Re: [Qemu-devel] [PATCH 1/5] Add TPM 1.2 device interface
On 02/24/2011 10:30 AM, Andreas Niederl wrote: On 02/18/2011 05:37 PM, Stefan Berger wrote: [...] I have a tpm_tis.c with major changes in it getting rid of the polling, closer to specs that passes a test suite and a registerable backend as well that has several more interface functions, due to support for snapshotting etc. Unfortunately it doesn't make much sense for me to post it since the backend is based on a library that's currently in the Fedora review process and nobody else could build or test it -- unless there really was interest in reviewing at least some part of it. It would certainly be desirable if your backend and mine could be accommodate. I am looking for a rather soon integration of this functionality (at least with my host passthrough backend) into the main project. We could try to integrate your improved device emulation frontend along with the infrastructure for using different backends while your library is still being reviewed. I would post my (rather simple) direct host passthrough backend along with it, so testing can be done. That way, we would have the better part of the TPM emulation framework available in Qemu and you could post your library-based backend as soon as it has finished its review. I will post my patches soon. Stefan Andreas
Re: [Qemu-devel] [PATCH 1/5] Add TPM 1.2 device interface
On 02/18/2011 05:37 PM, Stefan Berger wrote: [...] > I have a tpm_tis.c with major changes in it getting rid of the polling, > closer to specs that passes a test suite and a registerable backend as > well that has several more interface functions, due to support for > snapshotting etc. Unfortunately it doesn't make much sense for me to > post it since the backend is based on a library that's currently in the > Fedora review process and nobody else could build or test it -- unless > there really was interest in reviewing at least some part of it. > > It would certainly be desirable if your backend and mine could be > accommodate. I am looking for a rather soon integration of this functionality (at least with my host passthrough backend) into the main project. We could try to integrate your improved device emulation frontend along with the infrastructure for using different backends while your library is still being reviewed. I would post my (rather simple) direct host passthrough backend along with it, so testing can be done. That way, we would have the better part of the TPM emulation framework available in Qemu and you could post your library-based backend as soon as it has finished its review. Andreas smime.p7s Description: S/MIME Cryptographic Signature
Re: [Qemu-devel] [PATCH 1/5] Add TPM 1.2 device interface
On 02/21/2011 12:03 PM, Andreas Niederl wrote: On 02/18/2011 09:27 PM, Stefan Berger wrote: On 02/18/2011 12:37 PM, Andreas Niederl wrote: [...] So I'm guessing that this library is not publicly available right now? Not via the fedora repository at least. So yum install does not work, yet. Is the source code available in a public version control repository? If so, could you please provide a URI to it? Here's the link to the review request including links to spec and source rpm: https://bugzilla.redhat.com/show_bug.cgi?id=668052 Is this backend meant for integration into QEMU or does it run as separate process? The backend is meant for integration in Qemu. It runs as a thread. I see. Has there already been an effort to integrate this with the main project? No. Since the library is not available yet I haven't posted the code for the TIS and backend, yet. How/Where could I integrate a passthrough backend like the one in this patch series? It's possible via similar mechanisms as you have, just the interface is bigger and main code calls into the interface at different times. I'd need to share the code with you. I'd like to have a look at it. Ok. I'll either share it here or via the mailing list. It may be later this week, though. Stefan
Re: [Qemu-devel] [PATCH 1/5] Add TPM 1.2 device interface
On 02/18/2011 10:03 PM, Stefan Berger wrote:
> On 02/18/2011 10:33 AM, Andreas Niederl wrote:
[...]
>> +static ISADeviceInfo tpm_info = {
>> +.init = tpm_init,
>> +.qdev.name = "tpm",
>> +.qdev.desc = "TPM TIS Interface",
>> +.qdev.size = sizeof (TPMState),
>> +.qdev.vmsd =&vmstate_tpm,
> ... and here you're pointing to vmstate_tpm, which was also registered
> above using
>
> +
> +vmstate_register(&dev->qdev, 1,&vmstate_tpm, s);
>
>
> Are you sure this is necessary? In my implementation I only have the
> qdev.vmsd set and need not explicitly use vmstate_register(). Aren't you
> writing the state two times if you do that?
You're right, apparently I've missed that vmstate_save_state operates
recursively on fields of type VMS_STRUCT.
Also, manual registration of vmstate_tpm is not necessary.
Andreas
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [Qemu-devel] [PATCH 1/5] Add TPM 1.2 device interface
On 02/18/2011 09:27 PM, Stefan Berger wrote: > On 02/18/2011 12:37 PM, Andreas Niederl wrote: [...] >> So I'm guessing that this library is not publicly available right now? > Not via the fedora repository at least. So yum install does not work, yet. Is the source code available in a public version control repository? If so, could you please provide a URI to it? >> Is this backend meant for integration into QEMU or does it run as >> separate process? >> > The backend is meant for integration in Qemu. It runs as a thread. I see. Has there already been an effort to integrate this with the main project? >> How/Where could I integrate a passthrough backend like the one in this >> patch series? >> > It's possible via similar mechanisms as you have, just the interface is > bigger and main code calls into the interface at different times. I'd > need to share the code with you. I'd like to have a look at it. >> The polling code isn't really necessary for the host backend, I left it >> there just in case it would be needed by such a socket interface as is >> used in the Xen fork. >> > I don't think it's necessary to have it all. In the new code, the > frontend delivers a request to the backend and provides a callback > function for delivering the response back once received. Sounds good. >>> It would certainly be desirable if your backend and mine could be >>> accommodate. >> Of course. >> > Let's see how we do this. That would be great. Andreas smime.p7s Description: S/MIME Cryptographic Signature
Re: [Qemu-devel] [PATCH 1/5] Add TPM 1.2 device interface
On 02/18/2011 10:33 AM, Andreas Niederl wrote:
+
+static const VMStateDescription vmstate_loc = {
+.name = "loc",
+.version_id = 0,
+.fields = (VMStateField []) {
+VMSTATE_UINT32(state, TPMLocality),
+VMSTATE_UINT32(inte, TPMLocality),
+VMSTATE_UINT32(ints, TPMLocality),
+VMSTATE_UINT8(access, TPMLocality),
+VMSTATE_UINT8(sts,TPMLocality),
+VMSTATE_END_OF_LIST()
+}
+};
+
+static const VMStateDescription vmstate_tpm = {
+.name = "tpm",
+.version_id = 0,
+.minimum_version_id = 0,
+.minimum_version_id_old = 0,
+.pre_save = tpm_pre_save,
+.fields = (VMStateField []) {
+VMSTATE_UINT32(irq,TPMState),
+VMSTATE_UINT32(offset, TPMState),
+VMSTATE_BUFFER(buf,TPMState),
+VMSTATE_UINT8( active_locty, TPMState),
+VMSTATE_UINT8(aborting_locty, TPMState),
+VMSTATE_UINT8(next_locty, TPMState),
+VMSTATE_STRUCT_ARRAY(loc, TPMState, NUM_LOCALITIES, 0,
+ vmstate_loc, TPMLocality),
Here you are pointing to the above vmstate_loc ...
+VMSTATE_END_OF_LIST()
+}
+};
+
+/*
+
+vmstate_register(&dev->qdev, 1,&vmstate_tpm, s);
+for (i = 0; i< NUM_LOCALITIES; i++) {
+vmstate_register(&dev->qdev, 1,&vmstate_loc,&s->loc[i]);
... here you are (again) registering the localities ...
+}
+
+isa_init_irq(dev,&s->pic, isairq);
+s->irq = isairq;
+
+iomem = cpu_register_io_memory(tis_readfn, tis_writefn, s,
+DEVICE_LITTLE_ENDIAN);
+cpu_register_physical_memory(TIS_ADDR_BASE,
+0x1000 * NUM_LOCALITIES, iomem);
+
+s->poll_timer = qemu_new_timer(vm_clock, tis_poll_timer, s);
+
+return 0;
+}
+
+static void qdev_tpm_reset(DeviceState *dev)
+{
+TPMState *s = DO_UPCAST(TPMState, dev.qdev, dev);
+tpm_reset(s);
+}
+
+static ISADeviceInfo tpm_info = {
+.init = tpm_init,
+.qdev.name = "tpm",
+.qdev.desc = "TPM TIS Interface",
+.qdev.size = sizeof (TPMState),
+.qdev.vmsd =&vmstate_tpm,
... and here you're pointing to vmstate_tpm, which was also registered
above using
+
+vmstate_register(&dev->qdev, 1,&vmstate_tpm, s);
Are you sure this is necessary? In my implementation I only have the
qdev.vmsd set and need not explicitly use vmstate_register(). Aren't you
writing the state two times if you do that?
Stefan
Re: [Qemu-devel] [PATCH 1/5] Add TPM 1.2 device interface
On 02/18/2011 12:37 PM, Andreas Niederl wrote: On 02/18/2011 05:37 PM, Stefan Berger wrote: On 02/18/2011 10:33 AM, Andreas Niederl wrote: This implementation is based on the TPM 1.2 interface for virtualized TPM devices from the Xen-4.0.0 ioemu-qemu-xen fork. A backend driver infrastructure is provided to be able to use different device backends. [...] I have a tpm_tis.c with major changes in it getting rid of the polling, closer to specs that passes a test suite and a registerable backend as well that has several more interface functions, due to support for snapshotting etc. Unfortunately it doesn't make much sense for me to post it since the backend is based on a library that's currently in the Fedora review process and nobody else could build or test it -- unless there really was interest in reviewing at least some part of it. So I'm guessing that this library is not publicly available right now? Not via the fedora repository at least. So yum install does not work, yet. Is this backend meant for integration into QEMU or does it run as separate process? The backend is meant for integration in Qemu. It runs as a thread. How/Where could I integrate a passthrough backend like the one in this patch series? It's possible via similar mechanisms as you have, just the interface is bigger and main code calls into the interface at different times. I'd need to share the code with you. The polling code isn't really necessary for the host backend, I left it there just in case it would be needed by such a socket interface as is used in the Xen fork. I don't think it's necessary to have it all. In the new code, the frontend delivers a request to the backend and provides a callback function for delivering the response back once received. It would certainly be desirable if your backend and mine could be accommodate. Of course. Let's see how we do this. Stefan Regards, Andreas
Re: [Qemu-devel] [PATCH 1/5] Add TPM 1.2 device interface
On 02/18/2011 05:37 PM, Stefan Berger wrote: > On 02/18/2011 10:33 AM, Andreas Niederl wrote: >> This implementation is based on the TPM 1.2 interface for virtualized TPM >> devices from the Xen-4.0.0 ioemu-qemu-xen fork. >> >> A backend driver infrastructure is provided to be able to use different >> device backends. [...] > > I have a tpm_tis.c with major changes in it getting rid of the polling, > closer to specs that passes a test suite and a registerable backend as > well that has several more interface functions, due to support for > snapshotting etc. Unfortunately it doesn't make much sense for me to > post it since the backend is based on a library that's currently in the > Fedora review process and nobody else could build or test it -- unless > there really was interest in reviewing at least some part of it. So I'm guessing that this library is not publicly available right now? Is this backend meant for integration into QEMU or does it run as separate process? How/Where could I integrate a passthrough backend like the one in this patch series? The polling code isn't really necessary for the host backend, I left it there just in case it would be needed by such a socket interface as is used in the Xen fork. > It would certainly be desirable if your backend and mine could be > accommodate. Of course. Regards, Andreas smime.p7s Description: S/MIME Cryptographic Signature
Re: [Qemu-devel] [PATCH 1/5] Add TPM 1.2 device interface
On 02/18/2011 10:33 AM, Andreas Niederl wrote: This implementation is based on the TPM 1.2 interface for virtualized TPM devices from the Xen-4.0.0 ioemu-qemu-xen fork. A backend driver infrastructure is provided to be able to use different device backends. Signed-off-by: Andreas Niederl --- /dev/null +++ b/hw/tpm_tis.c @@ -0,0 +1,705 @@ +/* + * tpm_tis.c - QEMU emulator for a 1.2 TPM with TIS interface + * + * Copyright (C) 2006 IBM Corporation + * Copyright (C) 2011 IAIK, Graz University of Technology + * + * Author: Stefan Berger + * David Safford + * + * Author: Andreas Niederl + * Modified to use a separate TPM device backend + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation, version 2 of the + * License. + * + * + * Implementation of the TIS interface according to specs at + * https://www.trustedcomputinggroup.org/ + * I have a tpm_tis.c with major changes in it getting rid of the polling, closer to specs that passes a test suite and a registerable backend as well that has several more interface functions, due to support for snapshotting etc. Unfortunately it doesn't make much sense for me to post it since the backend is based on a library that's currently in the Fedora review process and nobody else could build or test it -- unless there really was interest in reviewing at least some part of it. It would certainly be desirable if your backend and mine could be accommodate. Stefan
