The requested feedback was to convert the tpmdev handler to being json

based, which requires rethreading all the backends. The good news is

this reduced quite a bit of code (especially as I converted it to

error_fatal handling as well, which removes the return status

v3 pulls out more unneeded code in the visitor conversion, makes

migration work on external state preservation of the simulator and

adds documentation

v4 puts back the wrapper options (but doesn't add any for mssim since

it post dates the necessity)

James

---

tpm: add backend for mssim

MAINTAINERS | 6 +

backends/tpm/Kconfig | 5 +

backends/tpm/meson.build | 1 +

include/sysemu/tpm_backend.h | 2 +-

create mode 100644 backends/tpm/tpm_mssim.c

create mode 100644 backends/tpm/tpm_mssim.h

--

2.35.3

Instead of processing the tpmdev options using the old qemu options,

convert to the new visitor format which also allows the passing of

json on the command line.

---

v4: add TpmConfiOptions

---

include/sysemu/tpm_backend.h | 2 +-

diff --git a/backends/tpm/tpm_emulator.c b/backends/tpm/tpm_emulator.c

index XXXXXXX..XXXXXXX 100644

--- a/backends/tpm/tpm_emulator.c

+++ b/backends/tpm/tpm_emulator.c

@@ -XXX,XX +XXX,XX @@ err_exit:

return -1;

}

-static int tpm_emulator_handle_device_opts(TPMEmulator *tpm_emu, QemuOpts *opts)

{

- const char *value;

Error *err = NULL;

Chardev *dev;

- dev = qemu_chr_find(value);

+ dev = qemu_chr_find(opts->u.emulator.chardev);

if (!dev) {

- error_report("tpm-emulator: tpm chardev '%s' not found", value);

+ error_report("tpm-emulator: tpm chardev '%s' not found",

goto err;

}

if (!qemu_chr_fe_init(&tpm_emu->ctrl_chr, dev, &err)) {

error_prepend(&err, "tpm-emulator: No valid chardev found at '%s':",

@@ -XXX,XX +XXX,XX @@ static int tpm_passthrough_open_sysfs_cancel(TPMPassthruState *tpm_pt)

}

static int

-tpm_passthrough_handle_device_opts(TPMPassthruState *tpm_pt, QemuOpts *opts)

{

- const char *value;

+ tpm_pt->options = QAPI_CLONE(TPMPassthroughOptions, &opts->u.passthrough);

- value = qemu_opt_get(opts, "cancel-path");

- if (value) {

- tpm_pt->options->cancel_path = g_strdup(value);

- }

-

- value = qemu_opt_get(opts, "path");

- if (value) {

- tpm_pt->options->path = g_strdup(value);

- }

-

- tpm_pt->tpm_dev = value ? value : TPM_PASSTHROUGH_DEFAULT_DEVICE;

tpm_pt->tpm_fd = qemu_open_old(tpm_pt->tpm_dev, O_RDWR);

if (tpm_pt->tpm_fd < 0) {

error_report("Cannot access TPM device using '%s': %s",

@@ -XXX,XX +XXX,XX @@ tpm_passthrough_handle_device_opts(TPMPassthruState *tpm_pt, QemuOpts *opts)

return 0;

- if (tpm_passthrough_handle_device_opts(TPM_PASSTHROUGH(obj), opts)) {

+ if (tpm_passthrough_handle_device_opts(TPM_PASSTHROUGH(obj), tco)) {

object_unref(obj);

return NULL;

}

@@ -XXX,XX +XXX,XX @@ static void tpm_passthrough_inst_init(Object *obj)

{

TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(obj);

- tpm_pt->options = g_new0(TPMPassthroughOptions, 1);

+++ b/include/sysemu/tpm.h

@@ -XXX,XX +XXX,XX @@

#ifdef CONFIG_TPM

-int tpm_init(void);

+void tpm_init(void);

void tpm_cleanup(void);

typedef enum TPMVersion {

diff --git a/include/sysemu/tpm_backend.h b/include/sysemu/tpm_backend.h

index XXXXXXX..XXXXXXX 100644

+# without the wrapper to be usable by visitors.

+#

+# @type: - 'passthrough' The configuration options for the TPM passthrough type

+# - 'emulator' The configuration options for TPM emulator backend type

+#

+##

+{ 'union': 'TpmCreateOptions',

+ 'base': { 'type': 'TpmType',

+ 'id' : 'str' },

+ 'discriminator': 'type',

+ 'if': 'CONFIG_TPM' }

+

##

# @TPMInfo:

#

@@ -XXX,XX +XXX,XX @@

#include "qapi/error.h"

#include "qapi/qapi-commands-tpm.h"

#include "qapi/qmp/qerror.h"

+#include "qapi/qobject-input-visitor.h"

+ TpmCreateOptionsQueueEntry *tcoqe = QSIMPLEQ_FIRST(&tco_queue);

- return 0;

+ QSIMPLEQ_REMOVE_HEAD(&tco_queue, entry);

+ tpm_init_tpmdev(tcoqe->tco);

+ g_free(tcoqe);

+ }

}

/*

* Parse the TPM configuration options.

* To display all available TPM backends the user may use '-tpmdev help'

*/

{

- QemuOpts *opts;

+ Visitor *v;

+ TpmCreateOptionsQueueEntry *tcqe;

tpm_display_backend_drivers();

- return -1;

- }

- if (!opts) {

- return -1;

}

- return 0;

+ tcqe = g_new(TpmCreateOptionsQueueEntry, 1);

+ visit_type_TpmCreateOptions(v, NULL, &tcqe->tco, &error_fatal);

+ visit_free(v);

+ QSIMPLEQ_INSERT_TAIL(&tco_queue, tcqe, entry);

}

/*

@@ -XXX,XX +XXX,XX @@ static QemuOptsList qemu_object_opts = {

},

};

-static QemuOptsList qemu_tpmdev_opts = {

-

static QemuOptsList qemu_overcommit_opts = {

.name = "overcommit",

.head = QTAILQ_HEAD_INITIALIZER(qemu_overcommit_opts.head),

@@ -XXX,XX +XXX,XX @@ static void qemu_create_late_backends(void)

- if (tpm_init() < 0) {

- exit(1);

- }

+ tpm_init();

The Microsoft Simulator (mssim) is the reference emulation platform

for the TCG TPM 2.0 specification.

https://github.com/Microsoft/ms-tpm-20-ref.git

-tpmdev "{'type':'mssim','id':'tpm0','command':{'type':inet,'host':'remote','port':'2321'}}"

tpm-tis also works as the backend.

---

v2: convert to SocketAddr json and use qio_channel_socket_connect_sync()

v3: gate control power off by migration state keep control socket disconnected

to test outside influence and add docs.

---

MAINTAINERS | 6 +

backends/tpm/Kconfig | 5 +

backends/tpm/meson.build | 1 +

create mode 100644 backends/tpm/tpm_mssim.c

create mode 100644 backends/tpm/tpm_mssim.h

diff --git a/MAINTAINERS b/MAINTAINERS

index XXXXXXX..XXXXXXX 100644

F: include/sysemu/tpm*

F: qapi/tpm.json

F: backends/tpm/

+X: backends/tpm/tpm_mssim.*

F: tests/qtest/*tpm*

T: git https://github.com/stefanberger/qemu-tpm.git tpm-next

+MSSIM TPM Backend

+M: James Bottomley <jejb@linux.ibm.com>

+S: Maintained

+F: backends/tpm/tpm_mssim.*

+

diff --git a/backends/tpm/Kconfig b/backends/tpm/Kconfig

index XXXXXXX..XXXXXXX 100644

--- a/backends/tpm/Kconfig

+++ b/backends/tpm/Kconfig

@@ -XXX,XX +XXX,XX @@ config TPM_EMULATOR

diff --git a/backends/tpm/meson.build b/backends/tpm/meson.build

index XXXXXXX..XXXXXXX 100644

--- a/backends/tpm/meson.build

+++ b/backends/tpm/meson.build

@@ -XXX,XX +XXX,XX @@ if have_tpm

endif

diff --git a/backends/tpm/tpm_mssim.c b/backends/tpm/tpm_mssim.c

new file mode 100644

index XXXXXXX..XXXXXXX

--- /dev/null

+#include "tpm_mssim.h"

+

+#define ERROR_PREFIX "TPM mssim Emulator: "

+

+#define TYPE_TPM_MSSIM "tpm-mssim"

+ TPMBackend parent;

+

+

+ QIOChannelSocket *cmd_qc, *ctrl_qc;

+};

+

+ cmd = htonl(cmd);

+ goto out;

+ goto out;

+ if (cmd != 0) {

+ ret = -1;

+ }

+ out:

+}

+

+static void tpm_mssim_instance_init(Object *obj)

+{

+}

+

+static void tpm_mssim_instance_finalize(Object *obj)

+{

+

+ object_unref(OBJECT(t->ctrl_qc));

+ object_unref(OBJECT(t->cmd_qc));

+}

+

+ return 4096;

+}

+

+static TpmTypeOptions *tpm_mssim_get_opts(TPMBackend *tb)

+{

+ TpmTypeOptions *opts = g_new0(TpmTypeOptions, 1);

+

+ opts->type = TPM_TYPE_MSSIM;

+

+ return opts;

+}

+

+static void tpm_mssim_handle_request(TPMBackend *tb, TPMBackendCmd *cmd,

+ Error **errp)

+{

+ uint32_t header, len;

+ uint8_t locality = cmd->locty;

+ struct iovec iov[4];

+ int ret;

+

+ header = htonl(TPM_SEND_COMMAND);

+ len = htonl(cmd->in_len);

+

+ iov[0].iov_base = &header;

+ iov[2].iov_len = sizeof(len);

+ iov[3].iov_base = (void *)cmd->in;

+ iov[3].iov_len = cmd->in_len;

+

+ ret = qio_channel_writev_all(QIO_CHANNEL(t->cmd_qc), iov, 4, errp);

+ len = ntohl(len);

+ if (len > cmd->out_len) {

+ error_setg(errp, "receive size is too large");

+ goto fail;

+ }

+ /* ACK packet */

+ if (header != 0) {

+ error_setg(errp, "incorrect ACK received on command channel 0x%x", len);

+ goto fail;

+ }

+

+ return;

+

+ fail:

+ error_prepend(errp, ERROR_PREFIX);

+ tpm_util_write_fatal_error_response(cmd->out, cmd->out_len);

+}

+

+static TPMBackend *tpm_mssim_create(TpmCreateOptions *opts)

+{

+ TPMBackend *be = TPM_BACKEND(object_new(TYPE_TPM_MSSIM));

+ Error *errp = NULL;

+ mo->command = g_new0(SocketAddress, 1);

+ mo->command->type = SOCKET_ADDRESS_TYPE_INET;

+ mo->command->u.inet.host = g_strdup("localhost");

+ mo->command->u.inet.port = g_strdup("2321");

+ }

+ int port;

+

+ mo->control = g_new0(SocketAddress, 1);

+ mo->control->type = SOCKET_ADDRESS_TYPE_INET;

+ mo->control->u.inet.host = g_strdup(mo->command->u.inet.host);

+ port = atoi(mo->command->u.inet.port) + 1;

+ mo->control->u.inet.port = g_strdup_printf("%d", port);

+ }

+

+ t->cmd_qc = qio_channel_socket_new();

+ t->ctrl_qc = qio_channel_socket_new();

+

+

+ return be;

+

+ fail:

+ object_unref(OBJECT(t->ctrl_qc));

+ cl->type = TPM_TYPE_MSSIM;

+ cl->opts = tpm_mssim_cmdline_opts;

+ cl->desc = "TPM mssim emulator backend driver";

+ cl->create = tpm_mssim_create;

+ cl->cancel_cmd = tpm_mssim_cancel_cmd;

+ cl->get_tpm_version = tpm_mssim_get_version;

+ cl->get_buffer_size = tpm_mssim_get_buffer_size;

+ cl->get_tpm_options = tpm_mssim_get_opts;

+ cl->handle_request = tpm_mssim_handle_request;

+}

+

+static const TypeInfo tpm_mssim_info = {

+ .name = TYPE_TPM_MSSIM,

+ .parent = TYPE_TPM_BACKEND,

+ .class_init = tpm_mssim_class_init,

+ .instance_init = tpm_mssim_instance_init,

+ .instance_finalize = tpm_mssim_instance_finalize,

+};

+

+#define TPM_SIGNAL_POWER_OFF 2

+#define TPM_SIGNAL_PHYS_PRES_ON 3

+#define TPM_SIGNAL_PHYS_PRES_OFF 4

+#define TPM_SIGNAL_HASH_START 5

+#define TPM_SIGNAL_HASH_DATA 6

+#define TPM_SIGNAL_HASH_END 7

+#define TPM_SEND_COMMAND 8

+#define TPM_SIGNAL_CANCEL_ON 9

+#define TPM_SIGNAL_CANCEL_OFF 10

+#define TPM_SIGNAL_NV_ON 11

+#define TPM_SIGNAL_NV_OFF 12

+#define TPM_SIGNAL_KEY_CACHE_ON 13

...

+The QEMU TPM Microsoft Simulator Device

+---------------------------------------

+

+

+.. code-block:: console

+

+ qemu-system-x86_64 <qemu-options> \

+ -tpmdev mssim,id=tpm0 \

+ -device tpm-crb,tpmdev=tpm0

+

+

+Although it can also communicate with a remote host, which must be

+

+.. code-block:: console

+

+ qemu-system-x86_64 <qemu-options> \

+ -tpmdev "{'type':'mssim','id':'tpm0','command':{'type':'inet','host':'remote','port':'2321'},'control':{'type':'inet','host':'remote','port':'2322'}}" \

+ -device tpm-crb,tpmdev=tpm0

+

+

+

The QEMU TPM emulator device

----------------------------

@@ -XXX,XX +XXX,XX @@ the following:

.. _SWTPM protocol:

https://github.com/stefanberger/swtpm/blob/master/man/man3/swtpm_ioctls.pod

+

+.. _ms-tpm-20-ref:

+ https://github.com/microsoft/ms-tpm-20-ref

index XXXXXXX..XXXXXXX 100644

@@ -XXX,XX +XXX,XX @@ void hmp_info_tpm(Monitor *mon, const QDict *qdict)

unsigned int c = 0;

TPMPassthroughOptions *tpo;

TPMEmulatorOptions *teo;

info_list = qmp_query_tpm(&err);

if (err) {

@@ -XXX,XX +XXX,XX @@ void hmp_info_tpm(Monitor *mon, const QDict *qdict)

teo = ti->options->u.emulator.data;

monitor_printf(mon, ",chardev=%s", teo->chardev);

break;

+ case TPM_TYPE_MSSIM:

+ tmo = &ti->options->u.mssim;

+ monitor_printf(mon, ",command=%s:%s,control=%s:%s",

+ break;

case TPM_TYPE__MAX:

break;

}

--

2.35.3