From 9f0cf56683a0efcaa3cda67c534144d335f7ad2c Mon Sep 17 00:00:00 2001
From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Date: Thu, 21 Mar 2013 16:11:22 -0400
Subject: mini-os/tpmback: add tpmback_get_peercontext

This allows the XSM label of the TPM's client domain to be retrieved.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
---
 extras/mini-os/events.c          | 22 ++++++++++++++++++++++
 extras/mini-os/include/events.h  |  1 +
 extras/mini-os/include/tpmback.h |  2 ++
 extras/mini-os/tpmback.c         | 11 +++++++++++
 4 files changed, 36 insertions(+)

(limited to 'extras')

diff --git a/extras/mini-os/events.c b/extras/mini-os/events.c
index 896c36565c..036b84b691 100644
--- a/extras/mini-os/events.c
+++ b/extras/mini-os/events.c
@@ -21,6 +21,7 @@
 #include <mini-os/hypervisor.h>
 #include <mini-os/events.h>
 #include <mini-os/lib.h>
+#include <xen/xsm/flask_op.h>
 
 #define NR_EVS 1024
 
@@ -258,6 +259,27 @@ int evtchn_bind_interdomain(domid_t pal, evtchn_port_t remote_port,
     return rc;
 }
 
+int evtchn_get_peercontext(evtchn_port_t local_port, char *ctx, int size)
+{
+    int rc;
+    uint32_t sid;
+    struct xen_flask_op op;
+    op.cmd = FLASK_GET_PEER_SID;
+    op.interface_version = XEN_FLASK_INTERFACE_VERSION;
+    op.u.peersid.evtchn = local_port;
+    rc = _hypercall1(int, xsm_op, &op);
+    if (rc)
+        return rc;
+    sid = op.u.peersid.sid;
+    op.cmd = FLASK_SID_TO_CONTEXT;
+    op.u.sid_context.sid = sid;
+    op.u.sid_context.size = size;
+    set_xen_guest_handle(op.u.sid_context.context, ctx);
+    rc = _hypercall1(int, xsm_op, &op);
+    return rc;
+}
+
+
 /*
  * Local variables:
  * mode: C
diff --git a/extras/mini-os/include/events.h b/extras/mini-os/include/events.h
index 912e4cff09..0e9d3a7479 100644
--- a/extras/mini-os/include/events.h
+++ b/extras/mini-os/include/events.h
@@ -37,6 +37,7 @@ int evtchn_alloc_unbound(domid_t pal, evtchn_handler_t handler,
 int evtchn_bind_interdomain(domid_t pal, evtchn_port_t remote_port,
 							evtchn_handler_t handler, void *data,
 							evtchn_port_t *local_port);
+int evtchn_get_peercontext(evtchn_port_t local_port, char *ctx, int size);
 void unbind_all_ports(void);
 
 static inline int notify_remote_via_evtchn(evtchn_port_t port)
diff --git a/extras/mini-os/include/tpmback.h b/extras/mini-os/include/tpmback.h
index a6cbbf1791..4408986f25 100644
--- a/extras/mini-os/include/tpmback.h
+++ b/extras/mini-os/include/tpmback.h
@@ -99,4 +99,6 @@ void* tpmback_get_opaque(domid_t domid, unsigned int handle);
 /* Returns zero if successful, nonzero on failure (no such frontend) */
 int tpmback_set_opaque(domid_t domid, unsigned int handle, void* opaque);
 
+/* Get the XSM context of the given domain (using the tpmback event channel) */
+int tpmback_get_peercontext(domid_t domid, unsigned int handle, void* buffer, int buflen);
 #endif
diff --git a/extras/mini-os/tpmback.c b/extras/mini-os/tpmback.c
index 21dd20606f..43e840d910 100644
--- a/extras/mini-os/tpmback.c
+++ b/extras/mini-os/tpmback.c
@@ -830,6 +830,17 @@ unsigned char* tpmback_get_uuid(domid_t domid, unsigned int handle)
    return tpmif->uuid;
 }
 
+int tpmback_get_peercontext(domid_t domid, unsigned int handle, void* buffer, int buflen)
+{
+   tpmif_t* tpmif;
+   if((tpmif = get_tpmif(domid, handle)) == NULL) {
+      TPMBACK_DEBUG("get_uuid() failed, %u/%u is an invalid frontend\n", (unsigned int) domid, handle);
+      return -1;
+   }
+
+   return evtchn_get_peercontext(tpmif->evtchn, buffer, buflen);
+}
+
 static void event_listener(void)
 {
    const char* bepath = "backend/vtpm";
-- 
cgit v1.2.3