On Thu, 2023-10-05 at 08:49 +0200, Philippe Mathieu-Daudé wrote: > Hi James, > > On 4/10/23 20:42, James Bottomley wrote: > > From: James Bottomley <james.bottom...@hansenpartnership.com> > > > > The Microsoft Simulator (mssim) is the reference emulation platform > > for the TCG TPM 2.0 specification. > > > > https://github.com/Microsoft/ms-tpm-20-ref.git > > > > It exports a fairly simple network socket based protocol on two > > sockets, one for command (default 2321) and one for control > > (default > > 2322). This patch adds a simple backend that can speak the mssim > > protocol over the network. It also allows the two sockets to be > > specified on the command line. The benefits are twofold: firstly > > it > > gives us a backend that actually speaks a standard TPM emulation > > protocol instead of the linux specific TPM driver format of the > > current emulated TPM backend and secondly, using the microsoft > > protocol, the end point of the emulator can be anywhere on the > > network, facilitating the cloud use case where a central TPM > > service > > can be used over a control network. > > > > The implementation does basic control commands like power off/on, > > but > > doesn't implement cancellation or startup. The former because > > cancellation is pretty much useless on a fast operating TPM > > emulator > > and the latter because this emulator is designed to be used with > > OVMF > > which itself does TPM startup and I wanted to validate that. > > > > To run this, simply download an emulator based on the MS > > specification > > (package ibmswtpm2 on openSUSE) and run it, then add these two > > lines > > to the qemu command and it will use the emulator. > > > > -tpmdev mssim,id=tpm0 \ > > -device tpm-crb,tpmdev=tpm0 \ > > > > to use a remote emulator replace the first line with > > > > -tpmdev > > "{'type':'mssim','id':'tpm0','command':{'type':inet,'host':'remote' > > ,'port':'2321'}}" > > > > tpm-tis also works as the backend. > > > > Signed-off-by: James Bottomley <j...@linux.ibm.com> > > Acked-by: Markus Armbruster <arm...@redhat.com> > > > > --- > > > > v2: convert to SocketAddr json and use > > qio_channel_socket_connect_sync() > > v3: gate control power off by migration state keep control socket > > disconnected > > to test outside influence and add docs. > > v7: TPMmssim -> TPMMssim; doc and json fixes > > Make command socket open each time (makes OS debugging easier) > > --- > > MAINTAINERS | 6 + > > backends/tpm/Kconfig | 5 + > > backends/tpm/meson.build | 1 + > > backends/tpm/tpm_mssim.c | 319 > > +++++++++++++++++++++++++++++++++++++++ > > backends/tpm/tpm_mssim.h | 44 ++++++ > > docs/specs/tpm.rst | 39 +++++ > > qapi/tpm.json | 32 +++- > > softmmu/tpm-hmp-cmds.c | 9 ++ > > 8 files changed, 451 insertions(+), 4 deletions(-) > > create mode 100644 backends/tpm/tpm_mssim.c > > create mode 100644 backends/tpm/tpm_mssim.h > > > > diff --git a/docs/specs/tpm.rst b/docs/specs/tpm.rst > > index efe124a148..4fe6c5f051 100644 > > --- a/docs/specs/tpm.rst > > +++ b/docs/specs/tpm.rst > > @@ -274,6 +274,42 @@ available as a module (assuming a TPM 2 is > > passed through): > > /sys/devices/LNXSYSTEM:00/LNXSYBUS:00/MSFT0101:00/tpm/tpm0/pcr- > > sha256/9 > > ... > > > > +The QEMU TPM Microsoft Simulator Device > > +--------------------------------------- > > + > > +The Microsoft Simulator (mssim) is the reference emulation > > platform > > +for the TCG TPM 2.0 specification. It provides a reference > > +implementation for the TPM 2.0 written by Microsoft (See > > +`ms-tpm-20-ref`_ on github). The reference implementation starts > > a > > +network server and listens for TPM commands on port 2321 and TPM > > +Platform control commands on port 2322, although these can be > > altered. > > +The QEMU mssim TPM backend talks to this implementation. By > > default > > +it connects to the default ports on localhost: > > + > > +.. code-block:: console > > + > > + qemu-system-x86_64 <qemu-options> \ > > + -tpmdev mssim,id=tpm0 \ > > + -device tpm-crb,tpmdev=tpm0 > > + > > + > > +Although it can also communicate with a remote host, which must be > > +specified as a SocketAddress via json or dotted keys on the > > command > > +line for each of the command and control ports: > > + > > +.. code-block:: console > > + > > + qemu-system-x86_64 <qemu-options> \ > > + -tpmdev > > "{'type':'mssim','id':'tpm0','command':{'type':'inet','host':'remot > > e','port':'2321'},'control':{'type':'inet','host':'remote','port':' > > 2322'}}" \ > > + -device tpm-crb,tpmdev=tpm0 > > Did you test running this command line on a big-endian host?
Well no, big endian machines are rather rare nowadays. However, since the QIOChannelSocket abstraction is based on SocketAddress, which is a qapi wrapper around strings, what makes you think the endianness would matter? James
