aboutsummaryrefslogtreecommitdiffstats
path: root/stubdom/vtpm
Commit message (Collapse)AuthorAgeFilesLines
* stubdom/vtpm: Silently ignore rm errors during make cleanDaniel Kiper2013-05-081-1/+1
| | | | | | Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
* stubdom/vtpm: constrain locality by XSM labelDaniel De Graaf2013-04-121-2/+74
| | | | | | | | | | | This adds the ability for a vTPM to constrain what localities a given client domain can use based on its XSM label. For example: locality=user_1:vm_r:domU_t=0,1,2 locality=user_1:vm_r:watcher_t=5 An arbitrary prefix can be matched by using a '*'. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
* stubdom/vtpm: support multiple backendsDaniel De Graaf2013-04-121-12/+2
| | | | Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
* stubdom/vtpm: make state save operation atomicDaniel De Graaf2013-04-121-14/+60
| | | | | | | | | | This changes the save format of the vtpm stubdom to include two copies of the saved data: one active, and one inactive. When saving the state, data is written to the inactive slot before updating the key and hash saved with the TPM Manager, which determines the active slot when the vTPM starts up. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
* stubdom/vtpm: Support locality fieldDaniel De Graaf2013-04-121-1/+1
| | | | | | | | | | | | The vTPM protocol now contains a field allowing the locality of a command to be specified; pass this to the TPM when processing a packet. While the locality is not currently checked for validity, a binding between locality and some distinguishing feature of the client domain (such as the XSM label) will need to be defined in order to properly support a multi-client vTPM. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu>
* mini-os/tpmback: set up callbacks before enumerationDaniel De Graaf2013-04-121-1/+1
| | | | | | | | | | | | The open/close callbacks in tpmback cannot be properly initalized in order to catch the initial enumeration events because init_tpmback clears the callbacks and then asynchronously starts the enumeration of existing tpmback devices. Fix this by passing the callbacks to init_tpmback so they can be installed before enumeration. This also removes the unused callbacks for suspend and resume. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
* vtpm/vtpmmgr: Use libpolarssl.a instead of hardcoding own list of .o filesIan Campbell2013-01-241-4/+1
| | | | | | Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> Committed-by: Ian Campbell <ian.campbell@citrix.com>
* vtpmmgr: fix build on 32-bitIan Campbell2013-01-211-1/+1
| | | | | | | | | | | | | | | | | | | Correct format string, fixing: vtpm_storage.c: In function 'vtpm_storage_load_header': vtpm_storage.c:658: error: format '%ld' expects type 'long int', but argument 5 has type 'unsigned int' vtpm_storage.c:658: error: format '%ld' expects type 'long int', but argument 5 has type 'unsigned int' make[2]: *** [vtpm_storage.o] Error 1 Add padlock.o to PSSL_OBJS, fixing: /local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os.o: In function `aes_crypt_ecb': /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:659: undefined reference to `padlock_supports' /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:661: undefined reference to `padlock_xcryptecb' /local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os.o: In function `aes_crypt_cbc': /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:771: undefined reference to `padlock_supports' /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:773: undefined reference to `padlock_xcryptcbc' make[1]: *** [/local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os] Error 1 Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> [ ijc -- applied same fix to stubdom/vtpm/Makefile ] Committed-by: Ian Campbell <ian.campbell@citrix.com>
* Add vtpm documentationMatthew Fioravante2013-01-181-0/+75
| | | | | | | | See the files included in this patch for details Signed-off-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
* add vtpm-stubdom codeMatthew Fioravante2013-01-1810-0/+1212
Add the code base for vtpm-stubdom to the stubdom heirarchy. Makefile changes in later patch. Signed-off-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-16 08:57:33 +0000