| Message ID | 20220826154602.362516-2-stefanb@linux.ibm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | tpm_emulator: Signal swtpm to re-lock storage | expand |
On Fri, Aug 26, 2022 at 7:52 PM Stefan Berger <stefanb@linux.ibm.com> wrote: > Use the latest tpm_ioctl.h from upstream swtpm project. > > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> > --- > backends/tpm/tpm_ioctl.h | 96 +++++++++++++++++++++++++++++++--------- > 1 file changed, 76 insertions(+), 20 deletions(-) > > diff --git a/backends/tpm/tpm_ioctl.h b/backends/tpm/tpm_ioctl.h > index bd6c12cb86..20b1c7965a 100644 > --- a/backends/tpm/tpm_ioctl.h > +++ b/backends/tpm/tpm_ioctl.h > @@ -5,11 +5,16 @@ > * > * This file is licensed under the terms of the 3-clause BSD license > */ > +#ifndef _TPM_IOCTL_H_ > +#define _TPM_IOCTL_H_ > > -#ifndef TPM_IOCTL_H > -#define TPM_IOCTL_H > +#if defined(__CYGWIN__) > +# define __USE_LINUX_IOCTL_DEFS > +#endif > > +#include <stdint.h> > #include <sys/uio.h> > +#include <sys/types.h> > #include <sys/ioctl.h> > > #ifdef HAVE_SYS_IOCCOM_H > @@ -194,6 +199,48 @@ struct ptm_setbuffersize { > } u; > }; > > +#define PTM_GETINFO_SIZE (3 * 1024) > +/* > + * PTM_GET_INFO: Get info about the TPM implementation (from libtpms) > + * > + * This request allows to indirectly call TPMLIB_GetInfo(flags) and > + * retrieve information from libtpms. > + * Only one transaction is currently necessary for returning results > + * to a client. Therefore, totlength and length will be the same if > + * offset is 0. > + */ > +struct ptm_getinfo { > + union { > + struct { > + uint64_t flags; > + uint32_t offset; /* offset from where to read */ > + uint32_t pad; /* 32 bit arch */ > + } req; /* request */ > + struct { > + ptm_res tpm_result; > + uint32_t totlength; > + uint32_t length; > + char buffer[PTM_GETINFO_SIZE]; > + } resp; /* response */ > + } u; > +}; > + > +#define SWTPM_INFO_TPMSPECIFICATION ((uint64_t)1 << 0) > +#define SWTPM_INFO_TPMATTRIBUTES ((uint64_t)1 << 1) > + > +/* > + * PTM_LOCK_STORAGE: Lock the storage and retry n times > + */ > +struct ptm_lockstorage { > + union { > + struct { > + uint32_t retries; /* number of retries */ > + } req; /* request */ > + struct { > + ptm_res tpm_result; > + } resp; /* reponse */ > + } u; > +}; > > typedef uint64_t ptm_cap; > typedef struct ptm_est ptm_est; > @@ -205,6 +252,8 @@ typedef struct ptm_getstate ptm_getstate; > typedef struct ptm_setstate ptm_setstate; > typedef struct ptm_getconfig ptm_getconfig; > typedef struct ptm_setbuffersize ptm_setbuffersize; > +typedef struct ptm_getinfo ptm_getinfo; > +typedef struct ptm_lockstorage ptm_lockstorage; > > /* capability flags returned by PTM_GET_CAPABILITY */ > #define PTM_CAP_INIT (1) > @@ -221,6 +270,9 @@ typedef struct ptm_setbuffersize ptm_setbuffersize; > #define PTM_CAP_GET_CONFIG (1 << 11) > #define PTM_CAP_SET_DATAFD (1 << 12) > #define PTM_CAP_SET_BUFFERSIZE (1 << 13) > +#define PTM_CAP_GET_INFO (1 << 14) > +#define PTM_CAP_SEND_COMMAND_HEADER (1 << 15) > +#define PTM_CAP_LOCK_STORAGE (1 << 16) > > enum { > PTM_GET_CAPABILITY = _IOR('P', 0, ptm_cap), > @@ -240,6 +292,8 @@ enum { > PTM_GET_CONFIG = _IOR('P', 14, ptm_getconfig), > PTM_SET_DATAFD = _IOR('P', 15, ptm_res), > PTM_SET_BUFFERSIZE = _IOWR('P', 16, ptm_setbuffersize), > + PTM_GET_INFO = _IOWR('P', 17, ptm_getinfo), > + PTM_LOCK_STORAGE = _IOWR('P', 18, ptm_lockstorage), > }; > > /* > @@ -253,23 +307,25 @@ enum { > * and ptm_set_state:u.req.data) are 0xffffffff. > */ > enum { > - CMD_GET_CAPABILITY = 1, > - CMD_INIT, > - CMD_SHUTDOWN, > - CMD_GET_TPMESTABLISHED, > - CMD_SET_LOCALITY, > - CMD_HASH_START, > - CMD_HASH_DATA, > - CMD_HASH_END, > - CMD_CANCEL_TPM_CMD, > - CMD_STORE_VOLATILE, > - CMD_RESET_TPMESTABLISHED, > - CMD_GET_STATEBLOB, > - CMD_SET_STATEBLOB, > - CMD_STOP, > - CMD_GET_CONFIG, > - CMD_SET_DATAFD, > - CMD_SET_BUFFERSIZE, > + CMD_GET_CAPABILITY = 1, /* 0x01 */ > + CMD_INIT, /* 0x02 */ > + CMD_SHUTDOWN, /* 0x03 */ > + CMD_GET_TPMESTABLISHED, /* 0x04 */ > + CMD_SET_LOCALITY, /* 0x05 */ > + CMD_HASH_START, /* 0x06 */ > + CMD_HASH_DATA, /* 0x07 */ > + CMD_HASH_END, /* 0x08 */ > + CMD_CANCEL_TPM_CMD, /* 0x09 */ > + CMD_STORE_VOLATILE, /* 0x0a */ > + CMD_RESET_TPMESTABLISHED, /* 0x0b */ > + CMD_GET_STATEBLOB, /* 0x0c */ > + CMD_SET_STATEBLOB, /* 0x0d */ > + CMD_STOP, /* 0x0e */ > + CMD_GET_CONFIG, /* 0x0f */ > + CMD_SET_DATAFD, /* 0x10 */ > + CMD_SET_BUFFERSIZE, /* 0x11 */ > + CMD_GET_INFO, /* 0x12 */ > + CMD_LOCK_STORAGE, /* 0x13 */ > }; > > -#endif /* TPM_IOCTL_H */ > +#endif /* _TPM_IOCTL_H_ */ > -- > 2.37.2 > > >
On 8/31/22 07:36, Marc-André Lureau wrote: > > On Fri, Aug 26, 2022 at 7:52 PM Stefan Berger <stefanb@linux.ibm.com > <mailto:stefanb@linux.ibm.com>> wrote: > > Use the latest tpm_ioctl.h from upstream swtpm project. > > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com > <mailto:stefanb@linux.ibm.com>> > > > Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com > <mailto:marcandre.lureau@redhat.com>> Thanks. I had to rebase and modify it a bit now that the PR with the _WIN32 changes is merged and will post a v2 soon. Any comments on 2/2? Stefan
diff --git a/backends/tpm/tpm_ioctl.h b/backends/tpm/tpm_ioctl.h index bd6c12cb86..20b1c7965a 100644 --- a/backends/tpm/tpm_ioctl.h +++ b/backends/tpm/tpm_ioctl.h @@ -5,11 +5,16 @@ * * This file is licensed under the terms of the 3-clause BSD license */ +#ifndef _TPM_IOCTL_H_ +#define _TPM_IOCTL_H_ -#ifndef TPM_IOCTL_H -#define TPM_IOCTL_H +#if defined(__CYGWIN__) +# define __USE_LINUX_IOCTL_DEFS +#endif +#include <stdint.h> #include <sys/uio.h> +#include <sys/types.h> #include <sys/ioctl.h> #ifdef HAVE_SYS_IOCCOM_H @@ -194,6 +199,48 @@ struct ptm_setbuffersize { } u; }; +#define PTM_GETINFO_SIZE (3 * 1024) +/* + * PTM_GET_INFO: Get info about the TPM implementation (from libtpms) + * + * This request allows to indirectly call TPMLIB_GetInfo(flags) and + * retrieve information from libtpms. + * Only one transaction is currently necessary for returning results + * to a client. Therefore, totlength and length will be the same if + * offset is 0. + */ +struct ptm_getinfo { + union { + struct { + uint64_t flags; + uint32_t offset; /* offset from where to read */ + uint32_t pad; /* 32 bit arch */ + } req; /* request */ + struct { + ptm_res tpm_result; + uint32_t totlength; + uint32_t length; + char buffer[PTM_GETINFO_SIZE]; + } resp; /* response */ + } u; +}; + +#define SWTPM_INFO_TPMSPECIFICATION ((uint64_t)1 << 0) +#define SWTPM_INFO_TPMATTRIBUTES ((uint64_t)1 << 1) + +/* + * PTM_LOCK_STORAGE: Lock the storage and retry n times + */ +struct ptm_lockstorage { + union { + struct { + uint32_t retries; /* number of retries */ + } req; /* request */ + struct { + ptm_res tpm_result; + } resp; /* reponse */ + } u; +}; typedef uint64_t ptm_cap; typedef struct ptm_est ptm_est; @@ -205,6 +252,8 @@ typedef struct ptm_getstate ptm_getstate; typedef struct ptm_setstate ptm_setstate; typedef struct ptm_getconfig ptm_getconfig; typedef struct ptm_setbuffersize ptm_setbuffersize; +typedef struct ptm_getinfo ptm_getinfo; +typedef struct ptm_lockstorage ptm_lockstorage; /* capability flags returned by PTM_GET_CAPABILITY */ #define PTM_CAP_INIT (1) @@ -221,6 +270,9 @@ typedef struct ptm_setbuffersize ptm_setbuffersize; #define PTM_CAP_GET_CONFIG (1 << 11) #define PTM_CAP_SET_DATAFD (1 << 12) #define PTM_CAP_SET_BUFFERSIZE (1 << 13) +#define PTM_CAP_GET_INFO (1 << 14) +#define PTM_CAP_SEND_COMMAND_HEADER (1 << 15) +#define PTM_CAP_LOCK_STORAGE (1 << 16) enum { PTM_GET_CAPABILITY = _IOR('P', 0, ptm_cap), @@ -240,6 +292,8 @@ enum { PTM_GET_CONFIG = _IOR('P', 14, ptm_getconfig), PTM_SET_DATAFD = _IOR('P', 15, ptm_res), PTM_SET_BUFFERSIZE = _IOWR('P', 16, ptm_setbuffersize), + PTM_GET_INFO = _IOWR('P', 17, ptm_getinfo), + PTM_LOCK_STORAGE = _IOWR('P', 18, ptm_lockstorage), }; /* @@ -253,23 +307,25 @@ enum { * and ptm_set_state:u.req.data) are 0xffffffff. */ enum { - CMD_GET_CAPABILITY = 1, - CMD_INIT, - CMD_SHUTDOWN, - CMD_GET_TPMESTABLISHED, - CMD_SET_LOCALITY, - CMD_HASH_START, - CMD_HASH_DATA, - CMD_HASH_END, - CMD_CANCEL_TPM_CMD, - CMD_STORE_VOLATILE, - CMD_RESET_TPMESTABLISHED, - CMD_GET_STATEBLOB, - CMD_SET_STATEBLOB, - CMD_STOP, - CMD_GET_CONFIG, - CMD_SET_DATAFD, - CMD_SET_BUFFERSIZE, + CMD_GET_CAPABILITY = 1, /* 0x01 */ + CMD_INIT, /* 0x02 */ + CMD_SHUTDOWN, /* 0x03 */ + CMD_GET_TPMESTABLISHED, /* 0x04 */ + CMD_SET_LOCALITY, /* 0x05 */ + CMD_HASH_START, /* 0x06 */ + CMD_HASH_DATA, /* 0x07 */ + CMD_HASH_END, /* 0x08 */ + CMD_CANCEL_TPM_CMD, /* 0x09 */ + CMD_STORE_VOLATILE, /* 0x0a */ + CMD_RESET_TPMESTABLISHED, /* 0x0b */ + CMD_GET_STATEBLOB, /* 0x0c */ + CMD_SET_STATEBLOB, /* 0x0d */ + CMD_STOP, /* 0x0e */ + CMD_GET_CONFIG, /* 0x0f */ + CMD_SET_DATAFD, /* 0x10 */ + CMD_SET_BUFFERSIZE, /* 0x11 */ + CMD_GET_INFO, /* 0x12 */ + CMD_LOCK_STORAGE, /* 0x13 */ }; -#endif /* TPM_IOCTL_H */ +#endif /* _TPM_IOCTL_H_ */
Use the latest tpm_ioctl.h from upstream swtpm project. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- backends/tpm/tpm_ioctl.h | 96 +++++++++++++++++++++++++++++++--------- 1 file changed, 76 insertions(+), 20 deletions(-)