diff options
| author |   Patrick Ohly <patrick.ohly@intel.com> | 2017-12-06 12:03:32 +0100 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-12-10 22:41:43 +0000 |
| commit | 82f37aa4c5152f104897fff04f09ad55c20c2a3f (patch) | |
| tree | 1f12cceb9390f7d3715d2d9cfbeaecfbcedf1e51 /meta/recipes-devtools/qemu/qemu/0008-tpm-backend-Move-realloc_buffer-implementation-to-tp.patch | |
| parent | d9b59df1230a20c7a5c9f4fb0325bb9216025a16 (diff) | |
| download | openembedded-core-contrib-82f37aa4c5152f104897fff04f09ad55c20c2a3f.tar.gz | |
qemu: use upstream swtpm support
Upstream finally accepted and merged a different approach for
connecting QEMU to swtpm: instead of a custom cuse-tpm device, a
normal chardev connects to swtpm, and that chardev then is used by the
TPM device. For now we have to backport those patches, but the next
major QEMU update will have them.
However, the chardev-connect-socket-to-a-spawned-command.patch is
something that OE will have to carry permanently. It simplifies
starting and stopping swtpm when invoking QEMU through runqemu without
having to teach that script about the additional process. Upstream
rejected the patch because they want to keep the complexity of
starting additional processes out of QEMU.
A recent enough swtpm is needed. The one currently used by
meta-security fails to communicate properly with QEMU, leading to this
failure:
qemu-system-x86_64: -tpmdev emulator,id=tpm0,chardev=chrtpm0: tpm-emulator: Failed to send CMD_SET_DATAFD: Input/output error
qemu-system-x86_64: -tpmdev emulator,id=tpm0,chardev=chrtpm0: tpm-emulator: Could not cleanly shutdown the TPM: Invalid argument
With a recent enough swtpm, one can create a TPM device like this:
- bitbake swtpm-native
- create a TPM instance and initialize it with:
$ mkdir -p my-machine/myvtpm0
$ tmp*/work/*/swtpm-wrappers-native/*/swtpm_setup_oe.sh --tpm-state my-machine/myvtpm0 --createek
Starting vTPM manufacturing as root:root @ Wed 06 Dec 2017 10:03:14 AM CET
TPM is listening on TCP port 34613.
Successfully created EK.
Successfully authored TPM state.
Ending vTPM manufacturing @ Wed 06 Dec 2017 10:03:14 AM CET
- runqemu "qemuparams=-chardev 'socket,id=chrtpm0,cmd=exec
swtpm_oe.sh socket --terminate --ctrl type=unixio,,clientfd=0
--tpmstate dir=... --log level=10,,file=.../swtpm.log --tpm2'
-tpmdev emulator,id=tpm0,chardev=chrtpm0 -device
tpm-tis,tpmdev=tpm0" ...
Beware that the double commas are intentional. They are needed to
embed commas in the "cmd" value.
swtpm_oe.sh is from swtpm-wrappers-native. In the example it is
invoked without the full path for the sake of brevity. In practice,
one has to use the full
path (tmp*/work/*/swtpm-wrappers-native/*/swtpm_oe.sh).
With the TPM2-preview version of swtpm, the same works for TPM2 by
adding the --tpm2 parameter when invoking swtpm_setup_oe.sh and
swtpm_oe.sh.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/0008-tpm-backend-Move-realloc_buffer-implementation-to-tp.patch')
| -rw-r--r-- | meta/recipes-devtools/qemu/qemu/0008-tpm-backend-Move-realloc_buffer-implementation-to-tp.patch | 140 |
1 files changed, 140 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/0008-tpm-backend-Move-realloc_buffer-implementation-to-tp.patch b/meta/recipes-devtools/qemu/qemu/0008-tpm-backend-Move-realloc_buffer-implementation-to-tp.patch new file mode 100644 index 0000000000..94cc6c542c --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/0008-tpm-backend-Move-realloc_buffer-implementation-to-tp.patch @@ -0,0 +1,140 @@ +From 02189909fdc5e73b3ca54362084c16f0b67a3fdf Mon Sep 17 00:00:00 2001 +From: Amarnath Valluri <amarnath.valluri@intel.com> +Date: Fri, 7 Apr 2017 10:57:28 +0300 +Subject: [PATCH 08/12] tpm-backend: Move realloc_buffer() implementation to + tpm-tis model +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +buffer reallocation is very unlikely to be backend specific. Hence move inside +the tis. + +Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> +Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> +Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> + +Upstream-Status: Backport [d0c519bdffa303d141727369e55b157c45b03147] +--- + backends/tpm.c | 9 --------- + hw/tpm/tpm_passthrough.c | 12 ------------ + hw/tpm/tpm_tis.c | 14 ++++++++++++-- + include/sysemu/tpm_backend.h | 12 ------------ + 4 files changed, 12 insertions(+), 35 deletions(-) + +diff --git a/backends/tpm.c b/backends/tpm.c +index de313c9d5a..37c84b7c66 100644 +--- a/backends/tpm.c ++++ b/backends/tpm.c +@@ -80,15 +80,6 @@ bool tpm_backend_had_startup_error(TPMBackend *s) + return s->had_startup_error; + } + +-size_t tpm_backend_realloc_buffer(TPMBackend *s, TPMSizedBuffer *sb) +-{ +- TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s); +- +- assert(k->ops->realloc_buffer); +- +- return k->ops->realloc_buffer(sb); +-} +- + void tpm_backend_deliver_request(TPMBackend *s) + { + g_thread_pool_push(s->thread_pool, (gpointer)TPM_BACKEND_CMD_PROCESS_CMD, +diff --git a/hw/tpm/tpm_passthrough.c b/hw/tpm/tpm_passthrough.c +index 84fc49a4d3..22d3460550 100644 +--- a/hw/tpm/tpm_passthrough.c ++++ b/hw/tpm/tpm_passthrough.c +@@ -247,17 +247,6 @@ static int tpm_passthrough_reset_tpm_established_flag(TPMBackend *tb, + return 0; + } + +-static size_t tpm_passthrough_realloc_buffer(TPMSizedBuffer *sb) +-{ +- size_t wanted_size = 4096; /* Linux tpm.c buffer size */ +- +- if (sb->size != wanted_size) { +- sb->buffer = g_realloc(sb->buffer, wanted_size); +- sb->size = wanted_size; +- } +- return sb->size; +-} +- + static void tpm_passthrough_cancel_cmd(TPMBackend *tb) + { + TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); +@@ -435,7 +424,6 @@ static const TPMDriverOps tpm_passthrough_driver = { + .opts = tpm_passthrough_cmdline_opts, + .desc = "Passthrough TPM backend driver", + .create = tpm_passthrough_create, +- .realloc_buffer = tpm_passthrough_realloc_buffer, + .reset = tpm_passthrough_reset, + .cancel_cmd = tpm_passthrough_cancel_cmd, + .get_tpm_established_flag = tpm_passthrough_get_tpm_established_flag, +diff --git a/hw/tpm/tpm_tis.c b/hw/tpm/tpm_tis.c +index a6440fef91..d5118e7f60 100644 +--- a/hw/tpm/tpm_tis.c ++++ b/hw/tpm/tpm_tis.c +@@ -963,6 +963,16 @@ static int tpm_tis_do_startup_tpm(TPMState *s) + return tpm_backend_startup_tpm(s->be_driver); + } + ++static void tpm_tis_realloc_buffer(TPMSizedBuffer *sb) ++{ ++ size_t wanted_size = 4096; /* Linux tpm.c buffer size */ ++ ++ if (sb->size != wanted_size) { ++ sb->buffer = g_realloc(sb->buffer, wanted_size); ++ sb->size = wanted_size; ++ } ++} ++ + /* + * Get the TPMVersion of the backend device being used + */ +@@ -1010,9 +1020,9 @@ static void tpm_tis_reset(DeviceState *dev) + tis->loc[c].state = TPM_TIS_STATE_IDLE; + + tis->loc[c].w_offset = 0; +- tpm_backend_realloc_buffer(s->be_driver, &tis->loc[c].w_buffer); ++ tpm_tis_realloc_buffer(&tis->loc[c].w_buffer); + tis->loc[c].r_offset = 0; +- tpm_backend_realloc_buffer(s->be_driver, &tis->loc[c].r_buffer); ++ tpm_tis_realloc_buffer(&tis->loc[c].r_buffer); + } + + tpm_tis_do_startup_tpm(s); +diff --git a/include/sysemu/tpm_backend.h b/include/sysemu/tpm_backend.h +index e96c1918cc..2c798a1eb4 100644 +--- a/include/sysemu/tpm_backend.h ++++ b/include/sysemu/tpm_backend.h +@@ -84,8 +84,6 @@ struct TPMDriverOps { + /* start up the TPM on the backend */ + int (*startup_tpm)(TPMBackend *t); + +- size_t (*realloc_buffer)(TPMSizedBuffer *sb); +- + void (*reset)(TPMBackend *t); + + void (*cancel_cmd)(TPMBackend *t); +@@ -140,16 +138,6 @@ int tpm_backend_startup_tpm(TPMBackend *s); + bool tpm_backend_had_startup_error(TPMBackend *s); + + /** +- * tpm_backend_realloc_buffer: +- * @s: the backend +- * @sb: the TPMSizedBuffer to re-allocated to the size suitable for the +- * backend. +- * +- * This function returns the size of the allocated buffer +- */ +-size_t tpm_backend_realloc_buffer(TPMBackend *s, TPMSizedBuffer *sb); +- +-/** + * tpm_backend_deliver_request: + * @s: the backend to send the request to + * +-- +2.11.0 + |