VTPM_TOOLS: Added support for QEMU to communicate with vTPM over UNIX

socket for HVM guests.

Signed-off-by: Vinnie Scarlata <vincent.r.scarlata@intel.com>

7 files changed, 42 insertions, 26 deletions

diff --git a/tools/vtpm_manager/Rules.mk b/tools/vtpm_manager/Rules.mk
index 68c2a26ff7..3d48870288 100644
--- a/tools/vtpm_manager/Rules.mk
+++ b/tools/vtpm_manager/Rules.mk
@@ -39,7 +39,7 @@ $(OBJS): $(SRCS)
 CFLAGS += -D_GNU_SOURCE
 
 # Logging Level. See utils/tools.h for usage
-CFLAGS += -DLOGGING_MODULES="(BITMASK(VTPM_LOG_TCS)|BITMASK(VTPM_LOG_VTSP)|BITMASK(VTPM_LOG_VTPM)|BITMASK(VTPM_LOG_VTPM_DEEP))"
+CFLAGS += -DLOGGING_MODULES="(BITMASK(VTPM_LOG_TCS)|BITMASK(VTPM_LOG_VTSP)|BITMASK(VTPM_LOG_VTPM))"
 
 # Silent Mode
 #CFLAGS += -DLOGGING_MODULES=0x0
diff --git a/tools/vtpm_manager/manager/Makefile b/tools/vtpm_manager/manager/Makefile
index d0b3526b42..aae9cb7eaf 100644
--- a/tools/vtpm_manager/manager/Makefile
+++ b/tools/vtpm_manager/manager/Makefile
@@ -14,6 +14,9 @@ install: build
 	if [ ! -d "$(DESTDIR)/var/vtpm/fifos" ]; \
 		then mkdir -p $(DESTDIR)/var/vtpm/fifos; \
 	fi
+	if [ ! -d "$(DESTDIR)/var/vtpm/socks" ]; \
+		then mkdir -p $(DESTDIR)/var/vtpm/socks; \
+	fi
 	$(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR)
 
 .PHONY: clean
diff --git a/tools/vtpm_manager/manager/dmictl.c b/tools/vtpm_manager/manager/dmictl.c
index fee0cb9599..5c3cf7ec74 100644
--- a/tools/vtpm_manager/manager/dmictl.c
+++ b/tools/vtpm_manager/manager/dmictl.c
@@ -54,7 +54,7 @@
 // if dmi_res is non-null, then return a pointer to new object.
 // Also, this does not fill in the measurements. They should be filled by
 // design dependent code or saveNVM
-TPM_RESULT init_dmi(UINT32 dmi_id, BYTE type,  VTPM_DMI_RESOURCE **dmi_res) {
+TPM_RESULT init_dmi(UINT32 dmi_id, BYTE dmi_type, VTPM_DMI_RESOURCE **dmi_res) {
 
   TPM_RESULT status=TPM_SUCCESS;
   VTPM_DMI_RESOURCE *new_dmi=NULL;
@@ -66,6 +66,7 @@ TPM_RESULT init_dmi(UINT32 dmi_id, BYTE type,  VTPM_DMI_RESOURCE **dmi_res) {
   }
   memset(new_dmi, 0, sizeof(VTPM_DMI_RESOURCE));
   new_dmi->dmi_id = dmi_id;
+  new_dmi->dmi_type = dmi_type;
   new_dmi->connected = FALSE;
   new_dmi->TCSContext = 0;
 
@@ -120,47 +121,46 @@ TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf) {
   
   VTPM_DMI_RESOURCE *new_dmi=NULL;
   TPM_RESULT status=TPM_FAIL;
-  BYTE type, startup_mode;
+  BYTE dmi_type, vm_type, startup_mode;
   UINT32 dmi_id; 
 
   if (param_buf == NULL) { // Assume creation of Dom 0 control
-    type = VTPM_TYPE_NON_MIGRATABLE;
+    dmi_type = VTPM_TYPE_NON_MIGRATABLE;
     dmi_id = VTPM_CTL_DM;
-  } else if (buffer_len(param_buf) != sizeof(BYTE) + sizeof(BYTE) + sizeof(UINT32)) {
+  } else if (buffer_len(param_buf) != sizeof(BYTE) * 3  + sizeof(UINT32)) {
     vtpmloginfo(VTPM_LOG_VTPM, "New DMI command wrong length: %d.\n", buffer_len(param_buf));
     status = TPM_BAD_PARAMETER;
     goto abort_egress;
   } else {
     vtpm_globals->connected_dmis++; // Put this here so we don't count Dom0
-    BSG_UnpackList( param_buf->bytes, 3,
-		    BSG_TYPE_BYTE, &type,
+    BSG_UnpackList( param_buf->bytes, 4,
+		    BSG_TYPE_BYTE, &dmi_type,
 		    BSG_TYPE_BYTE, &startup_mode,
+		    BSG_TYPE_BYTE, &vm_type,
 		    BSG_TYPE_UINT32,  &dmi_id);
   }
 
+  if ((dmi_type != VTPM_TYPE_NON_MIGRATABLE) && (dmi_type != VTPM_TYPE_MIGRATABLE)) {
+    vtpmlogerror(VTPM_LOG_VTPM, "Creation of VTPM with illegal type.\n");
+    status = TPM_BAD_PARAMETER;
+    goto abort_egress;
+  }
+
   new_dmi = (VTPM_DMI_RESOURCE *) hashtable_search(vtpm_globals->dmi_map, &dmi_id);
   if (new_dmi == NULL) { 
     vtpmloginfo(VTPM_LOG_VTPM, "Creating new DMI instance %d attached.\n", dmi_id );
     // Brand New DMI. Initialize the persistent pieces
-    TPMTRYRETURN(init_dmi(dmi_id, type, &new_dmi) );  
+    TPMTRYRETURN(init_dmi(dmi_id, dmi_type, &new_dmi) );  
   } else 
     vtpmloginfo(VTPM_LOG_VTPM, "Re-attaching DMI instance %d.\n", dmi_id);
 
-  if (type != VTPM_TYPE_MIGRATED) {
-    new_dmi->dmi_type = type;
-  } else {
-    vtpmlogerror(VTPM_LOG_VTPM, "Creation of VTPM with illegal type.\n");
-    status = TPM_BAD_PARAMETER;
-    goto abort_egress;
-  }
-  
   if (new_dmi->connected) {
     vtpmlogerror(VTPM_LOG_VTPM, "Attempt to re-attach, currently attached instance %d. Ignoring\n", dmi_id);
     status = TPM_BAD_PARAMETER;
     goto abort_egress;
   }
   
-  if (type == VTPM_TYPE_MIGRATED) {
+  if (new_dmi->dmi_type == VTPM_TYPE_MIGRATED) {
     vtpmlogerror(VTPM_LOG_VTPM, "Attempt to re-attach previously migrated instance %d without recovering first. Ignoring\n", dmi_id);
     status = TPM_BAD_PARAMETER;
     goto abort_egress;
@@ -173,7 +173,7 @@ TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf) {
 
   // Design specific new DMI code. 
   // Includes: create IPCs, Measuring DMI, and maybe launching DMI
-  status = VTPM_New_DMI_Extra(new_dmi, startup_mode);
+  TPMTRYRETURN(VTPM_New_DMI_Extra(new_dmi, vm_type, startup_mode) );
   goto egress;
   
  abort_egress:
diff --git a/tools/vtpm_manager/manager/vtpm_manager.h b/tools/vtpm_manager/manager/vtpm_manager.h
index cf9f09e636..a324a8f905 100644
--- a/tools/vtpm_manager/manager/vtpm_manager.h
+++ b/tools/vtpm_manager/manager/vtpm_manager.h
@@ -70,6 +70,10 @@
 #define VTPM_ORD_MIGRATE_OUT  (VTPM_PRIV_BASE + 5) // migrate VTPM to dest 
 
 //************************ Return Codes ****************************
+#define VTPM_TYPE_PVM 1 // Paravirtualized Domain
+#define VTPM_TYPE_HVM 2 // HVM Domain
+
+//************************ Return Codes ****************************
 #define VTPM_SUCCESS               0
 #define VTPM_FAIL                  1
 #define VTPM_UNSUPPORTED           2
@@ -104,8 +108,9 @@ VTPM Response Format
 
 VTPM_Open:
   Input Parameters:
-    Domain_type: 1 byte 
+    mig_type: 1 byte 
     startup_mode: 1 byte // Cold Boot = 1, resume = 2, deactive = 3
+    domain type: 1 byte
     instance_id: 4 bytes
   Output Parameters:
     None
diff --git a/tools/vtpm_manager/manager/vtpm_manager_handler.c b/tools/vtpm_manager/manager/vtpm_manager_handler.c
index 9226a4a9b6..2001074384 100644
--- a/tools/vtpm_manager/manager/vtpm_manager_handler.c
+++ b/tools/vtpm_manager/manager/vtpm_manager_handler.c
@@ -40,6 +40,7 @@
 #include <stdio.h>
 #include <unistd.h>
 #include <string.h>
+#include <errno.h>
 
 #include "vtpm_manager.h"
 #include "vtpmpriv.h"
@@ -105,7 +106,7 @@ TPM_RESULT VTPM_Manager_Handler( vtpm_ipc_handle_t *tx_ipc_h,
       for (i=0; i<size_read; i++) 
 	vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]);
     } else {
-      vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s can't read from ipc. Aborting... \n", thread_name);
+      vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s can't read from ipc. Errono = %d. Aborting... \n", thread_name, errno);
       goto abort_command;
     }
 
diff --git a/tools/vtpm_manager/manager/vtpmd.c b/tools/vtpm_manager/manager/vtpmd.c
index fa1204ba1a..cf58ba3fee 100644
--- a/tools/vtpm_manager/manager/vtpmd.c
+++ b/tools/vtpm_manager/manager/vtpmd.c
@@ -63,6 +63,9 @@
 #define VTPM_TX_HP_FNAME       "/var/vtpm/fifos/to_console.fifo"
 #define VTPM_RX_HP_FNAME       "/var/vtpm/fifos/from_console.fifo"
 
+#define VTPM_TYPE_PVM_STRING "pvm"
+#define VTPM_TYPE_HVM_STRING "hvm"
+
 struct vtpm_thread_params_s {
   vtpm_ipc_handle_t *tx_ipc_h;
   vtpm_ipc_handle_t *rx_ipc_h;
@@ -104,12 +107,12 @@ void signal_handler(int reason) {
 
 struct sigaction ctl_c_handler;
 
-TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE startup_mode) {
+TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE vm_type, BYTE startup_mode) {
 
   TPM_RESULT status = TPM_SUCCESS;
   int fh;
   char dmi_id_str[11]; // UINT32s are up to 10 digits + NULL
-  char *tx_vtpm_name, *tx_tpm_name;
+  char *tx_vtpm_name, *tx_tpm_name, *vm_type_string;
   struct stat file_info;
 
   if (dmi_res->dmi_id == VTPM_CTL_DM) {
@@ -156,6 +159,10 @@ TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE startup_mode) {
     */
     memset(&dmi_res->DMI_measurement, 0xcc, sizeof(TPM_DIGEST));
 
+    if (vm_type == VTPM_TYPE_PVM)
+      vm_type_string = (BYTE *)&VTPM_TYPE_PVM_STRING;
+    else
+      vm_type_string = (BYTE *)&VTPM_TYPE_HVM_STRING;
 
     // Launch DMI
     sprintf(dmi_id_str, "%d", (int) dmi_res->dmi_id);
@@ -172,13 +179,13 @@ TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE startup_mode) {
     } else if (pid == 0) {
       switch (startup_mode) {
       case TPM_ST_CLEAR:
-        execl (TPM_EMULATOR_PATH, "vtpmd", "clear", dmi_id_str, NULL);
+        execl (TPM_EMULATOR_PATH, "vtpmd", "clear", vm_type_string, dmi_id_str, NULL);
         break;
       case TPM_ST_STATE:
-        execl (TPM_EMULATOR_PATH, "vtpmd", "save", dmi_id_str, NULL);
+        execl (TPM_EMULATOR_PATH, "vtpmd", "save", vm_type_string, dmi_id_str, NULL);
         break;
       case TPM_ST_DEACTIVATED:
-        execl (TPM_EMULATOR_PATH, "vtpmd", "deactivated", dmi_id_str, NULL);
+        execl (TPM_EMULATOR_PATH, "vtpmd", "deactivated", vm_type_string, dmi_id_str, NULL);
         break;
       default:
         status = TPM_BAD_PARAMETER;
diff --git a/tools/vtpm_manager/manager/vtpmpriv.h b/tools/vtpm_manager/manager/vtpmpriv.h
index 4bec4f6baa..41e8d2d7db 100644
--- a/tools/vtpm_manager/manager/vtpmpriv.h
+++ b/tools/vtpm_manager/manager/vtpmpriv.h
@@ -165,7 +165,7 @@ TPM_RESULT VTPM_Handle_Get_Migration_key( const buffer_t *param_buf,
 TPM_RESULT VTPM_SaveManagerData(void);
 TPM_RESULT VTPM_LoadManagerData(void);
 
-TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE startup_mode);
+TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE vm_type, BYTE startup_mode);
 
 TPM_RESULT VTPM_Close_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res);