tpm_dev = opts->u.passthrough.path ? opts->u.passthrough.path :

+ TPM_PASSTHROUGH_DEFAULT_DEVICE;

+static TPMBackend *tpm_passthrough_create(TpmCreateOptions *tco)

+ if (tpm_passthrough_handle_device_opts(TPM_PASSTHROUGH(obj), tco)) {

-int tpm_config_parse(QemuOptsList *opts_list, const char *optstr);

+ TPMBackend *(*create)(TpmCreateOptions *tco);

'emulator': 'TPMEmulatorOptionsWrapper' },

+##

+# @TpmCreateOptions:

+#

+# A union referencing different TPM backend types' configuration options

+# without the wrapper to be usable by visitors.

+#

+# @type: - 'passthrough' The configuration options for the TPM passthrough type

+# - 'emulator' The configuration options for TPM emulator backend type

+#

+# @id: The Id of the TPM

+#

+# Since: 9.0

+##

+{ 'union': 'TpmCreateOptions',

+ 'id' : 'str' },

+ 'discriminator': 'type',

+ 'if': 'CONFIG_TPM' }

+

# @TPMInfo:

#

diff --git a/system/tpm.c b/system/tpm.c

index XXXXXXX..XXXXXXX 100644

--- a/system/tpm.c

+++ b/system/tpm.c

+typedef struct TpmCreateOptionsQueueEntry {

+ TpmCreateOptions *tco;

+ QSIMPLEQ_ENTRY(TpmCreateOptionsQueueEntry) entry;

+} TpmCreateOptionsQueueEntry;

+typedef QSIMPLEQ_HEAD(, TpmCreateOptionsQueueEntry) TpmCreateOptionsQueue;

+static TpmCreateOptionsQueue tco_queue = QSIMPLEQ_HEAD_INITIALIZER(tco_queue);

+static void tpm_init_tpmdev(TpmCreateOptions *tco)

- error_report(QERR_MISSING_PARAMETER, "id");

- return 1;

- }

-

+ be = tco->type >= 0 ? tpm_be_find_by_type(tco->type) : NULL;

+ drv = be->create(tco);

+ drv->id = g_strdup(tco->id);

+ while (!QSIMPLEQ_EMPTY(&tco_queue)) {

+ TpmCreateOptionsQueueEntry *tcoqe = QSIMPLEQ_FIRST(&tco_queue);

+ QSIMPLEQ_REMOVE_HEAD(&tco_queue, entry);

+ tpm_init_tpmdev(tcoqe->tco);

+ qapi_free_TpmCreateOptions(tcoqe->tco);

+ g_free(tcoqe);

* Parse the TPM configuration options.

* To display all available TPM backends the user may use '-tpmdev help'

-int tpm_config_parse(QemuOptsList *opts_list, const char *optstr)

+void tpm_config_parse(const char *optstr)

+ TpmCreateOptionsQueueEntry *tcqe;

- if (!strcmp(optstr, "help")) {

+ if (is_help_option(optstr)) {

- return -1;

- }

- opts = qemu_opts_parse_noisily(opts_list, optstr, true);

+ exit(0);

}

- return 0;

+ v = qobject_input_visitor_new_str(optstr, "type", &error_fatal);

+ tcqe = g_new(TpmCreateOptionsQueueEntry, 1);

+ visit_type_TpmCreateOptions(v, NULL, &tcqe->tco, &error_fatal);

+ QSIMPLEQ_INSERT_TAIL(&tco_queue, tcqe, entry);

}

/*

diff --git a/system/vl.c b/system/vl.c

index XXXXXXX..XXXXXXX 100644

--- a/system/vl.c

+++ b/system/vl.c

@@ -XXX,XX +XXX,XX @@ static QemuOptsList qemu_object_opts = {

},

};

-static QemuOptsList qemu_tpmdev_opts = {

- .name = "tpmdev",

- .implied_opt_name = "type",

- .head = QTAILQ_HEAD_INITIALIZER(qemu_tpmdev_opts.head),

- .desc = {

- /* options are defined in the TPM backends */

- { /* end of list */ }

- },

-};

-

static QemuOptsList qemu_overcommit_opts = {

.name = "overcommit",

.head = QTAILQ_HEAD_INITIALIZER(qemu_overcommit_opts.head),

exit(1);

}

It exports a fairly simple network socket based protocol on two

protocol over the network. It also allows the two sockets to be

specified on the command line. The benefits are twofold: firstly it

gives us a backend that actually speaks a standard TPM emulation

protocol instead of the linux specific TPM driver format of the

current emulated TPM backend and secondly, using the microsoft

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Acked-by: Markus Armbruster <armbru@redhat.com>

MAINTAINERS | 6 +

backends/tpm/tpm_mssim.c | 335 +++++++++++++++++++++++++++++++++++++++

backends/tpm/tpm_mssim.h | 44 +++++

docs/specs/tpm.rst | 39 +++++

qapi/tpm.json | 31 +++-

system/tpm-hmp-cmds.c | 9 ++

8 files changed, 466 insertions(+), 4 deletions(-)

@@ -XXX,XX +XXX,XX @@ F: include/hw/acpi/tpm.h

F: include/sysemu/tpm*

F: qapi/tpm.json

F: backends/tpm/

+X: backends/tpm/tpm_mssim.*

SPDM

M: Alistair Francis <alistair.francis@wdc.com>

S: Maintained

system_ss.add(files('tpm_util.c'))

system_ss.add(when: 'CONFIG_TPM_PASSTHROUGH', if_true: files('tpm_passthrough.c'))

system_ss.add(when: 'CONFIG_TPM_EMULATOR', if_true: files('tpm_emulator.c'))

+ system_ss.add(when: 'CONFIG_TPM_MSSIM', if_true: files('tpm_mssim.c'))

+OBJECT_DECLARE_SIMPLE_TYPE(TPMMssim, TPM_MSSIM)

+

+struct TPMMssim {

+ TPMMssimOptions opts;

+static int tpm_send_ctrl(TPMMssim *t, uint32_t cmd, Error **errp)

+{

+ int ret, retc;

+ Error *local_err = NULL;

+

+ ret = qio_channel_socket_connect_sync(t->ctrl_qc, t->opts.control, errp);

+ if (ret != 0) {

+ return ret;

+ }

+ ret = qio_channel_write_all(QIO_CHANNEL(t->ctrl_qc),

+ (char *)&cmd, sizeof(cmd), errp);

+ if (ret != 0) {

+ goto out;

+ }

+

+ ret = qio_channel_read_all(QIO_CHANNEL(t->ctrl_qc),

+ (char *)&cmd, sizeof(cmd), errp);

+ if (ret != 0) {

+ goto out;

+ }

+ error_setg(errp, ERROR_PREFIX

+ "Incorrect ACK recieved on control channel 0x%x", cmd);

+ ret = -1;

+ }

+ out:

+ /*

+ * need to close the channel here, but if that fails report it

+ * while not letting a prior failure get overwritten

+ */

+ retc = qio_channel_close(QIO_CHANNEL(t->ctrl_qc), &local_err);

+ error_propagate(errp, local_err);

+ return retc ? retc : ret;

+ TPMMssim *t = TPM_MSSIM(obj);

+

+ if (t->cmd_qc && !runstate_check(RUN_STATE_POSTMIGRATE)) {

+ Error *errp = NULL;

+ int ret;

+

+ ret = tpm_send_ctrl(t, TPM_SIGNAL_POWER_OFF, &errp);

+ if (ret != 0) {

+ error_report_err(errp);

+ }

+ }

+ TPMMssim *t = TPM_MSSIM(tb);

+ TpmTypeOptions *opts = g_new0(TpmTypeOptions, 1);

+

+ opts->type = TPM_TYPE_MSSIM;

+ QAPI_CLONE_MEMBERS(TPMMssimOptions, &opts->u.mssim, &t->opts);

+ TPMMssim *t = TPM_MSSIM(tb);

+ if (ret != 0) {

+ goto fail;

+ }

+

+ ret = qio_channel_read_all(QIO_CHANNEL(t->cmd_qc),

+ (char *)&len, sizeof(len), errp);

+ if (ret != 0) {

+ goto fail;

+ }

+

+ ret = qio_channel_read_all(QIO_CHANNEL(t->cmd_qc),

+ (char *)cmd->out, len, errp);

+ if (ret != 0) {

+ goto fail;

+ }

+

+ ret = qio_channel_read_all(QIO_CHANNEL(t->cmd_qc),

+ (char *)&header, sizeof(header), errp);

+ if (ret != 0) {

+ goto fail;

+ }

+static int tpm_mssim_startup(TPMBackend *tb, size_t buffersize)

+{

+ TPMMssim *t = TPM_MSSIM(tb);

+ Error *errp = NULL;

+ int ret;

+

+ if (runstate_check(RUN_STATE_INMIGRATE)) {

+ return 0;

+ }

+

+ /*

+ * reset the TPM using a power cycle sequence, in case someone has

+ * previously powered it up

+ */

+ ret = tpm_send_ctrl(t, TPM_SIGNAL_POWER_OFF, &errp);

+ if (ret != 0) {

+ goto fail;

+ }

+

+ ret = tpm_send_ctrl(t, TPM_SIGNAL_POWER_ON, &errp);

+ if (ret != 0) {

+ goto fail;

+ }

+

+ ret = tpm_send_ctrl(t, TPM_SIGNAL_NV_ON, &errp);

+ if (ret != 0) {

+ goto fail;

+ }

+

+ return 0;

+

+ fail:

+ error_report_err(errp);

+ return -1;

+}

+

+static TPMBackend *tpm_mssim_create(TpmCreateOptions *opts)

+ TPMMssim *t = TPM_MSSIM(be);

+ TPMMssimOptions *mo = &opts->u.mssim;

+

+ if (!mo->command) {

+ if (!mo->control) {

+ int port;

+

+ /*

+ * in the reference implementation, the control port is

+ * always one above the command port

+ */

+ port = atoi(mo->command->u.inet.port) + 1;

+ mo->control->u.inet.port = g_strdup_printf("%d", port);

+ }

+

+ QAPI_CLONE_MEMBERS(TPMMssimOptions, &t->opts, &opts->u.mssim);

+ if (qio_channel_socket_connect_sync(t->cmd_qc, mo->command, &errp) < 0) {

+ goto fail;

+ }

+

+ if (qio_channel_socket_connect_sync(t->ctrl_qc, mo->control, &errp) < 0) {

+ goto fail;

+ }

+ qio_channel_close(QIO_CHANNEL(t->ctrl_qc), NULL);

+ qio_channel_close(QIO_CHANNEL(t->cmd_qc), NULL);

+

+ .instance_size = sizeof(TPMMssim),

+/* {uint32_t BufferSize, uint8_t[BufferSize] Buffer} */

+/*

+ * {uint8_t Locality, uint32_t InBufferSize, uint8_t[InBufferSize] InBuffer} ->

+ * {uint32_t OutBufferSize, uint8_t[OutBufferSize] OutBuffer}

+ */

diff --git a/docs/specs/tpm.rst b/docs/specs/tpm.rst

--- a/docs/specs/tpm.rst

+++ b/docs/specs/tpm.rst

@@ -XXX,XX +XXX,XX @@ available as a module (assuming a TPM 2 is passed through):

/sys/devices/LNXSYSTEM:00/LNXSYBUS:00/MSFT0101:00/tpm/tpm0/pcr-sha256/9

...

+The QEMU TPM Microsoft Simulator Device

+---------------------------------------

+

+The Microsoft Simulator (mssim) is the reference emulation platform

+for the TCG TPM 2.0 specification. It provides a reference

+implementation for the TPM 2.0 written by Microsoft (See

+`ms-tpm-20-ref`_ on github). The reference implementation starts a

+network server and listens for TPM commands on port 2321 and TPM

+Platform control commands on port 2322, although these can be altered.

+The QEMU mssim TPM backend talks to this implementation. By default

+it connects to the default ports on localhost:

+

+.. code-block:: console

+

+ qemu-system-x86_64 <qemu-options> \

+ -tpmdev mssim,id=tpm0 \

+ -device tpm-crb,tpmdev=tpm0

+

+

+Although it can also communicate with a remote host, which must be

+specified as a SocketAddress via json or dotted keys on the command

+line for each of the command and control ports:

+

+.. code-block:: console

+

+ qemu-system-x86_64 <qemu-options> \

+ -tpmdev "{'type':'mssim','id':'tpm0','command':{'type':'inet','host':'remote','port':'2321'},'control':{'type':'inet','host':'remote','port':'2322'}}" \

+ -device tpm-crb,tpmdev=tpm0

+

+

+The mssim backend supports snapshotting and migration by not resetting

+the TPM on start up and not powering it down on halt if the VM is in

+migration, but the state of the Microsoft Simulator server must be

+preserved (or the server kept running) outside of QEMU for restore to

+be successful.

+

The QEMU TPM emulator device

----------------------------

@@ -XXX,XX +XXX,XX @@ the following:

.. _SWTPM protocol:

https://github.com/stefanberger/swtpm/blob/master/man/man3/swtpm_ioctls.pod

+

+.. _ms-tpm-20-ref:

+ https://github.com/microsoft/ms-tpm-20-ref

diff --git a/qapi/tpm.json b/qapi/tpm.json

index XXXXXXX..XXXXXXX 100644

--- a/qapi/tpm.json

+++ b/qapi/tpm.json

@@ -XXX,XX +XXX,XX @@

# = TPM (trusted platform module) devices

##

+{ 'include': 'sockets.json' }

+

##

# @TpmModel:

#

@@ -XXX,XX +XXX,XX @@

#

# @emulator: Software Emulator TPM type (since 2.11)

#

+# @mssim: Microsoft TPM Emulator (since 9.0)

+#

# Since: 1.5

##

-{ 'enum': 'TpmType', 'data': [ 'passthrough', 'emulator' ],

+{ 'enum': 'TpmType', 'data': [ 'passthrough', 'emulator', 'mssim' ],

'if': 'CONFIG_TPM' }

##

@@ -XXX,XX +XXX,XX @@

# .. qmp-example::

#

# -> { "execute": "query-tpm-types" }

-# <- { "return": [ "passthrough", "emulator" ] }

+# <- { "return": [ "passthrough", "emulator", "mssim" ] }

##

{ 'command': 'query-tpm-types', 'returns': ['TpmType'],

'if': 'CONFIG_TPM' }

@@ -XXX,XX +XXX,XX @@

'data': { 'data': 'TPMEmulatorOptions' },

'if': 'CONFIG_TPM' }

+##

+# @TPMMssimOptions:

+#

+# Information for the mssim emulator connection

+#

+# @command: command socket for the TPM emulator

+#

+# @control: control socket for the TPM emulator

+#

+# Since: 9.0

+##

+{ 'struct': 'TPMMssimOptions',

+ 'data': { '*command': 'SocketAddress',

+ '*control': 'SocketAddress' },

+ 'if': 'CONFIG_TPM' }

+

##

# @TpmTypeOptions:

#

@@ -XXX,XX +XXX,XX @@

# passthrough type

# - 'emulator' The configuration options for TPM emulator backend

# type

+# - 'mssim' The configuration options for TPM emulator mssim type

#

# Since: 1.5

##

@@ -XXX,XX +XXX,XX @@

'base': { 'type': 'TpmType' },

'discriminator': 'type',

'data': { 'passthrough' : 'TPMPassthroughOptionsWrapper',

- 'emulator': 'TPMEmulatorOptionsWrapper' },

+ 'emulator': 'TPMEmulatorOptionsWrapper',

+ 'mssim' : 'TPMMssimOptions' },

'if': 'CONFIG_TPM' }

##

@@ -XXX,XX +XXX,XX @@

'id' : 'str' },

'discriminator': 'type',

'data': { 'passthrough' : 'TPMPassthroughOptions',

- 'emulator': 'TPMEmulatorOptions' },

+ 'emulator': 'TPMEmulatorOptions',

+ 'mssim': 'TPMMssimOptions' },

'if': 'CONFIG_TPM' }

##

diff --git a/system/tpm-hmp-cmds.c b/system/tpm-hmp-cmds.c

index XXXXXXX..XXXXXXX 100644

--- a/system/tpm-hmp-cmds.c

+++ b/system/tpm-hmp-cmds.c

+ TPMMssimOptions *tmo;

teo = ti->options->u.emulator.data;

+ tmo->command->u.inet.host,

+ tmo->command->u.inet.port,

+ tmo->control->u.inet.host,

+ tmo->control->u.inet.port);