[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH VTPM 6/9] Remove the vtpm process model
On Thu, 2012-11-01 at 20:35 +0000, Matthew Fioravante wrote: > Remove the old vtpm process model. It doesn't work very > well and is no longer supported. > > Signed-off-by: Matthew Fioravante <matthew.fioravante@xxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> > > diff --git a/tools/Makefile b/tools/Makefile > index d8c8cc0..2ca43b9 100644 > --- a/tools/Makefile > +++ b/tools/Makefile > @@ -18,8 +18,6 @@ SUBDIRS-$(CONFIG_XCUTILS) += xcutils > SUBDIRS-$(CONFIG_X86) += firmware > SUBDIRS-y += console > SUBDIRS-y += xenmon > -SUBDIRS-$(VTPM_TOOLS) += vtpm_manager > -SUBDIRS-$(VTPM_TOOLS) += vtpm > SUBDIRS-y += xenstat > SUBDIRS-$(CONFIG_Linux) += $(SUBDIRS-libaio) > SUBDIRS-$(CONFIG_Linux) += memshr > diff --git a/tools/blktap2/drivers/hashtable.c > b/tools/blktap2/drivers/hashtable.c > index 631306b..90a6b85 100644 > --- a/tools/blktap2/drivers/hashtable.c > +++ b/tools/blktap2/drivers/hashtable.c > @@ -3,7 +3,6 @@ > /* > * There are duplicates of this code in: > * - tools/xenstore/hashtable.c > - * - tools/vtpm_manager/util/hashtable.c > */ > > #include "hashtable.h" > diff --git a/tools/blktap2/drivers/hashtable.h > b/tools/blktap2/drivers/hashtable.h > index 89aa3dc..56ca053 100644 > --- a/tools/blktap2/drivers/hashtable.h > +++ b/tools/blktap2/drivers/hashtable.h > @@ -3,7 +3,6 @@ > /* > * There are duplicates of this code in: > * - tools/xenstore/hashtable.h > - * - tools/vtpm_manager/util/hashtable.h > */ > > #ifndef __HASHTABLE_CWC22_H__ > diff --git a/tools/blktap2/drivers/hashtable_itr.c > b/tools/blktap2/drivers/hashtable_itr.c > index 402e06b..731917c 100644 > --- a/tools/blktap2/drivers/hashtable_itr.c > +++ b/tools/blktap2/drivers/hashtable_itr.c > @@ -1,10 +1,5 @@ > /* Copyright (C) 2002, 2004 Christopher Clark > <firstname.lastname@xxxxxxxxxxxx> */ > > -/* > - * There are duplicates of this code in: > - * - tools/vtpm_manager/util/hashtable_itr.c > - */ > - > #include "hashtable.h" > #include "hashtable_private.h" > #include "hashtable_itr.h" > diff --git a/tools/blktap2/drivers/hashtable_itr.h > b/tools/blktap2/drivers/hashtable_itr.h > index 3d80638..81da838 100644 > --- a/tools/blktap2/drivers/hashtable_itr.h > +++ b/tools/blktap2/drivers/hashtable_itr.h > @@ -1,10 +1,5 @@ > /* Copyright (C) 2002, 2004 Christopher Clark > <firstname.lastname@xxxxxxxxxxxx> */ > > -/* > - * There are duplicates of this code in: > - * - tools/vtpm_manager/util/hashtable_itr.h > - */ > - > #ifndef __HASHTABLE_ITR_CWC22__ > #define __HASHTABLE_ITR_CWC22__ > #include "hashtable.h" > diff --git a/tools/blktap2/drivers/hashtable_private.h > b/tools/blktap2/drivers/hashtable_private.h > index 5a13a65..954ecc3 100644 > --- a/tools/blktap2/drivers/hashtable_private.h > +++ b/tools/blktap2/drivers/hashtable_private.h > @@ -3,7 +3,6 @@ > /* > * There are duplicates of this code in: > * - tools/xenstore/hashtable_private.h > - * - tools/vtpm_manager/util/hashtable_private.h > */ > > #ifndef __HASHTABLE_PRIVATE_CWC22_H__ > diff --git a/tools/configure.ac b/tools/configure.ac > index e708f01..586313d 100644 > --- a/tools/configure.ac > +++ b/tools/configure.ac > @@ -40,7 +40,6 @@ m4_include([m4/fetcher.m4]) > # Enable/disable options > AX_ARG_DEFAULT_DISABLE([githttp], [Download GIT repositories via HTTP]) > AX_ARG_DEFAULT_ENABLE([monitors], [Disable xenstat and xentop monitoring > tools]) > -AX_ARG_DEFAULT_DISABLE([vtpm], [Enable Virtual Trusted Platform Module]) > AX_ARG_DEFAULT_DISABLE([xenapi], [Enable Xen API Bindings]) > AX_ARG_DEFAULT_ENABLE([ocamltools], [Disable Ocaml tools]) > AX_ARG_DEFAULT_DISABLE([miniterm], [Enable miniterm]) > diff --git a/tools/examples/README b/tools/examples/README > index 5b0314e..2225d5c 100644 > --- a/tools/examples/README > +++ b/tools/examples/README > @@ -25,13 +25,7 @@ vif-bridge - virtual network start/stop script in > bridged mode > vif-common.sh - sourced by vif-bridge > vif-nat - xen virtual network start/stop script in NAT mode > vif-route - xen virtual network start/stop script in routed mode > -vtpm - called by xen-backend.agent to bind/unbind vTPM devices > -vtpm-common.sh - common code for vTPM handling > -vtpm-delete - remove an entry from the vTPM table given the > - domain's name > -vtpm-hotplug-common.sh - sourced by vtpm > -vtpm-migration.sh - sourced by external-device-migrate > -xen-backend.agent - calls block, vif-*, vtpm scripts to add, remove, > hotplug > +xen-backend.agent - calls block, vif-* scripts to add, remove, hotplug > devices > xen-backend.rules - hotplug script rules > xend-config.sxp - default xend configuration file > diff --git a/tools/examples/xmexample.pv-grub > b/tools/examples/xmexample.pv-grub > index 85f847c..e04e6c1 100644 > --- a/tools/examples/xmexample.pv-grub > +++ b/tools/examples/xmexample.pv-grub > @@ -105,20 +105,6 @@ disk = [ 'phy:hda1,hda1,w' ] > # configured in xend-config.sxp. > > #---------------------------------------------------------------------------- > -# Define to which TPM instance the user domain should communicate. > -# The vtpm entry is of the form 'instance=INSTANCE,backend=DOM' > -# where INSTANCE indicates the instance number of the TPM the VM > -# should be talking to and DOM provides the domain where the backend > -# is located. > -# Note that no two virtual machines should try to connect to the same > -# TPM instance. The handling of all TPM instances does require > -# some management effort in so far that VM configration files (and thus > -# a VM) should be associated with a TPM instance throughout the lifetime > -# of the VM / VM configuration file. The instance number must be > -# greater or equal to 1. > -#vtpm = [ 'instance=1,backend=0' ] > - > -#---------------------------------------------------------------------------- > # Configure the behaviour when a domain exits. There are three 'reasons' > # for a domain to stop: poweroff, reboot, and crash. For each of these you > # may specify: > diff --git a/tools/examples/xmexample1 b/tools/examples/xmexample1 > index 330aaf0..c951200 100644 > --- a/tools/examples/xmexample1 > +++ b/tools/examples/xmexample1 > @@ -101,20 +101,6 @@ disk = [ 'phy:hda1,hda1,w' ] > # configured in xend-config.sxp. > > #---------------------------------------------------------------------------- > -# Define to which TPM instance the user domain should communicate. > -# The vtpm entry is of the form 'instance=INSTANCE,backend=DOM' > -# where INSTANCE indicates the instance number of the TPM the VM > -# should be talking to and DOM provides the domain where the backend > -# is located. > -# Note that no two virtual machines should try to connect to the same > -# TPM instance. The handling of all TPM instances does require > -# some management effort in so far that VM configration files (and thus > -# a VM) should be associated with a TPM instance throughout the lifetime > -# of the VM / VM configuration file. The instance number must be > -# greater or equal to 1. > -#vtpm = [ 'instance=1,backend=0' ] > - > -#---------------------------------------------------------------------------- > # Set the kernel command line for the new domain. > # You only need to define the IP parameters and hostname if the domain's > # IP config doesn't, e.g. in ifcfg-eth0 or via DHCP. > diff --git a/tools/examples/xmexample2 b/tools/examples/xmexample2 > index 4e5eb3d..8c5137e 100644 > --- a/tools/examples/xmexample2 > +++ b/tools/examples/xmexample2 > @@ -137,20 +137,6 @@ disk = [ 'phy:sda%d,sda1,w' % (7+vmid), > # configured in xend-config.sxp. > > #---------------------------------------------------------------------------- > -# Define to which TPM instance the user domain should communicate. > -# The vtpm entry is of the form 'instance=INSTANCE,backend=DOM' > -# where INSTANCE indicates the instance number of the TPM the VM > -# should be talking to and DOM provides the domain where the backend > -# is located. > -# Note that no two virtual machines should try to connect to the same > -# TPM instance. The handling of all TPM instances does require > -# some management effort in so far that VM configration files (and thus > -# a VM) should be associated with a TPM instance throughout the lifetime > -# of the VM / VM configuration file. The instance number must be > -# greater or equal to 1. > -#vtpm = ['instance=%d,backend=0' % (vmid) ] > - > -#---------------------------------------------------------------------------- > # Set the kernel command line for the new domain. > # You only need to define the IP parameters and hostname if the domain's > # IP config doesn't, e.g. in ifcfg-eth0 or via DHCP. > diff --git a/tools/examples/xmexample3 b/tools/examples/xmexample3 > index dc22ce1..ae799f9 100644 > --- a/tools/examples/xmexample3 > +++ b/tools/examples/xmexample3 > @@ -122,20 +122,6 @@ disk = [ 'phy:hda%d,hda1,w' % (vmid)] > # configured in xend-config.sxp. > > #---------------------------------------------------------------------------- > -# Define to which TPM instance the user domain should communicate. > -# The vtpm entry is of the form 'instance=INSTANCE,backend=DOM' > -# where INSTANCE indicates the instance number of the TPM the VM > -# should be talking to and DOM provides the domain where the backend > -# is located. > -# Note that no two virtual machines should try to connect to the same > -# TPM instance. The handling of all TPM instances does require > -# some management effort in so far that VM configration files (and thus > -# a VM) should be associated with a TPM instance throughout the lifetime > -# of the VM / VM configuration file. The instance number must be > -# greater or equal to 1. > -#vtpm = ['instance=%d,backend=0' % (vmid) ] > - > -#---------------------------------------------------------------------------- > # Set the kernel command line for the new domain. > # You only need to define the IP parameters and hostname if the domain's > # IP config doesn't, e.g. in ifcfg-eth0 or via DHCP. > diff --git a/tools/hotplug/Linux/Makefile b/tools/hotplug/Linux/Makefile > index 0166790..0605559 100644 > --- a/tools/hotplug/Linux/Makefile > +++ b/tools/hotplug/Linux/Makefile > @@ -18,14 +18,12 @@ XEN_SCRIPTS += vif-setup > XEN_SCRIPTS += block > XEN_SCRIPTS += block-enbd block-nbd > XEN_SCRIPTS += blktap > -XEN_SCRIPTS += vtpm vtpm-delete > XEN_SCRIPTS += xen-hotplug-cleanup > XEN_SCRIPTS += external-device-migrate > XEN_SCRIPTS += vscsi > XEN_SCRIPT_DATA = xen-script-common.sh locking.sh logging.sh > XEN_SCRIPT_DATA += xen-hotplug-common.sh xen-network-common.sh vif-common.sh > -XEN_SCRIPT_DATA += block-common.sh vtpm-common.sh vtpm-hotplug-common.sh > -XEN_SCRIPT_DATA += vtpm-migration.sh vtpm-impl > +XEN_SCRIPT_DATA += block-common.sh > > UDEV_RULES_DIR = $(CONFIG_DIR)/udev > UDEV_RULES = xen-backend.rules xend.rules > diff --git a/tools/hotplug/Linux/vtpm b/tools/hotplug/Linux/vtpm > deleted file mode 100644 > index 38a4532..0000000 > --- a/tools/hotplug/Linux/vtpm > +++ /dev/null > @@ -1,22 +0,0 @@ > -#!/bin/bash > - > -dir=$(dirname "$0") > -. "$dir/vtpm-hotplug-common.sh" > - > -vtpm_fatal_error=0 > - > -case "$command" in > - add) > - vtpm_create_instance > - ;; > - remove) > - vtpm_remove_instance > - ;; > -esac > - > -if [ $vtpm_fatal_error -eq 0 ]; then > - log debug "Successful vTPM operation '$command'." > - success > -else > - fatal "Error while executing vTPM operation '$command'." > -fi > diff --git a/tools/hotplug/Linux/vtpm-common.sh > b/tools/hotplug/Linux/vtpm-common.sh > deleted file mode 100644 > index d0d7935..0000000 > --- a/tools/hotplug/Linux/vtpm-common.sh > +++ /dev/null > @@ -1,448 +0,0 @@ > -# > -# Copyright (c) 2005 IBM Corporation > -# Copyright (c) 2005 XenSource Ltd. > -# > -# This library is free software; you can redistribute it and/or > -# modify it under the terms of version 2.1 of the GNU Lesser General Public > -# License as published by the Free Software Foundation. > -# > -# This library is distributed in the hope that it will be useful, > -# but WITHOUT ANY WARRANTY; without even the implied warranty of > -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > -# Lesser General Public License for more details. > -# > -# You should have received a copy of the GNU Lesser General Public > -# License along with this library; if not, write to the Free Software > -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > -# > - > -dir=$(dirname "$0") > -. "$dir/logging.sh" > -. "$dir/locking.sh" > - > -VTPMDB="/var/vtpm/vtpm.db" > - > -#In the vtpm-impl file some commands should be defined: > -# vtpm_create, vtpm_setup, vtpm_start, etc. (see below) > -if [ -r "$dir/vtpm-impl.alt" ]; then > - . "$dir/vtpm-impl.alt" > -elif [ -r "$dir/vtpm-impl" ]; then > - . "$dir/vtpm-impl" > -else > - function vtpm_create () { > - true > - } > - function vtpm_setup() { > - true > - } > - function vtpm_start() { > - true > - } > - function vtpm_suspend() { > - true > - } > - function vtpm_resume() { > - true > - } > - function vtpm_delete() { > - true > - } > - function vtpm_migrate() { > - echo "Error: vTPM migration accross machines not implemented." > - } > - function vtpm_migrate_local() { > - echo "Error: local vTPM migration not supported" > - } > - function vtpm_migrate_recover() { > - true > - } > -fi > - > - > -#Find the instance number for the vtpm given the name of the domain > -# Parameters > -# - vmname : the name of the vm > -# Return value > -# Returns '0' if instance number could not be found, otherwise > -# it returns the instance number in the variable 'instance' > -function vtpmdb_find_instance () { > - local vmname ret instance > - vmname=$1 > - ret=0 > - > - instance=$(cat $VTPMDB | \ > - awk -vvmname=$vmname \ > - '{ \ > - if ( 1 != index($1,"#")) { \ > - if ( $1 == vmname ) { \ > - print $2; \ > - exit; \ > - } \ > - } \ > - }') > - if [ "$instance" != "" ]; then > - ret=$instance > - fi > - echo "$ret" > -} > - > - > -# Check whether a particular instance number is still available > -# returns "0" if it is not available, "1" otherwise. > -function vtpmdb_is_free_instancenum () { > - local instance instances avail i > - instance=$1 > - avail=1 > - #Allowed instance number range: 1-255 > - if [ $instance -eq 0 -o $instance -gt 255 ]; then > - avail=0 > - else > - instances=$(cat $VTPMDB | \ > - awk \ > - '{ \ > - if (1 != index($1,"#")) { \ > - printf("%s ",$2); \ > - } \ > - }') > - for i in $instances; do > - if [ $i -eq $instance ]; then > - avail=0 > - break > - fi > - done > - fi > - echo "$avail" > -} > - > - > -# Get an available instance number given the database > -# Returns an unused instance number > -function vtpmdb_get_free_instancenum () { > - local ctr instances don found > - instances=$(cat $VTPMDB | \ > - awk \ > - '{ \ > - if (1 != index($1,"#")) { \ > - printf("%s ",$2); \ > - } \ > - }') > - ctr=1 > - don=0 > - while [ $don -eq 0 ]; do > - found=0 > - for i in $instances; do > - if [ $i -eq $ctr ]; then > - found=1; > - break; > - fi > - done > - > - if [ $found -eq 0 ]; then > - don=1 > - break > - fi > - let ctr=ctr+1 > - done > - echo "$ctr" > -} > - > - > -# Add a domain name and instance number to the DB file > -function vtpmdb_add_instance () { > - local res vmname inst > - vmname=$1 > - inst=$2 > - > - if [ ! -f $VTPMDB ]; then > - echo "#Database for VM to vTPM association" > $VTPMDB > - echo "#1st column: domain name" >> $VTPMDB > - echo "#2nd column: TPM instance number" >> $VTPMDB > - fi > - res=$(vtpmdb_validate_entry $vmname $inst) > - if [ $res -eq 0 ]; then > - echo "$vmname $inst" >> $VTPMDB > - fi > -} > - > - > -#Validate whether an entry is the same as passed to this > -#function > -function vtpmdb_validate_entry () { > - local res rc vmname inst > - rc=0 > - vmname=$1 > - inst=$2 > - > - res=$(cat $VTPMDB | \ > - awk -vvmname=$vmname \ > - -vinst=$inst \ > - '{ \ > - if ( 1 == index($1,"#")) {\ > - } else \ > - if ( $1 == vmname && \ > - $2 == inst) { \ > - printf("1"); \ > - exit; \ > - } else \ > - if ( $1 == vmname || \ > - $2 == inst) { \ > - printf("2"); \ > - exit; \ > - } \ > - }') > - > - if [ "$res" == "1" ]; then > - rc=1 > - elif [ "$res" == "2" ]; then > - rc=2 > - fi > - echo "$rc" > -} > - > - > -#Remove an entry from the vTPM database given its domain name > -#and instance number > -function vtpmdb_remove_entry () { > - local vmname instance VTPMDB_TMP > - vmname=$1 > - instance=$2 > - VTPMDB_TMP="$VTPMDB".tmp > - > - $(cat $VTPMDB | \ > - awk -vvmname=$vmname \ > - '{ \ > - if ( $1 != vmname ) { \ > - print $0; \ > - } \ > - '} > $VTPMDB_TMP) > - if [ -e $VTPMDB_TMP ]; then > - mv -f $VTPMDB_TMP $VTPMDB > - vtpm_delete $instance > - else > - log err "Error creating temporary file '$VTPMDB_TMP'." > - fi > -} > - > - > -# Find the reason for the creation of this device: > -# Returns 'resume' or 'create' > -function vtpm_get_create_reason () { > - local resume > - resume=$(xenstore_read $XENBUS_PATH/resume) > - if [ "$resume" == "True" ]; then > - echo "resume" > - else > - echo "create" > - fi > -} > - > - > -#Create a vTPM instance > -# If no entry in the TPM database is found, the instance is > -# created and an entry added to the database. > -function vtpm_create_instance () { > - local res instance domname reason uuid > - uuid=$(xenstore_read "$XENBUS_PATH"/uuid) > - reason=$(vtpm_get_create_reason) > - > - claim_lock vtpmdb > - > - instance="0" > - > - if [ "$uuid" != "" ]; then > - instance=$(vtpmdb_find_instance $uuid) > - fi > - if [ "$instance" == "0" ]; then > - domname=$(xenstore_read "$XENBUS_PATH"/domain) > - instance=$(vtpmdb_find_instance $domname) > - fi > - > - if [ "$instance" == "0" -a "$reason" != "create" ]; then > - release_lock vtpmdb > - return > - fi > - > - if [ "$instance" == "0" ]; then > - #Try to give the preferred instance to the domain > - instance=$(xenstore_read "$XENBUS_PATH"/pref_instance) > - if [ "$instance" != "" ]; then > - res=$(vtpmdb_is_free_instancenum $instance) > - if [ $res -eq 0 ]; then > - instance=$(vtpmdb_get_free_instancenum) > - fi > - else > - instance=$(vtpmdb_get_free_instancenum) > - fi > - > - vtpm_create $instance > - > - if [ $vtpm_fatal_error -eq 0 ]; then > - if [ "$uuid" != "" ]; then > - vtpmdb_add_instance $uuid $instance > - else > - vtpmdb_add_instance $domname $instance > - fi > - fi > - else > - if [ "$reason" == "resume" ]; then > - vtpm_resume $instance > - else > - vtpm_start $instance > - fi > - fi > - > - release_lock vtpmdb > - > - xenstore_write $XENBUS_PATH/instance $instance > -} > - > - > -#Remove an instance when a VM is terminating or suspending. > -#Since it is assumed that the VM will appear again, the > -#entry is kept in the VTPMDB file. > -function vtpm_remove_instance () { > - local instance reason domname uuid > - #Stop script execution quietly if path does not exist (anymore) > - xenstore-exists "$XENBUS_PATH"/domain > - uuid=$(xenstore_read "$XENBUS_PATH"/uuid) > - > - claim_lock vtpmdb > - > - instance="0" > - > - if [ "$uuid" != "" ]; then > - instance=$(vtpmdb_find_instance $uuid) > - fi > - > - if [ "$instance" == "0" ]; then > - domname=$(xenstore_read "$XENBUS_PATH"/domain) > - instance=$(vtpmdb_find_instance $domname) > - fi > - > - if [ "$instance" != "0" ]; then > - vtpm_suspend $instance > - fi > - > - release_lock vtpmdb > -} > - > - > -#Remove an entry in the VTPMDB file given the domain's name > -#1st parameter: The name of the domain > -function vtpm_delete_instance () { > - local instance > - > - claim_lock vtpmdb > - > - instance=$(vtpmdb_find_instance $1) > - if [ "$instance" != "0" ]; then > - vtpmdb_remove_entry $1 $instance > - fi > - > - release_lock vtpmdb > -} > - > -# Determine whether the given address is local to this machine > -# Return values: > -# "-1" : the given machine name is invalid > -# "0" : this is not an address of this machine > -# "1" : this is an address local to this machine > -function vtpm_isLocalAddress() { > - local addr res > - addr=$(ping $1 -c 1 | \ > - awk '{ print substr($3,2,length($3)-2); exit }') > - if [ "$addr" == "" ]; then > - echo "-1" > - return > - fi > - res=$(ifconfig | grep "inet addr" | \ > - awk -vaddr=$addr \ > - '{ \ > - if ( addr == substr($2, 6)) {\ > - print "1"; \ > - } \ > - }' \ > - ) > - if [ "$res" == "" ]; then > - echo "0" > - return > - fi > - echo "1" > -} > - > -# Perform a migration step. This function differentiates between migration > -# to the local host or to a remote machine. > -# Parameters: > -# 1st: destination host to migrate to > -# 2nd: name of the domain to migrate > -# 3rd: the migration step to perform > -function vtpm_migration_step() { > - local res=$(vtpm_isLocalAddress $1) > - if [ "$res" == "0" ]; then > - vtpm_migrate $1 $2 $3 > - else > - vtpm_migrate_local > - fi > -} > - > -# Recover from migration due to an error. This function differentiates > -# between migration to the local host or to a remote machine. > -# Parameters: > -# 1st: destination host the migration was going to > -# 2nd: name of the domain that was to be migrated > -# 3rd: the last successful migration step that was done > -function vtpm_recover() { > - local res > - res=$(vtpm_isLocalAddress $1) > - if [ "$res" == "0" ]; then > - vtpm_migrate_recover $1 $2 $3 > - fi > -} > - > - > -#Determine the domain id given a domain's name. > -#1st parameter: name of the domain > -#return value: domain id or -1 if domain id could not be determined > -function vtpm_domid_from_name () { > - local id name ids > - ids=$(xenstore-list /local/domain) > - for id in $ids; do > - name=$(xenstore-read /local/domain/$id/name) > - if [ "$name" == "$1" ]; then > - echo "$id" > - return > - fi > - done > - echo "-1" > -} > - > -#Determine the virtual TPM's instance number using the domain ID. > -#1st parm: domain ID > -function vtpm_uuid_by_domid() { > - echo $(xenstore-read /local/domain/0/backend/vtpm/$1/0/uuid) > -} > - > - > -# Determine the vTPM's UUID by the name of the VM > -function vtpm_uuid_from_vmname() { > - local domid=$(vtpm_domid_from_name $1) > - if [ "$domid" != "-1" ]; then > - echo $(vtpm_uuid_by_domid $domid) > - return > - fi > - echo "" > -} > - > -#Add a virtual TPM instance number and its associated domain name > -#to the VTPMDB file and activate usage of this virtual TPM instance > -#by writing the instance number into the xenstore > -#1st parm: name of virtual machine > -#2nd parm: instance of associated virtual TPM > -function vtpm_add_and_activate() { > - local domid=$(vtpm_domid_from_name $1) > - local vtpm_uuid=$(vtpm_uuid_from_vmname $1) > - if [ "$vtpm_uuid" != "" -a "$domid" != "-1" ]; then > - vtpmdb_add_instance $vtpm_uuid $2 > - xenstore-write backend/vtpm/$domid/0/instance $2 > - fi > -} > diff --git a/tools/hotplug/Linux/vtpm-delete b/tools/hotplug/Linux/vtpm-delete > deleted file mode 100644 > index b75b95b..0000000 > --- a/tools/hotplug/Linux/vtpm-delete > +++ /dev/null > @@ -1,18 +0,0 @@ > -#!/bin/bash > - > -# This scripts must be called the following way: > -# vtpm-delete <vtpm uuid> > -# or > -# vtpm-delete --vmname <vm name> > - > -dir=$(dirname "$0") > -. "$dir/vtpm-common.sh" > - > -if [ "$1" == "--vmname" ]; then > - vtpm_uuid=$(vtpm_uuid_from_vmname $2) > - if [ "$vtpm_uuid" != "" ];then > - vtpm_delete_instance $vtpm_uuid > - fi > -else > - vtpm_delete_instance $1 > -fi > diff --git a/tools/hotplug/Linux/vtpm-hotplug-common.sh > b/tools/hotplug/Linux/vtpm-hotplug-common.sh > deleted file mode 100644 > index 9fd35e7..0000000 > --- a/tools/hotplug/Linux/vtpm-hotplug-common.sh > +++ /dev/null > @@ -1,35 +0,0 @@ > -# > -# Copyright (c) 2005 IBM Corporation > -# Copyright (c) 2005 XenSource Ltd. > -# > -# This library is free software; you can redistribute it and/or > -# modify it under the terms of version 2.1 of the GNU Lesser General Public > -# License as published by the Free Software Foundation. > -# > -# This library is distributed in the hope that it will be useful, > -# but WITHOUT ANY WARRANTY; without even the implied warranty of > -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > -# Lesser General Public License for more details. > -# > -# You should have received a copy of the GNU Lesser General Public > -# License along with this library; if not, write to the Free Software > -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > -# > - > -dir=$(dirname "$0") > -. "$dir/xen-hotplug-common.sh" > - > -findCommand "$@" > -if [ "$command" != "online" ] && > - [ "$command" != "offline" ] && > - [ "$command" != "add" ] && > - [ "$command" != "remove" ] > -then > - log err "Invalid command: $command" > - exit 1 > -fi > - > - > -XENBUS_PATH="${XENBUS_PATH:?}" > - > -. "$dir/vtpm-common.sh" > diff --git a/tools/hotplug/Linux/vtpm-impl b/tools/hotplug/Linux/vtpm-impl > deleted file mode 100644 > index 4f9a1fd..0000000 > --- a/tools/hotplug/Linux/vtpm-impl > +++ /dev/null > @@ -1,208 +0,0 @@ > -#!/bin/bash > -# =================================================================== > -# > -# Copyright (c) 2005, Intel Corp. > -# All rights reserved. > -# > -# Redistribution and use in source and binary forms, with or without > -# modification, are permitted provided that the following conditions > -# are met: > -# > -# * Redistributions of source code must retain the above copyright > -# notice, this list of conditions and the following disclaimer. > -# * Redistributions in binary form must reproduce the above > -# copyright notice, this list of conditions and the following > -# disclaimer in the documentation and/or other materials provided > -# with the distribution. > -# * Neither the name of Intel Corporation nor the names of its > -# contributors may be used to endorse or promote products derived > -# from this software without specific prior written permission. > -# > -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -# OF THE POSSIBILITY OF SUCH DAMAGE. > -# =================================================================== > - > -# | SRC | TAG | CMD SIZE | ORD > |mtype|strt > -TPM_CMD_OPEN=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x11\\x01\\x00\\x00\\x01\\x01\\x01 > -TPM_CMD_RESM=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x11\\x01\\x00\\x00\\x01\\x01\\x02 > -TPM_CMD_CLOS=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x0e\\x01\\x00\\x00\\x02 > -TPM_CMD_DELE=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x0e\\x01\\x00\\x00\\x03 > - > -TPM_TYPE_PVM=\\x01 > -TPM_TYPE_HVM=\\x02 > - > -TPM_SUCCESS=00000000 > - > -TX_VTPM_MANAGER=/var/vtpm/fifos/from_console.fifo > -RX_VTPM_MANAGER=/var/vtpm/fifos/to_console.fifo > - > -VTPM_MIG=/usr/bin/vtpm_migrator > - > -# -------------------- Helpers for binary streams ----------- > - > -function str_to_hex32() { > - printf "%0.8x" $1 > -} > - > -function hex32_to_bin() { > - local inst=$(str_to_hex32 $1); > - > - local n1=`echo $inst | sed 's/\(..\)....../\\\\x\1/'` > - local n2=`echo $inst | sed 's/..\(..\)..../\\\\x\1/'` > - local n3=`echo $inst | sed 's/....\(..\)../\\\\x\1/'` > - local n4=`echo $inst | sed 's/......\(..\)/\\\\x\1/'` > - > - echo "$n1$n2$n3$n4" > -} > - > -function vtpm_manager_cmd() { > - local cmd=$1; > - local inst=$2; > - local inst_bin=$(hex32_to_bin $inst); > - > - claim_lock vtpm_mgr > - > - #send cmd to vtpm_manager > - printf "$cmd$inst_bin" > $TX_VTPM_MANAGER > - > - #recv response > - set +e > - local resp_hex=`dd skip=10 bs=1 count=4 if=$RX_VTPM_MANAGER 2> /dev/null | > xxd -ps` > - set -e > - > - release_lock vtpm_mgr > - > - #return whether the command was successful > - if [ $resp_hex -ne $TPM_SUCCESS ]; then > - vtpm_fatal_error=1 > - false > - else > - true > - fi > -} > - > -# Helper to get vm type to pass to vtpm_manager open/resume > -function vtpm_get_type() { > - local inst=$(xenstore_read $XENBUS_PATH/frontend-id) > - local vm=$(xenstore_read /local/domain/$inst/vm) > - if [ "$vm" != "" ]; then > - local ostype=$(xenstore-read $vm/image/ostype) > - if [ "$ostype" == "hvm" ]; then > - echo $TPM_TYPE_HVM; > - else > - echo $TPM_TYPE_PVM; > - fi > - fi > -} > - > -# ------------------ Command handlers ----------------- > - > -# Create new vtpm instance & set it up for use > -function vtpm_create () { > - # Creation is handled implicitly by the manager on first setup > - # so just set it up for use > - $(vtpm_start $1) > -} > - > -# Setup vtpm instance for use. > -function vtpm_start() { > - local vmtype=$(vtpm_get_type); > - $(vtpm_manager_cmd $TPM_CMD_OPEN$vmtype $1) > -} > - > -function vtpm_resume() { > - local vmtype=$(vtpm_get_type); > - $(vtpm_manager_cmd $TPM_CMD_RESM$vmtype $1) > -} > - > -# Reset the vtpm AKA clear PCRs > -function vtpm_reset() { > - #not used by current implemenation > - true > -} > - > -# Shutdown the vtpm while the vm is down > -# This could be a suspend of shutdown > -# we cannot distinquish, so save the state > -# and decide on startup if we should keep is > -function vtpm_suspend() { > - $(vtpm_manager_cmd $TPM_CMD_CLOS $1) > -} > - > - > -function vtpm_delete() { > - local inst=$1 > - if $(vtpm_manager_cmd $TPM_CMD_DELE $inst); then > - rm -f /var/vtpm/vtpm_dm_$1.data > - true > - else > - vtpm_fatal_error=1 > - false > - fi > -} > - > -# Perform a migration step. This function differentiates between migration > -# to the local host or to a remote machine. > -# Parameters: > -# 1st: destination host to migrate to > -# 2nd: name of the domain to migrate > -# 3rd: the migration step to perform > -function vtpm_migrate() { > - local instance res > - > - instance=$(vtpmdb_find_instance $2) > - if [ "$instance" == "" ]; then > - log err "VTPM Migratoin failed. Unable to translation of domain name" > - echo "Error: VTPM Migration failed while looking up instance number" > - fi > - > - case "$3" in > - 0) > - #Incicate migration supported > - echo "0" > - ;; > - > - 1) > - # Get Public Key from Destination > - # Call vtpm_manager's migration part 1 > - claim_lock vtpm_mgr > - $VTPM_MIG $1 $2 $instance $3 > - release_lock vtpm_mgr > - ;; > - > - 2) > - # Call manager's migration step 2 and send result to destination > - # If successful remove from db > - claim_lock vtpm_mgr > - $VTPM_MIG $1 $2 $instance $3 > - release_lock vtpm_mgr > - ;; > - > - 3) > - if `ps x | grep "$VTPM_MIG $1"`; then > - log err "VTPM Migration failed to complete." > - echo "Error: VTPM Migration failed to complete." > - fi > - ;; > - esac > - > -} > - > - > -function vtpm_migrate_recover() { > - echo "Error: Recovery not supported yet" > -} > - > -function vtpm_migrate_local() { > - echo "Error: local vTPM migration not supported" > -} > diff --git a/tools/hotplug/Linux/vtpm-migration.sh > b/tools/hotplug/Linux/vtpm-migration.sh > deleted file mode 100644 > index 7e38ae2..0000000 > --- a/tools/hotplug/Linux/vtpm-migration.sh > +++ /dev/null > @@ -1,19 +0,0 @@ > -# > -# Copyright (c) 2005 IBM Corporation > -# > -# This library is free software; you can redistribute it and/or > -# modify it under the terms of version 2.1 of the GNU Lesser General Public > -# License as published by the Free Software Foundation. > -# > -# This library is distributed in the hope that it will be useful, > -# but WITHOUT ANY WARRANTY; without even the implied warranty of > -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > -# Lesser General Public License for more details. > -# > -# You should have received a copy of the GNU Lesser General Public > -# License along with this library; if not, write to the Free Software > -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > -# > - > -dir=$(dirname "$0") > -. "$dir/vtpm-common.sh" > diff --git a/tools/hotplug/Linux/xen-backend.rules > b/tools/hotplug/Linux/xen-backend.rules > index c591a3f..a0d409e 100644 > --- a/tools/hotplug/Linux/xen-backend.rules > +++ b/tools/hotplug/Linux/xen-backend.rules > @@ -1,6 +1,5 @@ > SUBSYSTEM=="xen-backend", KERNEL=="tap*", ENV{UDEV_CALL}="1", > RUN+="/etc/xen/scripts/blktap $env{ACTION}" > SUBSYSTEM=="xen-backend", KERNEL=="vbd*", ENV{UDEV_CALL}="1", > RUN+="/etc/xen/scripts/block $env{ACTION}" > -SUBSYSTEM=="xen-backend", KERNEL=="vtpm*", RUN+="/etc/xen/scripts/vtpm > $env{ACTION}" > SUBSYSTEM=="xen-backend", KERNEL=="vif2-*", RUN+="/etc/xen/scripts/vif2 > $env{ACTION}" > SUBSYSTEM=="xen-backend", KERNEL=="vif-*", ENV{UDEV_CALL}="1", > ACTION=="online", RUN+="/etc/xen/scripts/vif-setup online type_if=vif" > SUBSYSTEM=="xen-backend", KERNEL=="vif-*", ENV{UDEV_CALL}="1", > ACTION=="offline", RUN+="/etc/xen/scripts/vif-setup offline type_if=vif" > diff --git a/tools/vtpm/Makefile b/tools/vtpm/Makefile > deleted file mode 100644 > index 7b3efa5..0000000 > --- a/tools/vtpm/Makefile > +++ /dev/null > @@ -1,74 +0,0 @@ > -XEN_ROOT = $(CURDIR)/../.. > - > -# Base definitions and rules > -include $(XEN_ROOT)/tools/vtpm/Rules.mk > - > -# Dir name for emulator (as dom0 tpm driver) > -TPM_EMULATOR_DIR = tpm_emulator > -# Dir name for vtpm instance > -VTPM_DIR = vtpm > -ORIG_DIR = orig > - > -# Emulator tarball name > -TPM_EMULATOR_NAME = tpm_emulator-0.5.1 > -TPM_EMULATOR_TARFILE = $(TPM_EMULATOR_NAME).tar.gz > - > -GMP_HEADER = /usr/include/gmp.h > - > -.PHONY: all > -all: build > - > -.PHONY: build > -build: build_sub > - > -.PHONY: install > -install: build > - $(MAKE) -C $(VTPM_DIR) install-recursive > - > -.PHONY: clean > -clean: > - @if [ -d $(TPM_EMULATOR_DIR) ]; \ > - then $(MAKE) -C $(TPM_EMULATOR_DIR) clean; \ > - fi > - @if [ -d $(VTPM_DIR) ]; \ > - then $(MAKE) -C $(VTPM_DIR) clean; \ > - fi > - > -.PHONY: mrproper > -mrproper: > - rm -f $(TPM_EMULATOR_TARFILE) tpm_emulator.patch.old vtpm.patch.old > - rm -rf $(TPM_EMULATOR_DIR) $(VTPM_DIR) $(ORIG_DIR) > - > -# Download Swiss emulator > -$(TPM_EMULATOR_TARFILE): > - wget http://download.berlios.de/tpm-emulator/$(TPM_EMULATOR_TARFILE) > - > -# Create vtpm dirs > -$(VTPM_DIR)/tpmd/tpmd: $(TPM_EMULATOR_TARFILE) vtpm-0.5.1.patch > - rm -rf $(VTPM_DIR) > - tar -xzf $(TPM_EMULATOR_TARFILE) > - mv $(TPM_EMULATOR_NAME) $(VTPM_DIR) > - > - set -e; cd $(VTPM_DIR); \ > - patch -p1 < ../vtpm-0.5.1.patch; \ > - patch -p1 < ../vtpm-0.5.1-LDLIBS.patch > - > -orig: $(TPM_EMULATOR_TARFILE) > - mkdir $(ORIG_DIR); > - set -e; cd $(ORIG_DIR); \ > - tar -xzf ../$(TPM_EMULATOR_TARFILE); > - > -updatepatches: clean orig > - find $(VTPM_DIR) -name "*.orig" -print | xargs rm -f; > - mv vtpm.patch vtpm.patch.old; > - diff -uprN $(TPM_EMULATOR_DIR) $(VTPM_DIR) > vtpm.patch || true; > - > -.PHONY: build_sub > -build_sub: $(VTPM_DIR)/tpmd/tpmd > - set -e; if [ -e $(GMP_HEADER) ]; then \ > - $(MAKE) -C $(VTPM_DIR) version; \ > - $(MAKE) -C $(VTPM_DIR) all-recursive; \ > - else \ > - echo "=== Unable to build VTPMs. libgmp could not be found."; > \ > - fi > - > diff --git a/tools/vtpm/README b/tools/vtpm/README > deleted file mode 100644 > index 2008cbd..0000000 > --- a/tools/vtpm/README > +++ /dev/null > @@ -1,45 +0,0 @@ > - > -Directory Structure > -=================== > -tools/vtpm/tpm_emulator-0.2b.tar.gz -> TPM Emulator downloaded at build > time that will > - be patched and used for our vtpms > -tools/vtpm/vtpm.patch -> patch applied to tpm_emulator to > make vtpm > -tools/vtpm/vtpm/ -> (created on build) tpm_emulator > moved to ring 3, > - listens on a pair of fifos for TPM > commands, > - persistent state is sent via named > fifo to vtpm > - manager, which encrypts it and > protects it. > -tools/vtpm/tpm_emulator.patch -> To allow for debugging and testing > on non-TPM > - platforms, this patches the > emulator to allow > - it to be inserted into the dom0 > kernel > -tools/vtpm/tpm_emulator-0.2 -> (created on build) directory > containing patched emulator > - > -Compile Flags > -=================== > -VTPM_MULTI_VM -> Defined (not finished): VTPMs run in their > own VMs > - Not Defined (default): VTPMs are processes > - > -Requirements > -============ > -- xen-unstable > -- IBM frontend/backend vtpm driver patch > -- vtpm_managerd > -- GNU MP Big number library (GMP) > - > -vtpmd Flow (for vtpm_manager. vtpmd never run by default) > -============================ > -- Launch the VTPM manager (vtpm_managerd) which which begins listening to > the BE with one thread > - and listens to a named fifo that is shared by the vtpms to commuincate > with the manager. > -- VTPM Manager listens to TPM BE. > -- When xend launches a tpm frontend equipped VM it contacts the manager over > the vtpm backend. > -- When the manager receives the open message from the BE, it launches a vtpm > -- Xend allows the VM to continue booting. > -- When a TPM request is issued to the front end, the front end transmits the > TPM request to the backend. > -- The manager receives the TPM requests and uses a named fifo to forward the > request to the vtpm. > -- The fifo listener begins listening for the reply from vtpm for the request. > -- Vtpm processes request and replies to manager over shared named fifo. > -- If needed, the vtpm may send a request to the vtpm_manager at any time to > save it's secrets to disk. > -- Manager receives response from vtpm and passes it back to backend for > forwarding to guest. > - > -tpm_emulator flow > -================== > -Read documentation in tpm_emulator-0.2 directory > diff --git a/tools/vtpm/Rules.mk b/tools/vtpm/Rules.mk > deleted file mode 100644 > index 548cff0..0000000 > --- a/tools/vtpm/Rules.mk > +++ /dev/null > @@ -1,26 +0,0 @@ > -# Base definitions and rules (XEN_ROOT must be defined in including Makefile) > -include $(XEN_ROOT)/tools/Rules.mk > - > -# > -# Tool definitions > -# > - > -# General compiler flags > -CFLAGS = -Werror -g3 > - > -# Generic project files > -HDRS = $(wildcard *.h) > -SRCS = $(wildcard *.c) > -OBJS = $(patsubst %.c,%.o,$(SRCS)) > - > -# Generic (non-header) dependencies > -$(SRCS): Makefile $(XEN_ROOT)/tools/Rules.mk $(XEN_ROOT)/tools/vtpm/Rules.mk > - > -$(OBJS): $(SRCS) > - > --include $(DEPS) > - > -BUILD_EMULATOR = y > - > -# Make sure these are just rules > -.PHONY : all build install clean > diff --git a/tools/vtpm/tpm_emulator.patch b/tools/vtpm/tpm_emulator.patch > deleted file mode 100644 > index c34c665..0000000 > --- a/tools/vtpm/tpm_emulator.patch > +++ /dev/null > @@ -1,1919 +0,0 @@ > -diff -uprN orig/tpm_emulator-0.4/AUTHORS tpm_emulator/AUTHORS > ---- orig/tpm_emulator-0.4/AUTHORS 2006-06-23 03:37:07.000000000 -0700 > -+++ tpm_emulator/AUTHORS 2006-07-24 14:35:35.000000000 -0700 > -@@ -1,2 +1,3 @@ > - Mario Strasser <mast@xxxxxxx> > - Heiko Stamer <stamer@xxxxxxxx> [DAA] > -+INTEL Corp <> [Dropped to Ring3] > -diff -uprN orig/tpm_emulator-0.4/ChangeLog tpm_emulator/ChangeLog > ---- orig/tpm_emulator-0.4/ChangeLog 2006-06-23 03:37:07.000000000 -0700 > -+++ tpm_emulator/ChangeLog 2006-07-24 14:35:35.000000000 -0700 > -@@ -1,3 +1,6 @@ > -+????-??-?? Intel Corp > -+ * Moved module out of kernel to run as a ring 3 app > -+ > - 2006-06-23 Mario Strasser <mast@xxxxxxx> > - * tpm_startup.c: behaviour of ST_CLEAR and storage of > - persistent data adapted > -diff -uprN orig/tpm_emulator-0.4/crypto/gmp_kernel_wrapper.c > tpm_emulator/crypto/gmp_kernel_wrapper.c > ---- orig/tpm_emulator-0.4/crypto/gmp_kernel_wrapper.c 2006-06-23 > 03:37:07.000000000 -0700 > -+++ tpm_emulator/crypto/gmp_kernel_wrapper.c 2006-07-24 14:35:35.000000000 > -0700 > -@@ -1,5 +1,6 @@ > - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux > - * Copyright (C) 2004 Mario Strasser <mast@xxxxxxx>, > -+ * Copyright (C) 2005 INTEL Corp > - * > - * This module is free software; you can redistribute it and/or modify > - * it under the terms of the GNU General Public License as published > -@@ -24,15 +25,10 @@ int __gmp_junk; > - void __attribute__ ((regparm(0))) __gmp_assert_fail(const char *filename, > - int linenum, const char *expr) > - { > -- panic(KERN_CRIT TPM_MODULE_NAME "%s:%d: GNU MP assertion failed: %s\n", > -+ error("%s:%d: GNU MP assertion failed: %s\n", > - filename, linenum, expr); > - } > - > --void __attribute__ ((regparm(0))) abort(void) > --{ > -- panic(KERN_CRIT TPM_MODULE_NAME "GNU MP abort() was called\n"); > --} > -- > - /* overwrite GNU MP random functions (used by mpz/millerrabin.c) */ > - > - void __attribute__ ((regparm(0))) gmp_randinit(gmp_randstate_t rstate, > -@@ -77,20 +73,19 @@ void __attribute__ ((regparm(0))) mpz_ur > - > - void __attribute__ ((regparm(0))) *kernel_allocate(size_t size) > - { > -- void *ret = (void*)kmalloc(size, GFP_KERNEL); > -- if (!ret) panic(KERN_CRIT TPM_MODULE_NAME > -- "GMP: cannot allocate memory (size=%u)\n", size); > -+ void *ret = (void*)malloc(size); > -+ if (!ret) error("GMP: cannot allocate memory (size=%Zu)\n", size); > - return ret; > - } > - > - void __attribute__ ((regparm(0))) *kernel_reallocate(void *oldptr, > - size_t old_size, size_t new_size) > - { > -- void *ret = (void*)kmalloc(new_size, GFP_KERNEL); > -- if (!ret) panic(KERN_CRIT TPM_MODULE_NAME "GMP: Cannot reallocate memory " > -- "(old_size=%u new_size=%u)\n", old_size, new_size); > -+ void *ret = (void*)malloc(new_size); > -+ if (!ret) error("GMP: Cannot reallocate memory " > -+ "(old_size=%Zu new_size=%Zu)\n", old_size, new_size); > - memcpy(ret, oldptr, old_size); > -- kfree(oldptr); > -+ free(oldptr); > - return ret; > - } > - > -@@ -99,7 +94,7 @@ void __attribute__ ((regparm(0))) kernel > - /* overwrite used memory */ > - if (blk_ptr != NULL) { > - memset(blk_ptr, 0, blk_size); > -- kfree(blk_ptr); > -+ free(blk_ptr); > - } > - } > - > -diff -uprN orig/tpm_emulator-0.4/crypto/rsa.c tpm_emulator/crypto/rsa.c > ---- orig/tpm_emulator-0.4/crypto/rsa.c 2006-06-23 03:37:07.000000000 -0700 > -+++ tpm_emulator/crypto/rsa.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -1,5 +1,6 @@ > - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux > - * Copyright (C) 2004 Mario Strasser <mast@xxxxxxx>, > -+ * Copyright (C) 2005 INTEL Corp > - * > - * This module is free software; you can redistribute it and/or modify > - * it under the terms of the GNU General Public License as published > -@@ -381,7 +382,7 @@ static int encode_message(int type, uint > - msg[0] = 0x00; > - get_random_bytes(&msg[1], SHA1_DIGEST_LENGTH); > - sha1_init(&ctx); > -- sha1_update(&ctx, "TCPA", 4); > -+ sha1_update(&ctx, (uint8_t *) "TCPA", 4); > - sha1_final(&ctx, &msg[1 + SHA1_DIGEST_LENGTH]); > - memset(&msg[1 + 2 * SHA1_DIGEST_LENGTH], 0x00, > - msg_len - data_len - 2 * SHA1_DIGEST_LENGTH - 2); > -@@ -429,7 +430,7 @@ static int decode_message(int type, uint > - mask_generation(&msg[1], SHA1_DIGEST_LENGTH, > - &msg[1 + SHA1_DIGEST_LENGTH], msg_len - SHA1_DIGEST_LENGTH - 1); > - sha1_init(&ctx); > -- sha1_update(&ctx, "TCPA", 4); > -+ sha1_update(&ctx, (uint8_t *) "TCPA", 4); > - sha1_final(&ctx, &msg[1]); > - if (memcmp(&msg[1], &msg[1 + SHA1_DIGEST_LENGTH], > - SHA1_DIGEST_LENGTH) != 0) return -1; > -diff -uprN orig/tpm_emulator-0.4/linux_module.c tpm_emulator/linux_module.c > ---- orig/tpm_emulator-0.4/linux_module.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/linux_module.c 1969-12-31 16:00:00.000000000 -0800 > -@@ -1,195 +0,0 @@ > --/* Software-Based Trusted Platform Module (TPM) Emulator for Linux > -- * Copyright (C) 2004 Mario Strasser <mast@xxxxxxx>, > -- * > -- * This module is free software; you can redistribute it and/or modify > -- * it under the terms of the GNU General Public License as published > -- * by the Free Software Foundation; either version 2 of the License, > -- * or (at your option) any later version. > -- * > -- * This module is distributed in the hope that it will be useful, > -- * but WITHOUT ANY WARRANTY; without even the implied warranty of > -- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > -- * GNU General Public License for more details. > -- * > -- * $Id: linux_module.c 91 2006-03-13 13:51:41Z mast $ > -- */ > -- > --#include <linux/module.h> > --#include <linux/kernel.h> > --#include <linux/init.h> > --#include <linux/miscdevice.h> > --#include <linux/poll.h> > --#include "linux_module.h" > --#include "tpm/tpm_emulator.h" > -- > --MODULE_LICENSE("GPL"); > --MODULE_AUTHOR("Mario Strasser <mast@xxxxxxx>"); > --MODULE_DESCRIPTION("Trusted Platform Module (TPM) Emulator"); > --MODULE_SUPPORTED_DEVICE(TPM_DEVICE_NAME); > -- > --/* module startup parameters */ > --char *startup = "save"; > --module_param(startup, charp, 0444); > --MODULE_PARM_DESC(startup, " Sets the startup mode of the TPM. " > -- "Possible values are 'clear', 'save' (default) and 'deactivated."); > --char *storage_file = "/var/tpm/tpm_emulator-1.2.0.2"; > --module_param(storage_file, charp, 0644); > --MODULE_PARM_DESC(storage_file, " Sets the persistent-data storage " > -- "file of the TPM."); > -- > --/* TPM lock */ > --static struct semaphore tpm_mutex; > -- > --/* TPM command response */ > --static struct { > -- uint8_t *data; > -- uint32_t size; > --} tpm_response; > -- > --/* module state */ > --#define STATE_IS_OPEN 0 > --static uint32_t module_state; > --static struct timespec old_time; > -- > --static int tpm_open(struct inode *inode, struct file *file) > --{ > -- debug("%s()", __FUNCTION__); > -- if (test_and_set_bit(STATE_IS_OPEN, (void*)&module_state)) return -EBUSY; > -- return 0; > --} > -- > --static int tpm_release(struct inode *inode, struct file *file) > --{ > -- debug("%s()", __FUNCTION__); > -- clear_bit(STATE_IS_OPEN, (void*)&module_state); > -- down(&tpm_mutex); > -- if (tpm_response.data != NULL) { > -- kfree(tpm_response.data); > -- tpm_response.data = NULL; > -- } > -- up(&tpm_mutex); > -- return 0; > --} > -- > --static ssize_t tpm_read(struct file *file, char *buf, size_t count, loff_t > *ppos) > --{ > -- debug("%s(%d)", __FUNCTION__, count); > -- down(&tpm_mutex); > -- if (tpm_response.data != NULL) { > -- count = min(count, (size_t)tpm_response.size - (size_t)*ppos); > -- count -= copy_to_user(buf, &tpm_response.data[*ppos], count); > -- *ppos += count; > -- if ((size_t)tpm_response.size == (size_t)*ppos) { > -- kfree(tpm_response.data); > -- tpm_response.data = NULL; > -- } > -- } else { > -- count = 0; > -- } > -- up(&tpm_mutex); > -- return count; > --} > -- > --static ssize_t tpm_write(struct file *file, const char *buf, size_t count, > loff_t *ppos) > --{ > -- debug("%s(%d)", __FUNCTION__, count); > -- down(&tpm_mutex); > -- *ppos = 0; > -- if (tpm_response.data != NULL) kfree(tpm_response.data); > -- if (tpm_handle_command(buf, count, &tpm_response.data, > -- &tpm_response.size) != 0) { > -- count = -EILSEQ; > -- tpm_response.data = NULL; > -- } > -- up(&tpm_mutex); > -- return count; > --} > -- > --#define TPMIOC_CANCEL _IO('T', 0x00) > --#define TPMIOC_TRANSMIT _IO('T', 0x01) > -- > --static int tpm_ioctl(struct inode *inode, struct file *file, unsigned int > cmd, unsigned long arg) > --{ > -- debug("%s(%d, %p)", __FUNCTION__, cmd, (char*)arg); > -- if (cmd == TPMIOC_TRANSMIT) { > -- uint32_t count = ntohl(*(uint32_t*)(arg + 2)); > -- down(&tpm_mutex); > -- if (tpm_response.data != NULL) kfree(tpm_response.data); > -- if (tpm_handle_command((char*)arg, count, &tpm_response.data, > -- &tpm_response.size) == 0) { > -- tpm_response.size -= copy_to_user((char*)arg, tpm_response.data, > -- tpm_response.size); > -- kfree(tpm_response.data); > -- tpm_response.data = NULL; > -- } else { > -- tpm_response.size = 0; > -- tpm_response.data = NULL; > -- } > -- up(&tpm_mutex); > -- return tpm_response.size; > -- } > -- return -1; > --} > -- > --struct file_operations fops = { > -- .owner = THIS_MODULE, > -- .open = tpm_open, > -- .release = tpm_release, > -- .read = tpm_read, > -- .write = tpm_write, > -- .ioctl = tpm_ioctl, > --}; > -- > --static struct miscdevice tpm_dev = { > -- .minor = TPM_DEVICE_MINOR, > -- .name = TPM_DEVICE_NAME, > -- .fops = &fops, > --}; > -- > --int __init init_tpm_module(void) > --{ > -- int res = misc_register(&tpm_dev); > -- if (res != 0) { > -- error("misc_register() failed for minor %d\n", TPM_DEVICE_MINOR); > -- return res; > -- } > -- /* initialize variables */ > -- sema_init(&tpm_mutex, 1); > -- module_state = 0; > -- tpm_response.data = NULL; > -- old_time = current_kernel_time(); > -- /* initialize TPM emulator */ > -- if (!strcmp(startup, "clear")) { > -- tpm_emulator_init(1); > -- } else if (!strcmp(startup, "save")) { > -- tpm_emulator_init(2); > -- } else if (!strcmp(startup, "deactivated")) { > -- tpm_emulator_init(3); > -- } else { > -- error("invalid startup mode '%s'; must be 'clear', " > -- "'save' (default) or 'deactivated", startup); > -- misc_deregister(&tpm_dev); > -- return -EINVAL; > -- } > -- return 0; > --} > -- > --void __exit cleanup_tpm_module(void) > --{ > -- tpm_emulator_shutdown(); > -- misc_deregister(&tpm_dev); > -- if (tpm_response.data != NULL) kfree(tpm_response.data); > --} > -- > --module_init(init_tpm_module); > --module_exit(cleanup_tpm_module); > -- > --uint64_t tpm_get_ticks(void) > --{ > -- struct timespec new_time = current_kernel_time(); > -- uint64_t ticks = (uint64_t)(new_time.tv_sec - old_time.tv_sec) * 1000000 > -- + (new_time.tv_nsec - old_time.tv_nsec) / 1000; > -- old_time = new_time; > -- return (ticks > 0) ? ticks : 1; > --} > -- > -diff -uprN orig/tpm_emulator-0.4/linux_module.h tpm_emulator/linux_module.h > ---- orig/tpm_emulator-0.4/linux_module.h 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/linux_module.h 2006-07-24 14:35:35.000000000 -0700 > -@@ -1,5 +1,6 @@ > - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux > - * Copyright (C) 2004 Mario Strasser <mast@xxxxxxx>, > -+ * Copyright (C) 2005 INTEL Corp > - * > - * This module is free software; you can redistribute it and/or modify > - * it under the terms of the GNU General Public License as published > -@@ -17,54 +18,62 @@ > - #ifndef _LINUX_MODULE_H_ > - #define _LINUX_MODULE_H_ > - > --#include <linux/version.h> > --#include <linux/kernel.h> > --#include <linux/slab.h> > -+#include <malloc.h> > -+#include <stdint.h> > -+#include <stdio.h> > -+#include <string.h> > - #include <linux/types.h> > --#include <linux/string.h> > --#include <linux/random.h> > --#include <linux/time.h> > --#include <asm/byteorder.h> > - > --/* module settings */ > -+#include <endian.h> > -+#define __BYTEORDER_HAS_U64__ > -+#ifdef LITTLE_ENDIAN > -+ #include <linux/byteorder/little_endian.h> > -+#else > -+ #include <linux/byteorder/big_endian.h> > -+#endif > - > -+/* module settings */ > -+#define min(A,B) ((A)<(B)?(A):(B)) > -+#ifndef STR > - #define STR(s) __STR__(s) > - #define __STR__(s) #s > -+#endif > - #include "tpm_version.h" > - > - #define TPM_DEVICE_MINOR 224 > - #define TPM_DEVICE_NAME "tpm" > - #define TPM_MODULE_NAME "tpm_emulator" > - > --/* debug and log output functions */ > -- > - #ifdef DEBUG > --#define debug(fmt, ...) printk(KERN_DEBUG "%s %s:%d: Debug: " fmt "\n", \ > -- TPM_MODULE_NAME, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define debug(fmt, ...) printf("TPMD: %s:%d: Debug: " fmt "\n", \ > -+ __FILE__, __LINE__, ## __VA_ARGS__) > - #else > - #define debug(fmt, ...) > - #endif > --#define info(fmt, ...) printk(KERN_INFO "%s %s:%d: Info: " fmt "\n", \ > -- TPM_MODULE_NAME, __FILE__, __LINE__, ## __VA_ARGS__) > --#define error(fmt, ...) printk(KERN_ERR "%s %s:%d: Error: " fmt "\n", \ > -- TPM_MODULE_NAME, __FILE__, __LINE__, ## __VA_ARGS__) > --#define alert(fmt, ...) printk(KERN_ALERT "%s %s:%d: Alert: " fmt "\n", \ > -- TPM_MODULE_NAME, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define info(fmt, ...) printf("TPMD: %s:%d: Info: " fmt "\n", \ > -+ __FILE__, __LINE__, ## __VA_ARGS__) > -+#define error(fmt, ...) printf("TPMD: %s:%d: Error: " fmt "\n", \ > -+ __FILE__, __LINE__, ## __VA_ARGS__) > -+#define alert(fmt, ...) printf("TPMD: %s:%d: Alert: " fmt "\n", \ > -+ __FILE__, __LINE__, ## __VA_ARGS__) > - > - /* memory allocation */ > - > - static inline void *tpm_malloc(size_t size) > - { > -- return kmalloc(size, GFP_KERNEL); > -+ return malloc(size); > - } > - > - static inline void tpm_free(const void *ptr) > - { > -- if (ptr != NULL) kfree(ptr); > -+ if (ptr != NULL) free( (void *) ptr); > - } > - > - /* random numbers */ > - > -+//FIXME; > -+void get_random_bytes(void *buf, int nbytes); > -+ > - static inline void tpm_get_random_bytes(void *buf, int nbytes) > - { > - get_random_bytes(buf, nbytes); > -@@ -84,9 +93,9 @@ uint64_t tpm_get_ticks(void); > - #define CPU_TO_LE16(x) __cpu_to_le16(x) > - > - #define BE64_TO_CPU(x) __be64_to_cpu(x) > --#define LE64_TO_CPU(x) __be64_to_cpu(x) > -+#define LE64_TO_CPU(x) __le64_to_cpu(x) > - #define BE32_TO_CPU(x) __be32_to_cpu(x) > --#define LE32_TO_CPU(x) __be32_to_cpu(x) > -+#define LE32_TO_CPU(x) __le32_to_cpu(x) > - #define BE16_TO_CPU(x) __be16_to_cpu(x) > - #define LE16_TO_CPU(x) __le16_to_cpu(x) > - > -diff -uprN orig/tpm_emulator-0.4/Makefile tpm_emulator/Makefile > ---- orig/tpm_emulator-0.4/Makefile 2006-06-23 03:37:07.000000000 -0700 > -+++ tpm_emulator/Makefile 2006-07-24 14:35:35.000000000 -0700 > -@@ -1,24 +1,40 @@ > - # Software-Based Trusted Platform Module (TPM) Emulator for Linux > - # Copyright (C) 2004 Mario Strasser <mast@xxxxxxx> > -+# Copyright (C) 2006 INTEL Corp. > - # > - # $Id: Makefile 115 2006-06-23 10:36:44Z mast $ > - > --# kernel settings > --KERNEL_RELEASE := $(shell uname -r) > --KERNEL_BUILD := /lib/modules/$(KERNEL_RELEASE)/build > --MOD_SUBDIR := misc > -+COMPILE_ARCH ?= $(shell uname -m | sed -e s/i.86/x86_32/) > - > - # module settings > --MODULE_NAME := tpm_emulator > -+BIN := tpm_emulator > - VERSION_MAJOR := 0 > - VERSION_MINOR := 4 > - VERSION_BUILD := $(shell date +"%s") > - > --# enable/disable DEBUG messages > --EXTRA_CFLAGS += -Wall -DDEBUG -g > -+# Installation program and options > -+INSTALL = install > -+INSTALL_PROG = $(INSTALL) -m0755 > -+INSTALL_DIR = $(INSTALL) -d -m0755 > -+ > -+# Xen tools installation directory > -+TOOLS_INSTALL_DIR = $(DESTDIR)/usr/bin > -+ > -+CC := gcc > -+CFLAGS += -g -Wall $(INCLUDE) -DDEBUG > -+CFLAGS += -I. -Itpm > -+ > -+# Is the simulator running in it's own vm? > -+#CFLAGS += -DVTPM_MULTI_VM > -+ > -+ifeq ($(COMPILE_ARCH),x86_64) > -+LIBDIR = lib64 > -+else > -+LIBDIR = lib > -+endif > - > - # GNU MP configuration > --GMP_LIB := /usr/lib/libgmp.a > -+GMP_LIB := /usr/$(LIBDIR)/libgmp.a > - GMP_HEADER := /usr/include/gmp.h > - > - # sources and objects > -@@ -27,38 +43,32 @@ DIRS := . crypto tpm > - SRCS := $(foreach dir, $(DIRS), $(wildcard $(src)/$(dir)/*.c)) > - OBJS := $(patsubst %.c, %.o, $(SRCS)) > - SRCS += $(foreach dir, $(DIRS), $(wildcard $(src)/$(dir)/*.h)) > --DISTSRC := ./README ./AUTHORS ./ChangeLog ./Makefile $(SRCS) > --DISTDIR := tpm_emulator-$(VERSION_MAJOR).$(VERSION_MINOR) > - > --obj-m := $(MODULE_NAME).o > --$(MODULE_NAME)-objs := $(patsubst $(src)/%.o, %.o, $(OBJS)) crypto/libgmp.a > -+obj-m := $(BIN) > -+$(BIN)-objs := $(patsubst $(src)/%.o, %.o, $(OBJS)) crypto/libgmp.a > - > - EXTRA_CFLAGS += -I$(src) -I$(src)/crypto -I$(src)/tpm > - > - # do not print "Entering directory ..." > - MAKEFLAGS += --no-print-directory > - > --all: $(src)/crypto/gmp.h $(src)/crypto/libgmp.a version > -- @$(MAKE) -C $(KERNEL_BUILD) M=$(CURDIR) modules > -+all: $(BIN) > - > --install: > -- @$(MAKE) -C $(KERNEL_BUILD) M=$(CURDIR) modules_install > -- test -d /var/tpm || mkdir /var/tpm > -- test -c /dev/tpm || mknod /dev/tpm c 10 224 > -- chmod 666 /dev/tpm > -- depmod -a > -+$(BIN): $(src)/crypto/gmp.h $(src)/crypto/libgmp.a version $(SRCS) > $(OBJS) > -+ $(CC) $(CFLAGS) $(OBJS) $(src)/crypto/libgmp.a -o $(BIN) > -+ > -+%.o: %.c > -+ $(CC) $(CFLAGS) -c $< -o $@ > -+ > -+install: $(BIN) > -+ $(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR) > -+ @if [ ! -d "/var/tpm" ]; then mkdir /var/tpm; fi > - > - clean: > -- @$(MAKE) -C $(KERNEL_BUILD) M=$(CURDIR) clean > -- rm -f $(src)/crypto/gmp.h $(src)/crypto/libgmp.a > -+ rm -f $(src)/crypto/gmp.h $(src)/crypto/libgmp.a $(OBJS) > - > --dist: $(DISTSRC) > -- rm -rf $(DISTDIR) > -- mkdir $(DISTDIR) > -- cp --parents $(DISTSRC) $(DISTDIR)/ > -- rm -f $(DISTDIR)/crypto/gmp.h > -- tar -chzf $(DISTDIR).tar.gz $(DISTDIR) > -- rm -rf $(DISTDIR) > -+mrproper: clean > -+ rm -f $(BIN) tpm_version.h > - > - $(src)/crypto/libgmp.a: > - test -f $(src)/crypto/libgmp.a || ln -s $(GMP_LIB) > $(src)/crypto/libgmp.a > -@@ -88,4 +98,3 @@ version: > - @echo "#endif /* _TPM_VERSION_H_ */" >> $(src)/tpm_version.h > - > - .PHONY: all install clean dist gmp version > -- > -diff -uprN orig/tpm_emulator-0.4/README tpm_emulator/README > ---- orig/tpm_emulator-0.4/README 2006-06-23 03:37:07.000000000 -0700 > -+++ tpm_emulator/README 2006-07-24 14:35:35.000000000 -0700 > -@@ -13,7 +13,8 @@ $Id: README 113 2006-06-18 12:38:13Z hst > - Copyright > - -------------------------------------------------------------------------- > - Copyright (C) 2004 Mario Strasser <mast@xxxxxxx> and Swiss Federal > --Institute of Technology (ETH) Zurich. > -+ Institute of Technology (ETH) Zurich. > -+Copyright (C) 2005 INTEL Corp > - > - This program is free software; you can redistribute it and/or modify > - it under the terms of the GNU General Public License as published by > -@@ -43,6 +44,12 @@ Example: > - GMP_LIB := /usr/lib/libgmp.a > - GMP_HEADER := /usr/include/gmp.h > - > -+GNU MP Library on 64 bit Systems > -+-------------------------------------------------------------------------- > -+Some 64-bit kernels have problems with importing the user-space gmp > -+library (/usr/lib*/libgmp.a) into kernel space. These kernels will require > -+that the gmp library be recompiled for kernel space with -mcmodel=kernel. > -+ > - Installation > - -------------------------------------------------------------------------- > - The compilation and installation process uses the build environment for > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_capability.c > tpm_emulator/tpm/tpm_capability.c > ---- orig/tpm_emulator-0.4/tpm/tpm_capability.c 2006-06-23 19:37:07.000000000 > +0900 > -+++ tpm_emulator/tpm/tpm_capability.c 2007-12-28 22:50:19.000000000 +0900 > -@@ -701,7 +701,10 @@ TPM_RESULT TPM_GetCapabilityOwner(TPM_VE > - TPM_RESULT res; > - > - info("TPM_GetCapabilityOwner()"); > -- > -+ > -+ if (!tpmData.permanent.flags.owned) { > -+ return TPM_NOSRK; > -+ } > - /* Verify owner authorization */ > - res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, > TPM_KH_OWNER); > - if (res != TPM_SUCCESS) return res; > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_cmd_handler.c > tpm_emulator/tpm/tpm_cmd_handler.c > ---- orig/tpm_emulator-0.4/tpm/tpm_cmd_handler.c 2006-06-23 > 19:37:07.000000000 +0900 > -+++ tpm_emulator/tpm/tpm_cmd_handler.c 2007-09-12 20:23:00.000000000 +0900 > -@@ -565,7 +565,7 @@ static TPM_RESULT execute_TPM_Seal(TPM_R > - if (tpm_unmarshal_TPM_KEY_HANDLE(&ptr, &len, &keyHandle) > - || tpm_unmarshal_TPM_ENCAUTH(&ptr, &len, &encAuth) > - || tpm_unmarshal_UINT32(&ptr, &len, &pcrInfoSize) > -- || tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, &pcrInfo) > -+ || (pcrInfoSize >0 && tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, > &pcrInfo)) > - || tpm_unmarshal_UINT32(&ptr, &len, &inDataSize) > - || tpm_unmarshal_BLOB(&ptr, &len, &inData, inDataSize) > - || len != 0) return TPM_BAD_PARAMETER; > -@@ -798,7 +798,7 @@ static TPM_RESULT execute_TPM_Sealx(TPM_ > - if (tpm_unmarshal_TPM_KEY_HANDLE(&ptr, &len, &keyHandle) > - || tpm_unmarshal_TPM_ENCAUTH(&ptr, &len, &encAuth) > - || tpm_unmarshal_UINT32(&ptr, &len, &pcrInfoSize) > -- || tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, &pcrInfo) > -+ || (pcrInfoSize > 0 && tpm_unmarshal_TPM_PCR_INFO(&ptr, &len, > &pcrInfo)) > - || tpm_unmarshal_UINT32(&ptr, &len, &inDataSize) > - || tpm_unmarshal_BLOB(&ptr, &len, &inData, inDataSize) > - || len != 0) return TPM_BAD_PARAMETER; > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_credentials.c > tpm_emulator/tpm/tpm_credentials.c > ---- orig/tpm_emulator-0.4/tpm/tpm_credentials.c 2006-06-23 > 19:37:07.000000000 +0900 > -+++ tpm_emulator/tpm/tpm_credentials.c 2007-09-12 20:23:30.000000000 +0900 > -@@ -47,20 +47,20 @@ int tpm_compute_pubkey_checksum(TPM_NONC > - > - TPM_RESULT tpm_get_pubek(TPM_PUBKEY *pubEndorsementKey) > - { > -- UINT32 key_length; > -+ size_t key_length; > - if (!tpmData.permanent.data.endorsementKey.size) return > TPM_NO_ENDORSEMENT; > - /* setup TPM_PUBKEY structure */ > -- key_length = tpmData.permanent.data.endorsementKey.size; > -- pubEndorsementKey->pubKey.keyLength = key_length >> 3; > -+ pubEndorsementKey->pubKey.keyLength = > tpmData.permanent.data.endorsementKey.size >> 3; > - pubEndorsementKey->pubKey.key = > tpm_malloc(pubEndorsementKey->pubKey.keyLength); > - if (pubEndorsementKey->pubKey.key == NULL) return TPM_FAIL; > - rsa_export_modulus(&tpmData.permanent.data.endorsementKey, > -- pubEndorsementKey->pubKey.key, > -- &pubEndorsementKey->pubKey.keyLength); > -+ pubEndorsementKey->pubKey.key, > -+ &key_length); > -+ pubEndorsementKey->pubKey.keyLength = key_length; > - pubEndorsementKey->algorithmParms.algorithmID = TPM_ALG_RSA; > - pubEndorsementKey->algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; > - pubEndorsementKey->algorithmParms.sigScheme = TPM_SS_NONE; > -- pubEndorsementKey->algorithmParms.parms.rsa.keyLength = key_length; > -+ pubEndorsementKey->algorithmParms.parms.rsa.keyLength = key_length << 3; > - pubEndorsementKey->algorithmParms.parms.rsa.numPrimes = 2; > - pubEndorsementKey->algorithmParms.parms.rsa.exponentSize = 0; > - pubEndorsementKey->algorithmParms.parms.rsa.exponent = NULL; > -@@ -175,6 +175,7 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_ > - { > - TPM_RESULT res; > - TPM_KEY_DATA *srk = &tpmData.permanent.data.srk; > -+ size_t key_length; > - info("TPM_OwnerReadInternalPub()"); > - /* verify authorization */ > - res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, > TPM_KH_OWNER); > -@@ -186,7 +187,8 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_ > - publicPortion->pubKey.key = tpm_malloc(publicPortion->pubKey.keyLength); > - if (publicPortion->pubKey.key == NULL) return TPM_FAIL; > - rsa_export_modulus(&srk->key, publicPortion->pubKey.key, > -- &publicPortion->pubKey.keyLength); > -+ &key_length); > -+ publicPortion->pubKey.keyLength = key_length; > - publicPortion->algorithmParms.algorithmID = TPM_ALG_RSA; > - publicPortion->algorithmParms.encScheme = srk->encScheme; > - publicPortion->algorithmParms.sigScheme = srk->sigScheme; > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_crypto.c > tpm_emulator/tpm/tpm_crypto.c > ---- orig/tpm_emulator-0.4/tpm/tpm_crypto.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_crypto.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -182,7 +182,8 @@ TPM_RESULT TPM_CertifyKey(TPM_KEY_HANDLE > - TPM_KEY_DATA *cert, *key; > - sha1_ctx_t sha1_ctx; > - BYTE *buf, *p; > -- UINT32 length; > -+ UINT32 length32; > -+ size_t length; > - info("TPM_CertifyKey()"); > - /* get keys */ > - cert = tpm_get_key(certHandle); > -@@ -264,14 +265,15 @@ TPM_RESULT TPM_CertifyKey(TPM_KEY_HANDLE > - /* compute the digest of the CERTIFY_INFO[2] structure and sign it */ > - length = sizeof_TPM_CERTIFY_INFO((*certifyInfo)); > - p = buf = tpm_malloc(length); > -+ length32=(UINT32) length; > - if (buf == NULL > -- || tpm_marshal_TPM_CERTIFY_INFO(&p, &length, certifyInfo)) { > -+ || tpm_marshal_TPM_CERTIFY_INFO(&p, &length32, certifyInfo)) { > - free_TPM_KEY_PARMS(certifyInfo->algorithmParms); > - return TPM_FAIL; > - } > - length = sizeof_TPM_CERTIFY_INFO((*certifyInfo)); > - sha1_init(&sha1_ctx); > -- sha1_update(&sha1_ctx, buf, length); > -+ sha1_update(&sha1_ctx, buf, (size_t) length); > - sha1_final(&sha1_ctx, buf); > - res = tpm_sign(cert, auth1, FALSE, buf, SHA1_DIGEST_LENGTH, outData, > outDataSize); > - tpm_free(buf); > -@@ -292,7 +294,8 @@ TPM_RESULT TPM_CertifyKey2(TPM_KEY_HANDL > - TPM_KEY_DATA *cert, *key; > - sha1_ctx_t sha1_ctx; > - BYTE *buf, *p; > -- UINT32 length; > -+ size_t length; > -+ UINT32 length32; > - info("TPM_CertifyKey2()"); > - /* get keys */ > - cert = tpm_get_key(certHandle); > -@@ -362,8 +365,9 @@ TPM_RESULT TPM_CertifyKey2(TPM_KEY_HANDL > - /* compute the digest of the CERTIFY_INFO[2] structure and sign it */ > - length = sizeof_TPM_CERTIFY_INFO((*certifyInfo)); > - p = buf = tpm_malloc(length); > -+ length32 = (UINT32) length; > - if (buf == NULL > -- || tpm_marshal_TPM_CERTIFY_INFO(&p, &length, certifyInfo)) { > -+ || tpm_marshal_TPM_CERTIFY_INFO(&p, &length32, certifyInfo)) { > - free_TPM_KEY_PARMS(certifyInfo->algorithmParms); > - return TPM_FAIL; > - } > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_daa.c tpm_emulator/tpm/tpm_daa.c > ---- orig/tpm_emulator-0.4/tpm/tpm_daa.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_daa.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -716,14 +716,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x00", 1); > -+ sha1_update(&sha1, (BYTE *) "\x00", 1); > - sha1_final(&sha1, scratch); > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x01", 1); > -+ sha1_update(&sha1, (BYTE *) "\x01", 1); > - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); > - mpz_init(f), mpz_init(q); > - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); > -@@ -805,14 +805,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x00", 1); > -+ sha1_update(&sha1, (BYTE *) "\x00", 1); > - sha1_final(&sha1, scratch); > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x01", 1); > -+ sha1_update(&sha1, (BYTE *) "\x01", 1); > - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); > - mpz_init(f), mpz_init(q); > - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); > -@@ -1489,14 +1489,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x00", 1); > -+ sha1_update(&sha1, (BYTE *) "\x00", 1); > - sha1_final(&sha1, scratch); > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x01", 1); > -+ sha1_update(&sha1, (BYTE *) "\x01", 1); > - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); > - mpz_init(f), mpz_init(q); > - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); > -@@ -1712,14 +1712,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x00", 1); > -+ sha1_update(&sha1, (BYTE *) "\x00", 1); > - sha1_final(&sha1, scratch); > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x01", 1); > -+ sha1_update(&sha1, (BYTE *) "\x01", 1); > - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); > - mpz_init(f), mpz_init(q); > - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); > -@@ -1793,14 +1793,14 @@ TPM_RESULT TPM_DAA_Join(TPM_HANDLE handl > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x00", 1); > -+ sha1_update(&sha1, (BYTE *) "\x00", 1); > - sha1_final(&sha1, scratch); > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x01", 1); > -+ sha1_update(&sha1, (BYTE *) "\x01", 1); > - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); > - mpz_init(f), mpz_init(q); > - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); > -@@ -2918,14 +2918,14 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x00", 1); > -+ sha1_update(&sha1, (BYTE *) "\x00", 1); > - sha1_final(&sha1, scratch); > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x01", 1); > -+ sha1_update(&sha1, (BYTE *) "\x01", 1); > - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); > - mpz_init(f), mpz_init(q); > - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); > -@@ -3143,7 +3143,7 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_session.DAA_digest, > - sizeof(session->DAA_session.DAA_digest)); > -- sha1_update(&sha1, "\x01", 1); > -+ sha1_update(&sha1, (BYTE *) "\x01", 1); > - sha1_update(&sha1, inputData1, inputSize1); > - sha1_final(&sha1, (BYTE*) &session->DAA_session.DAA_digest); > - } > -@@ -3172,7 +3172,7 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_session.DAA_digest, > - sizeof(session->DAA_session.DAA_digest)); > -- sha1_update(&sha1, "\x00", 1); > -+ sha1_update(&sha1, (BYTE*) "\x00", 1); > - rsa_export_modulus(&aikData->key, scratch, &size); > - sha1_update(&sha1, scratch, size); > - sha1_final(&sha1, (BYTE*) &session->DAA_session.DAA_digest); > -@@ -3229,14 +3229,14 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x00", 1); > -+ sha1_update(&sha1, (BYTE *) "\x00", 1); > - sha1_final(&sha1, scratch); > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x01", 1); > -+ sha1_update(&sha1, (BYTE *) "\x01", 1); > - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); > - mpz_init(f), mpz_init(q); > - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); > -@@ -3309,14 +3309,14 @@ TPM_RESULT TPM_DAA_Sign(TPM_HANDLE handl > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x00", 1); > -+ sha1_update(&sha1, (BYTE *) "\x00", 1); > - sha1_final(&sha1, scratch); > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_rekey, > - sizeof(session->DAA_tpmSpecific.DAA_rekey)); > - sha1_update(&sha1, (BYTE*) &session->DAA_tpmSpecific.DAA_count, > - sizeof(session->DAA_tpmSpecific.DAA_count)); > -- sha1_update(&sha1, "\x01", 1); > -+ sha1_update(&sha1, (BYTE *) "\x01", 1); > - sha1_final(&sha1, scratch + SHA1_DIGEST_LENGTH); > - mpz_init(f), mpz_init(q); > - mpz_import(f, 2 * SHA1_DIGEST_LENGTH, 1, 1, 0, 0, scratch); > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_data.c tpm_emulator/tpm/tpm_data.c > ---- orig/tpm_emulator-0.4/tpm/tpm_data.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_data.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -40,6 +40,7 @@ static inline void init_pcr_attr(int pcr > - void tpm_init_data(void) > - { > - /* endorsement key */ > -+#ifndef TPM_GENERATE_EK > - uint8_t ek_n[] = > "\xa8\xdb\xa9\x42\xa8\xf3\xb8\x06\x85\x90\x76\x93\xad\xf7" > - "\x74\xec\x3f\xd3\x3d\x9d\xe8\x2e\xff\x15\xed\x0e\xce\x5f\x93" > - "\x92\xeb\xd1\x96\x2b\x72\x18\x81\x79\x12\x9d\x9c\x40\xd7\x1a" > -@@ -77,6 +78,8 @@ void tpm_init_data(void) > - "\xd1\xc0\x8b\x5b\xa2\x2e\xa7\x15\xca\x50\x75\x10\x48\x9c\x2b" > - "\x18\xb9\x67\x8f\x5d\x64\xc3\x28\x9f\x2f\x16\x2f\x08\xda\x47" > - "\xec\x86\x43\x0c\x80\x99\x07\x34\x0f"; > -+#endif > -+ > - int i; > - /* reset all data to NULL, FALSE or 0 */ > - memset(&tpmData, 0, sizeof(tpmData)); > -@@ -152,44 +155,43 @@ void tpm_release_data(void) > - > - #ifdef TPM_STORE_TO_FILE > - > --#include <linux/fs.h> > --#include <linux/unistd.h> > --#include <asm/uaccess.h> > -+#include <sys/types.h> > -+#include <sys/stat.h> > -+#include <fcntl.h> > -+#include <unistd.h> > - > - #define TPM_STORAGE_FILE "/var/tpm/tpm_emulator-1.2." STR(VERSION_MAJOR) > "." STR(VERSION_MINOR) > - > - static int write_to_file(uint8_t *data, size_t data_length) > - { > - int res; > -- struct file *fp; > -- mm_segment_t old_fs = get_fs(); > -- fp = filp_open(TPM_STORAGE_FILE, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | > S_IWUSR); > -- if (IS_ERR(fp)) return -1; > -- set_fs(get_ds()); > -- res = fp->f_op->write(fp, data, data_length, &fp->f_pos); > -- set_fs(old_fs); > -- filp_close(fp, NULL); > -+ int fp; > -+ fp = open(TPM_STORAGE_FILE, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | > S_IWUSR); > -+ res = write(fp, data, data_length); > -+ close(fp); > - return (res == data_length) ? 0 : -1; > - } > - > - static int read_from_file(uint8_t **data, size_t *data_length) > - { > - int res; > -- struct file *fp; > -- mm_segment_t old_fs = get_fs(); > -- fp = filp_open(TPM_STORAGE_FILE, O_RDONLY, 0); > -- if (IS_ERR(fp)) return -1; > -- *data_length = (size_t)fp->f_dentry->d_inode->i_size; > -- /* *data_length = i_size_read(fp->f_dentry->d_inode); */ > -+ int fp, file_status; > -+ struct stat file_info; > -+ fp = open(TPM_STORAGE_FILE, O_RDONLY, 0); > -+ file_status = fstat(fp, &file_info); > -+ if (file_status < 0) { > -+ close(fp); > -+ return -1; > -+ } > -+ > -+ *data_length = file_info.st_size; > - *data = tpm_malloc(*data_length); > - if (*data == NULL) { > -- filp_close(fp, NULL); > -+ close(fp); > - return -1; > - } > -- set_fs(get_ds()); > -- res = fp->f_op->read(fp, *data, *data_length, &fp->f_pos); > -- set_fs(old_fs); > -- filp_close(fp, NULL); > -+ res = read(fp, *data, *data_length); > -+ close(fp); > - if (res != *data_length) { > - tpm_free(*data); > - return -1; > -@@ -216,23 +218,30 @@ static int read_from_file(uint8_t **data > - int tpm_store_permanent_data(void) > - { > - uint8_t *buf, *ptr; > -- size_t buf_length, len; > -+ UINT32 buf_length, len; > - > - /* marshal data */ > -- buf_length = len = sizeof_TPM_STCLEAR_FLAGS(tpmData.stclear.flags) > -- + sizeof_TPM_PERMANENT_FLAGS(tpmData.permanent.flags) + 2 > -- + sizeof_TPM_PERMANENT_DATA(tpmData.permanent.data); > -+ buf_length = len = 4 + sizeof_TPM_STCLEAR_FLAGS(tpmData.stclear.flags) > -+ + sizeof_TPM_PERMANENT_FLAGS(tpmData.permanent.flags) > -+ + sizeof_TPM_STANY_FLAGS(tpmData.stany.flags) + 2 > -+ + sizeof_TPM_STCLEAR_DATA(tpmData.stclear.data) > -+ + sizeof_TPM_PERMANENT_DATA(tpmData.permanent.data) > -+ + sizeof_TPM_STANY_DATA(tpmData.stany.data); > - buf = ptr = tpm_malloc(buf_length); > - if (buf == NULL > - || tpm_marshal_TPM_VERSION(&ptr, &len, > &tpmData.permanent.data.version) > - || tpm_marshal_TPM_STCLEAR_FLAGS(&ptr, &len, &tpmData.stclear.flags) > - || tpm_marshal_TPM_PERMANENT_FLAGS(&ptr, &len, > &tpmData.permanent.flags) > -+ || tpm_marshal_TPM_STANY_FLAGS(&ptr, &len, &tpmData.stany.flags) > - || tpm_marshal_BOOL(&ptr, &len, > tpmData.permanent.flags.selfTestSucceeded) > - || tpm_marshal_BOOL(&ptr, &len, tpmData.permanent.flags.owned) > -- || tpm_marshal_TPM_PERMANENT_DATA(&ptr, &len, > &tpmData.permanent.data)) { > -+ || tpm_marshal_TPM_STCLEAR_DATA(&ptr, &len, &tpmData.stclear.data) > -+ || tpm_marshal_TPM_PERMANENT_DATA(&ptr, &len, &tpmData.permanent.data) > -+ || tpm_marshal_TPM_STANY_DATA(&ptr, &len, &tpmData.stany.data)) { > - tpm_free(buf); > - return -1; > - } > -+ > - if (write_to_file(buf, buf_length - len)) { > - tpm_free(buf); > - return -1; > -@@ -244,31 +253,36 @@ int tpm_store_permanent_data(void) > - int tpm_restore_permanent_data(void) > - { > - uint8_t *buf, *ptr; > -- size_t buf_length, len; > -+ size_t buf_length; > -+ UINT32 len; > - TPM_VERSION ver; > - > - /* read data */ > - if (read_from_file(&buf, &buf_length)) return -1; > - ptr = buf; > -- len = buf_length; > -+ len = (uint32_t) buf_length; > - /* unmarshal data */ > - if (tpm_unmarshal_TPM_VERSION(&ptr, &len, &ver) > - || memcmp(&ver, &tpmData.permanent.data.version, sizeof(TPM_VERSION)) > - || tpm_unmarshal_TPM_STCLEAR_FLAGS(&ptr, &len, &tpmData.stclear.flags) > - || tpm_unmarshal_TPM_PERMANENT_FLAGS(&ptr, &len, > &tpmData.permanent.flags) > -+ || tpm_unmarshal_TPM_STANY_FLAGS(&ptr, &len, &tpmData.stany.flags) > - || tpm_unmarshal_BOOL(&ptr, &len, > &tpmData.permanent.flags.selfTestSucceeded) > - || tpm_unmarshal_BOOL(&ptr, &len, &tpmData.permanent.flags.owned) > -- || tpm_unmarshal_TPM_PERMANENT_DATA(&ptr, &len, > &tpmData.permanent.data)) { > -+ || tpm_unmarshal_TPM_STCLEAR_DATA(&ptr, &len, &tpmData.stclear.data) > -+ || tpm_unmarshal_TPM_PERMANENT_DATA(&ptr, &len, > &tpmData.permanent.data) > -+ || tpm_unmarshal_TPM_STANY_DATA(&ptr, &len, &tpmData.stany.data)) { > - tpm_free(buf); > - return -1; > - } > -+ > - tpm_free(buf); > - return 0; > - } > - > - int tpm_erase_permanent_data(void) > - { > -- int res = write_to_file("", 0); > -+ int res = write_to_file((uint8_t *) "", 0); > - return res; > - } > - > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_deprecated.c > tpm_emulator/tpm/tpm_deprecated.c > ---- orig/tpm_emulator-0.4/tpm/tpm_deprecated.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_deprecated.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -1,6 +1,7 @@ > - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux > - * Copyright (C) 2004 Mario Strasser <mast@xxxxxxx>, > - * Swiss Federal Institute of Technology (ETH) Zurich > -+ * Copyright (C) 2005 INTEL Corp > - * > - * This module is free software; you can redistribute it and/or modify > - * it under the terms of the GNU General Public License as published > -@@ -50,7 +51,7 @@ TPM_RESULT TPM_SaveKeyContext(TPM_KEY_HA > - BYTE *ptr; > - UINT32 len; > - info("TPM_SaveKeyContext()"); > -- res = TPM_SaveContext(keyHandle, TPM_RT_KEY, "SaveKeyContext..", > -+ res = TPM_SaveContext(keyHandle, TPM_RT_KEY, (BYTE*)"SaveKeyContext..", > - keyContextSize, &contextBlob); > - if (res != TPM_SUCCESS) return res; > - len = *keyContextSize; > -@@ -82,7 +83,7 @@ TPM_RESULT TPM_SaveAuthContext(TPM_AUTHH > - BYTE *ptr; > - UINT32 len; > - info("TPM_SaveAuthContext()"); > -- res = TPM_SaveContext(authHandle, TPM_RT_KEY, "SaveAuthContext.", > -+ res = TPM_SaveContext(authHandle, TPM_RT_KEY, (BYTE*)"SaveAuthContext.", > - authContextSize, &contextBlob); > - if (res != TPM_SUCCESS) return res; > - len = *authContextSize; > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_emulator.h > tpm_emulator/tpm/tpm_emulator.h > ---- orig/tpm_emulator-0.4/tpm/tpm_emulator.h 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_emulator.h 2006-07-24 14:35:35.000000000 -0700 > -@@ -1,5 +1,6 @@ > - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux > - * Copyright (C) 2004 Mario Strasser <mast@xxxxxxx>, > -+ * Copyright (C) 2005 INTEL Corp > - * > - * This module is free software; you can redistribute it and/or modify > - * it under the terms of the GNU General Public License as published > -@@ -22,7 +23,8 @@ > - /* TPM configuration */ > - #define TPM_STORE_TO_FILE 1 > - #undef TPM_STRONG_PERSISTENCE > --#undef TPM_GENERATE_EK > -+//#undef TPM_GENERATE_EK > -+#define TPM_GENERATE_EK > - #undef TPM_GENERATE_SEED_DAA > - > - #define TPM_MANUFACTURER 0x4554485A /* 'ETHZ' */ > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_marshalling.c > tpm_emulator/tpm/tpm_marshalling.c > ---- orig/tpm_emulator-0.4/tpm/tpm_marshalling.c 2006-06-23 > 03:37:07.000000000 -0700 > -+++ tpm_emulator/tpm/tpm_marshalling.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -1312,7 +1312,7 @@ int tpm_unmarshal_TPM_STANY_FLAGS(BYTE * > - > - int tpm_marshal_RSA(BYTE **ptr, UINT32 *length, rsa_private_key_t *v) > - { > -- UINT32 m_len, e_len, q_len; > -+ size_t m_len, e_len, q_len; > - if (*length < sizeof_RSA((*v))) return -1; > - if (v->size > 0) { > - rsa_export_modulus(v, &(*ptr)[6], &m_len); > -@@ -1460,6 +1460,66 @@ int tpm_unmarshal_TPM_PERMANENT_DATA(BYT > - return 0; > - } > - > -+int tpm_marshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length, > TPM_STCLEAR_DATA *v) > -+{ > -+ if (tpm_marshal_TPM_STRUCTURE_TAG(ptr, length, v->tag) > -+ || tpm_marshal_TPM_NONCE(ptr, length, &v->contextNonceKey) > -+ || tpm_marshal_TPM_COUNT_ID(ptr, length, v->countID) ) return -1; > -+ > -+ return 0; > -+} > -+ > -+int tpm_unmarshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length, > TPM_STCLEAR_DATA *v) > -+{ > -+ if (tpm_unmarshal_TPM_STRUCTURE_TAG(ptr, length, &v->tag) > -+ || tpm_unmarshal_TPM_NONCE(ptr, length, &v->contextNonceKey) > -+ || tpm_unmarshal_TPM_COUNT_ID(ptr, length, &v->countID) ) return -1; > -+ > -+ return 0; > -+} > -+ > -+int tpm_marshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length, TPM_STANY_DATA > *v) > -+{ > -+ UINT32 i; > -+ if (tpm_marshal_TPM_STRUCTURE_TAG(ptr, length, v->tag) > -+ || tpm_marshal_TPM_NONCE(ptr, length, &v->contextNonceSession) > -+ || tpm_marshal_TPM_DIGEST(ptr, length, &v->auditDigest) > -+ || tpm_marshal_BOOL(ptr, length, v->auditSession) > -+ || tpm_marshal_TPM_CURRENT_TICKS(ptr, length, &v->currentTicks) > -+ || tpm_marshal_UINT32(ptr, length, v->contextCount) > -+ || tpm_marshal_UINT32_ARRAY(ptr, length, v->contextList, > TPM_MAX_SESSION_LIST)) return -1; > -+ for (i = 0; i < TPM_MAX_SESSIONS; i++) { > -+ if (tpm_marshal_TPM_SESSION_DATA(ptr, length, &v->sessions[i])) return > -1; > -+ } > -+ for (i = 0; i < TPM_MAX_SESSIONS_DAA; i++) { > -+ if (tpm_marshal_TPM_DAA_SESSION_DATA(ptr, length, &v->sessionsDAA[i])) > return -1; > -+ } > -+ if (tpm_marshal_TPM_TRANSHANDLE(ptr, length, v->transExclusive)) return > -1; > -+ > -+ return 0; > -+} > -+ > -+int tpm_unmarshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length, TPM_STANY_DATA > *v) > -+{ > -+ UINT32 i; > -+ if (tpm_unmarshal_TPM_STRUCTURE_TAG(ptr, length, &v->tag) > -+ || tpm_unmarshal_TPM_NONCE(ptr, length, &v->contextNonceSession) > -+ || tpm_unmarshal_TPM_DIGEST(ptr, length, &v->auditDigest) > -+ || tpm_unmarshal_BOOL(ptr, length, &v->auditSession) > -+ || tpm_unmarshal_TPM_CURRENT_TICKS(ptr, length, &v->currentTicks) > -+ || tpm_unmarshal_UINT32(ptr, length, &v->contextCount) > -+ || tpm_unmarshal_UINT32_ARRAY(ptr, length, v->contextList, > TPM_MAX_SESSION_LIST)) return -1; > -+ for (i = 0; i < TPM_MAX_SESSIONS; i++) { > -+ if (tpm_unmarshal_TPM_SESSION_DATA(ptr, length, &v->sessions[i])) > return -1; > -+ } > -+ for (i = 0; i < TPM_MAX_SESSIONS_DAA; i++) { > -+ if (tpm_unmarshal_TPM_DAA_SESSION_DATA(ptr, length, > &v->sessionsDAA[i])) return -1; > -+ } > -+ if (tpm_unmarshal_TPM_TRANSHANDLE(ptr, length, &v->transExclusive)) > return -1; > -+ > -+ return 0; > -+} > -+ > - int tpm_marshal_TPM_SESSION_DATA(BYTE **ptr, UINT32 *length, > TPM_SESSION_DATA *v) > - { > - if (tpm_marshal_BYTE(ptr, length, v->type) > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_marshalling.h > tpm_emulator/tpm/tpm_marshalling.h > ---- orig/tpm_emulator-0.4/tpm/tpm_marshalling.h 2006-06-23 > 03:37:07.000000000 -0700 > -+++ tpm_emulator/tpm/tpm_marshalling.h 2006-07-24 14:35:35.000000000 -0700 > -@@ -432,6 +432,12 @@ int tpm_unmarshal_TPM_KEY_DATA(BYTE **pt > - int tpm_marshal_TPM_PERMANENT_DATA(BYTE **ptr, UINT32 *length, > TPM_PERMANENT_DATA *); > - int tpm_unmarshal_TPM_PERMANENT_DATA(BYTE **ptr, UINT32 *length, > TPM_PERMANENT_DATA *); > - > -+int tpm_marshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length, > TPM_STCLEAR_DATA *v); > -+int tpm_unmarshal_TPM_STCLEAR_DATA(BYTE **ptr, UINT32 *length, > TPM_STCLEAR_DATA *v); > -+ > -+int tpm_marshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length, TPM_STANY_DATA > *v); > -+int tpm_unmarshal_TPM_STANY_DATA(BYTE **ptr, UINT32 *length, TPM_STANY_DATA > *v); > -+ > - int tpm_marshal_TPM_SESSION_DATA(BYTE **ptr, UINT32 *length, > TPM_SESSION_DATA *v); > - int tpm_unmarshal_TPM_SESSION_DATA(BYTE **ptr, UINT32 *length, > TPM_SESSION_DATA *v); > - > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_owner.c tpm_emulator/tpm/tpm_owner.c > ---- orig/tpm_emulator-0.4/tpm/tpm_owner.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_owner.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -108,7 +108,7 @@ TPM_RESULT TPM_TakeOwnership(TPM_PROTOCO > - TPM_RESULT res; > - rsa_private_key_t *ek = &tpmData.permanent.data.endorsementKey; > - TPM_KEY_DATA *srk = &tpmData.permanent.data.srk; > -- UINT32 buf_size = ek->size >> 3; > -+ size_t buf_size = ek->size >> 3, key_length; > - BYTE buf[buf_size]; > - > - info("TPM_TakeOwnership()"); > -@@ -173,7 +173,8 @@ TPM_RESULT TPM_TakeOwnership(TPM_PROTOCO > - return TPM_FAIL; > - } > - rsa_export_modulus(&srk->key, srkPub->pubKey.key, > -- &srkPub->pubKey.keyLength); > -+ &key_length); > -+ srkPub->pubKey.keyLength = (UINT32) key_length; > - /* setup tpmProof and set state to owned */ > - tpm_get_random_bytes(tpmData.permanent.data.tpmProof.nonce, > - sizeof(tpmData.permanent.data.tpmProof.nonce)); > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_startup.c > tpm_emulator/tpm/tpm_startup.c > ---- orig/tpm_emulator-0.4/tpm/tpm_startup.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_startup.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -41,26 +41,29 @@ void TPM_Init(TPM_STARTUP_TYPE startupTy > - TPM_RESULT TPM_Startup(TPM_STARTUP_TYPE startupType) > - { > - int i; > -+ int restore_fail; > - info("TPM_Startup(%d)", startupType); > - if (tpmData.stany.flags.postInitialise == FALSE) return > TPM_INVALID_POSTINIT; > -- /* reset STANY_FLAGS */ > -- SET_TO_ZERO(&tpmData.stany.flags); > -- tpmData.stany.flags.tag = TPM_TAG_STANY_FLAGS; > -- /* reset STANY_DATA (invalidates ALL sessions) */ > -- SET_TO_ZERO(&tpmData.stany.data); > -- tpmData.stany.data.tag = TPM_TAG_STANY_DATA; > -- /* init session-context nonce */ > -- SET_TO_RAND(&tpmData.stany.data.contextNonceSession); > -+ > -+ /* try and restore state to get EK, SRK, etc */ > -+ restore_fail = tpm_restore_permanent_data(); > -+ > - /* set data and flags according to the given startup type */ > - if (startupType == TPM_ST_CLEAR) { > -- /* if available, restore permanent data */ > -- tpm_restore_permanent_data(); > -+ /* reset STANY_FLAGS */ > -+ SET_TO_ZERO(&tpmData.stany.flags); > -+ tpmData.stany.flags.tag = TPM_TAG_STANY_FLAGS; > -+ /* reset STANY_DATA (invalidates ALL sessions) */ > -+ SET_TO_ZERO(&tpmData.stany.data); > -+ tpmData.stany.data.tag = TPM_TAG_STANY_DATA; > -+ /* init session-context nonce */ > -+ SET_TO_RAND(&tpmData.stany.data.contextNonceSession); > - /* reset PCR values */ > - for (i = 0; i < TPM_NUM_PCR; i++) { > -- if (tpmData.permanent.data.pcrAttrib[i].pcrReset) > -- SET_TO_ZERO(tpmData.permanent.data.pcrValue[i].digest); > -+ if (!tpmData.permanent.data.pcrAttrib[i].pcrReset) > -+ SET_TO_ZERO(&tpmData.permanent.data.pcrValue[i].digest); > - else > -- SET_TO_0xFF(tpmData.permanent.data.pcrValue[i].digest); > -+ SET_TO_0xFF(&tpmData.permanent.data.pcrValue[i].digest); > - } > - /* reset STCLEAR_FLAGS */ > - SET_TO_ZERO(&tpmData.stclear.flags); > -@@ -79,7 +82,8 @@ TPM_RESULT TPM_Startup(TPM_STARTUP_TYPE > - /* init key-context nonce */ > - SET_TO_RAND(&tpmData.stclear.data.contextNonceKey); > - } else if (startupType == TPM_ST_STATE) { > -- if (tpm_restore_permanent_data()) { > -+ /* restore must have been successful for TPM_ST_STATE */ > -+ if (restore_fail) { > - error("restoring permanent data failed"); > - tpmData.permanent.data.testResult = "tpm_restore_permanent_data() > failed"; > - tpmData.permanent.flags.selfTestSucceeded = FALSE; > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_storage.c > tpm_emulator/tpm/tpm_storage.c > ---- orig/tpm_emulator-0.4/tpm/tpm_storage.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_storage.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -58,6 +58,7 @@ int encrypt_sealed_data(TPM_KEY_DATA *ke > - BYTE *enc, UINT32 *enc_size) > - { > - UINT32 len; > -+ size_t enc_size32 = *enc_size; > - BYTE *buf, *ptr; > - rsa_public_key_t pub_key; > - int scheme; > -@@ -72,7 +73,7 @@ int encrypt_sealed_data(TPM_KEY_DATA *ke > - if (buf == NULL > - || tpm_marshal_TPM_SEALED_DATA(&ptr, &len, seal) > - || rsa_encrypt(&pub_key, scheme, buf, sizeof_TPM_SEALED_DATA((*seal)), > -- enc, enc_size)) { > -+ enc, &enc_size32)) { > - tpm_free(buf); > - rsa_release_public_key(&pub_key); > - return -1; > -@@ -85,7 +86,8 @@ int encrypt_sealed_data(TPM_KEY_DATA *ke > - int decrypt_sealed_data(TPM_KEY_DATA *key, BYTE *enc, UINT32 enc_size, > - TPM_SEALED_DATA *seal, BYTE **buf) > - { > -- UINT32 len; > -+ size_t len; > -+ UINT32 len32; > - BYTE *ptr; > - int scheme; > - switch (key->encScheme) { > -@@ -96,8 +98,12 @@ int decrypt_sealed_data(TPM_KEY_DATA *ke > - len = enc_size; > - *buf = ptr = tpm_malloc(len); > - if (*buf == NULL > -- || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) > -- || tpm_unmarshal_TPM_SEALED_DATA(&ptr, &len, seal)) { > -+ || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) ){ > -+ tpm_free(*buf); > -+ return -1; > -+ } > -+ len32 = len; > -+ if (tpm_unmarshal_TPM_SEALED_DATA(&ptr, &len32, seal)) { > - tpm_free(*buf); > - return -1; > - } > -@@ -240,11 +246,12 @@ TPM_RESULT TPM_Unseal(TPM_KEY_HANDLE par > - > - TPM_RESULT TPM_UnBind(TPM_KEY_HANDLE keyHandle, UINT32 inDataSize, > - BYTE *inData, TPM_AUTH *auth1, > -- UINT32 *outDataSize, BYTE **outData) > -+ UINT32 *outDataSize32, BYTE **outData) > - { > - TPM_RESULT res; > - TPM_KEY_DATA *key; > - int scheme; > -+ size_t outDataSize; > - > - info("TPM_UnBind()"); > - /* get key */ > -@@ -262,8 +269,8 @@ TPM_RESULT TPM_UnBind(TPM_KEY_HANDLE key > - /* the size of the input data muss be greater than zero */ > - if (inDataSize == 0) return TPM_BAD_PARAMETER; > - /* decrypt data */ > -- *outDataSize = inDataSize; > -- *outData = tpm_malloc(*outDataSize); > -+ outDataSize = inDataSize; > -+ *outData = tpm_malloc(outDataSize); > - if (*outData == NULL) return TPM_NOSPACE; > - switch (key->encScheme) { > - case TPM_ES_RSAESOAEP_SHA1_MGF1: scheme = RSA_ES_OAEP_SHA1; break; > -@@ -271,20 +278,21 @@ TPM_RESULT TPM_UnBind(TPM_KEY_HANDLE key > - default: tpm_free(*outData); return TPM_DECRYPT_ERROR; > - } > - if (rsa_decrypt(&key->key, scheme, inData, inDataSize, > -- *outData, outDataSize)) { > -+ *outData, &outDataSize)) { > - tpm_free(*outData); > - return TPM_DECRYPT_ERROR; > - } > - /* verify data if it is of type TPM_BOUND_DATA */ > - if (key->encScheme == TPM_ES_RSAESOAEP_SHA1_MGF1 > - || key->keyUsage != TPM_KEY_LEGACY) { > -- if (*outDataSize < 5 || memcmp(*outData, "\x01\x01\00\x00\x02", 5) != > 0) { > -+ if (outDataSize < 5 || memcmp(*outData, "\x01\x01\00\x00\x02", 5) != 0) > { > - tpm_free(*outData); > - return TPM_DECRYPT_ERROR; > - } > -- *outDataSize -= 5; > -- memmove(*outData, &(*outData)[5], *outDataSize); > -+ outDataSize -= 5; > -+ memmove(*outData, &(*outData)[5], outDataSize); > - } > -+ *outDataSize32 = (UINT32) outDataSize; > - return TPM_SUCCESS; > - } > - > -@@ -334,12 +342,13 @@ int compute_pubkey_digest(TPM_PUBKEY *ke > - } > - > - int encrypt_private_key(TPM_KEY_DATA *key, TPM_STORE_ASYMKEY *store, > -- BYTE *enc, UINT32 *enc_size) > -+ BYTE *enc, UINT32 *enc_size32) > - { > - UINT32 len; > - BYTE *buf, *ptr; > - rsa_public_key_t pub_key; > - int scheme; > -+ size_t enc_size; > - switch (key->encScheme) { > - case TPM_ES_RSAESOAEP_SHA1_MGF1: scheme = RSA_ES_OAEP_SHA1; break; > - case TPM_ES_RSAESPKCSv15: scheme = RSA_ES_PKCSV15; break; > -@@ -351,11 +360,12 @@ int encrypt_private_key(TPM_KEY_DATA *ke > - if (buf == NULL > - || tpm_marshal_TPM_STORE_ASYMKEY(&ptr, &len, store) > - || rsa_encrypt(&pub_key, scheme, buf, > sizeof_TPM_STORE_ASYMKEY((*store)), > -- enc, enc_size)) { > -+ enc, &enc_size)) { > - tpm_free(buf); > - rsa_release_public_key(&pub_key); > - return -1; > - } > -+ *enc_size32 = (UINT32) enc_size; > - tpm_free(buf); > - rsa_release_public_key(&pub_key); > - return 0; > -@@ -364,7 +374,8 @@ int encrypt_private_key(TPM_KEY_DATA *ke > - int decrypt_private_key(TPM_KEY_DATA *key, BYTE *enc, UINT32 enc_size, > - TPM_STORE_ASYMKEY *store, BYTE **buf) > - { > -- UINT32 len; > -+ UINT32 len32; > -+ size_t len; > - BYTE *ptr; > - int scheme; > - switch (key->encScheme) { > -@@ -375,8 +386,12 @@ int decrypt_private_key(TPM_KEY_DATA *ke > - len = enc_size; > - *buf = ptr = tpm_malloc(len); > - if (*buf == NULL > -- || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) > -- || tpm_unmarshal_TPM_STORE_ASYMKEY(&ptr, &len, store)) { > -+ || rsa_decrypt(&key->key, scheme, enc, enc_size, *buf, &len) ) { > -+ tpm_free(*buf); > -+ return -1; > -+ } > -+ len32 = (UINT32) len; > -+ if (tpm_unmarshal_TPM_STORE_ASYMKEY(&ptr, &len32, store)) { > - tpm_free(*buf); > - return -1; > - } > -@@ -394,7 +409,7 @@ TPM_RESULT TPM_CreateWrapKey(TPM_KEY_HAN > - TPM_SESSION_DATA *session; > - TPM_STORE_ASYMKEY store; > - rsa_private_key_t rsa; > -- UINT32 key_length; > -+ size_t key_length; > - > - info("TPM_CreateWrapKey()"); > - /* get parent key */ > -@@ -450,11 +465,11 @@ TPM_RESULT TPM_CreateWrapKey(TPM_KEY_HAN > - } > - } > - /* generate key and store it */ > -- key_length = keyInfo->algorithmParms.parms.rsa.keyLength; > -- if (rsa_generate_key(&rsa, key_length)) return TPM_FAIL; > -- wrappedKey->pubKey.keyLength = key_length >> 3; > -+ if (rsa_generate_key(&rsa, keyInfo->algorithmParms.parms.rsa.keyLength)) > -+ return TPM_FAIL; > -+ wrappedKey->pubKey.keyLength = > keyInfo->algorithmParms.parms.rsa.keyLength >> 3; > - wrappedKey->pubKey.key = tpm_malloc(wrappedKey->pubKey.keyLength); > -- store.privKey.keyLength = key_length >> 4; > -+ store.privKey.keyLength = keyInfo->algorithmParms.parms.rsa.keyLength >> > 4; > - store.privKey.key = tpm_malloc(store.privKey.keyLength); > - wrappedKey->encDataSize = parent->key.size >> 3; > - wrappedKey->encData = tpm_malloc(wrappedKey->encDataSize); > -@@ -466,9 +481,11 @@ TPM_RESULT TPM_CreateWrapKey(TPM_KEY_HAN > - tpm_free(wrappedKey->encData); > - return TPM_NOSPACE; > - } > -- rsa_export_modulus(&rsa, wrappedKey->pubKey.key, > -- &wrappedKey->pubKey.keyLength); > -- rsa_export_prime1(&rsa, store.privKey.key, &store.privKey.keyLength); > -+ rsa_export_modulus(&rsa, wrappedKey->pubKey.key, > -+ &key_length); > -+ wrappedKey->pubKey.keyLength = (UINT32) key_length; > -+ rsa_export_prime1(&rsa, store.privKey.key, &key_length); > -+ store.privKey.keyLength = (UINT32) key_length; > - rsa_release_private_key(&rsa); > - /* compute the digest of the wrapped key (without encData) */ > - if (compute_key_digest(wrappedKey, &store.pubDataDigest)) { > -@@ -602,6 +619,7 @@ TPM_RESULT TPM_LoadKey2(TPM_KEY_HANDLE p > - > - int tpm_setup_key_parms(TPM_KEY_DATA *key, TPM_KEY_PARMS *parms) > - { > -+ size_t key_length; > - parms->algorithmID = TPM_ALG_RSA; > - parms->encScheme = key->encScheme; > - parms->sigScheme = key->sigScheme; > -@@ -611,7 +629,8 @@ int tpm_setup_key_parms(TPM_KEY_DATA *ke > - parms->parms.rsa.exponent = tpm_malloc(parms->parms.rsa.exponentSize); > - if (parms->parms.rsa.exponent == NULL) return -1; > - rsa_export_exponent(&key->key, parms->parms.rsa.exponent, > -- &parms->parms.rsa.exponentSize); > -+ &key_length); > -+ parms->parms.rsa.exponentSize = (UINT32) key_length; > - parms->parmSize = 12 + parms->parms.rsa.exponentSize; > - return 0; > - } > -@@ -622,6 +641,7 @@ TPM_RESULT TPM_GetPubKey(TPM_KEY_HANDLE > - TPM_RESULT res; > - TPM_KEY_DATA *key; > - TPM_DIGEST digest; > -+ size_t key_length; > - info("TPM_GetPubKey()"); > - /* get key */ > - if (keyHandle == TPM_KH_SRK > -@@ -650,8 +670,8 @@ TPM_RESULT TPM_GetPubKey(TPM_KEY_HANDLE > - pubKey->pubKey.keyLength = key->key.size >> 3; > - pubKey->pubKey.key = tpm_malloc(pubKey->pubKey.keyLength); > - if (pubKey->pubKey.key == NULL) return TPM_NOSPACE; > -- rsa_export_modulus(&key->key, pubKey->pubKey.key, > -- &pubKey->pubKey.keyLength); > -+ rsa_export_modulus(&key->key, pubKey->pubKey.key, &key_length); > -+ pubKey->pubKey.keyLength = (UINT32) key_length; > - if (tpm_setup_key_parms(key, &pubKey->algorithmParms) != 0) { > - error("TPM_GetPubKey(): tpm_setup_key_parms() failed."); > - tpm_free(pubKey->pubKey.key); > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_structures.h > tpm_emulator/tpm/tpm_structures.h > ---- orig/tpm_emulator-0.4/tpm/tpm_structures.h 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_structures.h 2006-07-24 14:35:35.000000000 -0700 > -@@ -1958,6 +1958,7 @@ typedef struct tdTPM_DAA_ISSUER { > - TPM_DIGEST DAA_digest_gamma; > - BYTE DAA_generic_q[26]; > - } TPM_DAA_ISSUER; > -+#define sizeof_TPM_DAA_ISSUER(s) (2 + (20 * 6) + 26 ) > - > - /* > - * TPM_DAA_TPM ([TPM_Part2], Section 22.4) > -@@ -1973,6 +1974,7 @@ typedef struct tdTPM_DAA_TPM { > - TPM_DIGEST DAA_rekey; > - UINT32 DAA_count; > - } TPM_DAA_TPM; > -+#define sizeof_TPM_DAA_TPM(s) (2 + (4 * 20) + 4) > - > - /* > - * TPM_DAA_CONTEXT ([TPM_Part2], Section 22.5) > -@@ -1987,6 +1989,7 @@ typedef struct tdTPM_DAA_CONTEXT { > - BYTE DAA_scratch[256]; > - BYTE DAA_stage; > - } TPM_DAA_CONTEXT; > -+#define sizeof_TPM_DAA_CONTEXT(s) (2 + (3 * 20) + 256 + 1) > - > - /* > - * TPM_DAA_JOINDATA ([TPM_Part2], Section 22.6) > -@@ -1998,6 +2001,7 @@ typedef struct tdTPM_DAA_JOINDATA { > - BYTE DAA_join_u1[138]; > - TPM_DIGEST DAA_digest_n0; > - } TPM_DAA_JOINDATA; > -+#define sizeof_TPM_DAA_JOINDATA(s) (1 + 1 + 20) > - > - /* > - * TPM_DAA_BLOB ([TPM_Part2], Section 22.8) > -@@ -2202,6 +2206,7 @@ typedef struct tdTPM_STCLEAR_DATA { > - //UINT32 ownerReference; > - //BOOL disableResetLock; > - } TPM_STCLEAR_DATA; > -+#define sizeof_TPM_STCLEAR_DATA(s) (2 + 20 + 4) > - > - /* > - * TPM_SESSION_DATA > -@@ -2238,6 +2243,11 @@ typedef struct tdTPM_DAA_SESSION_DATA { > - TPM_DAA_JOINDATA DAA_joinSession; > - TPM_HANDLE handle; > - } TPM_DAA_SESSION_DATA; > -+#define sizeof_TPM_DAA_SESSION_DATA(s) ( 1 \ > -+ + sizeof_TPM_DAA_ISSUER(s.DAA_issuerSettings) \ > -+ + sizeof_TPM_DAA_TPM(s.DAA_tpmSpecific) \ > -+ + sizeof_TPM_DAA_CONTEXT(s.DAA_session) \ > -+ + sizeof_TPM_DAA_JOINDATA(s.DAA_joinSession) + 4) > - > - /* > - * TPM_STANY_DATA ([TPM_Part2], Section 7.6) > -@@ -2262,6 +2272,11 @@ typedef struct tdTPM_STANY_DATA { > - TPM_DAAHANDLE currentDAA; > - TPM_TRANSHANDLE transExclusive; > - } TPM_STANY_DATA; > -+#define sizeof_TPM_STANY_DATA(s) (2 + 20 + 20 + 1 \ > -+ + sizeof_TPM_CURRENT_TICKS(s.currentTicks) \ > -+ + 4 + (4 * TPM_MAX_SESSION_LIST) \ > -+ + (sizeof_TPM_SESSION_DATA(s.sessions[0]) * TPM_MAX_SESSION_LIST) \ > -+ + (sizeof_TPM_DAA_SESSION_DATA(s.sessionsDAA[0]) * TPM_MAX_SESSIONS_DAA) > + 4) > - > - /* > - * TPM_DATA > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_testing.c > tpm_emulator/tpm/tpm_testing.c > ---- orig/tpm_emulator-0.4/tpm/tpm_testing.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_testing.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -1,6 +1,7 @@ > - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux > - * Copyright (C) 2004 Mario Strasser <mast@xxxxxxx>, > - * Swiss Federal Institute of Technology (ETH) Zurich > -+ * Copyright (C) 2005 INTEL Corp > - * > - * This module is free software; you can redistribute it and/or modify > - * it under the terms of the GNU General Public License as published > -@@ -95,24 +96,24 @@ static int tpm_test_sha1(void) > - struct { > - uint8_t *data; uint32_t repetitions; uint8_t *digest; > - } test_cases[] = {{ > -- "abc", 1, > -- > "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" > -+ (uint8_t*)"abc", 1, > -+ > (uint8_t*)"\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" > - }, { > -- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1, > -- > "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1" > -+ (uint8_t*)"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1, > -+ > (uint8_t*)"\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1" > - }, { > -- "a", 1000000, > -- > "\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F" > -+ (uint8_t*)"a", 1000000, > -+ > (uint8_t*)"\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F" > - }, { > -- "0123456701234567012345670123456701234567012345670123456701234567", 10, > -- > "\xDE\xA3\x56\xA2\xCD\xDD\x90\xC7\xA7\xEC\xED\xC5\xEB\xB5\x63\x93\x4F\x46\x04\x52" > -+ > (uint8_t*)"0123456701234567012345670123456701234567012345670123456701234567", > 10, > -+ > (uint8_t*)"\xDE\xA3\x56\xA2\xCD\xDD\x90\xC7\xA7\xEC\xED\xC5\xEB\xB5\x63\x93\x4F\x46\x04\x52" > - }}; > - > - debug("tpm_test_sha1()"); > - for (i = 0; i < sizeof(test_cases) / sizeof(test_cases[0]); i++) { > - sha1_init(&ctx); > - for (j = 0; j < test_cases[i].repetitions; j++) > -- sha1_update(&ctx, test_cases[i].data, strlen(test_cases[i].data)); > -+ sha1_update(&ctx, test_cases[i].data, > strlen((char*)test_cases[i].data)); > - sha1_final(&ctx, digest); > - if (memcmp(digest, test_cases[i].digest, SHA1_DIGEST_LENGTH) != 0) > return -1; > - } > -@@ -128,41 +129,41 @@ static int tpm_test_hmac(void) > - struct { > - uint8_t *key, key_len, *data, data_len, *digest; > - } test_cases[] = {{ > -- "\x0b", 20, "Hi There", 8, > -- > "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00" > -+ (uint8_t*)"\x0b", 20, (uint8_t*)"Hi There", 8, > -+ > (uint8_t*)"\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00" > - }, { > -- "Jefe", 4, "what do ya want for nothing?", 28, > -- > "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79" > -+ (uint8_t*)"Jefe", 4, (uint8_t*)"what do ya want for nothing?", 28, > -+ > (uint8_t*)"\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79" > - }, { > -- "\xaa", 20, "\xdd", 50, > -- > "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f\x63\xf1\x75\xd3" > -+ (uint8_t*)"\xaa", 20, (uint8_t*)"\xdd", 50, > -+ > (uint8_t*)"\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f\x63\xf1\x75\xd3" > - }, { > -- > "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14" > -- "\x15\x16\x17\x18\x19", 25, "\xcd", 50, > -- > "\x4c\x90\x07\xf4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c\x2d\x72\x35\xda" > -+ > (uint8_t*)"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14" > -+ "\x15\x16\x17\x18\x19", 25, (uint8_t*)"\xcd", 50, > -+ > (uint8_t*)"\x4c\x90\x07\xf4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c\x2d\x72\x35\xda" > - }, { > -- "\x0c", 20, "Test With Truncation", 20, > -- > "\x4c\x1a\x03\x42\x4b\x55\xe0\x7f\xe7\xf2\x7b\xe1\xd5\x8b\xb9\x32\x4a\x9a\x5a\x04" > -+ (uint8_t*)"\x0c", 20, (uint8_t*)"Test With Truncation", 20, > -+ > (uint8_t*)"\x4c\x1a\x03\x42\x4b\x55\xe0\x7f\xe7\xf2\x7b\xe1\xd5\x8b\xb9\x32\x4a\x9a\x5a\x04" > - }, { > -- "\xaa", 80, "Test Using Larger Than Block-Size Key - Hash Key First", > 54, > -- > "\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55\xed\x40\x21\x12" > -+ (uint8_t*)"\xaa", 80, (uint8_t*)"Test Using Larger Than Block-Size Key > - Hash Key First", 54, > -+ > (uint8_t*)"\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55\xed\x40\x21\x12" > - }, { > -- "\xaa", 80, > -- "Test Using Larger Than Block-Size Key and Larger Than One Block-Size > Data", 73, > -- > "\xe8\xe9\x9d\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08\xbb\xff\x1a\x91" > -+ (uint8_t*)"\xaa", 80, > -+ (uint8_t*)"Test Using Larger Than Block-Size Key and Larger Than One > Block-Size Data", 73, > -+ > (uint8_t*)"\xe8\xe9\x9d\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08\xbb\xff\x1a\x91" > - }}; > - > - debug("tpm_test_hmac()"); > - for (i = 0; i < sizeof(test_cases) / sizeof(test_cases[0]); i++) { > -- if (strlen(test_cases[i].key) < test_cases[i].key_len) { > -+ if (strlen((char*)test_cases[i].key) < test_cases[i].key_len) { > - uint8_t key[test_cases[i].key_len]; > - memset(key, test_cases[i].key[0], test_cases[i].key_len); > - hmac_init(&ctx, key, test_cases[i].key_len); > - } else { > - hmac_init(&ctx, test_cases[i].key, test_cases[i].key_len); > - } > -- for (j = 0; j < test_cases[i].data_len; j += > strlen(test_cases[i].data)) { > -- hmac_update(&ctx, test_cases[i].data, strlen(test_cases[i].data)); > -+ for (j = 0; j < test_cases[i].data_len; j += > strlen((char*)test_cases[i].data)) { > -+ hmac_update(&ctx, test_cases[i].data, > strlen((char*)test_cases[i].data)); > - } > - hmac_final(&ctx, digest); > - if (memcmp(digest, test_cases[i].digest, SHA1_DIGEST_LENGTH) != 0) > return -1; > -@@ -173,9 +174,9 @@ static int tpm_test_hmac(void) > - static int tpm_test_rsa_EK(void) > - { > - int res = 0; > -- char *data = "RSA PKCS #1 v1.5 Test-String"; > -+ uint8_t *data = (uint8_t*)"RSA PKCS #1 v1.5 Test-String"; > - uint8_t buf[256]; > -- size_t buf_len, data_len = strlen(data); > -+ size_t buf_len, data_len = strlen((char*)data); > - rsa_private_key_t priv_key; > - rsa_public_key_t pub_key; > - > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_ticks.c tpm_emulator/tpm/tpm_ticks.c > ---- orig/tpm_emulator-0.4/tpm/tpm_ticks.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_ticks.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -1,6 +1,7 @@ > - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux > - * Copyright (C) 2004 Mario Strasser <mast@xxxxxxx>, > - * Swiss Federal Institute of Technology (ETH) Zurich > -+ * Copyright (C) 2005 INTEL Corp > - * > - * This module is free software; you can redistribute it and/or modify > - * it under the terms of the GNU General Public License as published > -@@ -39,9 +40,7 @@ TPM_RESULT TPM_SetTickType(TPM_TICKTYPE > - TPM_RESULT TPM_GetTicks(TPM_CURRENT_TICKS *currentTime) > - { > - info("TPM_GetTicks()"); > -- memcpy(currentTime, &tpmData.stany.data.currentTicks, > -- sizeof(TPM_CURRENT_TICKS)); > -- return TPM_SUCCESS; > -+ return TPM_DISABLED_CMD; > - } > - > - TPM_RESULT TPM_TickStampBlob(TPM_KEY_HANDLE keyHandle, TPM_NONCE > *antiReplay, > -@@ -49,64 +48,11 @@ TPM_RESULT TPM_TickStampBlob(TPM_KEY_HAN > - TPM_CURRENT_TICKS *currentTicks, > - UINT32 *sigSize, BYTE **sig) > - { > -- TPM_RESULT res; > -- TPM_KEY_DATA *key; > -- BYTE *info, *p; > -- UINT32 info_length, length; > - info("TPM_TickStampBlob()"); > -- /* get key */ > -- key = tpm_get_key(keyHandle); > -- if (key == NULL) return TPM_INVALID_KEYHANDLE; > -- /* verify authorization */ > -- res = tpm_verify_auth(auth1, key->usageAuth, keyHandle); > -- if (res != TPM_SUCCESS) return res; > -- if (key->keyUsage != TPM_KEY_SIGNING && key->keyUsage != TPM_KEY_LEGACY > -- && key->keyUsage != TPM_KEY_IDENTITY) return TPM_INVALID_KEYUSAGE; > -- /* get current ticks */ > -- TPM_GetTicks(currentTicks); > -- /* sign data using signature scheme PKCS1_SHA1 and TPM_SIGN_INFO > container */ > -- *sigSize = key->key.size >> 3; > -- *sig = tpm_malloc(*sigSize); > -- if (*sig == NULL) return TPM_FAIL; > -- /* setup TPM_SIGN_INFO structure */ > -- info_length = 30 + sizeof(TPM_DIGEST) + > sizeof_TPM_CURRENT_TICKS(currentTicks); > -- info = tpm_malloc(info_length); > -- if (info == NULL) { > -- tpm_free(*sig); > -- return TPM_FAIL; > -- } > -- memcpy(&info[0], "\x05\x00TSTP", 6); > -- memcpy(&info[6], antiReplay->nonce, 20); > -- *(UINT32*)&info[26] = CPU_TO_BE32(20 > -- + sizeof_TPM_CURRENT_TICKS(currentTicks)); > -- memcpy(&info[30], digestToStamp->digest, sizeof(TPM_DIGEST)); > -- p = &info[30 + sizeof(TPM_DIGEST)]; > -- length = sizeof_TPM_CURRENT_TICKS(currentTicks); > -- if (tpm_marshal_TPM_CURRENT_TICKS(&p, &length, currentTicks) > -- || rsa_sign(&key->key, RSA_SSA_PKCS1_SHA1, info, info_length, *sig)) { > -- tpm_free(*sig); > -- tpm_free(info); > -- return TPM_FAIL; > -- } > -- return TPM_SUCCESS; > -+ return TPM_DISABLED_CMD; > - } > - > - void tpm_update_ticks(void) > - { > -- if (tpmData.stany.data.currentTicks.tag == 0) { > -- tpmData.stany.data.currentTicks.tag = TPM_TAG_CURRENT_TICKS; > -- tpmData.stany.data.currentTicks.currentTicks += tpm_get_ticks(); > --/* removed since v1.2 rev 94 > -- tpmData.stany.data.currentTicks.tickType = > tpmData.permanent.data.tickType; > --*/ > -- tpm_get_random_bytes(tpmData.stany.data.currentTicks.tickNonce.nonce, > -- sizeof(TPM_NONCE)); > -- tpmData.stany.data.currentTicks.tickRate = 1; > --/* removed since v1.2 rev 94 > -- tpmData.stany.data.currentTicks.tickSecurity = TICK_SEC_NO_CHECK; > --*/ > -- } else { > -- tpmData.stany.data.currentTicks.currentTicks += tpm_get_ticks(); > -- } > - } > - > -diff -uprN orig/tpm_emulator-0.4/tpm/tpm_transport.c > tpm_emulator/tpm/tpm_transport.c > ---- orig/tpm_emulator-0.4/tpm/tpm_transport.c 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm/tpm_transport.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -189,7 +189,7 @@ static void decrypt_wrapped_command(BYTE > - sha1_init(&sha1); > - sha1_update(&sha1, auth->nonceEven.nonce, > sizeof(auth->nonceEven.nonce)); > - sha1_update(&sha1, auth->nonceOdd.nonce, sizeof(auth->nonceOdd.nonce)); > -- sha1_update(&sha1, "in", 2); > -+ sha1_update(&sha1, (BYTE*)"in", 2); > - sha1_update(&sha1, secret, sizeof(TPM_SECRET)); > - j = CPU_TO_BE32(i); > - sha1_update(&sha1, (BYTE*)&j, 4); > -@@ -211,7 +211,7 @@ static void encrypt_wrapped_command(BYTE > - sha1_init(&sha1); > - sha1_update(&sha1, auth->nonceEven.nonce, > sizeof(auth->nonceEven.nonce)); > - sha1_update(&sha1, auth->nonceOdd.nonce, sizeof(auth->nonceOdd.nonce)); > -- sha1_update(&sha1, "out", 3); > -+ sha1_update(&sha1, (BYTE*)"out", 3); > - sha1_update(&sha1, secret, sizeof(TPM_SECRET)); > - j = CPU_TO_BE32(i); > - sha1_update(&sha1, (BYTE*)&j, 4); > -diff -uprN orig/tpm_emulator-0.4/tpmd.c tpm_emulator/tpmd.c > ---- orig/tpm_emulator-0.4/tpmd.c 1969-12-31 16:00:00.000000000 -0800 > -+++ tpm_emulator/tpmd.c 2006-07-24 14:35:35.000000000 -0700 > -@@ -0,0 +1,156 @@ > -+/* Software-Based Trusted Platform Module (TPM) Emulator for Linux > -+ * Copyright (C) 2005 INTEL Corp > -+ * > -+ * This module is free software; you can redistribute it and/or modify > -+ * it under the terms of the GNU General Public License as published > -+ * by the Free Software Foundation; either version 2 of the License, > -+ * or (at your option) any later version. > -+ * > -+ * This module is distributed in the hope that it will be useful, > -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of > -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > -+ * GNU General Public License for more details. > -+ * > -+ */ > -+ > -+#include <stdio.h> > -+#include <stdlib.h> > -+#include <unistd.h> > -+#include <string.h> > -+#include <sys/types.h> > -+#include <sys/stat.h> > -+#include <fcntl.h> > -+#include <sys/time.h> > -+ > -+#include "tpm_emulator.h" > -+ > -+#define TPM_RX_FNAME "/var/tpm/tpm_in.fifo" > -+#define TPM_TX_FNAME "/var/tpm/tpm_out.fifo" > -+ > -+#define BUFFER_SIZE 2048 > -+ > -+static int devurandom=0; > -+ > -+void get_random_bytes(void *buf, int nbytes) { > -+ > -+ if (devurandom == 0) { > -+ devurandom = open("/dev/urandom", O_RDONLY); > -+ } > -+ > -+ if (read(devurandom, buf, nbytes) != nbytes) { > -+ printf("Can't get random number.\n"); > -+ exit(-1); > -+ } > -+} > -+ > -+uint64_t tpm_get_ticks(void) > -+{ > -+ //struct timeval tv; > -+ //int gettimeofday(&tv, struct timezone *tz); > -+ return 0; > -+} > -+ > -+int main(int argc, char **argv) > -+{ > -+ uint8_t in[BUFFER_SIZE], *out; > -+ uint32_t out_size; > -+ int in_size, written; > -+ int i; > -+ struct stat file_info; > -+ > -+ int tpm_tx_fh=-1, tpm_rx_fh=-1; > -+ if (argc < 2) { > -+ printf("Usage: tpmd clear|save|deactivated\n" ); > -+ return -1; > -+ } > -+ > -+ /* initialize TPM emulator */ > -+ if (!strcmp(argv[1], "clear")) { > -+ printf("Initializing tpm: %s\n", argv[1]); > -+ tpm_emulator_init(1); > -+ } else if (!strcmp(argv[1], "save")) { > -+ printf("Initializing tpm: %s\n", argv[1]); > -+ tpm_emulator_init(2); > -+ } else if (!strcmp(argv[1], "deactivated")) { > -+ printf("Initializing tpm: %s\n", argv[1]); > -+ tpm_emulator_init(3); > -+ } else { > -+ printf("invalid startup mode '%s'; must be 'clear', " > -+ "'save' (default) or 'deactivated", argv[1]); > -+ return -1; > -+ } > -+ > -+ if ( stat(TPM_RX_FNAME, &file_info) == -1) { > -+ if ( mkfifo(TPM_RX_FNAME, S_IWUSR | S_IRUSR ) ) { > -+ printf("Failed to create fifo %s.\n", TPM_RX_FNAME); > -+ return -1; > -+ } > -+ } > -+ > -+ if ( stat(TPM_TX_FNAME, &file_info) == -1) { > -+ if ( mkfifo(TPM_TX_FNAME, S_IWUSR | S_IRUSR ) ) { > -+ printf("Failed to create fifo %s.\n", TPM_TX_FNAME); > -+ return -1; > -+ } > -+ } > -+ > -+ while (1) { > -+abort_command: > -+ if (tpm_rx_fh < 0) { > -+ tpm_rx_fh = open(TPM_RX_FNAME, O_RDONLY); > -+ } > -+ > -+ if (tpm_rx_fh < 0) { > -+ printf("ERROR: failed to open devices to listen to guest.\n"); > -+ return -1; > -+ } > -+ > -+ if (tpm_tx_fh < 0) { > -+ tpm_tx_fh = open(TPM_TX_FNAME, O_WRONLY); > -+ } > -+ > -+ if (tpm_tx_fh < 0) { > -+ printf("ERROR: failed to open devices to respond to guest.\n"); > -+ return -1; > -+ } > -+ > -+ in_size = read(tpm_rx_fh, in, BUFFER_SIZE); > -+ if (in_size < 6) { // Magic size of minium TPM command > -+ printf("Recv[%d] to small: 0x", in_size); > -+ if (in_size <= 0) { > -+ close(tpm_rx_fh); > -+ tpm_rx_fh = -1; > -+ goto abort_command; > -+ } > -+ } else { > -+ printf("Recv[%d]: 0x", in_size); > -+ for (i=0; i< in_size; i++) > -+ printf("%x ", in[i]); > -+ printf("\n"); > -+ } > -+ > -+ > -+ if (tpm_handle_command(in, in_size, &out, &out_size) != 0) { > -+ printf("ERROR: Handler Failed.\n"); > -+ } > -+ > -+ written = write(tpm_tx_fh, out, out_size); > -+ > -+ if (written != out_size ) { > -+ printf("ERROR: Part of response not written %d/%d.\nAttempt: ", > written, out_size); > -+ } else { > -+ printf("Sent[%Zu]: ", out_size); > -+ } > -+ for (i=0; i< out_size; i++) > -+ printf("%x ", out[i]); > -+ printf("\n"); > -+ tpm_free(out); > -+ > -+ } // loop > -+ > -+ tpm_emulator_shutdown(); > -+ > -+ close(tpm_tx_fh); > -+ close(tpm_rx_fh); > -+ > -+} > -Binary files orig/tpm_emulator-0.4/tpm_emulator and > tpm_emulator/tpm_emulator differ > -diff -uprN orig/tpm_emulator-0.4/tpm_version.h tpm_emulator/tpm_version.h > ---- orig/tpm_emulator-0.4/tpm_version.h 2006-06-23 03:37:07.000000000 > -0700 > -+++ tpm_emulator/tpm_version.h 2006-07-24 14:35:41.000000000 -0700 > -@@ -2,5 +2,5 @@ > - #define _TPM_VERSION_H_ > - #define VERSION_MAJOR 0 > - #define VERSION_MINOR 4 > --#define VERSION_BUILD 1151058734 > -+#define VERSION_BUILD 1153776940 > - #endif /* _TPM_VERSION_H_ */ > diff --git a/tools/vtpm/vtpm-0.5.1-LDLIBS.patch > b/tools/vtpm/vtpm-0.5.1-LDLIBS.patch > deleted file mode 100644 > index 95586c1..0000000 > --- a/tools/vtpm/vtpm-0.5.1-LDLIBS.patch > +++ /dev/null > @@ -1,12 +0,0 @@ > -diff -Naurp tpm_emulator-0.5.1/tpmd/Makefile tpm_emulator-0.5.1/tpmd/Makefile > ---- tpm_emulator-0.5.1/tpmd/Makefile > -+++ tpm_emulator-0.5.1/tpmd/Makefile > -@@ -8,7 +8,7 @@ WFLAGS := -Wall -Wno-unused -Wpointer-a > - #WFLAGS += -Wextra -Wcast-qual -Wmissing-prototypes > -Wmissing-declarations -Wstrict-aliasing > - CFLAGS += $(WFLAGS) -g -I.. -I. -O2 -fno-strict-aliasing > - CFLAGS += -I../../../../tools/vtpm_manager/manager > --LDFLAGS += -lgmp > -+LDLIBS += -lgmp > - > - BINDIR := /usr/bin/ > - > diff --git a/tools/vtpm/vtpm-0.5.1.patch b/tools/vtpm/vtpm-0.5.1.patch > deleted file mode 100644 > index 2aeb745..0000000 > --- a/tools/vtpm/vtpm-0.5.1.patch > +++ /dev/null > @@ -1,766 +0,0 @@ > -diff -Naurp tpm_emulator-0.5.1/Makefile tpm5-test/Makefile > ---- tpm_emulator-0.5.1/Makefile 2008-02-14 03:22:48.000000000 -0500 > -+++ tpm5-test/Makefile 2009-07-15 09:45:28.000000000 -0400 > -@@ -10,7 +10,7 @@ VERSION_MINOR := 5 > - VERSION_BUILD := $(shell date +"%s") > - VERSION_SUFFIX := .1 > - > --SUBDIRS := tpmd tpmd_dev tddl > -+SUBDIRS := tpmd > - > - all: version all-recursive > - > -@@ -48,12 +48,12 @@ user_install: user > - modules_install: modules > - @$(MAKE) -C tpmd_dev install || exit -1 > - > --DIRS := . tpm crypto tpmd tpmd_dev tddl tpmd_dev_openbsd > -+DIRS := . tpm crypto tpmd > - DISTSRC := $(foreach dir, $(DIRS), $(wildcard $(dir)/*.c)) > - DISTSRC += $(foreach dir, $(DIRS), $(wildcard $(dir)/*.h)) > --DIRS := . tpmd tpmd_dev tddl tpmd_dev_openbsd > -+DIRS := . tpmd > - DISTSRC += $(foreach dir, $(DIRS), $(dir)/Makefile) > --DISTSRC += ./README ./AUTHORS ./ChangeLog tpmd_dev/tpmd_dev.rules.in > -+DISTSRC += ./README ./AUTHORS ./ChangeLog > - DISTDIR := tpm_emulator-$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_SUFFIX) > - > - dist: $(DISTSRC) > -diff -Naurp tpm_emulator-0.5.1/tpm/tpm_capability.c > tpm5-test/tpm/tpm_capability.c > ---- tpm_emulator-0.5.1/tpm/tpm_capability.c 2008-02-14 03:22:48.000000000 > -0500 > -+++ tpm5-test/tpm/tpm_capability.c 2009-07-16 12:04:20.000000000 -0400 > -@@ -136,8 +136,19 @@ static TPM_RESULT cap_property(UINT32 su > - > - case TPM_CAP_PROP_TIS_TIMEOUT: > - debug("[TPM_CAP_PROP_TIS_TIMEOUT]"); > -- /* TODO: TPM_CAP_PROP_TIS_TIMEOUT */ > -- return TPM_FAIL; > -+ /* TODO: TPM_CAP_PROP_TIS_TIMEOUT: Measure these values and determine > correct ones */ > -+ UINT32 len = *respSize = 16; > -+ BYTE *ptr = *resp = tpm_malloc(*respSize); > -+ if (ptr == NULL || > -+ tpm_marshal_UINT32(&ptr, &len, 200000) || > -+ tpm_marshal_UINT32(&ptr, &len, 200000) || > -+ tpm_marshal_UINT32(&ptr, &len, 200000) || > -+ tpm_marshal_UINT32(&ptr, &len, 200000)) { > -+ tpm_free(*resp); > -+ return TPM_FAIL; > -+ } > -+ return TPM_SUCCESS; > -+ > - > - case TPM_CAP_PROP_STARTUP_EFFECT: > - debug("[TPM_CAP_PROP_STARTUP_EFFECT]"); > -@@ -189,8 +200,12 @@ static TPM_RESULT cap_property(UINT32 su > - > - case TPM_CAP_PROP_DURATION: > - debug("[TPM_CAP_PROP_DURATION]"); > -- /* TODO: TPM_CAP_PROP_DURATION */ > -- return TPM_FAIL; > -+ /* TODO: TPM_CAP_PROP_DURATION: Measure these values and return > accurate ones */ > -+ BYTE dur[]= > {0x0,0x0,0x0,0xc,0x0,0x7,0xa1,0x20,0x0,0x1e,0x84,0x80,0x11,0xe1,0xa3,0x0}; > -+ *respSize = 16; > -+ *resp = tpm_malloc(*respSize); > -+ memcpy(*resp,dur,16); > -+ > - > - case TPM_CAP_PROP_ACTIVE_COUNTER: > - debug("[TPM_CAP_PROP_ACTIVE_COUNTER]"); > -diff -Naurp tpm_emulator-0.5.1/tpmd/Makefile tpm5-test/tpmd/Makefile > ---- tpm_emulator-0.5.1/tpmd/Makefile 2008-02-14 03:22:48.000000000 -0500 > -+++ tpm5-test/tpmd/Makefile 2009-07-16 12:08:26.000000000 -0400 > -@@ -8,9 +8,10 @@ WFLAGS := -Wall -Wno-unused -Wpointer-a > - -Wwrite-strings -Wsign-compare -Wno-multichar > - #WFLAGS += -Wextra -Wcast-qual -Wmissing-prototypes > -Wmissing-declarations -Wstrict-aliasing > - CFLAGS += $(WFLAGS) -g -I.. -I. -O2 -fno-strict-aliasing > -+CFLAGS += -I../../../../tools/vtpm_manager/manager > - LDFLAGS += -lgmp > - > --BINDIR := /usr/sbin/ > -+BINDIR := /usr/bin/ > - > - TPMD := tpmd > - DIRS := ../tpm ../crypto > -@@ -18,6 +19,8 @@ SRCS := $(foreach dir, $(DIRS), $(wil > - OBJS := $(patsubst %.c, %.o, $(SRCS)) > - OBJS := $(foreach dir, $(DIRS), $(patsubst $(dir)/%.o, %.o, $(filter > $(dir)/%.o, $(OBJS)))) > - > -+VTPM_BIN := vtpmd > -+ > - vpath %.c $(strip $(DIRS)) > - > - all: $(TPMD) > -@@ -32,10 +35,8 @@ TPMD_GROUP ?= tss > - INSTALL ?= install > - > - install: $(TPMD) > -- $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d > $(DESTDIR)/var/lib/tpm > -- $(INSTALL) -m 755 -o $(TPMD_USER) -g $(TPMD_GROUP) -d > $(DESTDIR)/var/run/tpm > - $(INSTALL) -D -d $(DESTDIR)/$(BINDIR) > -- $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR) > -+ $(INSTALL) -m 755 $(TPMD) $(DESTDIR)/$(BINDIR)/$(VTPM_BIN) > - > - .PHONY: all clean install > - > -diff -Naurp tpm_emulator-0.5.1/tpmd/tpmd.c tpm5-test/tpmd/tpmd.c > ---- tpm_emulator-0.5.1/tpmd/tpmd.c 2008-02-14 03:22:48.000000000 -0500 > -+++ tpm5-test/tpmd/tpmd.c 2009-07-16 11:19:05.000000000 -0400 > -@@ -32,6 +32,9 @@ > - #include <grp.h> > - #include "tpm_emulator_config.h" > - #include "tpm/tpm_emulator.h" > -+#include "tpm/tpm_structures.h" > -+#include "tpm/tpm_marshalling.h" > -+#include "vtpm_manager.h" > - > - #define TPM_DAEMON_NAME "tpmd" > - #define TPM_CMD_BUF_SIZE 4096 > -@@ -39,6 +42,24 @@ > - #define TPM_RANDOM_DEVICE "/dev/urandom" > - #undef TPM_MKDIRS > - > -+#ifdef VTPM_MULTI_VM > -+ #define DEV_BE "/dev/vtpm" > -+ #define DEV_FE "/dev/tpm" > -+#else > -+ #define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo" > -+ #define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo" > -+ #define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket" > -+ > -+ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo" > -+ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo" > -+ > -+ static char *vtpm_rx_name=NULL; > -+#endif > -+ > -+ static int vtpm_tx_fh=-1, vtpm_rx_fh=-1; > -+ > -+#define BUFFER_SIZE 2048 > -+ > - static volatile int stopflag = 0; > - static int is_daemon = 0; > - static int opt_debug = 0; > -@@ -49,6 +70,8 @@ static const char *opt_storage_file = "/ > - static uid_t opt_uid = 0; > - static gid_t opt_gid = 0; > - static int tpm_startup = 2; > -+static int vtpm_type = VTPM_TYPE_PVM; > -+int dmi_id = 0; > - static int rand_fh; > - > - void tpm_log(int priority, const char *fmt, ...) > -@@ -90,56 +113,241 @@ uint64_t tpm_get_ticks(void) > - > - int tpm_write_to_file(uint8_t *data, size_t data_length) > - { > -- int fh; > -- ssize_t res; > -- fh = open(opt_storage_file, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | > S_IWUSR); > -- if (fh < 0) return -1; > -- while (data_length > 0) { > -- res = write(fh, data, data_length); > -- if (res < 0) { > -- close(fh); > -- return -1; > -- } > -- data_length -= res; > -- data += res; > -+ int res, out_data_size, in_header_size; > -+ BYTE *ptr, *out_data, *in_header; > -+ UINT32 result, len, in_rsp_size; > -+ UINT16 tag = VTPM_TAG_REQ; > -+ > -+ printf("Saving NVM\n"); > -+ if (vtpm_tx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_tx_fh = open(DEV_FE, O_RDWR); > -+#else > -+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); > -+#endif > -+ } > -+ > -+ if (vtpm_tx_fh < 0) { > -+ return -1; > -+ } > -+ > -+ // Send request to VTPM Manager to encrypt data > -+#ifdef VTPM_MUTLI_VM > -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT + data_length; > -+#else > -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length; > -+#endif > -+ > -+ out_data = ptr = (BYTE *) malloc(len); > -+ > -+ if (ptr == NULL > -+#ifndef VTPM_MUTLI_VM > -+ || tpm_marshal_UINT32(&ptr, &len, dmi_id) > -+#endif > -+ || tpm_marshal_UINT16(&ptr, &len, tag) > -+#ifdef VTPM_MUTLI_VM > -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size) > -+#else > -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) > -+#endif > -+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM) > -+ || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) { > -+ free(out_data); > -+ return -1; > -+ } > -+ > -+ printf("\tSending SaveNVM Command.\n"); > -+ res = write(vtpm_tx_fh, out_data, out_data_size); > -+ free(out_data); > -+ if (res != out_data_size) return -1; > -+ > -+ if (vtpm_rx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_rx_fh = vtpm_tx_fh > -+#else > -+ if (vtpm_rx_name == NULL) { > -+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); > -+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); > - } > -- close(fh); > -- return 0; > -+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); > -+#endif > -+ } > -+ > -+ if (vtpm_rx_fh < 0) { > -+ return -1; > -+ } > -+ > -+ // Read Header of response so we can get the size & status > -+#ifdef VTPM_MUTLI_VM > -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; > -+#else > -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; > -+#endif > -+ in_header = ptr = malloc(in_header_size); > -+ > -+ printf("\tReading SaveNVM header.\n"); > -+ res = read(vtpm_rx_fh, in_header, in_header_size); > -+ > -+ if ( (res != in_header_size) > -+#ifndef VTPM_MUTLI_VM > -+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) > -+#endif > -+ || tpm_unmarshal_UINT16(&ptr, &len, &tag) > -+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) > -+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { > -+ free(in_header); > -+ return -1; > -+ } > -+ free(in_header); > -+ > -+ if (result != VTPM_SUCCESS) { > -+ return -1; > -+ } > -+ > -+#ifdef VTPM_MUTLI_VM > -+ close(vtpm_tx_fh); close(vtpm_rx_fh); > -+#endif > -+ > -+ printf("\tFinishing up SaveNVM\n"); > -+ return (0); > - } > - > - int tpm_read_from_file(uint8_t **data, size_t *data_length) > - { > -- int fh; > -- ssize_t res; > -- size_t total_length; > -- fh = open(opt_storage_file, O_RDONLY); > -- if (fh < 0) return -1; > -- total_length = lseek(fh, 0, SEEK_END); > -- lseek(fh, 0, SEEK_SET); > -- *data = tpm_malloc(total_length); > -- if (*data == NULL) { > -- close(fh); > -- return -1; > -- } > -- *data_length = 0; > -- while (total_length > 0) { > -- res = read(fh, &(*data)[*data_length], total_length); > -- if (res < 0) { > -- close(fh); > -- tpm_free(*data); > -- return -1; > -- } > -- *data_length += res; > -- total_length -= res; > -+ int res, out_data_size, in_header_size; > -+ uint8_t *ptr, *out_data, *in_header; > -+ UINT16 tag = VTPM_TAG_REQ; > -+ UINT32 len, in_rsp_size, result; > -+#ifdef VTPM_MUTLI_VM > -+ int vtpm_rx_fh, vtpm_tx_fh; > -+#endif > -+ > -+ printf("Loading NVM.\n"); > -+ if (vtpm_tx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_tx_fh = open(DEV_FE, O_RDWR); > -+#else > -+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); > -+#endif > -+ } > -+ > -+ if (vtpm_tx_fh < 0) { > -+ printf("Error in read_from_file:301\n"); > -+ return -1; > -+ } > -+ > -+ // Send request to VTPM Manager to encrypt data > -+#ifdef VTPM_MUTLI_VM > -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; > -+#else > -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; > -+#endif > -+ out_data = ptr = (BYTE *) malloc(len); > -+ > -+ if (ptr == NULL > -+#ifndef VTPM_MUTLI_VM > -+ || tpm_marshal_UINT32(&ptr, &len, dmi_id) > -+#endif > -+ || tpm_marshal_UINT16(&ptr, &len, tag) > -+#ifdef VTPM_MUTLI_VM > -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size) > -+#else > -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) > -+#endif > -+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) { > -+ free(out_data); > -+ printf("Error in read_from_file:325\n"); > -+ > -+ return -1; > -+ } > -+ > -+ printf("\tSending LoadNVM command\n"); > -+ res = write(vtpm_tx_fh, out_data, out_data_size); > -+ free(out_data); > -+ if (res != out_data_size) > -+ { > -+ printf("Error in read_from_file:335\n"); > -+ return -1; > -+ } > -+ > -+ if (vtpm_rx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_rx_fh = vtpm_tx_fh; > -+#else > -+ if (vtpm_rx_name == NULL) { > -+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); > -+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); > - } > -- close(fh); > -- return 0; > -+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); > -+#endif > -+ } > -+ > -+ if (vtpm_rx_fh < 0) { > -+ printf("Error in read_from_file:352\n"); > -+ return -1; > -+ } > -+ > -+ // Read Header of response so we can get the size & status > -+#ifdef VTPM_MUTLI_VM > -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; > -+#else > -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; > -+#endif > -+ in_header = ptr = malloc(in_header_size); > -+ > -+ printf("\tReading LoadNVM header\n"); > -+ res = read(vtpm_rx_fh, in_header, in_header_size); > -+ > -+ if ( (res != in_header_size) > -+#ifndef VTPM_MUTLI_VM > -+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) > -+#endif > -+ || tpm_unmarshal_UINT16(&ptr, &len, &tag) > -+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) > -+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { > -+ free(in_header); > -+ printf("Error in read_from_file:375\n"); > -+ return -1; > -+ } > -+ free(in_header); > -+ > -+ if (result != VTPM_SUCCESS) { > -+ printf("Error in read_from_file:381\n"); > -+ return -1; > -+ } > -+ > -+ // Read Encrypted data from VTPM Manager > -+ *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT; > -+ *data = (uint8_t *) malloc(*data_length); > -+ > -+ printf("\tReading clear data from LoadNVM.\n"); > -+ res = read(vtpm_rx_fh, *data, *data_length); > -+#ifdef VTPM_MUTLI_VM > -+ close(vtpm_rx_fh);close(vtpm_tx_fh); > -+#endif > -+ > -+ printf("\tReturing from loading NVM\n"); > -+ if (res != (int)*data_length) { > -+ free(*data); > -+ printf("Error in read_from_file:398\n"); > -+ return -1; > -+ } else { > -+ return 0; > -+ } > -+ > -+ > -+ > - } > - > - static void print_usage(char *name) > - { > - printf("usage: %s [-d] [-f] [-s storage file] [-u unix socket name] " > -- "[-o user name] [-g group name] [-h] [startup mode]\n", name); > -+ "[-o user name] [-g group name] [-h]" > -+#ifdef VTPM_MULTI_VM > -+ "clear|save|deactivated\n", name); > -+#else > -+ "clear|save|deactivated pvm|hvm vtpmid\n", name); > -+#endif > - printf(" d : enable debug mode\n"); > - printf(" f : forces the application to run in the foreground\n"); > - printf(" s : storage file to use (default: %s)\n", opt_storage_file); > -@@ -205,7 +413,13 @@ static void parse_options(int argc, char > - exit(EXIT_SUCCESS); > - } > - } > -- if (optind < argc) { > -+ /*Make sure we have all required options*/ > -+#ifdef VTPM_MULTI_VM > -+#define EXTRA_OPTS 0 > -+#else > -+#define EXTRA_OPTS 2 > -+#endif > -+ if (optind < argc - EXTRA_OPTS ) { > - debug("startup mode = '%s'", argv[optind]); > - if (!strcmp(argv[optind], "clear")) { > - tpm_startup = 1; > -@@ -219,6 +433,25 @@ static void parse_options(int argc, char > - print_usage(argv[0]); > - exit(EXIT_SUCCESS); > - } > -+#ifndef VTPM_MULTI_VM > -+ ++optind; > -+ if(!strcmp(argv[optind], "pvm")) { > -+ vtpm_type = VTPM_TYPE_PVM; // Get commands from vTPM > Manager through fifo > -+ } else if (!strcmp(argv[optind], "hvm")) { > -+ vtpm_type = VTPM_TYPE_HVM; // Get commands from qemu via > socket > -+ } else { > -+ error("Invalid vm mode '%s'; must be 'pvm', " > -+ "or 'hvm' ", argv[optind]); > -+ print_usage(argv[0]); > -+ exit(EXIT_SUCCESS); > -+ } > -+ ++optind; > -+ dmi_id = atoi(argv[optind]); > -+#endif > -+ } else { > -+ error("Invalid number of arguments"); > -+ print_usage(argv[0]); > -+ exit(EXIT_SUCCESS); > - } > - } > - > -@@ -348,93 +581,180 @@ static int init_socket(const char *name) > - > - static void main_loop(void) > - { > -- int sock, fh, res; > -- int32_t in_len; > -+ int32_t in_len, written; > - uint32_t out_len; > -- uint8_t in[TPM_CMD_BUF_SIZE], *out; > -+ uint8_t in[TPM_CMD_BUF_SIZE], *out, *addressed_out; > -+ int guest_id=-1; > -+ int i; > -+ char *vtpm_rx_file=NULL; > -+ int res; > -+ > -+#ifndef VTPM_MULTI_VM > -+ int sockfd = -1; > - struct sockaddr_un addr; > -- socklen_t addr_len; > -- fd_set rfds; > -- struct timeval tv; > -+ struct sockaddr_un client_addr; > -+ unsigned int client_length; > -+#endif > -+ > -+ int vtpm_tx_fh=-1, vtpm_rx_fh=-1; > -+ > -+#ifndef VTPM_MULTI_VM > -+ if (vtpm_type == VTPM_TYPE_PVM) { > -+ vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D)); > -+ sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id); > -+ } else { > -+ vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D)); > -+ sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id); > -+ > -+ if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) { > -+ error("Unable to create socket. errno = %d\n", errno); > -+ exit (-1); > -+ } > -+ > -+ memset(&addr, 0, sizeof(addr)); > -+ addr.sun_family = AF_UNIX; > -+ strcpy(addr.sun_path,vtpm_rx_file ); > -+ unlink(addr.sun_path); > -+ } > -+#endif > - > - info("staring main loop"); > -- /* open UNIX socket */ > -- sock = init_socket(opt_socket_name); > -- if (sock < 0) exit(EXIT_FAILURE); > - /* init tpm emulator */ > -- debug("initializing TPM emulator: %d", tpm_startup); > -+#ifdef VTPM_MULTI_VM > -+ debug("initializing TPM emulator: state=%d", tpm_startup); > -+#else > -+ debug("initializing TPM emulator: state=%d, type=%d, id=%d", > tpm_startup, vtpm_type, dmi_id); > -+#endif > - tpm_emulator_init(tpm_startup); > - /* start command processing */ > - while (!stopflag) { > - /* wait for incomming connections */ > - debug("waiting for connections..."); > -- FD_ZERO(&rfds); > -- FD_SET(sock, &rfds); > -- tv.tv_sec = 10; > -- tv.tv_usec = 0; > -- res = select(sock + 1, &rfds, NULL, NULL, &tv); > -- if (res < 0) { > -- error("select(sock) failed: %s", strerror(errno)); > -- break; > -- } else if (res == 0) { > -- continue; > -- } > -- addr_len = sizeof(addr); > -- fh = accept(sock, (struct sockaddr*)&addr, &addr_len); > -- if (fh < 0) { > -- error("accept() failed: %s", strerror(errno)); > -- continue; > -- } > -+ if (vtpm_rx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_rx_fh = open(DEV_BE, O_RDWR); > -+#else > -+ if (vtpm_type == VTPM_TYPE_PVM) > -+ { > -+ vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY); > -+ } else { > -+ if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) > { > -+ error("Unable to bind(). errno = %d\n", errno); > -+ exit (-1); > -+ } > -+ > -+ if (listen(sockfd, 10) <0) { > -+ error("Unable to listen(). errno = %d\n", errno); > -+ exit (-1); > -+ } > -+ > -+ memset(&client_addr, 0, sizeof(client_addr)); > -+ client_length = sizeof(client_addr); > -+ > -+ vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct sockaddr > *)&client_addr, &client_length); > -+ } > -+#endif > -+ } > -+ > -+ /*Error Checking*/ > -+ if (vtpm_rx_fh < 0) { > -+ error("Failed to open devices to listen to guest.\n"); > -+ exit(-1); > -+ } > -+ > - /* receive and handle commands */ > - in_len = 0; > - do { > - debug("waiting for commands..."); > -- FD_ZERO(&rfds); > -- FD_SET(fh, &rfds); > -- tv.tv_sec = TPM_COMMAND_TIMEOUT; > -- tv.tv_usec = 0; > -- res = select(fh + 1, &rfds, NULL, NULL, &tv); > -- if (res < 0) { > -- error("select(fh) failed: %s", strerror(errno)); > -- close(fh); > -- break; > -- } else if (res == 0) { > --#ifdef TPMD_DISCONNECT_IDLE_CLIENTS > -- info("connection closed due to inactivity"); > -- close(fh); > -- break; > --#else > -- continue; > --#endif > -- } > -- in_len = read(fh, in, sizeof(in)); > -- if (in_len > 0) { > -+ > -+ in_len = read(vtpm_rx_fh, in, sizeof(in)); > -+ /*Magic size of minimum TPM command is 6*/ > -+ //FIXME Magic size check may not be required anymore > -+ if (in_len < 6) { > -+ info("Recv incomplete command of %d bytes.", in_len); > -+ if (in_len <= 0) { > -+ close(vtpm_rx_fh); > -+ vtpm_rx_fh = -1; > -+ continue; > -+ } > -+ } else { > -+ /*Debug Printouts*/ > - debug("received %d bytes", in_len); > -+ debug_nostop("Recv[%d]: 0x", in_len); > -+ for (i=0; i< in_len; i++) > -+ debug_more("%x ", in[i]); > -+ debug_more("\n"); > -+ /*Multiple Guest check*/ > -+ if (guest_id == -1) { > -+ guest_id = *((int32_t *) in); > -+ } else { > -+ if (guest_id != *((int32_t *) in) ) { > -+ error("WARNING: More than one guest attached\n"); > -+ } > -+ } > -+ > -+ /*Open tx handle now*/ > -+ if (vtpm_tx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_tx_fh = open(DEV_BE, O_RDWR); > -+ vtpm_rx_fh = vtpm_tx_fh; > -+#else > -+ if (vtpm_type == VTPM_TYPE_PVM) { > -+ vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY); > -+ } // No need to open the other direction for HVM > -+#endif > -+ } > -+ if (vtpm_tx_fh < 0) { > -+ error("Failed to open devices to respond to guest.\n"); > -+ exit(-1); > -+ } > -+ > -+ /*Handle the TPM command now*/ > - out = NULL; > -- res = tpm_handle_command(in, in_len, &out, &out_len); > -+ res = tpm_handle_command(in + sizeof(uint32_t), in_len - > sizeof(uint32_t), &out, &out_len); > - if (res < 0) { > - error("tpm_handle_command() failed"); > - } else { > - debug("sending %d bytes", out_len); > -+ //FIXME this prepending may or may not be needed > -+ /*Prepend the first 4 bytes of the in buffer.. why?*/ > -+ addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + > out_len); > -+ *(uint32_t *) addressed_out = *(uint32_t *) in; > -+ memcpy(addressed_out + sizeof(uint32_t), out, out_len); > -+ out_len += sizeof(uint32_t); > -+ /*End Prepend*/ > -+ > -+ /*Perform write operation now*/ > - while (out_len > 0) { > -- res = write(fh, out, out_len); > -+ res = write(vtpm_tx_fh, addressed_out, out_len); > -+ > - if (res < 0) { > - error("write(%d) failed: %s", out_len, > strerror(errno)); > - break; > -- } > -+ } else { > -+ debug_nostop("Sent[%Zu]: ", out_len); > -+ for (i=0; (unsigned int)i< out_len; i++) > -+ debug_more("%x ", addressed_out[i]); > -+ debug_more("\n"); > -+ } > - out_len -= res; > - } > - tpm_free(out); > -+ tpm_free(addressed_out); > - } > - } > - } while (in_len > 0); > -- close(fh); > -+ //close(fh); > - } > -+ > - /* shutdown tpm emulator */ > - tpm_emulator_shutdown(); > -- /* close socket */ > -- close(sock); > -- unlink(opt_socket_name); > -+ /* Close handles */ > -+ close(vtpm_tx_fh); > -+#ifndef VTPM_MULTI_VM > -+ close(vtpm_rx_fh); > -+ free(vtpm_rx_file); > -+#endif > - info("main loop stopped"); > - } > - > -@@ -450,12 +770,13 @@ int main(int argc, char **argv) > - /* open random device */ > - init_random(); > - /* init signal handlers */ > -- init_signal_handler(); > -+ //init_signal_handler(); > - /* unless requested otherwiese, fork and daemonize process */ > -- if (!opt_foreground) daemonize(); > -+ //if (!opt_foreground) daemonize(); > - /* start main processing loop */ > - main_loop(); > - info("stopping TPM Emulator daemon"); > - closelog(); > - return 0; > - } > -+ > -diff -Naurp tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h > tpm5-test/tpmd/tpm_emulator_config.h > ---- tpm_emulator-0.5.1/tpmd/tpm_emulator_config.h 2008-02-14 > 03:22:48.000000000 -0500 > -+++ tpm5-test/tpmd/tpm_emulator_config.h 2009-07-16 11:25:26.000000000 > -0400 > -@@ -29,23 +29,28 @@ > - > - /* TPM emulator configuration */ > - > --#undef TPM_STRONG_PERSISTENCE > --#undef TPM_GENERATE_EK > -+#define TPM_STRONG_PERSISTENCE > -+#define TPM_GENERATE_EK > - #undef TPM_GENERATE_SEED_DAA > - #undef TPM_MEMORY_ALIGNMENT_MANDATORY > - > -+extern int dmi_id; > -+ > - /* log macros */ > - > - void tpm_log(int priority, const char *fmt, ...); > - > --#define debug(fmt, ...) tpm_log(LOG_DEBUG, "%s:%d: Debug: " fmt "\n", \ > -- __FILE__, __LINE__, ## __VA_ARGS__) > --#define info(fmt, ...) tpm_log(LOG_INFO, "%s:%d: Info: " fmt "\n", \ > -- __FILE__, __LINE__, ## __VA_ARGS__) > --#define error(fmt, ...) tpm_log(LOG_ERR, "%s:%d: Error: " fmt "\n", \ > -- __FILE__, __LINE__, ## __VA_ARGS__) > --#define alert(fmt, ...) tpm_log(LOG_ALERT, "%s:%d: Alert: " fmt "\n", \ > -- __FILE__, __LINE__, ## __VA_ARGS__) > -+#define debug(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: " fmt > "\n", \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define info(fmt, ...) tpm_log(LOG_INFO, "VTPMD[%d]: %s:%d: Info: " fmt > "\n", \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define error(fmt, ...) tpm_log(LOG_ERR, "VTPMD[%d]: %s:%d: Error: " fmt > "\n", \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define alert(fmt, ...) tpm_log(LOG_ALERT, "VTPMD[%d]: %s:%d: Alert: " fmt > "\n", \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define debug_nostop(fmt, ...) tpm_log(LOG_DEBUG, "VTPMD[%d]: %s:%d: Debug: > " fmt, \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define debug_more(fmt, ...) tpm_log(LOG_DEBUG, fmt, ## __VA_ARGS__) > - > - /* min/max macros that also do strict type-checking */ > - > diff --git a/tools/vtpm/vtpm.patch b/tools/vtpm/vtpm.patch > deleted file mode 100644 > index e896b25..0000000 > --- a/tools/vtpm/vtpm.patch > +++ /dev/null > @@ -1,716 +0,0 @@ > -diff -uprN tpm_emulator/AUTHORS vtpm/AUTHORS > ---- tpm_emulator/AUTHORS 2006-12-08 12:51:29.000000000 -0800 > -+++ vtpm/AUTHORS 2006-12-13 16:38:52.000000000 -0800 > -@@ -1,3 +1,3 @@ > - Mario Strasser <mast@xxxxxxx> > - Heiko Stamer <stamer@xxxxxxxx> [DAA] > --INTEL Corp <> [Dropped to Ring3] > -+INTEL Corp <> [VTPM Extensions] > -diff -uprN tpm_emulator/ChangeLog vtpm/ChangeLog > ---- tpm_emulator/ChangeLog 2006-12-08 12:51:29.000000000 -0800 > -+++ vtpm/ChangeLog 2006-12-13 16:38:52.000000000 -0800 > -@@ -1,5 +1,6 @@ > - ????-??-?? Intel Corp > - * Moved module out of kernel to run as a ring 3 app > -+ * Modified save_to_file and load_from_file to call xen VTPM manager > - > - 2006-06-23 Mario Strasser <mast@xxxxxxx> > - * tpm_startup.c: behaviour of ST_CLEAR and storage of > -diff -uprN tpm_emulator/linux_module.h vtpm/linux_module.h > ---- tpm_emulator/linux_module.h 2006-12-08 12:51:29.000000000 -0800 > -+++ vtpm/linux_module.h 2007-01-09 14:49:06.000000000 -0800 > -@@ -44,18 +44,26 @@ > - #define TPM_DEVICE_NAME "tpm" > - #define TPM_MODULE_NAME "tpm_emulator" > - > -+/* debug and log output functions */ > -+extern int dmi_id; > -+ > - #ifdef DEBUG > --#define debug(fmt, ...) printf("TPMD: %s:%d: Debug: " fmt "\n", \ > -- __FILE__, __LINE__, ## __VA_ARGS__) > -+#define debug(fmt, ...) printf("TPMD[%d]: %s:%d: Debug: " fmt "\n", \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define debug_nostop(fmt, ...) printf("TPMD[%d]: %s:%d: Debug: " fmt, \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define debug_more(fmt, ...) printf( fmt, ## __VA_ARGS__ ) > - #else > - #define debug(fmt, ...) > -+#define debug_nostop(fmt, ...) > -+#define debug_more(fmt, ...) > - #endif > --#define info(fmt, ...) printf("TPMD: %s:%d: Info: " fmt "\n", \ > -- __FILE__, __LINE__, ## __VA_ARGS__) > --#define error(fmt, ...) printf("TPMD: %s:%d: Error: " fmt "\n", \ > -- __FILE__, __LINE__, ## __VA_ARGS__) > --#define alert(fmt, ...) printf("TPMD: %s:%d: Alert: " fmt "\n", \ > -- __FILE__, __LINE__, ## __VA_ARGS__) > -+#define info(fmt, ...) printf("TPMD[%d]: %s:%d: Info: " fmt "\n", \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define error(fmt, ...) printf("TPMD[%d]: %s:%d: Error: " fmt "\n", \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > -+#define alert(fmt, ...) printf("TPMD[%d]: %s:%d: Alert: " fmt "\n", \ > -+ dmi_id, __FILE__, __LINE__, ## __VA_ARGS__) > - > - /* memory allocation */ > - > -diff -uprN tpm_emulator/Makefile vtpm/Makefile > ---- tpm_emulator/Makefile 2006-12-08 12:51:29.000000000 -0800 > -+++ vtpm/Makefile 2006-12-13 16:38:52.000000000 -0800 > -@@ -7,7 +7,7 @@ > - COMPILE_ARCH ?= $(shell uname -m | sed -e s/i.86/x86_32/) > - > - # module settings > --BIN := tpm_emulator > -+BIN := vtpmd > - VERSION_MAJOR := 0 > - VERSION_MINOR := 4 > - VERSION_BUILD := $(shell date +"%s") > -@@ -22,7 +22,7 @@ TOOLS_INSTALL_DIR = $(DESTDIR)/usr/bin > - > - CC := gcc > - CFLAGS += -g -Wall $(INCLUDE) -DDEBUG > --CFLAGS += -I. -Itpm > -+CFLAGS += -I. -Itpm -I../../vtpm_manager/manager > - > - # Is the simulator running in it's own vm? > - #CFLAGS += -DVTPM_MULTI_VM > -@@ -62,7 +62,6 @@ $(BIN): $(src)/crypto/gmp.h $(src)/crypt > - > - install: $(BIN) > - $(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR) > -- @if [ ! -d "/var/tpm" ]; then mkdir /var/tpm; fi > - > - clean: > - rm -f $(src)/crypto/gmp.h $(src)/crypto/libgmp.a $(OBJS) > -@@ -98,3 +97,4 @@ version: > - @echo "#endif /* _TPM_VERSION_H_ */" >> $(src)/tpm_version.h > - > - .PHONY: all install clean dist gmp version > -+ > -diff -uprN tpm_emulator/tpm/tpm_capability.c vtpm/tpm/tpm_capability.c > ---- tpm_emulator/tpm/tpm_capability.c 2006-06-23 03:37:07.000000000 -0700 > -+++ vtpm/tpm/tpm_capability.c 2007-01-10 10:00:49.000000000 -0800 > -@@ -136,8 +136,18 @@ static TPM_RESULT cap_property(UINT32 su > - > - case TPM_CAP_PROP_TIS_TIMEOUT: > - debug("[TPM_CAP_PROP_TIS_TIMEOUT]"); > -- /* TODO: TPM_CAP_PROP_TIS_TIMEOUT */ > -- return TPM_FAIL; > -+ /* TODO: TPM_CAP_PROP_TIS_TIMEOUT: Measure these values and determine > correct ones */ > -+ UINT32 len = *respSize = 16; > -+ BYTE *ptr = *resp = tpm_malloc(*respSize); > -+ if (ptr == NULL || > -+ tpm_marshal_UINT32(&ptr, &len, 200000) || > -+ tpm_marshal_UINT32(&ptr, &len, 200000) || > -+ tpm_marshal_UINT32(&ptr, &len, 200000) || > -+ tpm_marshal_UINT32(&ptr, &len, 200000)) { > -+ tpm_free(*resp); > -+ return TPM_FAIL; > -+ } > -+ return TPM_SUCCESS; > - > - case TPM_CAP_PROP_STARTUP_EFFECT: > - debug("[TPM_CAP_PROP_STARTUP_EFFECT]"); > -@@ -190,7 +200,11 @@ static TPM_RESULT cap_property(UINT32 su > - > - case TPM_CAP_PROP_DURATION: > - debug("[TPM_CAP_PROP_DURATION]"); > -- /* TODO: TPM_CAP_PROP_DURATION */ > -+ /* TODO: TPM_CAP_PROP_DURATION: Measure these values and return > accurate ones */ > -+ BYTE dur[]= > {0x0,0x0,0x0,0xc,0x0,0x7,0xa1,0x20,0x0,0x1e,0x84,0x80,0x11,0xe1,0xa3,0x0}; > -+ *respSize = 16; > -+ *resp = tpm_malloc(*respSize); > -+ memcpy(*resp,dur,16); > - return TPM_FAIL; > - > - case TPM_CAP_PROP_ACTIVE_COUNTER: > -diff -uprN tpm_emulator/tpm/tpm_cmd_handler.c vtpm/tpm/tpm_cmd_handler.c > ---- tpm_emulator/tpm/tpm_cmd_handler.c 2008-02-27 16:35:41.000000000 -0500 > -+++ vtpm/tpm/tpm_cmd_handler.c 2008-02-28 14:43:28.000000000 -0500 > -@@ -94,12 +94,18 @@ void tpm_compute_out_param_digest(TPM_CO > - sha1_ctx_t sha1; > - UINT32 res = CPU_TO_BE32(rsp->result); > - UINT32 ord = CPU_TO_BE32(ordinal); > -+ UINT32 offset = 0; > - > - /* compute SHA1 hash */ > - sha1_init(&sha1); > - sha1_update(&sha1, (BYTE*)&res, 4); > - sha1_update(&sha1, (BYTE*)&ord, 4); > -- sha1_update(&sha1, rsp->param, rsp->paramSize); > -+ if (ordinal == TPM_ORD_LoadKey2) { > -+ offset = 4; > -+ } > -+ if (rsp->paramSize - offset > 0) { > -+ sha1_update(&sha1, rsp->param + offset, rsp->paramSize - offset); > -+ } > - sha1_final(&sha1, rsp->auth1->digest); > - if (rsp->auth2 != NULL) memcpy(rsp->auth2->digest, > - rsp->auth1->digest, sizeof(rsp->auth1->digest)); > -diff -uprN tpm_emulator/tpm/tpm_data.c vtpm/tpm/tpm_data.c > ---- tpm_emulator/tpm/tpm_data.c 2008-02-27 16:35:41.000000000 -0500 > -+++ vtpm/tpm/tpm_data.c 2008-02-27 16:35:40.000000000 -0500 > -@@ -1,6 +1,7 @@ > - /* Software-Based Trusted Platform Module (TPM) Emulator for Linux > - * Copyright (C) 2004 Mario Strasser <mast@xxxxxxx>, > - * Swiss Federal Institute of Technology (ETH) Zurich > -+ * Copyright (C) 2005 INTEL Corp > - * > - * This module is free software; you can redistribute it and/or modify > - * it under the terms of the GNU General Public License as published > -@@ -15,10 +16,15 @@ > - * $Id: tpm_data.c 98 2006-05-07 14:16:29Z hstamer $ > - */ > - > -+#include <sys/types.h> > -+#include <sys/stat.h> > -+#include <fcntl.h> > -+#include <unistd.h> > -+ > - #include "tpm_emulator.h" > - #include "tpm_structures.h" > - #include "tpm_marshalling.h" > --#include "linux_module.h" > -+#include "vtpm_manager.h" > - > - TPM_DATA tpmData; > - > -@@ -158,45 +164,232 @@ void tpm_release_data(void) > - #include <sys/types.h> > - #include <sys/stat.h> > - #include <fcntl.h> > --#include <unistd.h> > - > --#define TPM_STORAGE_FILE "/var/tpm/tpm_emulator-1.2." STR(VERSION_MAJOR) > "." STR(VERSION_MINOR) > -+ static int vtpm_tx_fh=-1, vtpm_rx_fh=-1; > -+ > -+#ifdef VTPM_MUTLI_VM > -+ #define DEV_FE "/dev/tpm" > -+#else > -+ #define VTPM_RX_FIFO_D "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo" > -+ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm_cmd_from_all.fifo" > -+ > -+ extern int dmi_id; > -+ static char *vtpm_rx_name=NULL; > -+#endif > - > - static int write_to_file(uint8_t *data, size_t data_length) > - { > -- int res; > -- int fp; > -- fp = open(TPM_STORAGE_FILE, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | > S_IWUSR); > -- res = write(fp, data, data_length); > -- close(fp); > -- return (res == data_length) ? 0 : -1; > -+ int res, out_data_size, in_header_size; > -+ BYTE *ptr, *out_data, *in_header; > -+ UINT32 result, len, in_rsp_size; > -+ UINT16 tag = VTPM_TAG_REQ; > -+ > -+ printf("Saving NVM\n"); > -+ if (vtpm_tx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_tx_fh = open(DEV_FE, O_RDWR); > -+#else > -+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); > -+#endif > -+ } > -+ > -+ if (vtpm_tx_fh < 0) { > -+ return -1; > -+ } > -+ > -+ // Send request to VTPM Manager to encrypt data > -+#ifdef VTPM_MUTLI_VM > -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT + data_length; > -+#else > -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV + data_length; > -+#endif > -+ > -+ out_data = ptr = (BYTE *) malloc(len); > -+ > -+ if (ptr == NULL > -+#ifndef VTPM_MUTLI_VM > -+ || tpm_marshal_UINT32(&ptr, &len, dmi_id) > -+#endif > -+ || tpm_marshal_UINT16(&ptr, &len, tag) > -+#ifdef VTPM_MUTLI_VM > -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size) > -+#else > -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) > -+#endif > -+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_SAVENVM) > -+ || tpm_marshal_BYTE_ARRAY(&ptr, &len, data, data_length)) { > -+ free(out_data); > -+ return -1; > -+ } > -+ > -+ printf("\tSending SaveNVM Command.\n"); > -+ res = write(vtpm_tx_fh, out_data, out_data_size); > -+ free(out_data); > -+ if (res != out_data_size) return -1; > -+ > -+ if (vtpm_rx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_rx_fh = vtpm_tx_fh > -+#else > -+ if (vtpm_rx_name == NULL) { > -+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); > -+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); > -+ } > -+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); > -+#endif > -+ } > -+ > -+ if (vtpm_rx_fh < 0) { > -+ return -1; > -+ } > -+ > -+ // Read Header of response so we can get the size & status > -+#ifdef VTPM_MUTLI_VM > -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; > -+#else > -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; > -+#endif > -+ in_header = ptr = malloc(in_header_size); > -+ > -+ printf("\tReading SaveNVM header.\n"); > -+ res = read(vtpm_rx_fh, in_header, in_header_size); > -+ > -+ if ( (res != in_header_size) > -+#ifndef VTPM_MUTLI_VM > -+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) > -+#endif > -+ || tpm_unmarshal_UINT16(&ptr, &len, &tag) > -+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) > -+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { > -+ free(in_header); > -+ return -1; > -+ } > -+ free(in_header); > -+ > -+ if (result != VTPM_SUCCESS) { > -+ return -1; > -+ } > -+ > -+#ifdef VTPM_MUTLI_VM > -+ close(vtpm_tx_fh); close(vtpm_rx_fh); > -+#endif > -+ > -+ printf("\tFinishing up SaveNVM\n"); > -+ return (0); > - } > - > - static int read_from_file(uint8_t **data, size_t *data_length) > - { > -- int res; > -- int fp, file_status; > -- struct stat file_info; > -- fp = open(TPM_STORAGE_FILE, O_RDONLY, 0); > -- file_status = fstat(fp, &file_info); > -- if (file_status < 0) { > -- close(fp); > -- return -1; > -- } > -+ int res, out_data_size, in_header_size; > -+ uint8_t *ptr, *out_data, *in_header; > -+ UINT16 tag = VTPM_TAG_REQ; > -+ UINT32 len, in_rsp_size, result; > -+#ifdef VTPM_MUTLI_VM > -+ int vtpm_rx_fh, vtpm_tx_fh; > -+#endif > -+ > -+ printf("Loading NVM.\n"); > -+ if (vtpm_tx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_tx_fh = open(DEV_FE, O_RDWR); > -+#else > -+ vtpm_tx_fh = open(VTPM_TX_FIFO, O_WRONLY); > -+#endif > -+ } > - > -- *data_length = file_info.st_size; > -- *data = tpm_malloc(*data_length); > -- if (*data == NULL) { > -- close(fp); > -+ if (vtpm_tx_fh < 0) { > -+ return -1; > -+ } > -+ > -+ // Send request to VTPM Manager to encrypt data > -+#ifdef VTPM_MUTLI_VM > -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; > -+#else > -+ out_data_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; > -+#endif > -+ out_data = ptr = (BYTE *) malloc(len); > -+ > -+ if (ptr == NULL > -+#ifndef VTPM_MUTLI_VM > -+ || tpm_marshal_UINT32(&ptr, &len, dmi_id) > -+#endif > -+ || tpm_marshal_UINT16(&ptr, &len, tag) > -+#ifdef VTPM_MUTLI_VM > -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size) > -+#else > -+ || tpm_marshal_UINT32(&ptr, &len, out_data_size - sizeof(uint32_t)) > -+#endif > -+ || tpm_marshal_UINT32(&ptr, &len, VTPM_ORD_LOADNVM)) { > -+ free(out_data); > - return -1; > - } > -- res = read(fp, *data, *data_length); > -- close(fp); > -+ > -+ printf("\tSending LoadNVM command\n"); > -+ res = write(vtpm_tx_fh, out_data, out_data_size); > -+ free(out_data); > -+ if (res != out_data_size) return -1; > -+ > -+ if (vtpm_rx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_rx_fh = vtpm_tx_fh; > -+#else > -+ if (vtpm_rx_name == NULL) { > -+ vtpm_rx_name = malloc(10 + strlen(VTPM_RX_FIFO_D)); > -+ sprintf(vtpm_rx_name, VTPM_RX_FIFO_D, (uint32_t) dmi_id); > -+ } > -+ vtpm_rx_fh = open(vtpm_rx_name, O_RDONLY); > -+#endif > -+ } > -+ > -+ if (vtpm_rx_fh < 0) { > -+ return -1; > -+ } > -+ > -+ // Read Header of response so we can get the size & status > -+#ifdef VTPM_MUTLI_VM > -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_CLT; > -+#else > -+ in_header_size = len = VTPM_COMMAND_HEADER_SIZE_SRV; > -+#endif > -+ in_header = ptr = malloc(in_header_size); > -+ > -+ printf("\tReading LoadNVM header\n"); > -+ res = read(vtpm_rx_fh, in_header, in_header_size); > -+ > -+ if ( (res != in_header_size) > -+#ifndef VTPM_MUTLI_VM > -+ || tpm_unmarshal_UINT32(&ptr, &len, (UINT32*)&dmi_id) > -+#endif > -+ || tpm_unmarshal_UINT16(&ptr, &len, &tag) > -+ || tpm_unmarshal_UINT32(&ptr, &len, &in_rsp_size) > -+ || tpm_unmarshal_UINT32(&ptr, &len, &result) ) { > -+ free(in_header); > -+ return -1; > -+ } > -+ free(in_header); > -+ > -+ if (result != VTPM_SUCCESS) { > -+ return -1; > -+ } > -+ > -+ // Read Encrypted data from VTPM Manager > -+ *data_length = in_rsp_size - VTPM_COMMAND_HEADER_SIZE_CLT; > -+ *data = (uint8_t *) malloc(*data_length); > -+ > -+ printf("\tReading clear data from LoadNVM.\n"); > -+ res = read(vtpm_rx_fh, *data, *data_length); > -+#ifdef VTPM_MUTLI_VM > -+ close(vtpm_rx_fh);close(vtpm_tx_fh); > -+#endif > -+ > -+ printf("\tReturing from loading NVM\n"); > - if (res != *data_length) { > -- tpm_free(*data); > -- return -1; > -+ free(*data); > -+ return -1; > -+ } else { > -+ return 0; > - } > -- return 0; > -+ > - } > - > - #else > -diff -uprN tpm_emulator/tpmd.c vtpm/tpmd.c > ---- tpm_emulator/tpmd.c 2006-12-08 12:51:29.000000000 -0800 > -+++ vtpm/tpmd.c 2007-01-09 14:48:56.000000000 -0800 > -@@ -21,12 +21,24 @@ > - #include <sys/stat.h> > - #include <fcntl.h> > - #include <sys/time.h> > -+#include <sys/socket.h> > -+#include <sys/un.h> > -+#include <errno.h> > - > - #include "tpm_emulator.h" > -+#include "vtpm_manager.h" > - > --#define TPM_RX_FNAME "/var/tpm/tpm_in.fifo" > --#define TPM_TX_FNAME "/var/tpm/tpm_out.fifo" > -+#ifdef VTPM_MULTI_VM > -+ #define DEV_BE "/dev/vtpm" > -+#else > -+ #define PVM_RX_FIFO_D "/var/vtpm/fifos/tpm_cmd_to_%d.fifo" > -+ #define PVM_TX_FIFO "/var/vtpm/fifos/tpm_rsp_from_all.fifo" > - > -+ #define HVM_RX_FIFO_D "/var/vtpm/socks/%d.socket" > -+#endif > -+ > -+ int dmi_id; > -+ > - #define BUFFER_SIZE 2048 > - > - static int devurandom=0; > -@@ -38,7 +50,7 @@ void get_random_bytes(void *buf, int nby > - } > - > - if (read(devurandom, buf, nbytes) != nbytes) { > -- printf("Can't get random number.\n"); > -+ error("Can't get random number.\n"); > - exit(-1); > - } > - } > -@@ -52,105 +64,182 @@ uint64_t tpm_get_ticks(void) > - > - int main(int argc, char **argv) > - { > -- uint8_t in[BUFFER_SIZE], *out; > -+ uint8_t type, in[BUFFER_SIZE], *out, *addressed_out; > -+ char *vtpm_rx_file=NULL; > - uint32_t out_size; > - int in_size, written; > -- int i; > -- struct stat file_info; > -+ int i, guest_id=-1; > - > -- int tpm_tx_fh=-1, tpm_rx_fh=-1; > -+#ifndef VTPM_MULTI_VM > -+ int sockfd = -1; > -+ struct sockaddr_un addr; > -+ struct sockaddr_un client_addr; > -+ unsigned int client_length; > -+ > -+#endif > -+ > -+ int vtpm_tx_fh=-1, vtpm_rx_fh=-1; > -+#ifdef VTPM_MULTI_VM > - if (argc < 2) { > -- printf("Usage: tpmd clear|save|deactivated\n" ); > -+ error("Usage: tpmd clear|save|deactivated\n" ); > -+#else > -+ if (argc < 4) { > -+ error("Usage: tpmd clear|save|deactivated pvm|hvm vtpmid\n" ); > -+#endif > - return -1; > - } > - > -+#ifndef VTPM_MULTI_VM > -+ /* setup type of vm */ > -+ if (!strcmp(argv[2], "pvm")) { > -+ type = VTPM_TYPE_PVM; // Get commands from vTPM Manager through fifo > -+ } else if (!strcmp(argv[2], "hvm")) { > -+ type = VTPM_TYPE_HVM; // Get commands from qemu via socket > -+ } else { > -+ error("invalid vTPM type '%s'.\n", argv[2]); > -+ } > -+ > -+ dmi_id = atoi(argv[3]); > -+ > -+ if (type == VTPM_TYPE_PVM) { > -+ vtpm_rx_file = malloc(10 + strlen(PVM_RX_FIFO_D)); > -+ sprintf(vtpm_rx_file, PVM_RX_FIFO_D, (uint32_t) dmi_id); > -+ } else { > -+ vtpm_rx_file = malloc(10 + strlen(HVM_RX_FIFO_D)); > -+ sprintf(vtpm_rx_file, HVM_RX_FIFO_D, (uint32_t) dmi_id); > -+ > -+ if ( (sockfd = socket(PF_UNIX,SOCK_STREAM,0)) < 0) { > -+ error("Unable to create socket. errno = %d\n", errno); > -+ exit (-1); > -+ } > -+ > -+ memset(&addr, 0, sizeof(addr)); > -+ addr.sun_family = AF_UNIX; > -+ strcpy(addr.sun_path,vtpm_rx_file ); > -+ unlink(addr.sun_path); > -+ } > -+#endif > -+ > -+#ifdef VTPM_MULTI_VM > -+ info("Initializing tpm state: %s\n", argv[1]); > -+#else > -+ info("Initializing tpm state: %s, type: %s, id: %d\n", argv[1], argv[2], > dmi_id); > -+#endif > -+ > - /* initialize TPM emulator */ > - if (!strcmp(argv[1], "clear")) { > -- printf("Initializing tpm: %s\n", argv[1]); > - tpm_emulator_init(1); > -- } else if (!strcmp(argv[1], "save")) { > -- printf("Initializing tpm: %s\n", argv[1]); > -+ } else if (!strcmp(argv[1], "save")) { > - tpm_emulator_init(2); > - } else if (!strcmp(argv[1], "deactivated")) { > -- printf("Initializing tpm: %s\n", argv[1]); > - tpm_emulator_init(3); > - } else { > -- printf("invalid startup mode '%s'; must be 'clear', " > -+ error("invalid startup mode '%s'; must be 'clear', " > - "'save' (default) or 'deactivated", argv[1]); > - return -1; > - } > -- > -- if ( stat(TPM_RX_FNAME, &file_info) == -1) { > -- if ( mkfifo(TPM_RX_FNAME, S_IWUSR | S_IRUSR ) ) { > -- printf("Failed to create fifo %s.\n", TPM_RX_FNAME); > -- return -1; > -- } > -- } > -- > -- if ( stat(TPM_TX_FNAME, &file_info) == -1) { > -- if ( mkfifo(TPM_TX_FNAME, S_IWUSR | S_IRUSR ) ) { > -- printf("Failed to create fifo %s.\n", TPM_TX_FNAME); > -- return -1; > -- } > -- } > -- > -+ > - while (1) { > - abort_command: > -- if (tpm_rx_fh < 0) { > -- tpm_rx_fh = open(TPM_RX_FNAME, O_RDONLY); > -+ if (vtpm_rx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_rx_fh = open(DEV_BE, O_RDWR); > -+#else > -+ if (type == VTPM_TYPE_PVM) { > -+ vtpm_rx_fh = open(vtpm_rx_file, O_RDONLY); > -+ } else { > -+ if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) { > -+ error("Unable to bind(). errno = %d\n", errno); > -+ exit (-1); > -+ } > -+ > -+ if (listen(sockfd, 10) <0) { > -+ error("Unable to listen(). errno = %d\n", errno); > -+ exit (-1); > -+ } > -+ > -+ memset(&client_addr, 0, sizeof(client_addr)); > -+ client_length = sizeof(client_addr); > -+ > -+ vtpm_rx_fh = vtpm_tx_fh = accept(sockfd, (struct sockaddr > *)&client_addr, &client_length); > -+ } > -+#endif > - } > - > -- if (tpm_rx_fh < 0) { > -- printf("ERROR: failed to open devices to listen to guest.\n"); > -+ if (vtpm_rx_fh < 0) { > -+ error("Failed to open devices to listen to guest.\n"); > - return -1; > - } > - > -- if (tpm_tx_fh < 0) { > -- tpm_tx_fh = open(TPM_TX_FNAME, O_WRONLY); > -- } > -- > -- if (tpm_tx_fh < 0) { > -- printf("ERROR: failed to open devices to respond to guest.\n"); > -- return -1; > -- } > -- > -- in_size = read(tpm_rx_fh, in, BUFFER_SIZE); > -+ in_size = read(vtpm_rx_fh, in, BUFFER_SIZE); > - if (in_size < 6) { // Magic size of minium TPM command > -- printf("Recv[%d] to small: 0x", in_size); > -+ info("Recv incomplete command of %d bytes.", in_size); > - if (in_size <= 0) { > -- close(tpm_rx_fh); > -- tpm_rx_fh = -1; > -+ close(vtpm_rx_fh); > -+ vtpm_rx_fh = -1; > - goto abort_command; > - } > - } else { > -- printf("Recv[%d]: 0x", in_size); > -+ debug_nostop("Recv[%d]: 0x", in_size); > - for (i=0; i< in_size; i++) > -- printf("%x ", in[i]); > -- printf("\n"); > -+ debug_more("%x ", in[i]); > -+ debug_more("\n"); > - } > - > -- > -- if (tpm_handle_command(in, in_size, &out, &out_size) != 0) { > -- printf("ERROR: Handler Failed.\n"); > -+ if (guest_id == -1) { > -+ guest_id = *((uint32_t *) in); > -+ } else { > -+ if (guest_id != *((uint32_t *) in) ) { > -+ error("WARNING: More than one guest attached\n"); > -+ } > -+ } > -+ > -+ if (vtpm_tx_fh < 0) { > -+#ifdef VTPM_MUTLI_VM > -+ vtpm_tx_fh = open(DEV_BE, O_RDWR); > -+ vtpm_rx_fh = vtpm_tx_fh; > -+#else > -+ if (type == VTPM_TYPE_PVM) { > -+ vtpm_tx_fh = open(PVM_TX_FIFO, O_WRONLY); > -+ } // No need to open the other direction for HVM > -+#endif > -+ } > -+ > -+ if (vtpm_tx_fh < 0) { > -+ error("Failed to open devices to respond to guest.\n"); > -+ return -1; > -+ } > -+ > -+ // Handle the command, but skip the domain id header > -+ if (tpm_handle_command(in + sizeof(uint32_t), in_size - > sizeof(uint32_t), &out, &out_size) != 0) { > -+ error("Handler Failed.\n"); > - } > - > -- written = write(tpm_tx_fh, out, out_size); > -+ addressed_out = (uint8_t *) tpm_malloc(sizeof(uint32_t) + out_size); > -+ *(uint32_t *) addressed_out = *(uint32_t *) in; > -+ memcpy(addressed_out + sizeof(uint32_t), out, out_size); > -+ > -+ written = write(vtpm_tx_fh, addressed_out, out_size + sizeof(uint32_t)); > - > -- if (written != out_size ) { > -- printf("ERROR: Part of response not written %d/%d.\nAttempt: ", > written, out_size); > -+ if (written != out_size + sizeof(uint32_t)) { > -+ error("Part of response not written %d/%d.\n", written, out_size); > - } else { > -- printf("Sent[%Zu]: ", out_size); > -+ debug_nostop("Sent[%Zu]: ", out_size + sizeof(uint32_t)); > -+ for (i=0; i< out_size+ sizeof(uint32_t); i++) > -+ debug_more("%x ", addressed_out[i]); > -+ debug_more("\n"); > - } > -- for (i=0; i< out_size; i++) > -- printf("%x ", out[i]); > -- printf("\n"); > - tpm_free(out); > -+ tpm_free(addressed_out); > - > - } // loop > - > - tpm_emulator_shutdown(); > - > -- close(tpm_tx_fh); > -- close(tpm_rx_fh); > -+ close(vtpm_tx_fh); > -+#ifndef VTPM_MUTLI_VM > -+ close(vtpm_rx_fh); > -+ free (vtpm_rx_file); > -+#endif > - > - } > diff --git a/tools/vtpm_manager/COPYING b/tools/vtpm_manager/COPYING > deleted file mode 100644 > index c4b86b7..0000000 > --- a/tools/vtpm_manager/COPYING > +++ /dev/null > @@ -1,32 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > diff --git a/tools/vtpm_manager/Makefile b/tools/vtpm_manager/Makefile > deleted file mode 100644 > index 632f41b..0000000 > --- a/tools/vtpm_manager/Makefile > +++ /dev/null > @@ -1,18 +0,0 @@ > -XEN_ROOT = $(CURDIR)/../.. > - > -# Base definitions and rules > -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk > - > -SUBDIRS = crypto tcs util manager migration > -OPENSSL_HEADER = /usr/include/openssl/crypto.h > - > -.PHONY: all clean install > -all clean install: %: subdirs-% > - > -.PHONY: mrproper > -mrproper: > - @set -e; for subdir in $(SUBDIRS); do \ > - $(MAKE) -C $$subdir $@; \ > - done > - > - > diff --git a/tools/vtpm_manager/README b/tools/vtpm_manager/README > deleted file mode 100644 > index f0d1e98..0000000 > --- a/tools/vtpm_manager/README > +++ /dev/null > @@ -1,94 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > - > -Directory Structure > -=================== > -tools/vtpm_manager/crypto -> crypto files > -tools/vtpm_manager/TCS -> TCS implementation > -tools/vtpm_manager/util -> Utility Library. Include disk-io and buffers. > -tools/vtpm_manager/manager -> VTPM Manager > - > -Compile Flags > -=================== > -LOGGING_MODULES -> How extensive logging happens > - see util/log.h for more info > - > -VTPM_MULTI_VM -> Defined: VTPMs run in their own VMs > - Not Defined (default): VTPMs are processes > - > -# Debugging flags that may disappear without notice in the future > - > -DUMMY_BACKEND -> vtpm_manager listens on /tmp/in.fifo and > - /tmp/out.fifo rather than backend > - > -MANUAL_DM_LAUNCH -> Must manually launch & kill VTPMs > - > -WELL_KNOWN_OWNER_AUTH -> Rather than randomly generating the password > for the owner, > - use a well known value. This is useful for > debugging and for > - poor bios which do not support clearing TPM > if OwnerAuth is > - lost. However this has no protection from > malicious app > - issuing a TPM_OwnerClear to wipe the TPM > - > -Requirements > -============ > -- xen-unstable > -- vtpm frontend/backend driver patch > -- OpenSSL Library > - > -Single-VM Flow > -============================ > -- Launch the VTPM manager (vtpm_managerd) which which begins listening to > the BE with one thread > - and listens to a named fifo that is shared by the vtpms to commuincate > with the manager. > -- VTPM Manager listens to TPM BE. > -- When xend launches a tpm frontend equipped VM it contacts the manager over > the vtpm backend. > -- When the manager receives the open message from the BE, it launches a vtpm > -- Xend allows the VM to continue booting. > -- When a TPM request is issued to the front end, the front end transmits the > TPM request to the backend. > -- The manager receives the TPM requests and uses a named fifo to forward the > request to the vtpm. > -- The fifo listener begins listening for the reply from vtpm for the request. > -- Vtpm processes request and replies to manager over shared named fifo. > -- If needed, the vtpm may send a request to the vtpm_manager at any time to > save it's secrets to disk. > -- Manager receives response from vtpm and passes it back to backend for > forwarding to guest. > - > -NOTES: > -* SaveService SHOULD seal it's table before saving it to disk. However, > - the current Xen infrastructure does not provide a mechanism for this to be > - unsealed later. Specifically, the auth and wrapped key must be available > ONLY > - to the service, or it's not even worth encrypting > - > - In the future the vtpm manager will be protected by an early boot mechanism > - that will allow for better protection of it's data. > - > -TODO: > -- Timeout on crashed vtpms > -- create lock for shared fifo for talking to vtpms. > diff --git a/tools/vtpm_manager/Rules.mk b/tools/vtpm_manager/Rules.mk > deleted file mode 100644 > index 651772b..0000000 > --- a/tools/vtpm_manager/Rules.mk > +++ /dev/null > @@ -1,59 +0,0 @@ > -# Base definitions and rules (XEN_ROOT must be defined in including Makefile) > -include $(XEN_ROOT)/tools/Rules.mk > - > -# > -# Tool definitions > -# > - > -# General compiler flags > -CFLAGS = -Werror -g3 > - > -# Generic project files > -HDRS = $(wildcard *.h) > -SRCS = $(wildcard *.c) > -OBJS = $(patsubst %.c,%.o,$(SRCS)) > - > -# Generic (non-header) dependencies > -$(SRCS): Makefile $(XEN_ROOT)/tools/Rules.mk > $(XEN_ROOT)/tools/vtpm_manager/Rules.mk > - > -$(OBJS): $(SRCS) > - > --include $(FILES) > - > -# Make sure these are just rules > -.PHONY : all build install clean > - > -# > -# Project-specific definitions > -# > - > -# Need UNIX98 spec for pthread rwlocks > -CFLAGS += -D_GNU_SOURCE > - > -# Logging Level. See utils/tools.h for usage > -CFLAGS += > -DLOGGING_MODULES="(BITMASK(VTPM_LOG_TCS)|BITMASK(VTPM_LOG_VTSP)|BITMASK(VTPM_LOG_VTPM))" > - > -# Silent Mode > -#CFLAGS += -DLOGGING_MODULES=0x0 > -#CFLAGS += -DLOGGING_MODULES=0xff > - > -# Use frontend/backend pairs between manager & DMs? > -#CFLAGS += -DVTPM_MULTI_VM > - > -# vtpm_manager listens on fifo's rather than backend > -#CFLAGS += -DDUMMY_BACKEND > - > -# TCS talks to fifo's rather than /dev/tpm. TPM Emulator assumed on fifos > -#CFLAGS += -DDUMMY_TPM > - > -# Do not have manager launch DMs. > -#CFLAGS += -DMANUAL_DM_LAUNCH > - > -# Fixed OwnerAuth > -#CFLAGS += -DWELL_KNOWN_OWNER_AUTH > - > -# Include > -CFLAGS += -I$(XEN_ROOT)/tools/vtpm_manager/crypto > -CFLAGS += -I$(XEN_ROOT)/tools/vtpm_manager/util > -CFLAGS += -I$(XEN_ROOT)/tools/vtpm_manager/tcs > -CFLAGS += -I$(XEN_ROOT)/tools/vtpm_manager/manager > diff --git a/tools/vtpm_manager/crypto/Makefile > b/tools/vtpm_manager/crypto/Makefile > deleted file mode 100644 > index 13b61c9..0000000 > --- a/tools/vtpm_manager/crypto/Makefile > +++ /dev/null > @@ -1,24 +0,0 @@ > -XEN_ROOT = $(CURDIR)/../../.. > -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk > - > -BIN = libtcpaCrypto.a > - > -.PHONY: all > -all: build > - > -.PHONY: build > -build: $(BIN) > - > -.PHONY: install > -install: build > - > -.PHONY: clean > -clean: > - rm -f *.a *.so *.o *.rpm $(DEP_FILES) > - > -.PHONY: mrproper > -mrproper: clean > - rm -f *~ > - > -$(BIN): $(OBJS) > - $(AR) rcs $(BIN) $(OBJS) > diff --git a/tools/vtpm_manager/crypto/crypto.c > b/tools/vtpm_manager/crypto/crypto.c > deleted file mode 100644 > index 7dae655..0000000 > --- a/tools/vtpm_manager/crypto/crypto.c > +++ /dev/null > @@ -1,88 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// crypto.c > -// > -// This file will handle all the TPM Crypto functionality > -// > -// ================================================================== > - > -#include <string.h> > -#include <openssl/crypto.h> > -#include <openssl/err.h> > -#include <openssl/evp.h> > -#include <openssl/rand.h> > -#include "crypto.h" > -#include "log.h" > - > -/** > - * Initialize cryptography library > - * @rand: random seed > - * @size: size of @rand > - */ > -void Crypto_Init(const BYTE* rand, int size) { > - ERR_load_crypto_strings(); > - CRYPTO_malloc_init(); > - OpenSSL_add_all_algorithms(); > - SYM_CIPHER = EVP_aes_128_cbc(); > - RAND_poll(); > - if (rand == NULL) > - return; > - > - RAND_add(rand, size, size); > -} > - > -/** > - * Shutdown cryptography library > - */ > -void Crypto_Exit() { > - ERR_free_strings(); > - ERR_remove_state(0); > - EVP_cleanup(); > -} > - > - > -/** > - * Get random data > - * @data: (OUT) Random data > - * @size: Size of @data > - */ > -void Crypto_GetRandom(void* data, int size) { > - int result; > - > - result = RAND_pseudo_bytes((BYTE*) data, size); > - > - if (result <= 0) > - vtpmlogerror (VTPM_LOG_CRYPTO, "RAND_pseudo_bytes failed: %s\n", > - ERR_error_string (ERR_get_error(), NULL)); > -} > diff --git a/tools/vtpm_manager/crypto/crypto.h > b/tools/vtpm_manager/crypto/crypto.h > deleted file mode 100644 > index 488d4d6..0000000 > --- a/tools/vtpm_manager/crypto/crypto.h > +++ /dev/null > @@ -1,175 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// crypto.h > -// > -// This file defines the TPM Crypto API > -// > -// ================================================================== > - > -#ifndef __CRYPTO_H__ > -#define __CRYPTO_H__ > - > -#include <stddef.h> > -#include <stdint.h> > -#include <stdbool.h> > - > -#include "tcg.h" > -#include "sym_crypto.h" > - > -#define CRYPTO_MAX_SIG_SIZE (2048 / 8) > -#define CRYPTO_MAX_RSA_KEY_SIZE (4096 / 8) //in bytes > - > -#define OAEP_P "TCPA" > -#define OAEP_P_SIZE 4 > - > -// Algorithms supported by crypto. Stored in CRYPTO_INFO.algorithmID > -#define CRYPTO_ALGORITH_RSA 0x01 > - > -// Supported Encryption Schemes CRYPTO_INFO.encScheme > -#define CRYPTO_ES_NONE 0x0001 > -#define CRYPTO_ES_RSAESPKCSv15 0x0002 > -#define CRYPTO_ES_RSAESOAEP_SHA1_MGF1 0x0003 > - > -// Supported Signature schemes CRYPTO_INFO.sigScheme > -#define CRYPTO_SS_NONE 0x0001 > -#define CRYPTO_SS_RSASSAPKCS1v15_SHA1 0x0002 > -#define CRYPTO_SS_RSASSAPKCS1v15_DER 0x0003 > - > -typedef struct CRYPTO_INFO { > - void *keyInfo; > - UINT32 algorithmID; > - UINT32 encScheme; > - UINT32 sigScheme; > -} CRYPTO_INFO; > - > - > -void Crypto_Init(const BYTE* rand, int size); > - > -void Crypto_Exit(); > - > -void Crypto_GetRandom(void* data, int size); > - > -void Crypto_HMAC( const BYTE* text, > - int text_len, > - const BYTE* key, > - int key_len, > - BYTE* digest); > - > -TPM_RESULT Crypto_HMAC_buf (const buffer_t * text, > - const buffer_t * key, > - BYTE * o_digest); /* presumably of 20 bytes */ > - > -void Crypto_SHA1Full( const BYTE* text, > - UINT32 size, > - BYTE* hash); //Complete 3part SHA1 > - > -// o_hash needs to be large enough to hold the digest, ie 20 bytes > -TPM_RESULT Crypto_SHA1Full_buf (const buffer_t * buf, > - BYTE * o_hash); > - > -void Crypto_SHA1Start(UINT32* maxNumBytes); > -void Crypto_SHA1Update(int numBytes, const BYTE* hashData); > -void Crypto_SHA1Complete( int hashDataSize, > - const BYTE* hashData, > - BYTE* hashValue); > - > -void Crypto_RSACreateKey( /*in*/ UINT32 keySize, > - /*in*/ UINT32 pubExpSize, > - /*in*/ BYTE *pubExp, > - /*out*/ UINT32 *privExpSize, > - /*out*/ BYTE *privExp, > - /*out*/ UINT32 *modulusSize, > - /*out*/ BYTE *modulus, > - /*out*/ CRYPTO_INFO *keys); > - > -void Crypto_RSABuildCryptoInfo( /*[IN]*/ UINT32 pubExpSize, > - /*[IN]*/ BYTE *pubExp, > - /*[IN]*/ UINT32 privExpSize, > - /*[IN]*/ BYTE *privExp, > - /*[IN]*/ UINT32 modulusSize, > - /*[IN]*/ BYTE *modulus, > - /*[OUT]*/ CRYPTO_INFO* cryptoInfo); > - > -void Crypto_RSABuildCryptoInfoPublic( /*[IN]*/ UINT32 pubExpSize, > - /*[IN]*/ BYTE *pubExp, > - /*[IN]*/ UINT32 modulusSize, > - /*[IN]*/ BYTE *modulus, > - CRYPTO_INFO* cryptoInfo); > - > -// > -// symmetric pack and unpack operations > -// > -TPM_RESULT Crypto_RSAPackCryptoInfo (const CRYPTO_INFO* cryptoInfo, > - BYTE ** io_buf, UINT32 * io_buflen); > - > -TPM_RESULT Crypto_RSAUnpackCryptoInfo (CRYPTO_INFO * ci, > - BYTE * in, UINT32 len, > - UINT32 * o_lenread); > - > - > -// return 0 on success, -1 on error > -int Crypto_RSAEnc( CRYPTO_INFO *keys, > - UINT32 inDataSize, > - BYTE *inData, > - /*out*/ UINT32 *outDataSize, > - /*out*/ BYTE *outData); > - > -// return 0 on success, -1 on error > -int Crypto_RSADec( CRYPTO_INFO *keys, > - UINT32 inDataSize, > - BYTE *inData, > - /*out*/ UINT32 *outDataSize, > - /*out*/ BYTE *outData); > - > -// return 0 on success, -1 on error > -int Crypto_RSASign( CRYPTO_INFO *keys, > - UINT32 inDataSize, > - BYTE *inData, > - /*out*/ UINT32 *sigSize, > - /*out*/ BYTE *sig); > - > -bool Crypto_RSAVerify( CRYPTO_INFO *keys, > - UINT32 inDataSize, > - BYTE *inData, > - UINT32 sigSize, > - BYTE *sig); > - > -//private: > -int RSA_verify_DER(int dtype, unsigned char *m, unsigned int m_len, > - unsigned char *sigbuf, unsigned int siglen, CRYPTO_INFO > *key); > - > -int RSA_sign_DER(int type, unsigned char *m, unsigned int m_len, > - unsigned char *sigret, unsigned int *siglen, CRYPTO_INFO *key); > - > -#endif // __CRYPTO_H__ > diff --git a/tools/vtpm_manager/crypto/hash.c > b/tools/vtpm_manager/crypto/hash.c > deleted file mode 100644 > index c73114a..0000000 > --- a/tools/vtpm_manager/crypto/hash.c > +++ /dev/null > @@ -1,153 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// hash.c > -// > -// This file will handle all the TPM Hash functionality > -// > -// ================================================================== > - > -#include <string.h> > -#include <openssl/crypto.h> > -#include <openssl/err.h> > -#include <openssl/evp.h> > -#include <openssl/rand.h> > -#include <openssl/hmac.h> > -#include <openssl/sha.h> > -#include <openssl/bn.h> > -#include <openssl/rsa.h> > - > -#include "tcg.h" // for TPM_SUCCESS > -#include "crypto.h" > - > -static SHA_CTX g_shaContext; > - > -void Crypto_HMAC( const BYTE* text, > - int text_len, > - const BYTE* key, > - int key_len, > - BYTE* digest) { > - if (text == NULL || key == NULL || text_len == 0 || key_len == 0) > - return; > - > - HMAC(EVP_sha1(), key, key_len, text, text_len, digest, NULL); > -} > - > -TPM_RESULT Crypto_HMAC_buf (const buffer_t * text, > - const buffer_t * key, > - BYTE * o_digest) { /* presumably of 20 bytes */ > - > - Crypto_HMAC (text->bytes, text->size, > - key->bytes, key->size, > - o_digest); > - > - return TPM_SUCCESS; > -} > - > - > -/* > - * SHA1 > - * (OUT) Create a SHA1 hash of text. Calls all three SHA1 steps internally > - */ > -void Crypto_SHA1Full( const BYTE* text, > - uint32_t size, > - BYTE* hash) { > - > - if (text == NULL || size == 0) > - return; > - > - // Run SHA1Start + SHAUpdate (if necessary) + SHAComplete > - uint32_t maxBytes; // Not used for anything > - Crypto_SHA1Start(&maxBytes); > - > - while (size > 64){ > - Crypto_SHA1Update(64, text); > - size -= 64; > - text += 64; > - } > - > - Crypto_SHA1Complete(size, text, hash); > -} > - > -// same thing using buffer_t > -TPM_RESULT Crypto_SHA1Full_buf (const buffer_t * buf, > - BYTE * o_digest) { > - > - if (buf->bytes == NULL || buf->size == 0) > - return TPM_BAD_PARAMETER; > - > - Crypto_SHA1Full (buf->bytes, buf->size, o_digest); > - > - return TPM_SUCCESS; > -} > - > - > -/* > - * Initialize SHA1 > - * (OUT) Maximum number of bytes that can be sent to SHA1Update. > - * Must be a multiple of 64 bytes. > - */ > -void Crypto_SHA1Start(uint32_t* maxNumBytes) { > - int max = SHA_CBLOCK; > - // Initialize the crypto library > - SHA1_Init(&g_shaContext); > - *maxNumBytes = max; > -} > - > -/* > - * Process SHA1 > - * @numBytes: (IN) The number of bytes in hashData. > - * Must be a multiple of 64 bytes. > - * @hashData: (IN) Bytes to be hashed. > - */ > -void Crypto_SHA1Update(int numBytes, const BYTE* hashData) { > - > - if (hashData == NULL || numBytes == 0 || numBytes%64 != 0) > - return; > - > - SHA1_Update(&g_shaContext, hashData, numBytes); > -} > - > -/* > - * Complete the SHA1 process > - * @hashDataSize: (IN) Number of bytes in hashData. > - * Must be a multiple of 64 bytes. > - * @hashData: (IN) Final bytes to be hashed. > - * @hashValue: (OUT) The output of the SHA-1 hash. > - */ > -void Crypto_SHA1Complete(int hashDataSize, > - const BYTE* hashData, > - BYTE* hashValue) { > - SHA1_Update(&g_shaContext, hashData, hashDataSize); > - SHA1_Final(hashValue, &g_shaContext); > -} > diff --git a/tools/vtpm_manager/crypto/rsa.c b/tools/vtpm_manager/crypto/rsa.c > deleted file mode 100644 > index 7737dc6..0000000 > --- a/tools/vtpm_manager/crypto/rsa.c > +++ /dev/null > @@ -1,434 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// rsa.c > -// > -// This file will handle all the TPM RSA crypto functionality > -// > -// ================================================================== > - > -#include <string.h> > -#include <openssl/crypto.h> > -#include <openssl/evp.h> > -#include <openssl/bn.h> > -#include <openssl/rsa.h> > -#include <openssl/rand.h> > -#include <openssl/x509.h> > - > -#include <openssl/err.h> > -#include <stdio.h> > - > -#include "tcg.h" > -#include "buffer.h" > -#include "crypto.h" > -#include "log.h" > - > -void Crypto_RSACreateKey( /*in*/ UINT32 keySize, > - /*in*/ UINT32 pubExpSize, > - /*in*/ BYTE *pubExp, > - /*out*/ UINT32 *privExpSize, > - /*out*/ BYTE *privExp, > - /*out*/ UINT32 *modulusSize, > - /*out*/ BYTE *modulus, > - /*out*/ CRYPTO_INFO *keys) { > - unsigned long e_value; > - > - if (pubExpSize == 0) // Default e = 2^16+1 > - e_value = (0x01 << 16) + 1; > - else { > - // This is not supported, but the following line MIGHT work > - // under then assumption that the format is BigNum compatable > - // Though it's not in the spec, so who knows what it is. > - // Forcing the default. > - //BN_bin2bn(pubExp, pubExpSize, NULL); > - e_value = (0x01 << 16) + 1; > - } > - > - RSA *rsa = RSA_generate_key(keySize, e_value, NULL, NULL); > - > - if (keys) { > - keys->keyInfo = rsa; > - keys->algorithmID = CRYPTO_ALGORITH_RSA; > - } > - > - if (modulus) *modulusSize = BN_bn2bin(rsa->n, modulus); > - if (privExp) *privExpSize = BN_bn2bin(rsa->d, privExp); > -} > - > -// Create a CRYPTO_INFO struct from the BYTE * key parts. > -// If pubExp info is NULL, use TCG default. > -// If there is a remainder while calculating the privExp, return FALSE. > - > -void Crypto_RSABuildCryptoInfo( /*[IN]*/ UINT32 pubExpSize, > - /*[IN]*/ BYTE *pubExp, > - /*[IN]*/ UINT32 privExpSize, > - /*[IN]*/ BYTE *privExp, > - /*[IN]*/ UINT32 modulusSize, > - /*[IN]*/ BYTE *modulus, > - CRYPTO_INFO* cryptoInfo) { > - cryptoInfo->keyInfo = RSA_new(); > - RSA *rsa = (RSA *) cryptoInfo->keyInfo; > - > - rsa->e = BN_new(); > - > - if (pubExpSize == 0) { // Default e = 2^16+1 > - BN_set_bit(rsa->e, 16); > - BN_set_bit(rsa->e, 0); > - } else { > - // This is not supported, but the following line MIGHT work > - // under then assumption that the format is BigNum compatable > - // Though it's not in the spec, so who knows what it is. > - // Forcing the default. > - //BN_bin2bn(pubExp, pubExpSize, NULL); > - BN_set_bit(rsa->e, 16); > - BN_set_bit(rsa->e, 0); > - } > - > - rsa->n = BN_bin2bn(modulus, modulusSize, NULL); > - rsa->d = BN_bin2bn(privExp, privExpSize, NULL); > -} > - > -// Create a CRYPTO_INFO struct from the BYTE * key parts. > -// If pubExp info is NULL, use TCG default. > -// If there is a remainder while calculating the privExp, return FALSE. > - > -void Crypto_RSABuildCryptoInfoPublic( /*[IN]*/ UINT32 pubExpSize, > - /*[IN]*/ BYTE *pubExp, > - /*[IN]*/ UINT32 modulusSize, > - /*[IN]*/ BYTE *modulus, > - CRYPTO_INFO* cryptoInfo) { > - cryptoInfo->keyInfo = RSA_new(); > - RSA *rsa = (RSA *) cryptoInfo->keyInfo; > - > - rsa->e = BN_new(); > - > - if (pubExpSize == 0) { // Default e = 2^16+1 > - BN_set_bit(rsa->e, 16); > - BN_set_bit(rsa->e, 0); > - } else { > - // This is not supported, but the following line MIGHT work > - // under then assumption that the format is BigNum compatable > - // Though it's not in the spec, so who knows what it is. > - // Forcing the default. > - //BN_bin2bn(pubExp, pubExpSize, NULL); > - BN_set_bit(rsa->e, 16); > - BN_set_bit(rsa->e, 0); > - } > - > - rsa->n = BN_bin2bn(modulus, modulusSize, NULL); > - > -} > - > -int Crypto_RSAEnc( CRYPTO_INFO *key, > - UINT32 inDataSize, > - BYTE *inData, > - /*out*/ UINT32 *outDataSize, > - /*out*/ BYTE *outData) { > - RSA *rsa = (RSA *) key->keyInfo; > - UINT32 paddedDataSize = RSA_size (rsa); > - BYTE *paddedData = (BYTE *)malloc(sizeof(BYTE) * paddedDataSize); > - int rc; > - > - if (paddedData == NULL) > - return -1; > - > - *outDataSize = 0; > - > - switch (key->encScheme) { > - case CRYPTO_ES_RSAESPKCSv15: > - if (RSA_padding_add_PKCS1_type_2(paddedData, paddedDataSize, inData, > inDataSize) <= 0) { > - rc = -1; > - goto abort_egress; > - } > - break; > - case CRYPTO_ES_RSAESOAEP_SHA1_MGF1: > - if > (RSA_padding_add_PKCS1_OAEP(paddedData,paddedDataSize,inData,inDataSize, > (BYTE *) OAEP_P,OAEP_P_SIZE) <= 0 ) { > - rc = -1; > - goto abort_egress; > - } > - break; > - default: > - rc = -1; > - goto abort_egress; > - } > - > - rc = RSA_public_encrypt(paddedDataSize, paddedData, outData, rsa, > RSA_NO_PADDING); > - if (rc == -1) > - goto abort_egress; > - > - *outDataSize = rc; > - > - if (rc > 0) rc = 0; > - > - goto egress; > - > - abort_egress: > - egress: > - > - if (paddedData) > - free (paddedData); > - return rc; > - > -} > - > -int Crypto_RSADec( CRYPTO_INFO *key, > - UINT32 inDataSize, > - BYTE *inData, > - /*out*/ UINT32 *outDataSize, > - /*out*/ BYTE *outData) { > - > - RSA *rsa = (RSA *) key->keyInfo; > - UINT32 paddedDataSize = RSA_size (rsa); > - BYTE *paddedData = (BYTE *)malloc(sizeof(BYTE) * paddedDataSize); > - int rc; > - > - if (paddedData == NULL) > - goto abort_egress; > - > - rc = RSA_private_decrypt(inDataSize, inData, paddedData, rsa, > RSA_NO_PADDING); > - if (rc == -1) { > - vtpmlogerror(VTPM_LOG_CRYPTO, "RSA_private_decrypt: %s\n", > ERR_error_string(ERR_get_error(), NULL)); > - goto abort_egress; > - } > - > - paddedDataSize = rc; > - > - switch (key->encScheme) { > - case CRYPTO_ES_RSAESPKCSv15: > - rc = RSA_padding_check_PKCS1_type_2 (outData, paddedDataSize, > - paddedData + 1, paddedDataSize - 1, > - RSA_size(rsa)); > - if (rc == -1) { > - vtpmlogerror(VTPM_LOG_CRYPTO, "RSA_padding_check_PKCS1_type_2: %s\n", > - ERR_error_string(ERR_get_error(), NULL)); > - goto abort_egress; > - } > - *outDataSize = rc; > - break; > - case CRYPTO_ES_RSAESOAEP_SHA1_MGF1: > - rc = RSA_padding_check_PKCS1_OAEP(outData, paddedDataSize, > - paddedData + 1, paddedDataSize - 1, > - RSA_size(rsa), > - (BYTE *) OAEP_P, OAEP_P_SIZE); > - if (rc == -1) { > - vtpmlogerror(VTPM_LOG_CRYPTO, "RSA_padding_check_PKCS1_OAEP: %s\n", > - ERR_error_string(ERR_get_error(), NULL)); > - goto abort_egress; > - } > - *outDataSize = rc; > - break; > - default: > - *outDataSize = 0; > - } > - > - free(paddedData); paddedData = NULL; > - goto egress; > - > - abort_egress: > - > - if (paddedData) > - free (paddedData); > - return -1; > - > - egress: > - return 0; > -} > - > -// Signs either a SHA1 digest of a message or a DER encoding of a message > -// Textual messages MUST be encoded or Hashed before sending into this > function > -// It will NOT SHA the message. > -int Crypto_RSASign( CRYPTO_INFO *key, > - UINT32 inDataSize, > - BYTE *inData, > - /*out*/ UINT32 *sigSize, > - /*out*/ BYTE *sig) { > - int status; > - unsigned int intSigSize; > - > - switch(key->sigScheme) { > - case CRYPTO_SS_RSASSAPKCS1v15_SHA1: > - status = RSA_sign(NID_sha1, inData, inDataSize, sig, &intSigSize, (RSA > *) key->keyInfo); > - break; > - case CRYPTO_SS_RSASSAPKCS1v15_DER: > - // status = Crypto_RSA_sign_DER(NID_md5_sha1, inData, inDataSize, > sig, &intSigSize, key); > - vtpmlogerror(VTPM_LOG_CRYPTO, "Crypto: Unimplemented sign type (%d)\n", > key->sigScheme); > - status = 0; > - break; > - default: > - status = 0; > - } > - > - if (status == 0) { > - *sigSize = 0; > - vtpmlogerror(VTPM_LOG_CRYPTO, "%s\n", ERR_error_string(ERR_get_error(), > NULL)); > - return -1; > - } > - > - *sigSize = (UINT32) intSigSize; > - return 0; > -} > - > -bool Crypto_RSAVerify( CRYPTO_INFO *key, > - UINT32 inDataSize, > - BYTE *inData, > - UINT32 sigSize, > - BYTE *sig) { > - int status; > - > - switch(key->sigScheme){ > - case CRYPTO_SS_RSASSAPKCS1v15_SHA1: > - status = RSA_verify(NID_sha1, inData, inDataSize, sig, sigSize, (RSA *) > key->keyInfo); > - break; > - case CRYPTO_SS_RSASSAPKCS1v15_DER: > - //status = Crypto_RSA_verify_DER(NID_md5_sha1, inData, inDataSize, sig, > sigSize, key); > - vtpmlogerror(VTPM_LOG_CRYPTO, "Crypto: Unimplemented sign type (%d)\n", > key->sigScheme); > - status = 0; > - break; > - default: > - status = 0; > - } > - > - if (status) > - return(1); > - else { > - vtpmlogerror(VTPM_LOG_CRYPTO, "RSA verify: %s\n", > ERR_error_string(ERR_get_error(), NULL)); > - return(0); > - } > - > -} > - > -// helper which packs everything into a BIO! > - > -// packs the parameters first, then the private key, then the public key > -// if *io_buf is NULL, allocate it here as needed. otherwise its size is in > -// *io_buflen > -TPM_RESULT Crypto_RSAPackCryptoInfo (const CRYPTO_INFO* cryptoInfo, > - BYTE ** io_buf, UINT32 * io_buflen) { > - TPM_RESULT status = TPM_SUCCESS; > - BYTE * buf; > - long len, outlen = *io_buflen; > - > - const long PARAMSLEN = 3*sizeof(UINT32); > - > - RSA *rsa = (RSA *) cryptoInfo->keyInfo; > - > - BIO *mem = BIO_new(BIO_s_mem()); > - > - > - // write the openssl keys to the BIO > - if ( i2d_RSAPrivateKey_bio (mem, rsa) == 0 ) { > - ERR_print_errors_fp (stderr); > - ERRORDIE (TPM_SIZE); > - } > - if ( i2d_RSAPublicKey_bio (mem, rsa) == 0 ) { > - ERR_print_errors_fp (stderr); > - ERRORDIE (TPM_SIZE); > - } > - > - // get the buffer out > - len = BIO_get_mem_data (mem, &buf); > - > - // see if we need to allocate a return buffer > - if (*io_buf == NULL) { > - *io_buf = (BYTE*) malloc (PARAMSLEN + len); > - if (*io_buf == NULL) > - ERRORDIE (TPM_SIZE); > - } else { // *io_buf is already allocated > - if (outlen < len + PARAMSLEN) > - ERRORDIE (TPM_SIZE); // but not large enough! > - } > - > - // copy over the parameters (three UINT32's starting at algorithmID) > - memcpy (*io_buf, &cryptoInfo->algorithmID, PARAMSLEN); > - > - // copy over the DER keys > - memcpy (*io_buf + PARAMSLEN, buf, len); > - > - *io_buflen = len + PARAMSLEN; > - > - goto egress; > - > - > - abort_egress: > - egress: > - > - BIO_free (mem); > - > - return status; > -} > - > - > - > -// sets up ci, and returns the number of bytes read in o_lenread > -TPM_RESULT Crypto_RSAUnpackCryptoInfo (CRYPTO_INFO * ci, > - BYTE * in, UINT32 len, > - UINT32 * o_lenread) { > - > - TPM_RESULT status = TPM_SUCCESS; > - long l; > - BIO *mem; > - RSA *rsa; > - > - // first load up the params > - l = 3 * sizeof(UINT32); > - memcpy (&ci->algorithmID, in, l); > - len -= l; > - in += l; > - > - // and now the openssl keys, private first > - mem = BIO_new_mem_buf (in, len); > - > - if ( (rsa = d2i_RSAPrivateKey_bio (mem, NULL)) == NULL ) { > - ERR_print_errors_fp (stderr); > - ERRORDIE (TPM_BAD_PARAMETER); > - } > - // now use the same RSA object and fill in the private key > - if ( d2i_RSAPublicKey_bio (mem, &rsa) == NULL ) { > - ERR_print_errors_fp (stderr); > - ERRORDIE (TPM_BAD_PARAMETER); > - } > - > - ci->keyInfo = rsa; // needs to be freed somehow later > - > - // FIXME: havent figured out yet how to tell how many bytes were read in > the > - // above oprations! so o_lenread is not set > - > - goto egress; > - > - abort_egress: > - egress: > - > - BIO_free (mem); > - > - return status; > -} > diff --git a/tools/vtpm_manager/crypto/sym_crypto.c > b/tools/vtpm_manager/crypto/sym_crypto.c > deleted file mode 100644 > index 3d86e19..0000000 > --- a/tools/vtpm_manager/crypto/sym_crypto.c > +++ /dev/null > @@ -1,237 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// sym_crypto.c > -// > -// Symmetric crypto portion of crypto > -// > -// ================================================================== > - > -#include <openssl/evp.h> > -#include <openssl/rand.h> > - > -#include "tcg.h" > -#include "sym_crypto.h" > - > -typedef enum crypt_op_type_t { > - CRYPT_ENCRYPT, > - CRYPT_DECRYPT > -} crypt_op_type_t; > - > -TPM_RESULT ossl_symcrypto_op (symkey_t* key, > - const buffer_t* in, > - const buffer_t* iv, > - buffer_t * out, > - crypt_op_type_t optype); > - > - > -// this is initialized in Crypto_Init() > -const EVP_CIPHER * SYM_CIPHER = NULL; > - > -const BYTE ZERO_IV[EVP_MAX_IV_LENGTH] = {0}; > - > - > -TPM_RESULT Crypto_symcrypto_initkey (symkey_t * key, const buffer_t* > keybits) { > - TPM_RESULT status = TPM_SUCCESS; > - > - EVP_CIPHER_CTX_init (&key->context); > - > - key->cipher = SYM_CIPHER; > - > - TPMTRYRETURN( buffer_init_copy (&key->key, keybits)); > - > - goto egress; > - > - abort_egress: > - EVP_CIPHER_CTX_cleanup (&key->context); > - > - egress: > - > - return status; > -} > - > - > - > -TPM_RESULT Crypto_symcrypto_genkey (symkey_t * key) { > - int res; > - TPM_RESULT status = TPM_SUCCESS; > - > - // hmm, EVP_CIPHER_CTX_init does not return a value > - EVP_CIPHER_CTX_init (&key->context); > - > - key->cipher = SYM_CIPHER; > - > - TPMTRYRETURN( buffer_init (&key->key, EVP_CIPHER_key_length(key->cipher), > NULL)) ; > - > - // and generate the key material > - res = RAND_pseudo_bytes (key->key.bytes, key->key.size); > - if (res < 0) > - ERRORDIE (TPM_SHORTRANDOM); > - > - > - goto egress; > - > - abort_egress: > - EVP_CIPHER_CTX_cleanup (&key->context); > - buffer_free (&key->key); > - > - egress: > - return status; > -} > - > - > -TPM_RESULT Crypto_symcrypto_encrypt (symkey_t* key, > - const buffer_t* clear, > - buffer_t* o_cipher) { > - TPM_RESULT status = TPM_SUCCESS; > - > - buffer_t iv, cipher_alias; > - > - buffer_init_const (&iv, EVP_MAX_IV_LENGTH, ZERO_IV); > - > - buffer_init (o_cipher, > - clear->size + > - EVP_CIPHER_iv_length(key->cipher) + > - EVP_CIPHER_block_size (key->cipher), > - 0); > - > - // copy the IV into the front > - buffer_copy (o_cipher, &iv); > - > - // make an alias into which we'll put the ciphertext > - buffer_init_alias (&cipher_alias, o_cipher, > EVP_CIPHER_iv_length(key->cipher), 0); > - > - TPMTRYRETURN( ossl_symcrypto_op (key, clear, &iv, &cipher_alias, > CRYPT_ENCRYPT) ); > - > - // set the output size correctly > - o_cipher->size += cipher_alias.size; > - > - goto egress; > - > - abort_egress: > - > - egress: > - > - return status; > - > -} > - > - > - > -TPM_RESULT Crypto_symcrypto_decrypt (symkey_t* key, > - const buffer_t* cipher, > - buffer_t* o_clear) { > - TPM_RESULT status = TPM_SUCCESS; > - > - buffer_t iv, cipher_alias; > - > - // alias for the IV > - buffer_init_alias (&iv, cipher, 0, EVP_CIPHER_iv_length(key->cipher)); > - > - // make an alias to where the ciphertext is, after the IV > - buffer_init_alias (&cipher_alias, cipher, > EVP_CIPHER_iv_length(key->cipher), 0); > - > - // prepare the output buffer > - TPMTRYRETURN( buffer_init (o_clear, > - cipher->size > - - EVP_CIPHER_iv_length(key->cipher) > - + EVP_CIPHER_block_size(key->cipher), > - 0) ); > - > - // and decrypt > - TPMTRYRETURN ( ossl_symcrypto_op (key, &cipher_alias, &iv, o_clear, > CRYPT_DECRYPT) ); > - > - goto egress; > - > - abort_egress: > - buffer_free (o_clear); > - > - egress: > - > - return status; > -} > - > - > - > -TPM_RESULT Crypto_symcrypto_freekey (symkey_t * key) { > - buffer_memset (&key->key, 0); > - buffer_free (&key->key); > - > - EVP_CIPHER_CTX_cleanup (&key->context); > - > - return TPM_SUCCESS; > -} > - > - > -TPM_RESULT ossl_symcrypto_op (symkey_t* key, > - const buffer_t* in, > - const buffer_t* iv, > - buffer_t * out, > - crypt_op_type_t optype) { > - TPM_RESULT status = TPM_SUCCESS; > - > - int inlen, outlen; > - tpm_size_t running; > - > - if ( ! EVP_CipherInit_ex (&key->context, > - key->cipher, NULL, key->key.bytes, iv->bytes, > - optype == CRYPT_ENCRYPT ? 1 : 0) ) > - ERRORDIE (TPM_FAIL); > - > - > - > - inlen = in->size; > - > - outlen = 0; > - running = 0; > - > - > - if ( ! EVP_CipherUpdate (&key->context, out->bytes, &outlen, in->bytes, > inlen) ) > - ERRORDIE (TPM_FAIL); > - > - running += outlen; > - > - if ( ! EVP_CipherFinal_ex (&key->context, out->bytes + running, &outlen) ) > - ERRORDIE (TPM_FAIL); > - > - running += outlen; > - > - out->size = running; > - > - goto egress; > - > - abort_egress: > - egress: > - > - return status; > -} > diff --git a/tools/vtpm_manager/crypto/sym_crypto.h > b/tools/vtpm_manager/crypto/sym_crypto.h > deleted file mode 100644 > index 7fb59a8..0000000 > --- a/tools/vtpm_manager/crypto/sym_crypto.h > +++ /dev/null > @@ -1,72 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// sym_crypto.h > -// > -// Symmetric Crypto > -// > -// ================================================================== > - > -#ifndef _SYM_CRYPTO_H > -#define _SYM_CRYPTO_H > - > -#include <openssl/evp.h> > -#include "buffer.h" > - > -typedef struct symkey_t { > - buffer_t key; > - > - EVP_CIPHER_CTX context; > - const EVP_CIPHER * cipher; > -} symkey_t; > - > -extern const EVP_CIPHER * SYM_CIPHER; > - > -TPM_RESULT Crypto_symcrypto_genkey (symkey_t * key); > - > -TPM_RESULT Crypto_symcrypto_initkey (symkey_t * key, const buffer_t* > keybits); > - > - > -// these functions will allocate their output buffers > -TPM_RESULT Crypto_symcrypto_encrypt (symkey_t* key, > - const buffer_t* clear, > - buffer_t* o_cipher); > - > -TPM_RESULT Crypto_symcrypto_decrypt (symkey_t* key, > - const buffer_t* cipher, > - buffer_t* o_clear); > - > -// only free the internal parts, not the 'key' ptr > -TPM_RESULT Crypto_symcrypto_freekey (symkey_t * key); > - > -#endif /* _SYM_CRYPTO_H */ > diff --git a/tools/vtpm_manager/manager/Makefile > b/tools/vtpm_manager/manager/Makefile > deleted file mode 100644 > index a33c18a..0000000 > --- a/tools/vtpm_manager/manager/Makefile > +++ /dev/null > @@ -1,38 +0,0 @@ > -XEN_ROOT = $(CURDIR)/../../.. > -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk > - > -BIN = vtpm_managerd > - > -.PHONY: all > -all: build > - > -.PHONY: build > -build: $(BIN) > - > -.PHONY: install > -install: build > - if [ ! -d "$(DESTDIR)/var/vtpm/fifos" ]; \ > - then mkdir -p $(DESTDIR)/var/vtpm/fifos; \ > - fi > - if [ ! -d "$(DESTDIR)/var/vtpm/socks" ]; \ > - then mkdir -p $(DESTDIR)/var/vtpm/socks; \ > - fi > - $(INSTALL_PROG) $(BIN) $(DESTDIR)$(BINDIR) > - > -.PHONY: clean > -clean: > - rm -f $(BIN) > - rm -f *.a *.so *.o *.rpm $(DEP_FILES) > - > -.PHONY: mrproper > -mrproper: clean > - rm -f *~ > - > -$(BIN): $(OBJS) > - $(CC) $(LDFLAGS) $^ $(LIBS) -o $@ > - > -# libraries > -LIBS += ../tcs/libTCS.a ../util/libTCGUtils.a ../crypto/libtcpaCrypto.a > -LIBS += -lcrypto $(PTHREAD_LIBS) -lm > -CFLAGS += $(PTHREAD_CFLAGS) > -LDFLAGS += $(PTHREAD_LDFLAGS) > diff --git a/tools/vtpm_manager/manager/dmictl.c > b/tools/vtpm_manager/manager/dmictl.c > deleted file mode 100644 > index 5c3cf7e..0000000 > --- a/tools/vtpm_manager/manager/dmictl.c > +++ /dev/null > @@ -1,266 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// dmictl.c > -// > -// Functions for creating and destroying DMIs > -// > -// ================================================================== > - > -#include <stdio.h> > -#include <unistd.h> > -#include <string.h> > - > -#include "vtpmpriv.h" > -#include "bsg.h" > -#include "buffer.h" > -#include "log.h" > -#include "hashtable.h" > -#include "hashtable_itr.h" > -#include "vtpm_ipc.h" > - > -#define TPM_EMULATOR_PATH "/usr/bin/vtpmd" > - > -// if dmi_res is non-null, then return a pointer to new object. > -// Also, this does not fill in the measurements. They should be filled by > -// design dependent code or saveNVM > -TPM_RESULT init_dmi(UINT32 dmi_id, BYTE dmi_type, VTPM_DMI_RESOURCE > **dmi_res) { > - > - TPM_RESULT status=TPM_SUCCESS; > - VTPM_DMI_RESOURCE *new_dmi=NULL; > - UINT32 *dmi_id_key=NULL; > - > - if ((new_dmi = (VTPM_DMI_RESOURCE *) malloc (sizeof(VTPM_DMI_RESOURCE))) > == NULL) { > - status = TPM_RESOURCES; > - goto abort_egress; > - } > - memset(new_dmi, 0, sizeof(VTPM_DMI_RESOURCE)); > - new_dmi->dmi_id = dmi_id; > - new_dmi->dmi_type = dmi_type; > - new_dmi->connected = FALSE; > - new_dmi->TCSContext = 0; > - > - new_dmi->NVMLocation = (char *) malloc(11 + strlen(DMI_NVM_FILE)); > - sprintf(new_dmi->NVMLocation, DMI_NVM_FILE, (uint32_t) new_dmi->dmi_id); > - > - if ((dmi_id_key = (UINT32 *) malloc (sizeof(UINT32))) == NULL) { > - status = TPM_RESOURCES; > - goto abort_egress; > - } > - *dmi_id_key = new_dmi->dmi_id; > - > - // install into map > - if (!hashtable_insert(vtpm_globals->dmi_map, dmi_id_key, new_dmi)){ > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to insert instance into table. > Aborting.\n", dmi_id); > - status = TPM_FAIL; > - goto abort_egress; > - } > - > - if (dmi_res) > - *dmi_res = new_dmi; > - > - goto egress; > - > - abort_egress: > - if (new_dmi) { > - free(new_dmi->NVMLocation); > - free(new_dmi); > - } > - free(dmi_id_key); > - > - egress: > - return status; > -} > - > -TPM_RESULT close_dmi(VTPM_DMI_RESOURCE *dmi_res) { > - if (dmi_res == NULL) > - return TPM_SUCCESS; > - > - if (dmi_res->dmi_id == VTPM_CTL_DM) > - return(TPM_BAD_PARAMETER); > - > - TCS_CloseContext(dmi_res->TCSContext); > - dmi_res->connected = FALSE; > - > - vtpm_globals->connected_dmis--; > - > - return (VTPM_Close_DMI_Extra(dmi_res) ); > -} > - > -TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf) { > - > - VTPM_DMI_RESOURCE *new_dmi=NULL; > - TPM_RESULT status=TPM_FAIL; > - BYTE dmi_type, vm_type, startup_mode; > - UINT32 dmi_id; > - > - if (param_buf == NULL) { // Assume creation of Dom 0 control > - dmi_type = VTPM_TYPE_NON_MIGRATABLE; > - dmi_id = VTPM_CTL_DM; > - } else if (buffer_len(param_buf) != sizeof(BYTE) * 3 + sizeof(UINT32)) { > - vtpmloginfo(VTPM_LOG_VTPM, "New DMI command wrong length: %d.\n", > buffer_len(param_buf)); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } else { > - vtpm_globals->connected_dmis++; // Put this here so we don't count Dom0 > - BSG_UnpackList( param_buf->bytes, 4, > - BSG_TYPE_BYTE, &dmi_type, > - BSG_TYPE_BYTE, &startup_mode, > - BSG_TYPE_BYTE, &vm_type, > - BSG_TYPE_UINT32, &dmi_id); > - } > - > - if ((dmi_type != VTPM_TYPE_NON_MIGRATABLE) && (dmi_type != > VTPM_TYPE_MIGRATABLE)) { > - vtpmlogerror(VTPM_LOG_VTPM, "Creation of VTPM with illegal type.\n"); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - new_dmi = (VTPM_DMI_RESOURCE *) hashtable_search(vtpm_globals->dmi_map, > &dmi_id); > - if (new_dmi == NULL) { > - vtpmloginfo(VTPM_LOG_VTPM, "Creating new DMI instance %d attached.\n", > dmi_id ); > - // Brand New DMI. Initialize the persistent pieces > - TPMTRYRETURN(init_dmi(dmi_id, dmi_type, &new_dmi) ); > - } else > - vtpmloginfo(VTPM_LOG_VTPM, "Re-attaching DMI instance %d.\n", dmi_id); > - > - if (new_dmi->connected) { > - vtpmlogerror(VTPM_LOG_VTPM, "Attempt to re-attach, currently attached > instance %d. Ignoring\n", dmi_id); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - if (new_dmi->dmi_type == VTPM_TYPE_MIGRATED) { > - vtpmlogerror(VTPM_LOG_VTPM, "Attempt to re-attach previously migrated > instance %d without recovering first. Ignoring\n", dmi_id); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - // Initialize the Non-persistent pieces > - TPMTRYRETURN( TCS_OpenContext(&new_dmi->TCSContext) ); > - > - new_dmi->connected = TRUE; > - > - // Design specific new DMI code. > - // Includes: create IPCs, Measuring DMI, and maybe launching DMI > - TPMTRYRETURN(VTPM_New_DMI_Extra(new_dmi, vm_type, startup_mode) ); > - goto egress; > - > - abort_egress: > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to create DMI id=%d due to status=%s. > Cleaning.\n", dmi_id, tpm_get_error_name(status)); > - close_dmi(new_dmi ); > - > - egress: > - return status; > -} > - > -TPM_RESULT VTPM_Handle_Close_DMI( const buffer_t *param_buf) { > - > - TPM_RESULT status=TPM_FAIL; > - VTPM_DMI_RESOURCE *dmi_res=NULL; > - UINT32 dmi_id; > - > - if ((param_buf == NULL) || (buffer_len(param_buf) != sizeof(UINT32)) ) { > - vtpmlogerror(VTPM_LOG_VTPM, "Closing DMI has bad size."); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - BSG_UnpackList( param_buf->bytes, 1, > - BSG_TYPE_UINT32, &dmi_id); > - > - vtpmloginfo(VTPM_LOG_VTPM, "Closing DMI %d.\n", dmi_id); > - > - dmi_res = (VTPM_DMI_RESOURCE *) hashtable_search(vtpm_globals->dmi_map, > &dmi_id); > - if (dmi_res == NULL ) { > - vtpmlogerror(VTPM_LOG_VTPM, "Trying to close nonexistent DMI.\n"); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - if (!dmi_res->connected) { > - vtpmlogerror(VTPM_LOG_VTPM, "Closing non-connected DMI.\n"); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - // Close Dmi > - TPMTRYRETURN(close_dmi( dmi_res )); > - > - status=TPM_SUCCESS; > - goto egress; > - > - abort_egress: > - egress: > - > - return status; > -} > - > -TPM_RESULT VTPM_Handle_Delete_DMI( const buffer_t *param_buf) { > - > - TPM_RESULT status=TPM_FAIL; > - VTPM_DMI_RESOURCE *dmi_res=NULL; > - UINT32 dmi_id; > - > - if ((param_buf == NULL) || (buffer_len(param_buf) != sizeof(UINT32)) ) { > - vtpmlogerror(VTPM_LOG_VTPM, "Closing DMI has bad size.\n"); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - BSG_UnpackList( param_buf->bytes, 1, > - BSG_TYPE_UINT32, &dmi_id); > - > - vtpmloginfo(VTPM_LOG_VTPM, "Deleting DMI %d.\n", dmi_id); > - > - dmi_res = (VTPM_DMI_RESOURCE *) hashtable_remove(vtpm_globals->dmi_map, > &dmi_id); > - if (dmi_res == NULL) { > - vtpmlogerror(VTPM_LOG_VTPM, "Closing non-existent DMI.\n"); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - //vtpm scripts delete file dmi_res->NVMLocation for us > - > - // Close DMI first > - TPMTRYRETURN(close_dmi( dmi_res )); > - free ( dmi_res ); > - > - status=TPM_SUCCESS; > - goto egress; > - > - abort_egress: > - egress: > - > - return status; > -} > diff --git a/tools/vtpm_manager/manager/migration.c > b/tools/vtpm_manager/manager/migration.c > deleted file mode 100644 > index 54da708..0000000 > --- a/tools/vtpm_manager/manager/migration.c > +++ /dev/null > @@ -1,307 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// dmictl.c > -// > -// Functions for creating and destroying DMIs > -// > -// ================================================================== > - > -#include <stdio.h> > -#include <unistd.h> > -#include <string.h> > - > -#include "vtpmpriv.h" > -#include "bsg.h" > -#include "buffer.h" > -#include "log.h" > -#include "hashtable.h" > - > -TPM_RESULT VTPM_Handle_Migrate_In( const buffer_t *param_buf, > - buffer_t *result_buf) { > - > - TPM_RESULT status=TPM_FAIL; > - VTPM_DMI_RESOURCE *mig_dmi=NULL; > - UINT32 dmi_id; > - buffer_t dmi_state_abuf = NULL_BUF, enc_dmi_abuf = NULL_BUF, > clear_dmi_blob = NULL_BUF; > - > - if (param_buf == NULL) { > - vtpmlogerror(VTPM_LOG_VTPM, "Migration Out Failed due to bad > parameter.\n"); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - struct pack_buf_t enc_dmi_state_pack; > - > - BSG_UnpackList(param_buf->bytes, 2, > - BSG_TYPE_UINT32, &dmi_id, > - BSG_TPM_SIZE32_DATA, &enc_dmi_state_pack) ; > - > - vtpmloginfo(VTPM_LOG_VTPM, "Migrating VTPM in dmi %d.\n", dmi_id); > - > - mig_dmi = (VTPM_DMI_RESOURCE *) hashtable_search(vtpm_globals->dmi_map, > &dmi_id); > - if (mig_dmi) { > - vtpmlogerror(VTPM_LOG_VTPM, "Incoming VTPM claims unavailable id: > %d.\n", dmi_id); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - /** UnBind Blob **/ > - TPMTRYRETURN( buffer_init_alias_convert( &enc_dmi_abuf, > - enc_dmi_state_pack.size, > - enc_dmi_state_pack.data) ); > - > - TPMTRYRETURN( envelope_decrypt( &enc_dmi_abuf, > - vtpm_globals->manager_tcs_handle, > - vtpm_globals->storageKeyHandle, > - (const > TPM_AUTHDATA*)&vtpm_globals->storage_key_usage_auth, > - &clear_dmi_blob) ); > - > - // Create new dmi > - TPMTRYRETURN( init_dmi(dmi_id, VTPM_TYPE_MIGRATABLE, &mig_dmi ) ); > - > - /** Open Blob **/ > - struct pack_buf_t dmi_state_pack; > - > - BSG_UnpackList(clear_dmi_blob.bytes, 2, > - BSG_TPM_DIGEST, &mig_dmi->DMI_measurement, > - BSG_TPM_SIZE32_DATA, &dmi_state_pack); > - > - TPMTRYRETURN( buffer_init_alias_convert(&dmi_state_abuf, > - dmi_state_pack.size, > - dmi_state_pack.data) ); > - > - TPMTRYRETURN( VTPM_Handle_Save_NVM(mig_dmi, &dmi_state_abuf, NULL ) ); > - > - status=TPM_SUCCESS; > - goto egress; > - > - abort_egress: > - vtpmlogerror(VTPM_LOG_VTPM, "VTPM Migration IN of instance %d failed > because of %s.\n", dmi_id, tpm_get_error_name(status) ); > - > - egress: > - buffer_free(&clear_dmi_blob); > - buffer_free(&dmi_state_abuf); > - > - return status; > -} > - > -TPM_RESULT VTPM_Handle_Migrate_Out( const buffer_t *param_buf, > - buffer_t *result_buf) { > - > - TPM_RESULT status=TPM_FAIL; > - VTPM_DMI_RESOURCE *mig_dmi; > - UINT32 dmi_id; > - VTPM_MIGKEY_LIST *last_mig, *mig_key; > - buffer_t dmi_state=NULL_BUF, clear_dmi_blob=NULL_BUF; > - > - if (param_buf == NULL) { > - vtpmlogerror(VTPM_LOG_VTPM, "Migration Out Failed due to bad > parameter.\n"); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - struct pack_buf_t name_pack; > - > - BSG_UnpackList( param_buf->bytes, 2, > - BSG_TYPE_UINT32, &dmi_id, > - BSG_TPM_SIZE32_DATA, &name_pack); > - > - vtpmloginfo(VTPM_LOG_VTPM, "Migrating out dmi %d.\n", dmi_id); > - > - mig_dmi = (VTPM_DMI_RESOURCE *) hashtable_search(vtpm_globals->dmi_map, > &dmi_id); > - if (mig_dmi == NULL) { > - vtpmlogerror(VTPM_LOG_VTPM, "Non-existent VTPM instance (%d) in > migration.\n", dmi_id ); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - if (mig_dmi->dmi_type != VTPM_TYPE_MIGRATABLE) { > - vtpmlogerror(VTPM_LOG_VTPM, "Bad VTPM type (%d) in migration of instance > (%d).\n", mig_dmi->dmi_type, dmi_id ); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - /** Find migration key for dest **/ > - last_mig = NULL; > - mig_key = vtpm_globals->mig_keys; > - while (mig_key != NULL) { > - if (mig_key->name_size == name_pack.size) > - if (memcmp(mig_key->name, name_pack.data, name_pack.size) == 0) { > - break; > - } > - > - last_mig = mig_key; > - mig_key = mig_key->next; > - } > - > - if (!mig_key) { > - vtpmlogerror(VTPM_LOG_VTPM, "Unknown Migration target host.\n"); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - /** Mark vtpm as migrated **/ > - mig_dmi->dmi_type = VTPM_TYPE_MIGRATED; > - > - /** Build Blob **/ > - TPMTRYRETURN( VTPM_Handle_Load_NVM(mig_dmi, NULL, &dmi_state) ); > - > - TPMTRYRETURN( buffer_init(&clear_dmi_blob, sizeof(TPM_DIGEST) + > sizeof(UINT32) + buffer_len(&dmi_state), NULL ) ); > - > - struct pack_constbuf_t dmi_state_pack; > - > - dmi_state_pack.size = buffer_len(&dmi_state); > - dmi_state_pack.data = dmi_state.bytes; > - > - BSG_PackList(clear_dmi_blob.bytes, 2, > - BSG_TPM_DIGEST, &mig_dmi->DMI_measurement, > - BSG_TPM_SIZE32_DATA, &dmi_state_pack); > - > - /** Bind Blob **/ > - TPMTRYRETURN( envelope_encrypt( &clear_dmi_blob, > - &mig_key->key, > - result_buf) ); > - > - if (last_mig) > - last_mig->next = mig_key->next; > - else > - vtpm_globals->mig_keys = mig_key->next; > - > - free(mig_key->name); > - free(mig_key); > - > - status=TPM_SUCCESS; > - goto egress; > - > - abort_egress: > - vtpmlogerror(VTPM_LOG_VTPM, "VTPM Migration OUT of instance %d failed > because of %s. Migratoin recovery may be needed.\n", dmi_id, > tpm_get_error_name(status) ); > - > - //TODO: Create and implement a policy for what happens to mig_key on > failed migrations. > - > - egress: > - > - buffer_free(&clear_dmi_blob); > - buffer_free(&dmi_state); > - > - return status; > -} > - > - > -TPM_RESULT VTPM_Handle_Get_Migration_key( const buffer_t *param_buf, > - buffer_t *result_buf) { > - > - TPM_RESULT status=TPM_FAIL; > - > - vtpmloginfo(VTPM_LOG_VTPM, "Getting Migration Public Key.\n"); > - > - struct pack_buf_t pubkey_exp_pack, pubkey_mod_pack; > - TPM_KEY mig_key; > - > - // Unpack/return key structure > - BSG_Unpack(BSG_TPM_KEY, vtpm_globals->storageKeyWrap.bytes , &mig_key); > - TPM_RSA_KEY_PARMS rsaKeyParms; > - > - BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, > - mig_key.algorithmParms.parms, > - &rsaKeyParms); > - > - pubkey_exp_pack.size = rsaKeyParms.exponentSize; > - pubkey_exp_pack.data = rsaKeyParms.exponent; > - pubkey_mod_pack.size = mig_key.pubKey.keyLength; > - pubkey_mod_pack.data = mig_key.pubKey.key; > - > - TPMTRYRETURN( buffer_init( result_buf, 2*sizeof(UINT32) + > - pubkey_exp_pack.size + > - pubkey_mod_pack.size, NULL ) ); > - > - BSG_PackList( result_buf->bytes, 2, > - BSG_TPM_SIZE32_DATA, &pubkey_exp_pack, > - BSG_TPM_SIZE32_DATA, &pubkey_mod_pack); > - > - > - status=TPM_SUCCESS; > - goto egress; > - > - abort_egress: > - vtpmlogerror(VTPM_LOG_VTPM, "VTPM Get Migration Key failed because of > %s.\n", tpm_get_error_name(status) ); > - egress: > - > - return status; > -} > - > -TPM_RESULT VTPM_Handle_Load_Migration_key( const buffer_t *param_buf, > - buffer_t *result_buf) { > - > - TPM_RESULT status=TPM_FAIL; > - VTPM_MIGKEY_LIST *mig_key; > - > - vtpmloginfo(VTPM_LOG_VTPM, "Loading Migration Public Key.\n"); > - > - //FIXME: Review all uses of unpacking pack_buf_t and ensure free. > - //FIXME: Review all declarations/initializations of buffer_t that could > have a goto that skips them and then tries to free them > - > - struct pack_buf_t name_pack, pubkey_exp_pack, pubkey_mod_pack; > - > - //FIXME: scan list and verify name is not already in the list > - > - BSG_UnpackList( param_buf->bytes, 3, > - BSG_TPM_SIZE32_DATA, &name_pack, > - BSG_TPM_SIZE32_DATA, &pubkey_exp_pack, > - BSG_TPM_SIZE32_DATA, &pubkey_mod_pack); > - > - //TODO: Maintain a persistent list for pub_keys. > - //TODO: Verify pub_key is trusted > - > - mig_key = (VTPM_MIGKEY_LIST *) malloc(sizeof(VTPM_MIGKEY_LIST)); > - memset(mig_key, 0, sizeof(VTPM_MIGKEY_LIST) ); > - mig_key->name_size = name_pack.size; > - mig_key->name = name_pack.data; > - > - mig_key->key.encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1; > - Crypto_RSABuildCryptoInfoPublic( pubkey_exp_pack.size, > - pubkey_exp_pack.data, > - pubkey_mod_pack.size, > - pubkey_mod_pack.data, > - &mig_key->key); > - > - > - mig_key->next = vtpm_globals->mig_keys; > - vtpm_globals->mig_keys = mig_key; > - > - // free(name_pack.data); Do not free. data is now part of mig_key. > - free(pubkey_exp_pack.data); > - free(pubkey_mod_pack.data); > - > - return TPM_SUCCESS; > -} > diff --git a/tools/vtpm_manager/manager/securestorage.c > b/tools/vtpm_manager/manager/securestorage.c > deleted file mode 100644 > index d5e6ffd..0000000 > --- a/tools/vtpm_manager/manager/securestorage.c > +++ /dev/null > @@ -1,512 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// securestorage.c > -// > -// Functions regarding securely storing DMI secrets. > -// > -// ================================================================== > - > -#include <sys/types.h> > -#include <sys/stat.h> > -#include <fcntl.h> > -#include <unistd.h> > -#include <string.h> > - > -#include "tcg.h" > -#include "vtpm_manager.h" > -#include "vtpmpriv.h" > -#include "vtsp.h" > -#include "bsg.h" > -#include "crypto.h" > -#include "hashtable.h" > -#include "hashtable_itr.h" > -#include "buffer.h" > -#include "log.h" > - > -TPM_RESULT envelope_encrypt(const buffer_t *inbuf, > - CRYPTO_INFO *asymkey, > - buffer_t *sealed_data) { > - TPM_RESULT status = TPM_SUCCESS; > - symkey_t symkey; > - buffer_t data_cipher = NULL_BUF, > - symkey_cipher = NULL_BUF; > - > - UINT32 i; > - struct pack_constbuf_t symkey_cipher32, data_cipher32; > - > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "Enveloping Input[%d]: 0x", > buffer_len(inbuf)); > - for (i=0; i< buffer_len(inbuf); i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", inbuf->bytes[i]); > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - > - // Generate a sym key and encrypt state with it > - TPMTRY(TPM_ENCRYPT_ERROR, Crypto_symcrypto_genkey (&symkey) ); > - TPMTRY(TPM_ENCRYPT_ERROR, Crypto_symcrypto_encrypt (&symkey, inbuf, > &data_cipher) ); > - > - // Encrypt symmetric key > - TPMTRYRETURN( VTSP_Bind( asymkey, > - &symkey.key, > - &symkey_cipher) ); > - > - // Create output blob: symkey_size + symkey_cipher + state_cipher_size + > state_cipher > - > - symkey_cipher32.size = buffer_len(&symkey_cipher); > - symkey_cipher32.data = symkey_cipher.bytes; > - > - data_cipher32.size = buffer_len(&data_cipher); > - data_cipher32.data = data_cipher.bytes; > - > - TPMTRYRETURN( buffer_init(sealed_data, 2 * sizeof(UINT32) + > symkey_cipher32.size + data_cipher32.size, NULL)); > - > - BSG_PackList(sealed_data->bytes, 2, > - BSG_TPM_SIZE32_DATA, &symkey_cipher32, > - BSG_TPM_SIZE32_DATA, &data_cipher32); > - > - vtpmloginfo(VTPM_LOG_VTPM, "Saved %d bytes of E(symkey) + %d bytes of > E(data)\n", buffer_len(&symkey_cipher), buffer_len(&data_cipher)); > - > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "Enveloping Output[%d]: 0x", > buffer_len(sealed_data)); > - for (i=0; i< buffer_len(sealed_data); i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", sealed_data->bytes[i]); > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - > - goto egress; > - > - abort_egress: > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to envelope encrypt\n."); > - > - egress: > - > - buffer_free ( &data_cipher); > - buffer_free ( &symkey_cipher); > - Crypto_symcrypto_freekey (&symkey); > - > - return status; > -} > - > -TPM_RESULT envelope_decrypt(const buffer_t *cipher, > - TCS_CONTEXT_HANDLE TCSContext, > - TPM_HANDLE keyHandle, > - const TPM_AUTHDATA *key_usage_auth, > - buffer_t *unsealed_data) { > - > - TPM_RESULT status = TPM_SUCCESS; > - symkey_t symkey; > - buffer_t data_cipher = NULL_BUF, > - symkey_clear = NULL_BUF, > - symkey_cipher = NULL_BUF; > - struct pack_buf_t symkey_cipher32, data_cipher32; > - int i; > - > - memset(&symkey, 0, sizeof(symkey_t)); > - > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "Envelope Decrypt Input[%d]: 0x", > buffer_len(cipher) ); > - for (i=0; i< buffer_len(cipher); i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cipher->bytes[i]); > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - > - BSG_UnpackList(cipher->bytes, 2, > - BSG_TPM_SIZE32_DATA, &symkey_cipher32, > - BSG_TPM_SIZE32_DATA, &data_cipher32); > - > - TPMTRYRETURN( buffer_init_alias_convert (&symkey_cipher, > - symkey_cipher32.size, > - symkey_cipher32.data) ); > - > - TPMTRYRETURN( buffer_init_alias_convert (&data_cipher, > - data_cipher32.size, > - data_cipher32.data) ); > - > - // Decrypt Symmetric Key > - TPMTRYRETURN( VTSP_Unbind( TCSContext, > - keyHandle, > - &symkey_cipher, > - key_usage_auth, > - &symkey_clear, > - &(vtpm_globals->keyAuth) ) ); > - > - // create symmetric key using saved bits > - Crypto_symcrypto_initkey (&symkey, &symkey_clear); > - > - // Decrypt State > - TPMTRY(TPM_DECRYPT_ERROR, Crypto_symcrypto_decrypt (&symkey, &data_cipher, > unsealed_data) ); > - > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "Envelope Decrypte Output[%d]: 0x", > buffer_len(unsealed_data)); > - for (i=0; i< buffer_len(unsealed_data); i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", unsealed_data->bytes[i]); > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - > - goto egress; > - > - abort_egress: > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to envelope decrypt data\n."); > - > - egress: > - buffer_free ( &data_cipher); > - buffer_free ( &symkey_clear); > - buffer_free ( &symkey_cipher); > - Crypto_symcrypto_freekey (&symkey); > - > - return status; > -} > - > -TPM_RESULT VTPM_Handle_Save_NVM(VTPM_DMI_RESOURCE *myDMI, > - const buffer_t *inbuf, > - buffer_t *outbuf) { > - > - TPM_RESULT status = TPM_SUCCESS; > - int fh; > - long bytes_written; > - buffer_t sealed_NVM = NULL_BUF; > - > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "Saving %d bytes of NVM.\n", > buffer_len(inbuf)); > - > - TPMTRYRETURN( envelope_encrypt(inbuf, > - &vtpm_globals->storageKey, > - &sealed_NVM) ); > - > - // Write sealed blob off disk from NVMLocation > - // TODO: How to properly return from these. Do we care if we return failure > - // after writing the file? We can't get the old one back. > - // TODO: Backup old file and try and recover that way. > - fh = open(myDMI->NVMLocation, O_WRONLY | O_CREAT | O_TRUNC, S_IREAD | > S_IWRITE); > - if ( (bytes_written = write(fh, sealed_NVM.bytes, buffer_len(&sealed_NVM) > ) != (long) buffer_len(&sealed_NVM))) { > - vtpmlogerror(VTPM_LOG_VTPM, "We just overwrote a DMI_NVM and failed to > finish. %ld/%ld bytes.\n", bytes_written, (long)buffer_len(&sealed_NVM)); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - close(fh); > - > - Crypto_SHA1Full (sealed_NVM.bytes, buffer_len(&sealed_NVM), (BYTE *) > &myDMI->NVM_measurement); > - > - goto egress; > - > - abort_egress: > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to save NVM\n."); > - > - egress: > - buffer_free(&sealed_NVM); > - return status; > -} > - > - > -/* Expected Params: inbuf = null, outbuf = sealed blob size, sealed blob.*/ > -TPM_RESULT VTPM_Handle_Load_NVM(VTPM_DMI_RESOURCE *myDMI, > - const buffer_t *inbuf, > - buffer_t *outbuf) { > - > - TPM_RESULT status = TPM_SUCCESS; > - > - buffer_t sealed_NVM = NULL_BUF; > - long fh_size; > - int fh, stat_ret, i; > - struct stat file_stat; > - TPM_DIGEST sealedNVMHash; > - > - if (myDMI->NVMLocation == NULL) { > - vtpmlogerror(VTPM_LOG_VTPM, "Unable to load NVM because the file name > NULL.\n"); > - status = TPM_AUTHFAIL; > - goto abort_egress; > - } > - > - //Read sealed blob off disk from NVMLocation > - fh = open(myDMI->NVMLocation, O_RDONLY); > - stat_ret = fstat(fh, &file_stat); > - if (stat_ret == 0) > - fh_size = file_stat.st_size; > - else { > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - TPMTRYRETURN( buffer_init( &sealed_NVM, fh_size, NULL) ); > - if (read(fh, sealed_NVM.bytes, buffer_len(&sealed_NVM)) != fh_size) { > - status = TPM_IOERROR; > - goto abort_egress; > - } > - close(fh); > - > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "Load_NVMing[%d],\n", > buffer_len(&sealed_NVM)); > - > - Crypto_SHA1Full(sealed_NVM.bytes, buffer_len(&sealed_NVM), (BYTE *) > &sealedNVMHash); > - > - // Verify measurement of sealed blob. > - if (memcmp(&sealedNVMHash, &myDMI->NVM_measurement, sizeof(TPM_DIGEST)) ) { > - vtpmlogerror(VTPM_LOG_VTPM, "VTPM LoadNVM NVM measurement check > failed.\n"); > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "Correct hash: "); > - for (i=0; i< sizeof(TPM_DIGEST); i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", > ((BYTE*)&myDMI->NVM_measurement)[i]); > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "Measured hash: "); > - for (i=0; i< sizeof(TPM_DIGEST); i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", ((BYTE*)&sealedNVMHash)[i]); > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - > - status = TPM_AUTHFAIL; > - goto abort_egress; > - } > - > - TPMTRYRETURN( envelope_decrypt(&sealed_NVM, > - myDMI->TCSContext, > - vtpm_globals->storageKeyHandle, > - (const > TPM_AUTHDATA*)&vtpm_globals->storage_key_usage_auth, > - outbuf) ); > - goto egress; > - > - abort_egress: > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to load NVM\n."); > - > - egress: > - buffer_free( &sealed_NVM ); > - > - return status; > -} > - > - > -TPM_RESULT VTPM_SaveManagerData(void) { > - TPM_RESULT status=TPM_SUCCESS; > - int fh, dmis=-1; > - > - BYTE *flat_boot_key=NULL, *flat_dmis=NULL, *flat_enc=NULL; > - buffer_t clear_flat_global=NULL_BUF, enc_flat_global=NULL_BUF; > - UINT32 storageKeySize = buffer_len(&vtpm_globals->storageKeyWrap); > - UINT32 bootKeySize = buffer_len(&vtpm_globals->bootKeyWrap); > - struct pack_buf_t storage_key_pack = {storageKeySize, > vtpm_globals->storageKeyWrap.bytes}; > - struct pack_buf_t boot_key_pack = {bootKeySize, > vtpm_globals->bootKeyWrap.bytes}; > - BYTE vtpm_manager_gen = VTPM_MANAGER_GEN; > - > - struct hashtable_itr *dmi_itr; > - VTPM_DMI_RESOURCE *dmi_res; > - > - UINT32 boot_key_size = 0, flat_dmis_size = 0; > - > - // Initially fill these with buffer sizes for each data type. Later fill > - // in actual size, once flattened. > - boot_key_size = sizeof(UINT32) + // bootkeysize > - bootKeySize; // boot key > - > - TPMTRYRETURN(buffer_init(&clear_flat_global,sizeof(BYTE) + // manager > version > - 3*sizeof(TPM_DIGEST) + // Auths > - sizeof(UINT32) +// > storagekeysize > - storageKeySize, NULL) ); // > storage key > - > - > - flat_boot_key = (BYTE *) malloc( boot_key_size ); > - flat_enc = (BYTE *) malloc( sizeof(UINT32) ); > - > - boot_key_size = BSG_PackList(flat_boot_key, 1, > - BSG_TPM_SIZE32_DATA, &boot_key_pack); > - > - BSG_PackList(clear_flat_global.bytes, 4, > - BSG_TYPE_BYTE, &vtpm_manager_gen, > - BSG_TPM_AUTHDATA, &vtpm_globals->owner_usage_auth, > - BSG_TPM_SECRET, &vtpm_globals->storage_key_usage_auth, > - BSG_TPM_SIZE32_DATA, &storage_key_pack); > - > - TPMTRYRETURN(envelope_encrypt(&clear_flat_global, > - &vtpm_globals->bootKey, > - &enc_flat_global) ); > - > - BSG_PackConst(buffer_len(&enc_flat_global), 4, flat_enc); > - > - // Per DMI values to be saved (if any exit) > - if (hashtable_count(vtpm_globals->dmi_map) > 1) { > - > - flat_dmis = (BYTE *) malloc( > - (hashtable_count(vtpm_globals->dmi_map) - 1) * // num > DMIS (-1 for Dom0) > - (sizeof(UINT32) +sizeof(BYTE) + 2*sizeof(TPM_DIGEST)) > ); // Per DMI info > - > - dmi_itr = hashtable_iterator(vtpm_globals->dmi_map); > - do { > - dmi_res = (VTPM_DMI_RESOURCE *) hashtable_iterator_value(dmi_itr); > - dmis++; > - > - // No need to save dmi0. > - if (dmi_res->dmi_id == 0) > - continue; > - > - > - flat_dmis_size += BSG_PackList( flat_dmis + flat_dmis_size, 4, > - BSG_TYPE_UINT32, &dmi_res->dmi_id, > - BSG_TYPE_BYTE, &dmi_res->dmi_type, > - BSG_TPM_DIGEST, > &dmi_res->NVM_measurement, > - BSG_TPM_DIGEST, > &dmi_res->DMI_measurement); > - > - } while (hashtable_iterator_advance(dmi_itr)); > - } > - > - fh = open(STATE_FILE, O_WRONLY | O_CREAT, S_IREAD | S_IWRITE); > - if (fh == -1) { > - vtpmlogerror(VTPM_LOG_VTPM, "Unable to open %s file for write.\n", > STATE_FILE); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - if ( ( write(fh, flat_boot_key, boot_key_size) != boot_key_size ) || > - ( write(fh, flat_enc, sizeof(UINT32)) != sizeof(UINT32) ) || > - ( write(fh, enc_flat_global.bytes, buffer_len(&enc_flat_global)) != > buffer_len(&enc_flat_global) ) || > - ( write(fh, flat_dmis, flat_dmis_size) != flat_dmis_size ) ) { > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to completely write service > data.\n"); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - goto egress; > - > - abort_egress: > - egress: > - > - free(flat_boot_key); > - free(flat_enc); > - buffer_free(&enc_flat_global); > - free(flat_dmis); > - close(fh); > - > - vtpmloginfo(VTPM_LOG_VTPM, "Saved VTPM Manager state (status = %d, dmis = > %d)\n", (int) status, dmis); > - return status; > -} > - > -TPM_RESULT VTPM_LoadManagerData(void) { > - > - TPM_RESULT status=TPM_SUCCESS; > - int fh, stat_ret, dmis=0; > - long fh_size = 0, step_size; > - BYTE *flat_table=NULL; > - buffer_t unsealed_data, enc_table_abuf; > - struct pack_buf_t storage_key_pack, boot_key_pack; > - UINT32 *dmi_id_key, enc_size; > - BYTE vtpm_manager_gen; > - > - VTPM_DMI_RESOURCE *dmi_res; > - UINT32 dmi_id; > - BYTE dmi_type; > - struct stat file_stat; > - > - TPM_HANDLE boot_key_handle; > - TPM_AUTHDATA boot_usage_auth; > - memset(&boot_usage_auth, 0, sizeof(TPM_AUTHDATA)); > - > - fh = open(STATE_FILE, O_RDONLY ); > - stat_ret = fstat(fh, &file_stat); > - if (stat_ret == 0) > - fh_size = file_stat.st_size; > - else { > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - flat_table = (BYTE *) malloc(fh_size); > - > - if ((long) read(fh, flat_table, fh_size) != fh_size ) { > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - // Read Boot Key > - step_size = BSG_UnpackList( flat_table, 2, > - BSG_TPM_SIZE32_DATA, &boot_key_pack, > - BSG_TYPE_UINT32, &enc_size); > - > - TPMTRYRETURN(buffer_init(&vtpm_globals->bootKeyWrap, 0, 0) ); > - TPMTRYRETURN(buffer_init_alias_convert(&enc_table_abuf, enc_size, > flat_table + step_size) ); > - TPMTRYRETURN(buffer_append_raw(&vtpm_globals->bootKeyWrap, > boot_key_pack.size, boot_key_pack.data) ); > - > - //Load Boot Key > - TPMTRYRETURN( VTSP_LoadKey( vtpm_globals->manager_tcs_handle, > - TPM_SRK_KEYHANDLE, > - &vtpm_globals->bootKeyWrap, > - &SRK_AUTH, > - &boot_key_handle, > - &vtpm_globals->keyAuth, > - &vtpm_globals->bootKey, > - FALSE) ); > - > - TPMTRYRETURN( envelope_decrypt(&enc_table_abuf, > - vtpm_globals->manager_tcs_handle, > - boot_key_handle, > - (const TPM_AUTHDATA*) &boot_usage_auth, > - &unsealed_data) ); > - step_size += enc_size; > - > - if (*unsealed_data.bytes != VTPM_MANAGER_GEN) { > - // Once there is more than one gen, this will include some > compatability stuff > - vtpmlogerror(VTPM_LOG_VTPM, "Warning: Manager Data file is gen %d, > which this manager is gen %d.\n", vtpm_manager_gen, VTPM_MANAGER_GEN); > - } > - > - // Global Values needing to be saved > - BSG_UnpackList( unsealed_data.bytes, 4, > - BSG_TYPE_BYTE, &vtpm_manager_gen, > - BSG_TPM_AUTHDATA, &vtpm_globals->owner_usage_auth, > - BSG_TPM_SECRET, &vtpm_globals->storage_key_usage_auth, > - BSG_TPM_SIZE32_DATA, &storage_key_pack); > - > - TPMTRYRETURN(buffer_init(&vtpm_globals->storageKeyWrap, 0, 0) ); > - TPMTRYRETURN(buffer_append_raw(&vtpm_globals->storageKeyWrap, > storage_key_pack.size, storage_key_pack.data) ); > - > - // Per DMI values to be saved > - while ( step_size < fh_size ){ > - if (fh_size - step_size < (long) (sizeof(UINT32) + sizeof(BYTE) + > 2*sizeof(TPM_DIGEST))) { > - vtpmlogerror(VTPM_LOG_VTPM, "Encountered %ld extra bytes at end of > manager state.\n", fh_size-step_size); > - step_size = fh_size; > - } else { > - step_size += BSG_UnpackList(flat_table + step_size, 2, > - BSG_TYPE_UINT32, &dmi_id, > - BSG_TYPE_BYTE, &dmi_type); > - > - //TODO: Try and gracefully recover from problems. > - TPMTRYRETURN(init_dmi(dmi_id, dmi_type, &dmi_res) ); > - dmis++; > - > - step_size += BSG_UnpackList(flat_table + step_size, 2, > - BSG_TPM_DIGEST, &dmi_res->NVM_measurement, > - BSG_TPM_DIGEST, &dmi_res->DMI_measurement); > - } > - > - } > - > - vtpmloginfo(VTPM_LOG_VTPM, "Loaded saved state (dmis = %d).\n", dmis); > - goto egress; > - > - abort_egress: > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to load service data with error = > %s\n", tpm_get_error_name(status)); > - egress: > - > - free(flat_table); > - close(fh); > - > - // TODO: Could be nice and evict BootKey. (Need to add EvictKey to VTSP. > - > - return status; > -} > - > diff --git a/tools/vtpm_manager/manager/tpmpassthrough.c > b/tools/vtpm_manager/manager/tpmpassthrough.c > deleted file mode 100644 > index 9b1e5f8..0000000 > --- a/tools/vtpm_manager/manager/tpmpassthrough.c > +++ /dev/null > @@ -1,110 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// tpmpassthrough.c > -// > -// Functions regarding passing DMI requests to HWTPM > -// > -// ================================================================== > - > -#include "tcg.h" > -#include "vtpm_manager.h" > -#include "vtpmpriv.h" > -#include "vtsp.h" > -#include "log.h" > - > -TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi, > - buffer_t *inbuf, > - buffer_t *outbuf) { > - > - TPM_RESULT status = TPM_SUCCESS; > - TPM_COMMAND_CODE *ord; > - > - ord = (TPM_COMMAND_CODE *) (inbuf->bytes + sizeof(TPM_TAG) + > sizeof(UINT32)); > - > - switch (*ord) { > - > - // Forbidden for DMI use > - case TPM_ORD_TakeOwnership: > - case TPM_ORD_ChangeAuthOwner: > - case TPM_ORD_DirWriteAuth: > - case TPM_ORD_DirRead: > - case TPM_ORD_AuthorizeMigrationKey: > - case TPM_ORD_CreateMaintenanceArchive: > - case TPM_ORD_LoadMaintenanceArchive: > - case TPM_ORD_KillMaintenanceFeature: > - case TPM_ORD_LoadManuMaintPub: > - case TPM_ORD_ReadManuMaintPub: > - case TPM_ORD_SelfTestFull: > - case TPM_ORD_SelfTestStartup: > - case TPM_ORD_CertifySelfTest: > - case TPM_ORD_ContinueSelfTest: > - case TPM_ORD_GetTestResult: > - case TPM_ORD_Reset: > - case TPM_ORD_OwnerClear: > - case TPM_ORD_DisableOwnerClear: > - case TPM_ORD_ForceClear: > - case TPM_ORD_DisableForceClear: > - case TPM_ORD_GetCapabilityOwner: > - case TPM_ORD_OwnerSetDisable: > - case TPM_ORD_PhysicalEnable: > - case TPM_ORD_PhysicalDisable: > - case TPM_ORD_SetOwnerInstall: > - case TPM_ORD_PhysicalSetDeactivated: > - case TPM_ORD_SetTempDeactivated: > - case TPM_ORD_CreateEndorsementKeyPair: > - case TPM_ORD_GetAuditEvent: > - case TPM_ORD_GetAuditEventSigned: > - case TPM_ORD_GetOrdinalAuditStatus: > - case TPM_ORD_SetOrdinalAuditStatus: > - case TPM_ORD_SetRedirection: > - case TPM_ORD_FieldUpgrade: > - case TSC_ORD_PhysicalPresence: > - status = TPM_DISABLED_CMD; > - goto abort_egress; > - break; > - > - } // End ORD Switch > - > - // Call TCS with command > - > - TPMTRY(TPM_IOERROR, VTSP_RawTransmit( dmi->TCSContext,inbuf, outbuf) ); > - > - goto egress; > - > - abort_egress: > - vtpmloginfo(VTPM_LOG_VTPM, "TPM Command Failed in tpmpassthrough.\n"); > - egress: > - > - return status; > -} > diff --git a/tools/vtpm_manager/manager/vtpm_ipc.c > b/tools/vtpm_manager/manager/vtpm_ipc.c > deleted file mode 100644 > index 319dc83..0000000 > --- a/tools/vtpm_manager/manager/vtpm_ipc.c > +++ /dev/null > @@ -1,141 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_ipc.c Implements ipc routines using file io. This file can > -// be replaced with other ipc types. > -// > -// =================================================================== > - > -#include <sys/stat.h> > -#include "vtpm_ipc.h" > -#include "vtpmpriv.h" > -#include "log.h" > - > -int vtpm_ipc_init(vtpm_ipc_handle_t *ipc_h, char* name, int flags, BOOL > create) { > - ipc_h->name = name; > - ipc_h->flags = flags; > - ipc_h->fh = VTPM_IPC_CLOSED; > - > - if (create) > - return(vtpm_ipc_create(ipc_h)); > - else > - return 0; > -} > - > -// Create the file that needs opening. Used only for FIFOs > -// FYI: This may cause problems in other file IO schemes. We'll see. > -int vtpm_ipc_create(vtpm_ipc_handle_t *ipc_h) { > - int fh; > - struct stat file_info; > - > - if ((!ipc_h) || (!ipc_h->name)) > - return -1; > - > - if ( stat(ipc_h->name, &file_info) == -1) { > - if ( mkfifo(ipc_h->name, S_IWUSR | S_IRUSR ) ) { > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to create fifo %s.\n", > ipc_h->name); > - return -1; > - } > - } > - > - ipc_h->fh = VTPM_IPC_CLOSED; > - > - return 0; > -} > - > - > -// Read size bytes. If FH isn't open, open it. > -int vtpm_ipc_read(vtpm_ipc_handle_t *ipc_h, vtpm_ipc_handle_t *alt_ipc_h, > BYTE *bytes, UINT32 size){ > - vtpm_ipc_handle_t *my_ipc_h; > - int result; > - > - if (ipc_h) { > - my_ipc_h = ipc_h; > - } else { > - my_ipc_h = alt_ipc_h; > - } > - > - if (my_ipc_h->fh == VTPM_IPC_CLOSED) { > - my_ipc_h->fh = open(my_ipc_h->name, my_ipc_h->flags); > - } > - > - if ( my_ipc_h->fh == VTPM_IPC_CLOSED ) { > - vtpmlogerror(VTPM_LOG_VTPM, "VTPM ERROR: Can't open %s for reading.\n", > my_ipc_h->name); > - return -1; > - } > - > - result = read(my_ipc_h->fh, bytes, size); > - if (result < 0) { > - my_ipc_h->fh = VTPM_IPC_CLOSED; > - } > - > - return (result); > -} > - > -// Write size bytes. If FH isn't open, open it. > -int vtpm_ipc_write(vtpm_ipc_handle_t *ipc_h, vtpm_ipc_handle_t *alt_ipc_h, > BYTE *bytes, UINT32 size) { > - vtpm_ipc_handle_t *my_ipc_h; > - int result; > - > - if (ipc_h) { > - my_ipc_h = ipc_h; > - } else { > - my_ipc_h = alt_ipc_h; > - } > - > - if (my_ipc_h->fh == VTPM_IPC_CLOSED) { > - my_ipc_h->fh = open(my_ipc_h->name, my_ipc_h->flags); > - } > - > - if ( my_ipc_h->fh == VTPM_IPC_CLOSED ) { > - vtpmlogerror(VTPM_LOG_VTPM, "VTPM ERROR: Can't open %s for writing.\n", > my_ipc_h->name); > - return -1; > - } > - > - result = write(my_ipc_h->fh, bytes, size); > - if (result < 0) { > - my_ipc_h->fh = VTPM_IPC_CLOSED; > - } > - > - return (result); > -} > - > -// Mark file as closed and try and close it. Errors not reported. > -void vtpm_ipc_close(vtpm_ipc_handle_t *ipc_h) { > - > - if (ipc_h) { > - close(ipc_h->fh); > - ipc_h->fh = VTPM_IPC_CLOSED; > - } > - > -} > diff --git a/tools/vtpm_manager/manager/vtpm_ipc.h > b/tools/vtpm_manager/manager/vtpm_ipc.h > deleted file mode 100644 > index 529c4a2..0000000 > --- a/tools/vtpm_manager/manager/vtpm_ipc.h > +++ /dev/null > @@ -1,71 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_ipc.h Header for interprocess communication between VTPM manager > -// and Guests or VTPMs > -// > -// =================================================================== > - > -#ifndef __VTPM_IO_H__ > -#define __VTPM_IO_H__ > - > -#include "tcg.h" > - > -#define VTPM_IPC_CLOSED -1 > - > -// Represents an (somewhat) abstracted io handle. > -typedef struct vtpm_ipc_handle_t { > - int fh; // IO handle. > - int flags; // Flags for opening. This may need to become > - // a void *, but for now files use an int. > - char *name; // Names for debugging as well as filenames > - // for file-based io. > -} vtpm_ipc_handle_t; > - > - > -int vtpm_ipc_init(vtpm_ipc_handle_t *ioh, char* name, int flags, BOOL > create); > - > -// Create the file that needs opening. Used only for FIFOs > -// FYI: This may cause problems in other file IO schemes. We'll see. > -int vtpm_ipc_create(vtpm_ipc_handle_t *ioh); > - > -// Read size bytes. If FH isn't open, open it. > -int vtpm_ipc_read(vtpm_ipc_handle_t *ioh, vtpm_ipc_handle_t *alt_ioh, BYTE > *bytes, UINT32 size); > - > -// Write size bytes. If FH isn't open, open it. > -int vtpm_ipc_write(vtpm_ipc_handle_t *ioh, vtpm_ipc_handle_t *alt_ioh, BYTE > *bytes, UINT32 size); > - > -// Mark file as closed and try and close it. Errors not reported. > -void vtpm_ipc_close(vtpm_ipc_handle_t *ioh); > - > -#endif > diff --git a/tools/vtpm_manager/manager/vtpm_lock.c > b/tools/vtpm_manager/manager/vtpm_lock.c > deleted file mode 100644 > index e737d60..0000000 > --- a/tools/vtpm_manager/manager/vtpm_lock.c > +++ /dev/null > @@ -1,63 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_lock.c Provided controlled sync around access to vtpm structures > -// > -// =================================================================== > - > -#include <pthread.h> > -#include "vtpm_lock.h" > - > -static pthread_rwlock_t vtpm_lock; > - > -void vtpm_lock_init() { > - > - pthread_rwlock_init( &vtpm_lock, NULL); > -} > - > -void vtpm_lock_destroy(){ > - pthread_rwlock_destroy(&vtpm_lock); > -} > - > -void vtpm_lock_rdlock(){ > - pthread_rwlock_rdlock(&vtpm_lock); > -} > - > -void vtpm_lock_wrlock(){ > - pthread_rwlock_wrlock(&vtpm_lock); > -} > - > -void vtpm_lock_unlock(){ > - pthread_rwlock_unlock(&vtpm_lock); > -} > - > diff --git a/tools/vtpm_manager/manager/vtpm_lock.h > b/tools/vtpm_manager/manager/vtpm_lock.h > deleted file mode 100644 > index 53a339d..0000000 > --- a/tools/vtpm_manager/manager/vtpm_lock.h > +++ /dev/null > @@ -1,48 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_lock.h Provided controlled sync around access to vtpm structures > -// > -// =================================================================== > - > -#ifndef __VTPM_LOCK_H__ > -#define __VTPM_LOCK_H__ > - > -void vtpm_lock_init(); > -void vtpm_lock_destroy(); > - > -void vtpm_lock_rdlock(); > -void vtpm_lock_wrlock(); > -void vtpm_lock_unlock(); > - > -#endif > diff --git a/tools/vtpm_manager/manager/vtpm_manager.c > b/tools/vtpm_manager/manager/vtpm_manager.c > deleted file mode 100644 > index e089f78..0000000 > --- a/tools/vtpm_manager/manager/vtpm_manager.c > +++ /dev/null > @@ -1,285 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_manager.c > -// > -// This file will house the main logic of the VTPM Manager > -// > -// ================================================================== > - > -#include <stdio.h> > -#include <unistd.h> > -#include <string.h> > - > -#include "vtpm_manager.h" > -#include "vtpmpriv.h" > -#include "vtsp.h" > -#include "bsg.h" > -#include "hashtable.h" > -#include "hashtable_itr.h" > - > -#include "log.h" > -#include "buffer.h" > - > -VTPM_GLOBALS *vtpm_globals=NULL; > - > -// --------------------------- Well Known Auths -------------------------- > -const TPM_AUTHDATA SRK_AUTH = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, > 0xff, 0xff, 0xff, > - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, > 0xff, 0xff, 0xff}; > - > -#ifdef WELL_KNOWN_OWNER_AUTH > -static BYTE FIXED_OWNER_AUTH[20] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, > 0xff, 0xff, 0xff, 0xff, > - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, > 0xff, 0xff, 0xff}; > -#endif > - > - > -// -------------------------- Hash table functions -------------------- > - > -static unsigned int hashfunc32(void *ky) { > - return (* (UINT32 *) ky); > -} > - > -static int equals32(void *k1, void *k2) { > - return (*(UINT32 *) k1 == *(UINT32 *) k2); > -} > - > -// --------------------------- Functions ------------------------------ > - > -TPM_RESULT VTPM_Create_Manager(){ > - > - TPM_RESULT status = TPM_SUCCESS; > - > - // Generate Auth for Owner > -#ifdef WELL_KNOWN_OWNER_AUTH > - memcpy(vtpm_globals->owner_usage_auth, FIXED_OWNER_AUTH, > sizeof(TPM_AUTHDATA)); > -#else > - Crypto_GetRandom(vtpm_globals->owner_usage_auth, sizeof(TPM_AUTHDATA) ); > -#endif > - > - // Take Owership of TPM > - CRYPTO_INFO ek_cryptoInfo; > - > - status = VTSP_ReadPubek(vtpm_globals->manager_tcs_handle, &ek_cryptoInfo); > - > - // If we can read PubEK then there is no owner and we should take it. > - // We use the abilty to read the pubEK to flag that the TPM is owned. > - // FIXME: Change to just trying to take ownership and react to the status > - if (status == TPM_SUCCESS) { > - TPMTRYRETURN(VTSP_TakeOwnership(vtpm_globals->manager_tcs_handle, > - (const > TPM_AUTHDATA*)&vtpm_globals->owner_usage_auth, > - &SRK_AUTH, > - &ek_cryptoInfo, > - &vtpm_globals->keyAuth)); > - > - TPMTRYRETURN(VTSP_DisablePubekRead(vtpm_globals->manager_tcs_handle, > - (const > TPM_AUTHDATA*)&vtpm_globals->owner_usage_auth, > - &vtpm_globals->keyAuth)); > - } else { > - vtpmloginfo(VTPM_LOG_VTPM, "Failed to readEK meaning TPM has an owner. > Creating Keys off existing SRK.\n"); > - } > - > - // Generate storage key's auth > - Crypto_GetRandom( &vtpm_globals->storage_key_usage_auth, > - sizeof(TPM_AUTHDATA) ); > - > - TCS_AUTH osap; > - TPM_AUTHDATA sharedsecret; > - > - TPMTRYRETURN( VTSP_OSAP(vtpm_globals->manager_tcs_handle, > - TPM_ET_KEYHANDLE, > - TPM_SRK_KEYHANDLE, > - &SRK_AUTH, > - &sharedsecret, > - &osap) ); > - > - osap.fContinueAuthSession = FALSE; > - > - > - TPMTRYRETURN( VTSP_CreateWrapKey( vtpm_globals->manager_tcs_handle, > - TPM_KEY_BIND, > - (const > TPM_AUTHDATA*)&vtpm_globals->storage_key_usage_auth, > - TPM_SRK_KEYHANDLE, > - (const TPM_AUTHDATA*)&sharedsecret, > - &vtpm_globals->storageKeyWrap, > - &osap) ); > - > - // Generate boot key's auth > - TPM_AUTHDATA bootKeyWrapAuth; > - memset(&bootKeyWrapAuth, 0, sizeof(bootKeyWrapAuth)); > - > - TPMTRYRETURN( VTSP_OSAP(vtpm_globals->manager_tcs_handle, > - TPM_ET_KEYHANDLE, > - TPM_SRK_KEYHANDLE, > - &SRK_AUTH, > - &sharedsecret, > - &osap) ); > - > - osap.fContinueAuthSession = FALSE; > - > - // FIXME: This key protects the global secrets on disk. It should use TPM > - // PCR bindings to limit its use to legit configurations. > - // Current binds are open, implying a Trusted VM contains this code. > - // If this VM is not Trusted, use measurement and PCR bindings. > - TPMTRYRETURN( VTSP_CreateWrapKey( vtpm_globals->manager_tcs_handle, > - TPM_KEY_BIND, > - (const TPM_AUTHDATA*)&bootKeyWrapAuth, > - TPM_SRK_KEYHANDLE, > - (const TPM_AUTHDATA*)&sharedsecret, > - &vtpm_globals->bootKeyWrap, > - &osap) ); > - > - // Populate CRYPTO_INFO vtpm_globals->bootKey. This does not load it into > the TPM > - TPMTRYRETURN( VTSP_LoadKey( vtpm_globals->manager_tcs_handle, > - TPM_SRK_KEYHANDLE, > - &vtpm_globals->bootKeyWrap, > - NULL, > - NULL, > - NULL, > - &vtpm_globals->bootKey, > - TRUE ) ); > - > - TPMTRYRETURN( VTSP_SaveState(vtpm_globals->manager_tcs_handle) ); > - goto egress; > - > - abort_egress: > - exit(1); > - > - egress: > - vtpmloginfo(VTPM_LOG_VTPM, "Finished initialized new VTPM manager (Status > = %d).\n", status); > - return status; > - > -} > - > -/////////////////////////////////////////////////////////////////////////////// > -TPM_RESULT VTPM_Init_Manager() { > - TPM_RESULT status = TPM_FAIL, serviceStatus; > - BYTE *randomsead; > - UINT32 randomsize=256; > - > - if ((vtpm_globals = (VTPM_GLOBALS *) malloc(sizeof(VTPM_GLOBALS))) == > NULL){ > - status = TPM_FAIL; > - goto abort_egress; > - } > - memset(vtpm_globals, 0, sizeof(VTPM_GLOBALS)); > - > - vtpm_globals->connected_dmis = 0; > - > - if ((vtpm_globals->dmi_map = create_hashtable(10, hashfunc32, equals32)) > == NULL){ > - status = TPM_FAIL; > - goto abort_egress; > - } > - > - // Create new TCS Object > - vtpm_globals->manager_tcs_handle = 0; > - > - TPMTRYRETURN(TCS_create()); > - > - // Create TCS Context for service > - TPMTRYRETURN( TCS_OpenContext(&vtpm_globals->manager_tcs_handle ) ); > - > - TPMTRYRETURN( TCSP_GetRandom(vtpm_globals->manager_tcs_handle, > - &randomsize, > - &randomsead)); > - > - Crypto_Init(randomsead, randomsize); > - TPMTRYRETURN( TCS_FreeMemory (vtpm_globals->manager_tcs_handle, > randomsead)); > - > - // Create OIAP session for service's authorized commands > - TPMTRYRETURN( VTSP_OIAP( vtpm_globals->manager_tcs_handle, > - &vtpm_globals->keyAuth) ); > - vtpm_globals->keyAuth.fContinueAuthSession = TRUE; > - > - vtpm_globals->mig_keys = NULL; > - > - // If fails, create new Manager. > - serviceStatus = VTPM_LoadManagerData(); > - if (serviceStatus == TPM_IOERROR) { > - vtpmloginfo(VTPM_LOG_VTPM, "Failed to read manager file. Assuming first > time initialization.\n"); > - TPMTRYRETURN( VTPM_Create_Manager() ); > - TPMTRYRETURN( VTPM_SaveManagerData() ); > - } else if (serviceStatus != TPM_SUCCESS) { > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to read existing manager file"); > - exit(1); > - } > - > - //Load Storage Key > - TPMTRYRETURN( VTSP_LoadKey( vtpm_globals->manager_tcs_handle, > - TPM_SRK_KEYHANDLE, > - &vtpm_globals->storageKeyWrap, > - &SRK_AUTH, > - &vtpm_globals->storageKeyHandle, > - &vtpm_globals->keyAuth, > - &vtpm_globals->storageKey, > - FALSE ) ); > - > - // Create entry for Dom0 for control messages > - TPMTRYRETURN( VTPM_Handle_New_DMI(NULL) ); > - > - goto egress; > - > - abort_egress: > - egress: > - > - return(status); > -} > - > -/////////////////////////////////////////////////////////////////////////////// > -void VTPM_Stop_Manager() { > - VTPM_DMI_RESOURCE *dmi_res; > - struct hashtable_itr *dmi_itr; > - > - // Close all the TCS contexts. TCS should evict keys based on this > - if (hashtable_count(vtpm_globals->dmi_map) > 0) { > - dmi_itr = hashtable_iterator(vtpm_globals->dmi_map); > - do { > - dmi_res = (VTPM_DMI_RESOURCE *) hashtable_iterator_value(dmi_itr); > - if (dmi_res->connected) > - close_dmi( dmi_res ); // Not really interested in return code > - > - } while (hashtable_iterator_advance(dmi_itr)); > - free (dmi_itr); > - } > - > - if ( VTPM_SaveManagerData() != TPM_SUCCESS ) > - vtpmlogerror(VTPM_LOG_VTPM, "Unable to save manager data.\n"); > - > - TCS_CloseContext(vtpm_globals->manager_tcs_handle); > - TCS_destroy(); > - > - hashtable_destroy(vtpm_globals->dmi_map, 1); > - free(vtpm_globals); > - > - Crypto_Exit(); > - > - vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager stopped.\n"); > -} > diff --git a/tools/vtpm_manager/manager/vtpm_manager.h > b/tools/vtpm_manager/manager/vtpm_manager.h > deleted file mode 100644 > index a324a8f..0000000 > --- a/tools/vtpm_manager/manager/vtpm_manager.h > +++ /dev/null > @@ -1,150 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_manager.h > -// > -// Public Interface header for VTPM Manager > -// > -// ================================================================== > - > -#ifndef __VTPM_MANAGER_H__ > -#define __VTPM_MANAGER_H__ > - > -#define VTPM_TAG_REQ 0x01c1 > -#define VTPM_TAG_RSP 0x01c4 > -#define COMMAND_BUFFER_SIZE 4096 > - > -// Header sizes. Note Header MAY include the DMI > -#define VTPM_COMMAND_HEADER_SIZE_CLT ( 2 + 4 + 4) > -// sizeof(TPM_TAG + UINT32 + TPM_COMMAND_CODE) > -#define VTPM_COMMAND_HEADER_SIZE_SRV ( 4 + VTPM_COMMAND_HEADER_SIZE_CLT ) > -// sizeof( UINT32 + VTPM_COMMAND_HEADER_SIZE_CLT) > - > -//************************ Command Codes **************************** > -#define VTPM_ORD_BASE 0x0000 > -#define VTPM_PRIV_MASK 0x01000000 // Priviledged VTPM Command > -#define VTPM_PRIV_BASE (VTPM_ORD_BASE | VTPM_PRIV_MASK) > - > -// Non-priviledged VTPM Commands (From DMI's) > -#define VTPM_ORD_SAVENVM (VTPM_ORD_BASE + 1) // DMI Saves Secrets > -#define VTPM_ORD_LOADNVM (VTPM_ORD_BASE + 2) // DMI Loads Secrets > -#define VTPM_ORD_TPMCOMMAND (VTPM_ORD_BASE + 3) // DMI issues HW TPM > Command > -#define VTPM_ORD_GET_MIG_KEY (VTPM_ORD_BASE + 4) // Get manager's migration > key > -#define VTPM_ORD_LOAD_MIG_KEY (VTPM_ORD_BASE + 5) // load dest migration key > - > -// Priviledged VTPM Commands (From management console) > -#define VTPM_ORD_OPEN (VTPM_PRIV_BASE + 1) // Creates/reopens DMI > -#define VTPM_ORD_CLOSE (VTPM_PRIV_BASE + 2) // Closes a DMI > -#define VTPM_ORD_DELETE (VTPM_PRIV_BASE + 3) // Permemently Deletes DMI > -#define VTPM_ORD_MIGRATE_IN (VTPM_PRIV_BASE + 4) // Load migrated VTPM > -#define VTPM_ORD_MIGRATE_OUT (VTPM_PRIV_BASE + 5) // migrate VTPM to dest > - > -//************************ Return Codes **************************** > -#define VTPM_TYPE_PVM 1 // Paravirtualized Domain > -#define VTPM_TYPE_HVM 2 // HVM Domain > - > -//************************ Return Codes **************************** > -#define VTPM_SUCCESS 0 > -#define VTPM_FAIL 1 > -#define VTPM_UNSUPPORTED 2 > -#define VTPM_FORBIDDEN 3 > -#define VTPM_RESTORE_CONTEXT_FAILED 4 > -#define VTPM_INVALID_REQUEST 5 > - > -//*********************** Parameter Values ************************* > -#define VTPM_TYPE_NON_MIGRATABLE 0x00 > -#define VTPM_TYPE_MIGRATABLE 0x01 > -#define VTPM_TYPE_MIGRATED 0xFF // VTPM has been migrated. > - // VTPM can be recovered or deleted > only > - > -/******************* Command Parameter API ************************* > - > -VTPM Command Format > - dmi: 4 bytes // Source of message. > - // WARNING: This is prepended by the channel. > - // Thus it is received by VTPM Manager, > - // but not sent by DMI > - tpm tag: 2 bytes > - command size: 4 bytes // Size of command including header but not > DMI > - ord: 4 bytes // Command ordinal above > - parameters: size - 10 bytes // Command Parameter > - > -VTPM Response Format > - tpm tag: 2 bytes > - response_size: 4 bytes > - status: 4 bytes > - parameters: size - 10 bytes > - > - > -VTPM_Open: > - Input Parameters: > - mig_type: 1 byte > - startup_mode: 1 byte // Cold Boot = 1, resume = 2, deactive = 3 > - domain type: 1 byte > - instance_id: 4 bytes > - Output Parameters: > - None > - > -VTPM_Close > - Input Parameters: > - instance_id: 4 bytes > - Output Parameters: > - None > - > -VTPM_Delete > - Input Parameters: > - instance_id: 4 bytes > - Output Parameters: > - None > - > -VTPM_SaveNVM > - Input Parameters: > - data: n bytes (Header indicates size of data) > - Output Parameters: > - None > - > -VTPM_LoadNVM > - Input Parameters: > - None > - Output Parameters: > - data: n bytes (Header indicates size of data) > - > -VTPM_TPMCommand > - Input Parameters: > - TPM Command Byte Stream: n bytes > - Output Parameters: > - TPM Reponse Byte Stream: n bytes > - > -*********************************************************************/ > - > -#endif //_VTPM_MANAGER_H_ > diff --git a/tools/vtpm_manager/manager/vtpm_manager_handler.c > b/tools/vtpm_manager/manager/vtpm_manager_handler.c > deleted file mode 100644 > index 2001074..0000000 > --- a/tools/vtpm_manager/manager/vtpm_manager_handler.c > +++ /dev/null > @@ -1,488 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_manager_handler.c > -// > -// This file will house the main logic of the VTPM Manager > -// > -// ================================================================== > - > -#include <stdio.h> > -#include <unistd.h> > -#include <string.h> > -#include <errno.h> > - > -#include "vtpm_manager.h" > -#include "vtpmpriv.h" > -#include "vtsp.h" > -#include "bsg.h" > -#include "hashtable.h" > -#include "hashtable_itr.h" > -#include "log.h" > -#include "buffer.h" > - > -#define vtpmhandlerloginfo(module,fmt,args...) vtpmloginfo (module, "[%s]: " > fmt, thread_name, ##args ); > -#define vtpmhandlerloginfomore(module,fmt,args...) vtpmloginfomore (module, > fmt, ##args ); > -#define vtpmhandlerlogerror(module,fmt,args...) vtpmlogerror (module, "[%s]: > " fmt, thread_name, ##args ); > - > -// ---------------------- Prototypes ------------------- > -TPM_RESULT vtpm_manager_handle_vtpm_cmd(VTPM_DMI_RESOURCE *dmi_res, > - TPM_COMMAND_CODE ord, > - buffer_t *command_buf, > - buffer_t *result_buf, > - BOOL is_priv, > - char *thread_name); > - > -TPM_RESULT vtpm_manager_handle_tpm_cmd(vtpm_ipc_handle_t *tx_ipc_h, > - vtpm_ipc_handle_t *rx_ipc_h, > - VTPM_DMI_RESOURCE *dmi_res, > - BYTE *cmd_header, > - buffer_t *param_buf, > - buffer_t *result_buf, > - char *thread_name); > - > -TPM_RESULT VTPM_Manager_Handler( vtpm_ipc_handle_t *tx_ipc_h, > - vtpm_ipc_handle_t *rx_ipc_h, > - BOOL fw_tpm, // Forward TPM cmds? > - vtpm_ipc_handle_t *fw_tx_ipc_h, > - vtpm_ipc_handle_t *fw_rx_ipc_h, > - BOOL is_priv, > - char *thread_name) { > - TPM_RESULT status = TPM_FAIL; // Should never return > - UINT32 dmi, in_param_size, cmd_size, out_param_size, > out_message_size, reply_size; > - BYTE *cmd_header=NULL, *in_param=NULL, *out_message=NULL, > *reply; > - buffer_t *command_buf=NULL, *result_buf=NULL; > - TPM_TAG tag; > - TPM_COMMAND_CODE ord; > - VTPM_DMI_RESOURCE *dmi_res; > - int size_read, size_write, i; > - BOOL add_header=TRUE; // This indicates to prepend a header on result_buf > before sending > - > - cmd_header = (BYTE *) malloc(VTPM_COMMAND_HEADER_SIZE_SRV); > - command_buf = (buffer_t *) malloc(sizeof(buffer_t)); > - result_buf = (buffer_t *) malloc(sizeof(buffer_t)); > - > - // ------------------------ Main Loop -------------------------------- > - while(1) { > - > - vtpmhandlerloginfo(VTPM_LOG_VTPM, "%s waiting for messages.\n", > thread_name); > - > - // --------------------- Read Cmd from Sender ---------------- > - > - // Read command header > - size_read = vtpm_ipc_read(rx_ipc_h, NULL, cmd_header, > VTPM_COMMAND_HEADER_SIZE_SRV); > - if (size_read > 0) { > - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "RECV[%d]: 0x", size_read); > - for (i=0; i<size_read; i++) > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); > - } else { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s can't read from ipc. Errono = > %d. Aborting... \n", thread_name, errno); > - goto abort_command; > - } > - > - if (size_read < (int) VTPM_COMMAND_HEADER_SIZE_SRV) { > - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "\n"); > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command shorter than normal header > (%d bytes). Aborting...\n", size_read); > - goto abort_command; > - } > - > - // Unpack header > - BSG_UnpackList(cmd_header, 4, > - BSG_TYPE_UINT32, &dmi, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, &in_param_size, > - BSG_TPM_COMMAND_CODE, &ord ); > - > - // Using the header info, read the parameters of the command > - // Note that in_param_size is in the client's context > - cmd_size = in_param_size - VTPM_COMMAND_HEADER_SIZE_CLT; > - if (cmd_size > 0) { > - in_param = (BYTE *) malloc(cmd_size); > - size_read = vtpm_ipc_read( rx_ipc_h, NULL, in_param, cmd_size); > - if (size_read > 0) { > - for (i=0; i<size_read; i++) > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); > - > - } else { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s had error reading cmd from > ipc. Aborting... \n", thread_name); > - goto abort_command; > - } > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - > - if (size_read < (int) cmd_size) { > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command read(%d) is shorter than > header indicates(%d). Aborting...\n", size_read, cmd_size); > - goto abort_command; > - } > - } else { > - in_param = NULL; > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - } > - > - // Init the buffers used to handle the command and the response > - if ( (buffer_init_convert(command_buf, cmd_size, in_param) != > TPM_SUCCESS) || > - (buffer_init(result_buf, 0, 0) != TPM_SUCCESS) ) { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Failed to setup buffers. > Aborting...\n"); > - goto abort_command; > - } > - > - // -------------- Dispatch Commands to Handlers ----------- > - if ((tag == VTPM_TAG_REQ) && (ord & VTPM_PRIV_MASK)) { > - vtpm_lock_wrlock(); > - } else { > - vtpm_lock_rdlock(); > - } > - > - if ( !(dmi_res = (VTPM_DMI_RESOURCE *) > hashtable_search(vtpm_globals->dmi_map, &dmi)) || > - (!dmi_res->connected) ) { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Attempted access to non-existent > or disconnected DMI %d. Aborting...\n", dmi); > - status = TPM_BAD_PARAMETER; > - // We have no one to reply to, they don't exist. > - goto abort_command; > - } > - > - if (tag == VTPM_TAG_REQ) { > - > - status = vtpm_manager_handle_vtpm_cmd(dmi_res, ord, command_buf, > result_buf, is_priv, thread_name); > - > - } else { // This is not a VTPM Command at all. > - if (fw_tpm) { > - status = vtpm_manager_handle_tpm_cmd(fw_tx_ipc_h, fw_rx_ipc_h, > dmi_res, cmd_header, command_buf, result_buf, thread_name); > - > - // This means calling the DMI failed, not that the cmd failed in the > DMI > - // Since the return will be interpretted by a TPM app, all errors > are IO_ERRORs to the app > - if (status != TPM_SUCCESS) { > - status = TPM_IOERROR; > - goto abort_with_error; > - } > - // Unlike all other commands, forwarded commands yield a result_buf > that includes the DMI's status. This > - // should be forwarded to the caller VM > - add_header = FALSE; > - } else { > - // We are not supposed to forward TPM commands at all. > - int i; > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Attempt to use unsupported > direct access to TPM.\n"); > - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "Bad Command. dmi:%d, tag:%d, > size:%d, ord:%d, Params: ", dmi, tag, in_param_size, ord); > - for (i=0; i<cmd_size; i++) > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); > - > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - > - status = TPM_FAIL; > - goto abort_with_error; > - } > - > - } // end else for is VTPM Command > - > - // ------------------- Respond to Sender ------------------ > - > - // Errors while handling responses jump here to reply with error messages > - // NOTE: Currently there are no recoverable errors in multi-VM mode. If > one > - // is added to the code, this ifdef should be removed. > - // Also note this is NOT referring to errors in commands, but > rather > - // this is about I/O errors and such. > -#ifndef VTPM_MULTI_VM > - abort_with_error: > -#endif > - > - if (add_header) { > - // Prepend VTPM header with destination DM stamped > - out_param_size = buffer_len(result_buf); > - out_message_size = VTPM_COMMAND_HEADER_SIZE_CLT + out_param_size; > - reply_size = VTPM_COMMAND_HEADER_SIZE_SRV + out_param_size; > - out_message = (BYTE *) malloc (reply_size); > - reply = out_message; > - > - BSG_PackList(out_message, 4, > - BSG_TYPE_UINT32, (BYTE *) &dmi, > - BSG_TPM_TAG, (BYTE *) &tag, > - BSG_TYPE_UINT32, (BYTE *) &out_message_size, > - BSG_TPM_RESULT, (BYTE *) &status); > - > - if (buffer_len(result_buf) > 0) > - memcpy(out_message + VTPM_COMMAND_HEADER_SIZE_SRV, > result_buf->bytes, out_param_size); > - //Note: Send message + dmi_id > - } else { > - reply = result_buf->bytes; > - reply_size = buffer_len(result_buf); > - } > - size_write = vtpm_ipc_write(tx_ipc_h, (dmi_res ? dmi_res->tx_vtpm_ipc_h > : NULL), reply, reply_size ); > - if (size_write > 0) { > - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "SENT: 0x"); > - for (i=0; i < reply_size; i++) > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", reply[i]); > - > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - } else { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s had error writing to ipc. > Aborting... \n", thread_name); > - goto abort_command; > - } > - free(out_message); out_message=NULL; > - > - if (size_write < (int)reply_size) { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "%s unable to write full command to > ipc (%d/%d)\n", thread_name, size_write, reply_size); > - goto abort_command; > - } > - > - // On certain failures an error message cannot be sent. > - // This marks the beginning of cleanup in preperation for the next > command. > - abort_command: > - //free buffers > - bzero(cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); > - //free(in_param); // This was converted to command_buf. No need to free > - buffer_free(result_buf); > - buffer_free(command_buf); > - > - // If we have a write lock, save the manager table > - if ((tag == VTPM_TAG_REQ) && (ord & VTPM_PRIV_MASK) && > - (VTPM_SaveManagerData() != TPM_SUCCESS) ) { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "ERROR: Unable to save manager > data.\n"); > - } > - > - vtpm_lock_unlock(); > - add_header = TRUE; // Reset to the default > - } // End while(1) > - > -} > - > -///////////////////////////////////////////////////////////////////////// > -TPM_RESULT vtpm_manager_handle_vtpm_cmd(VTPM_DMI_RESOURCE *dmi_res, > - TPM_COMMAND_CODE ord, > - buffer_t *command_buf, > - buffer_t *result_buf, > - BOOL is_priv, > - char *thread_name) { > - > - TPM_RESULT status = TPM_FAIL; > - > - switch (ord) { > - case VTPM_ORD_SAVENVM: > - status= VTPM_Handle_Save_NVM(dmi_res, > - command_buf, > - result_buf); > - break; > - > - case VTPM_ORD_LOADNVM: > - status= VTPM_Handle_Load_NVM(dmi_res, > - command_buf, > - result_buf); > - break; > - > - case VTPM_ORD_TPMCOMMAND: > - status= VTPM_Handle_TPM_Command(dmi_res, > - command_buf, > - result_buf); > - break; > - > - case VTPM_ORD_GET_MIG_KEY: > - status = VTPM_Handle_Get_Migration_key(command_buf, > - result_buf); > - break; > - > - case VTPM_ORD_LOAD_MIG_KEY: > - status = VTPM_Handle_Load_Migration_key(command_buf, > - result_buf); > - break; > - > - default: > - // Privileged handlers can do maintanance > - if (is_priv) { > - switch (ord) { > - case VTPM_ORD_OPEN: > - status = VTPM_Handle_New_DMI(command_buf); > - break; > - > - case VTPM_ORD_CLOSE: > - status = VTPM_Handle_Close_DMI(command_buf); > - break; > - > - case VTPM_ORD_DELETE: > - status = VTPM_Handle_Delete_DMI(command_buf); > - break; > - > - case VTPM_ORD_MIGRATE_IN: > - status = VTPM_Handle_Migrate_In(command_buf, result_buf); > - break; > - > - case VTPM_ORD_MIGRATE_OUT: > - status = VTPM_Handle_Migrate_Out(command_buf, result_buf); > - break; > - > - default: > - status = TPM_BAD_ORDINAL; > - } // switch > - } else { // is priv command > - > - status = TPM_BAD_ORDINAL; > - } // inner switch > - } // outer switch > - > - return(status); > -} > - > -///////////////////////////////////////////////////////////////////// > -TPM_RESULT vtpm_manager_handle_tpm_cmd(vtpm_ipc_handle_t *tx_ipc_h, > - vtpm_ipc_handle_t *rx_ipc_h, > - VTPM_DMI_RESOURCE *dmi_res, > - BYTE *cmd_header, > - buffer_t *param_buf, > - buffer_t *result_buf, > - char *thread_name) { > - > - TPM_RESULT status = TPM_FAIL; > - UINT32 dmi_dst; > - TPM_COMMAND_CODE ord; > - TPM_TAG tag_out; > - UINT32 dmi_cmd_size, in_param_size, adj_param_size; > - BYTE *dmi_cmd, *in_param; > - int size_read, size_write, i; > - > - //// Dom0 can't talk to the BE, so this must be a broken FE/BE or badness > - if (dmi_res->dmi_id == VTPM_CTL_DM) { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Illegal use of TPM command from > dom0\n"); > - status = TPM_FAIL; > - goto abort_with_error; > - } > - > - vtpmhandlerloginfo(VTPM_LOG_VTPM, "Forwarding command to DMI.\n"); > - > - //Forward TPM CMD stamped with dmi_id to DMI for handling > - if (buffer_len(param_buf)) { > - dmi_cmd = (BYTE *) malloc(VTPM_COMMAND_HEADER_SIZE_SRV + > buffer_len(param_buf)); > - dmi_cmd_size = VTPM_COMMAND_HEADER_SIZE_SRV + buffer_len(param_buf); > - memcpy(dmi_cmd, cmd_header, VTPM_COMMAND_HEADER_SIZE_SRV); > - memcpy(dmi_cmd + VTPM_COMMAND_HEADER_SIZE_SRV, param_buf->bytes, > buffer_len(param_buf)); > - size_write = vtpm_ipc_write(tx_ipc_h, dmi_res->tx_tpm_ipc_h, dmi_cmd, > dmi_cmd_size); > - > - if (size_write > 0) { > - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "SENT (DMI): 0x"); > - for (i=0; i<VTPM_COMMAND_HEADER_SIZE_SRV + buffer_len(param_buf); i++) > { > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", dmi_cmd[i]); > - } > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - } else { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error writing to DMI. Aborting... > \n"); > - status = TPM_IOERROR; > - goto abort_with_error; > - } > - free(dmi_cmd); > - } else { > - dmi_cmd_size = VTPM_COMMAND_HEADER_SIZE_SRV; > - size_write = vtpm_ipc_write(tx_ipc_h, dmi_res->tx_tpm_ipc_h, cmd_header, > VTPM_COMMAND_HEADER_SIZE_SRV ); > - if (size_write > 0) { > - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "SENT (DMI): 0x"); > - for (i=0; i<VTPM_COMMAND_HEADER_SIZE_SRV; i++) > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); > - > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - } else { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error writing to DMI. Aborting... > \n"); > - status = TPM_IOERROR; > - goto abort_with_error; > - } > - } > - > - if (size_write != (int) dmi_cmd_size) > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Could not write entire command to > DMI (%d/%d)\n", size_write, dmi_cmd_size); > - > - buffer_free(param_buf); > - > - // Read header for response to TPM command from DMI > - size_read = vtpm_ipc_read( rx_ipc_h, dmi_res->rx_tpm_ipc_h, cmd_header, > VTPM_COMMAND_HEADER_SIZE_SRV); > - if (size_read > 0) { > - vtpmhandlerloginfo(VTPM_LOG_VTPM_DEEP, "RECV (DMI): 0x"); > - for (i=0; i<size_read; i++) > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); > - > - } else { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error reading from DMI. Aborting... > \n"); > - status = TPM_IOERROR; > - goto abort_with_error; > - } > - > - if (size_read < (int) VTPM_COMMAND_HEADER_SIZE_SRV) { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command from DMI shorter than normal > header. Aborting...\n"); > - status = TPM_IOERROR; > - goto abort_with_error; > - } > - > - // Unpack response from DMI for TPM command > - BSG_UnpackList(cmd_header, 4, > - BSG_TYPE_UINT32, &dmi_dst, > - BSG_TPM_TAG, &tag_out, > - BSG_TYPE_UINT32, &in_param_size, > - BSG_TPM_COMMAND_CODE, &status ); > - > - // If response has parameters, read them. > - // Note that in_param_size is in the client's context > - adj_param_size = in_param_size - VTPM_COMMAND_HEADER_SIZE_CLT; > - if (adj_param_size > 0) { > - in_param = (BYTE *) malloc(adj_param_size); > - size_read = vtpm_ipc_read(rx_ipc_h, dmi_res->rx_tpm_ipc_h, in_param, > adj_param_size); > - if (size_read > 0) { > - for (i=0; i<size_read; i++) > - vtpmhandlerloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", in_param[i]); > - > - } else { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Error reading from BE. Aborting... > \n"); > - goto abort_with_error; > - } > - vtpmhandlerloginfomore(VTPM_LOG_VTPM, "\n"); > - > - if (size_read < (int)adj_param_size) { > - vtpmhandlerloginfomore(VTPM_LOG_VTPM, "\n"); > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Command read(%d) from DMI is > shorter than header indicates(%d). Aborting...\n", size_read, adj_param_size); > - status = TPM_IOERROR; > - goto abort_with_error; > - } > - } else { > - in_param = NULL; > - vtpmhandlerloginfomore(VTPM_LOG_VTPM, "\n"); > - } > - > - if ( (buffer_init(result_buf, VTPM_COMMAND_HEADER_SIZE_SRV, cmd_header) != > TPM_SUCCESS) || > - (buffer_append_raw(result_buf, adj_param_size, in_param) != > TPM_SUCCESS) ) { > - vtpmhandlerlogerror(VTPM_LOG_VTPM, "Failed to setup buffers. > Aborting...\n"); > - status = TPM_FAIL; > - goto abort_with_error; > - } > - > - vtpmhandlerloginfo(VTPM_LOG_VTPM, "Sending DMI's response to guest.\n"); > - > - status = TPM_SUCCESS; > - > - abort_with_error: > - > - return status; > -} > - > diff --git a/tools/vtpm_manager/manager/vtpmd.c > b/tools/vtpm_manager/manager/vtpmd.c > deleted file mode 100644 > index cf58ba3..0000000 > --- a/tools/vtpm_manager/manager/vtpmd.c > +++ /dev/null > @@ -1,371 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpmd.c > -// > -// Application > -// > -// =================================================================== > - > -#include <stdio.h> > -#include <unistd.h> > -#include <sys/types.h> > -#include <sys/stat.h> > -#include <fcntl.h> > -#include <signal.h> > -#include <string.h> > -#include <pthread.h> > -#include "vtpm_manager.h" > -#include "vtpmpriv.h" > -#include "tcg.h" > -#include "log.h" > -#include "vtpm_ipc.h" > - > -#define TPM_EMULATOR_PATH "/usr/bin/vtpmd" > - > -#define VTPM_BE_FNAME "/dev/vtpm" > -#define VTPM_DUMMY_TX_BE_FNAME "/var/vtpm/fifos/dummy_out.fifo" > -#define VTPM_DUMMY_RX_BE_FNAME "/var/vtpm/fifos/dummy_in.fifo" > -#define VTPM_TX_TPM_FNAME "/var/vtpm/fifos/tpm_cmd_to_%d.fifo" > -#define VTPM_RX_TPM_FNAME "/var/vtpm/fifos/tpm_rsp_from_all.fifo" > -#define VTPM_TX_VTPM_FNAME "/var/vtpm/fifos/vtpm_rsp_to_%d.fifo" > -#define VTPM_RX_VTPM_FNAME "/var/vtpm/fifos/vtpm_cmd_from_all.fifo" > -#define VTPM_TX_HP_FNAME "/var/vtpm/fifos/to_console.fifo" > -#define VTPM_RX_HP_FNAME "/var/vtpm/fifos/from_console.fifo" > - > -#define VTPM_TYPE_PVM_STRING "pvm" > -#define VTPM_TYPE_HVM_STRING "hvm" > - > -struct vtpm_thread_params_s { > - vtpm_ipc_handle_t *tx_ipc_h; > - vtpm_ipc_handle_t *rx_ipc_h; > - BOOL fw_tpm; > - vtpm_ipc_handle_t *fw_tx_ipc_h; > - vtpm_ipc_handle_t *fw_rx_ipc_h; > - BOOL is_priv; > - char *thread_name; > -}; > - > -// This is needed to all extra_close_dmi to close this to prevent a > -// broken pipe when no DMIs are left. > -static vtpm_ipc_handle_t *g_rx_tpm_ipc_h; > - > -void *vtpm_manager_thread(void *arg_void) { > - TPM_RESULT *status = (TPM_RESULT *) malloc(sizeof(TPM_RESULT) ); > - struct vtpm_thread_params_s *arg = (struct vtpm_thread_params_s *) > arg_void; > - > - *status = VTPM_Manager_Handler(arg->tx_ipc_h, arg->rx_ipc_h, > - arg->fw_tpm, arg->fw_tx_ipc_h, > arg->fw_rx_ipc_h, > - arg->is_priv, arg->thread_name); > - > - return (status); > -} > - > - > -void signal_handler(int reason) { > - if (pthread_equal(pthread_self(), vtpm_globals->master_pid)) { > - vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager shutting down for signal > %d.\n", reason); > - } else { > - // For old Linux Thread machines, signals are delivered to each thread. > Deal with them. > - vtpmloginfo(VTPM_LOG_VTPM, "Child shutting down\n"); > - pthread_exit(NULL); > - } > - > - VTPM_Stop_Manager(); > - exit(-1); > -} > - > -struct sigaction ctl_c_handler; > - > -TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE vm_type, BYTE > startup_mode) { > - > - TPM_RESULT status = TPM_SUCCESS; > - int fh; > - char dmi_id_str[11]; // UINT32s are up to 10 digits + NULL > - char *tx_vtpm_name, *tx_tpm_name, *vm_type_string; > - struct stat file_info; > - > - if (dmi_res->dmi_id == VTPM_CTL_DM) { > - dmi_res->tx_tpm_ipc_h = NULL; > - dmi_res->rx_tpm_ipc_h = NULL; > - dmi_res->tx_vtpm_ipc_h = NULL; > - dmi_res->rx_vtpm_ipc_h = NULL; > - } else { > - // Create a pair of fifo pipes > - dmi_res->rx_tpm_ipc_h = NULL; > - dmi_res->rx_vtpm_ipc_h = NULL; > - > - if ( ((dmi_res->tx_tpm_ipc_h = (vtpm_ipc_handle_t *) malloc > (sizeof(vtpm_ipc_handle_t))) == NULL ) || > - ((dmi_res->tx_vtpm_ipc_h =(vtpm_ipc_handle_t *) malloc > (sizeof(vtpm_ipc_handle_t))) == NULL ) || > - ((tx_tpm_name = (char *) malloc(11 + strlen(VTPM_TX_TPM_FNAME))) == > NULL ) || > - ((tx_vtpm_name =(char *) malloc(11 + strlen(VTPM_TX_VTPM_FNAME))) > == NULL) ) { > - status =TPM_RESOURCES; > - goto abort_egress; > - } > - > - sprintf(tx_tpm_name, VTPM_TX_TPM_FNAME, (uint32_t) dmi_res->dmi_id); > - sprintf(tx_vtpm_name, VTPM_TX_VTPM_FNAME, (uint32_t) dmi_res->dmi_id); > - > - if ( (vtpm_ipc_init(dmi_res->tx_tpm_ipc_h, tx_tpm_name, O_WRONLY | > O_NONBLOCK, TRUE) != 0) || > - (vtpm_ipc_init(dmi_res->tx_vtpm_ipc_h, tx_vtpm_name, O_WRONLY, > TRUE) != 0) ) { //FIXME: O_NONBLOCK? > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - // Measure DMI > - // FIXME: This will measure DMI. Until then use a fixed DMI_Measurement > value > - // Also, this mechanism is specific to 1 VM architecture. > - /* > - fh = open(TPM_EMULATOR_PATH, O_RDONLY); > - stat_ret = fstat(fh, &file_stat); > - if (stat_ret == 0) > - dmi_size = file_stat.st_size; > - else { > - vtpmlogerror(VTPM_LOG_VTPM, "Could not open vtpmd!!\n"); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - dmi_buffer > - */ > - memset(&dmi_res->DMI_measurement, 0xcc, sizeof(TPM_DIGEST)); > - > - if (vm_type == VTPM_TYPE_PVM) > - vm_type_string = (BYTE *)&VTPM_TYPE_PVM_STRING; > - else > - vm_type_string = (BYTE *)&VTPM_TYPE_HVM_STRING; > - > - // Launch DMI > - sprintf(dmi_id_str, "%d", (int) dmi_res->dmi_id); > -#ifdef MANUAL_DM_LAUNCH > - vtpmlogerror(VTPM_LOG_VTPM, "Manually start VTPM with dmi=%s now.\n", > dmi_id_str); > - dmi_res->dmi_pid = 0; > -#else > - pid_t pid = fork(); > - > - if (pid == -1) { > - vtpmlogerror(VTPM_LOG_VTPM, "Could not fork to launch vtpm\n"); > - status = TPM_RESOURCES; > - goto abort_egress; > - } else if (pid == 0) { > - switch (startup_mode) { > - case TPM_ST_CLEAR: > - execl (TPM_EMULATOR_PATH, "vtpmd", "clear", vm_type_string, > dmi_id_str, NULL); > - break; > - case TPM_ST_STATE: > - execl (TPM_EMULATOR_PATH, "vtpmd", "save", vm_type_string, > dmi_id_str, NULL); > - break; > - case TPM_ST_DEACTIVATED: > - execl (TPM_EMULATOR_PATH, "vtpmd", "deactivated", vm_type_string, > dmi_id_str, NULL); > - break; > - default: > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - // Returning from these at all is an error. > - vtpmlogerror(VTPM_LOG_VTPM, "Could not exec to launch vtpm\n"); > - } else { > - dmi_res->dmi_pid = pid; > - vtpmloginfo(VTPM_LOG_VTPM, "Launching DMI on PID = %d\n", pid); > - } > -#endif // MANUAL_DM_LAUNCH > - > - } // If DMI = VTPM_CTL_DM > - status = TPM_SUCCESS; > - > -abort_egress: > - return (status); > -} > - > -TPM_RESULT VTPM_Close_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res) { > - TPM_RESULT status = TPM_SUCCESS; > - > - if (vtpm_globals->connected_dmis == 0) { > - // No more DMI's connected. Close fifo to prevent a broken pipe. > - // This is hackish. Need to think of another way. > - vtpm_ipc_close(g_rx_tpm_ipc_h); > - } > - > - > - if (dmi_res->dmi_id != VTPM_CTL_DM) { > - vtpm_ipc_close(dmi_res->tx_tpm_ipc_h); > - vtpm_ipc_close(dmi_res->tx_vtpm_ipc_h); > - > - free(dmi_res->tx_tpm_ipc_h->name); > - free(dmi_res->tx_vtpm_ipc_h->name); > - > -#ifndef MANUAL_DM_LAUNCH > - if (dmi_res->dmi_id != VTPM_CTL_DM) { > - if (dmi_res->dmi_pid != 0) { > - vtpmloginfo(VTPM_LOG_VTPM, "Killing dmi on pid %d.\n", > dmi_res->dmi_pid); > - if (kill(dmi_res->dmi_pid, SIGKILL) !=0) { > - vtpmloginfo(VTPM_LOG_VTPM, "DMI on pid %d is already dead.\n", > dmi_res->dmi_pid); > - } else if (waitpid(dmi_res->dmi_pid, NULL, 0) != dmi_res->dmi_pid) { > - vtpmlogerror(VTPM_LOG_VTPM, "DMI on pid %d failed to stop.\n", > dmi_res->dmi_pid); > - status = TPM_FAIL; > - } > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Could not kill dmi because it's pid was > 0.\n"); > - status = TPM_FAIL; > - } > - } > -#endif > - > - } //endif ! dom0 > - return status; > -} > - > - > -int main(int argc, char **argv) { > - vtpm_ipc_handle_t *tx_be_ipc_h, *rx_be_ipc_h, rx_tpm_ipc_h, rx_vtpm_ipc_h, > tx_hp_ipc_h, rx_hp_ipc_h; > - struct vtpm_thread_params_s be_thread_params, dmi_thread_params, > hp_thread_params; > - pthread_t be_thread, dmi_thread, hp_thread; > - > -#ifdef DUMMY_BACKEND > - vtpm_ipc_handle_t tx_dummy_ipc_h, rx_dummy_ipc_h; > -#else > - vtpm_ipc_handle_t real_be_ipc_h; > -#endif > - > - vtpmloginfo(VTPM_LOG_VTPM, "Starting VTPM.\n"); > - > - // -------------------- Initialize Manager ----------------- > - if (VTPM_Init_Manager() != TPM_SUCCESS) { > - vtpmlogerror(VTPM_LOG_VTPM, "Closing vtpmd due to error during > startup.\n"); > - return -1; > - } > - > - // -------------------- Setup Ctrl+C Handlers -------------- > - ctl_c_handler.sa_handler = signal_handler; > - sigemptyset(&ctl_c_handler.sa_mask); > - ctl_c_handler.sa_flags = 0; > - > - if (sigaction(SIGINT, &ctl_c_handler, NULL) == -1) > - vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGINT handler. Ctl+break > will not stop manager gently.\n"); > - > - // For easier debuggin with gdb > - if (sigaction(SIGHUP, &ctl_c_handler, NULL) == -1) > - vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGHUP handler. Ctl+break > will not stop manager gently.\n"); > - > - sigset_t sig_mask; > - sigemptyset(&sig_mask); > - sigaddset(&sig_mask, SIGPIPE); > - sigprocmask(SIG_BLOCK, &sig_mask, NULL); > - > - // ------------------- Set up file ipc structures ---------- > -#ifdef DUMMY_BACKEND > - if ( (vtpm_ipc_init(&tx_dummy_ipc_h, VTPM_DUMMY_TX_BE_FNAME, O_RDWR, TRUE) > != 0) || > - (vtpm_ipc_init(&rx_dummy_ipc_h, VTPM_DUMMY_RX_BE_FNAME, O_RDWR, TRUE) > != 0) ) { > - > - vtpmlogerror(VTPM_LOG_VTPM, "Unable to create Dummy BE FIFOs.\n"); > - exit(-1); > - } > - > - tx_be_ipc_h = &tx_dummy_ipc_h; > - rx_be_ipc_h = &rx_dummy_ipc_h; > -#else > - vtpm_ipc_init(&real_be_ipc_h, VTPM_BE_FNAME, O_RDWR, FALSE); > - > - tx_be_ipc_h = &real_be_ipc_h; > - rx_be_ipc_h = &real_be_ipc_h; > -#endif > - > - if ( (vtpm_ipc_init(&rx_tpm_ipc_h, VTPM_RX_TPM_FNAME, O_RDONLY, TRUE) != > 0) || > - (vtpm_ipc_init(&rx_vtpm_ipc_h, VTPM_RX_VTPM_FNAME, O_RDWR, TRUE) != > 0) || //FIXME: O_RDONLY? > - (vtpm_ipc_init(&tx_hp_ipc_h, VTPM_TX_HP_FNAME, O_RDWR, TRUE) != 0) > || > - (vtpm_ipc_init(&rx_hp_ipc_h, VTPM_RX_HP_FNAME, O_RDWR, TRUE) != 0) ) > { > - vtpmlogerror(VTPM_LOG_VTPM, "Unable to create initial FIFOs.\n"); > - exit(-1); > - } > - > - g_rx_tpm_ipc_h = &rx_tpm_ipc_h; > - > - // -------------------- Set up thread params ------------- > - > - be_thread_params.tx_ipc_h = tx_be_ipc_h; > - be_thread_params.rx_ipc_h = rx_be_ipc_h; > - be_thread_params.fw_tpm = TRUE; > - be_thread_params.fw_tx_ipc_h = NULL; > - be_thread_params.fw_rx_ipc_h = &rx_tpm_ipc_h; > - be_thread_params.is_priv = FALSE; > - be_thread_params.thread_name = "Backend Listener"; > - > - dmi_thread_params.tx_ipc_h = NULL; > - dmi_thread_params.rx_ipc_h = &rx_vtpm_ipc_h; > - dmi_thread_params.fw_tpm = FALSE; > - dmi_thread_params.fw_tx_ipc_h = NULL; > - dmi_thread_params.fw_rx_ipc_h = NULL; > - dmi_thread_params.is_priv = FALSE; > - dmi_thread_params.thread_name = "VTPM Listener"; > - > - hp_thread_params.tx_ipc_h = &tx_hp_ipc_h; > - hp_thread_params.rx_ipc_h = &rx_hp_ipc_h; > - hp_thread_params.fw_tpm = FALSE; > - hp_thread_params.fw_tx_ipc_h = NULL; > - hp_thread_params.fw_rx_ipc_h = NULL; > - hp_thread_params.is_priv = TRUE; > - hp_thread_params.thread_name = "Hotplug Listener"; > - > - // --------------------- Launch Threads ----------------- > - > - vtpm_lock_init(); > - > - vtpm_globals->master_pid = pthread_self(); > - > - if (pthread_create(&be_thread, NULL, vtpm_manager_thread, > &be_thread_params) != 0) { > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch BE Thread.\n"); > - exit(-1); > - } > - > - if (pthread_create(&dmi_thread, NULL, vtpm_manager_thread, > &dmi_thread_params) != 0) { > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch DMI Thread.\n"); > - exit(-1); > - } > - > - > - if (pthread_create(&hp_thread, NULL, vtpm_manager_thread, > &hp_thread_params) != 0) { > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch HP Thread.\n"); > - exit(-1); > - } > - > - //Join the other threads until exit time. > - pthread_join(be_thread, NULL); > - pthread_join(dmi_thread, NULL); > - pthread_join(hp_thread, NULL); > - > - vtpmlogerror(VTPM_LOG_VTPM, "VTPM Manager shut down unexpectedly.\n"); > - > - VTPM_Stop_Manager(); > - vtpm_lock_destroy(); > - return 0; > -} > diff --git a/tools/vtpm_manager/manager/vtpmpriv.h > b/tools/vtpm_manager/manager/vtpmpriv.h > deleted file mode 100644 > index 41e8d2d..0000000 > --- a/tools/vtpm_manager/manager/vtpmpriv.h > +++ /dev/null > @@ -1,186 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpmpriv.h > -// > -// Structures and functions private to the manager > -// > -// ================================================================== > - > -#ifndef __VTPMPRIV_H__ > -#define __VTPMPRIV_H__ > - > -#include "vtpm_manager.h" > -#include "tcg.h" > -#include "tcs.h" > -#include "buffer.h" > -#include "crypto.h" > -#include "vtpm_ipc.h" > - > -#define VTPM_MANAGER_GEN 2 // This is incremented when the manager's > table > - // is changed. It's used for backwards > compatability > - > -#define STATE_FILE "/var/vtpm/VTPM" > -#define DMI_NVM_FILE "/var/vtpm/vtpm_dm_%d.data" > -#define VTPM_CTL_DM 0 > - > -// ------------------------ Private Structures ----------------------- > -typedef struct VTPM_DMI_RESOURCE_T { > - // I/O info for Manager to talk to DMI's and controllers > - vtpm_ipc_handle_t *tx_vtpm_ipc_h; // TX VTPM Results to DMI > - vtpm_ipc_handle_t *rx_vtpm_ipc_h; // RX VTPM Commands from DMI > - vtpm_ipc_handle_t *tx_tpm_ipc_h; // TX TPM Commands to DMI > - vtpm_ipc_handle_t *rx_tpm_ipc_h; // RX TPM Results from DMI > - > -#ifndef VTPM_MULTI_VM > - pid_t dmi_pid; > -#endif > - > - // Non-persistent Information > - bool connected; > - UINT32 dmi_domain_id; > - TCS_CONTEXT_HANDLE TCSContext; // TCS Handle > - char *NVMLocation; // NULL term string indicating > location > - // of NVM. > - // Persistent Information about DMI > - UINT32 dmi_id; > - BYTE dmi_type; > - TPM_DIGEST NVM_measurement; // Equal to the SHA1 of the blob > - TPM_DIGEST DMI_measurement; // Correct measurement of the > owning DMI > -} VTPM_DMI_RESOURCE; > - > -typedef struct tdVTPM_MIGKEY_LIST { > - UINT32 name_size; > - BYTE *name; // Name of destination (IP addr, domain name, > etc) > - CRYPTO_INFO key; > - struct tdVTPM_MIGKEY_LIST *next; > -} VTPM_MIGKEY_LIST; > - > - > -typedef struct tdVTPM_GLOBALS { > - // Non-persistent data > -#ifndef VTPM_MULTI_VM > - pid_t master_pid; > -#endif > - > - int connected_dmis; // To close guest_rx when no dmis > are connected > - > - struct hashtable *dmi_map; // Table of all DMI's known > indexed by persistent instance # > - VTPM_MIGKEY_LIST *mig_keys; // Table of migration keys > - // Currently keys are loaded at migration time, > - // TODO: Make VTPM man store a keys persistently > - // and update script to check if key is needed > - // before fetching it. > - > - TCS_CONTEXT_HANDLE manager_tcs_handle; // TCS Handle used by manager > - TPM_HANDLE storageKeyHandle; // Key used by persistent store > - CRYPTO_INFO storageKey; // For software encryption > - CRYPTO_INFO bootKey; // For saving table > - TCS_AUTH keyAuth; // OIAP session for storageKey > - > - // Persistent Data > - TPM_AUTHDATA owner_usage_auth; // OwnerAuth of real TPM > - buffer_t storageKeyWrap; // Wrapped copy of storageKey > - TPM_AUTHDATA srk_usage_auth; > - TPM_AUTHDATA storage_key_usage_auth; > - > - buffer_t bootKeyWrap; // Wrapped copy of boot key > - > -}VTPM_GLOBALS; > - > -// --------------------------- Global Values -------------------------- > -extern VTPM_GLOBALS *vtpm_globals; // Key info and DMI states > -extern const TPM_AUTHDATA SRK_AUTH; // SRK Well Known Auth Value > - > -// ********************** VTPM Functions ************************* > -TPM_RESULT VTPM_Init_Manager(); // Start VTPM Service > -void VTPM_Stop_Manager(); // Stop VTPM Service > -TPM_RESULT VTPM_Manager_Handler(vtpm_ipc_handle_t *tx_ipc_h, > - vtpm_ipc_handle_t *rx_ipc_h, > - BOOL fw_tpm, // Should forward TPM cmds > - vtpm_ipc_handle_t *fw_tx_ipc_h, > - vtpm_ipc_handle_t *fw_rx_ipc_h, > - BOOL is_priv, > - char *client_name); > - > -// ********************** Command Handler Prototypes *********************** > - > -TPM_RESULT VTPM_Handle_Load_NVM( VTPM_DMI_RESOURCE *myDMI, > - const buffer_t *inbuf, > - buffer_t *outbuf); > - > -TPM_RESULT VTPM_Handle_Save_NVM( VTPM_DMI_RESOURCE *myDMI, > - const buffer_t *inbuf, > - buffer_t *outbuf); > - > -TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi, > - buffer_t *inbuf, > - buffer_t *outbuf); > - > -TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf); > - > -TPM_RESULT VTPM_Handle_Close_DMI(const buffer_t *param_buf); > - > -TPM_RESULT VTPM_Handle_Delete_DMI(const buffer_t *param_buf); > - > -TPM_RESULT VTPM_Handle_Migrate_In( const buffer_t *param_buf, > - buffer_t *result_buf); > - > -TPM_RESULT VTPM_Handle_Migrate_Out ( const buffer_t *param_buf, > - buffer_t *result_buf); > - > -TPM_RESULT VTPM_Handle_Get_Migration_key( const buffer_t *param_buf, > - buffer_t *result_buf); > - > -TPM_RESULT VTPM_SaveManagerData(void); > -TPM_RESULT VTPM_LoadManagerData(void); > - > -TPM_RESULT VTPM_New_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res, BYTE vm_type, BYTE > startup_mode); > - > -TPM_RESULT VTPM_Close_DMI_Extra(VTPM_DMI_RESOURCE *dmi_res); > - > -// Helper functions > -TPM_RESULT close_dmi(VTPM_DMI_RESOURCE *dmi_res); > -TPM_RESULT init_dmi(UINT32 dmi_id, BYTE type, VTPM_DMI_RESOURCE **dmi_res); > - > -TPM_RESULT envelope_encrypt(const buffer_t *inbuf, > - CRYPTO_INFO *asymkey, > - buffer_t *sealed_data); > - > -TPM_RESULT envelope_decrypt(const buffer_t *cipher, > - TCS_CONTEXT_HANDLE TCSContext, > - TPM_HANDLE keyHandle, > - const TPM_AUTHDATA *key_usage_auth, > - buffer_t *unsealed_data); > - > -#endif // __VTPMPRIV_H__ > diff --git a/tools/vtpm_manager/manager/vtsp.c > b/tools/vtpm_manager/manager/vtsp.c > deleted file mode 100644 > index fc8a66f..0000000 > --- a/tools/vtpm_manager/manager/vtsp.c > +++ /dev/null > @@ -1,1042 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtsp.c > -// > -// Higher level interface to TCS for use in service. > -// > -// ================================================================== > - > -#include <string.h> > -#include "tcg.h" > -#include "tcs.h" > -#include "bsg.h" > -#include "log.h" > -#include "crypto.h" > -#include "vtsp.h" > -#include "buffer.h" > - > -#define RSA_KEY_SIZE 0x0800 > - > -/*********************************************************************************** > - * GenerateAuth: Generate authorization info to be sent back to application > - * > - * Parameters: outParamDigestText The concatenation of output parameters to > be SHA1ed > - * outParamDigestTextSize Size of inParamDigestText > - * HMACkey Key to be used for HMACing > - * For OIAP use key.authUsage or PersistStore.ownerAuth > - * For OSAP use shared secret > - * pAuth Authorization information from the application > - * > - * Return: TPM_SUCCESS Authorization data created > - * TPM_AUTHFAIL Invalid (NULL) HMACkey presented for OSAP > - > *************************************************************************************/ > -TPM_RESULT GenerateAuth( /*[IN]*/ const BYTE *inParamDigestText, > - /*[IN]*/ UINT32 inParamDigestTextSize, > - /*[IN]*/ const TPM_SECRET *HMACkey, > - /*[IN,OUT]*/ TCS_AUTH *auth) { > - > - if (inParamDigestText == NULL || auth == NULL) > - return (TPM_AUTHFAIL); > - else { > - > - //Generate new OddNonce > - Crypto_GetRandom(auth->NonceOdd.nonce, sizeof(TPM_NONCE)); > - > - // Create SHA1 inParamDigest > - TPM_DIGEST inParamDigest; > - Crypto_SHA1Full(inParamDigestText, inParamDigestTextSize, (BYTE *) > &inParamDigest); > - > - // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). > - BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + > sizeof(BOOL)]; > - > - BSG_PackList( hmacText, 4, > - BSG_TPM_DIGEST, &inParamDigest, > - BSG_TPM_NONCE, &(auth->NonceEven), > - BSG_TPM_NONCE, &(auth->NonceOdd), > - BSG_TYPE_BOOL, &(auth->fContinueAuthSession) ); > - > - Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), (BYTE *) HMACkey, > sizeof(TPM_DIGEST), (BYTE *) &(auth->HMAC)); > - > - return(TPM_SUCCESS); > - > - } > -} > - > -/*********************************************************************************** > - * VerifyAuth: Verify the authdata for a command requiring authorization > - * > - * Parameters: inParamDigestText The concatenation of parameters to be > SHA1ed > - * inParamDigestTextSize Size of inParamDigestText > - * authDataUsage AuthDataUsage for the Entity being used > - * Key->authDataUsage or TPM_AUTH_OWNER > - * HMACkey Key to be used for HMACing > - * For OIAP use key.authUsage or PersistStore.ownerAuth > - * For OSAP use NULL (It will be aquired from the Auth Session) > - * If unknown (default), assume OIAP > - * sessionAuth A TCS_AUTH info for the session > - * pAuth Authorization information from the application > - * hContext If specified, on failed Auth, VerifyAuth will > - * generate a new OIAP session in place > of themselves > - * destroyed session. > - * > - * Return: TPM_SUCCESS Authorization Verified > - * TPM_AUTHFAIL Authorization Failed > - * TPM_FAIL Failure during SHA1 routines > - > *************************************************************************************/ > -TPM_RESULT VerifyAuth( /*[IN]*/ const BYTE *outParamDigestText, > - /*[IN]*/ UINT32 outParamDigestTextSize, > - /*[IN]*/ const TPM_SECRET *HMACkey, > - /*[IN,OUT]*/ TCS_AUTH *auth, > - /*[IN]*/ TCS_CONTEXT_HANDLE hContext) { > - if (outParamDigestText == NULL || auth == NULL) > - return (TPM_AUTHFAIL); > - > - > - // Create SHA1 inParamDigest > - TPM_DIGEST outParamDigest; > - Crypto_SHA1Full(outParamDigestText, outParamDigestTextSize, (BYTE *) > &outParamDigest); > - > - // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). > - TPM_DIGEST hm; > - BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)]; > - > - BSG_PackList( hmacText, 4, > - BSG_TPM_DIGEST, &outParamDigest, > - BSG_TPM_NONCE, &(auth->NonceEven), > - BSG_TPM_NONCE, &(auth->NonceOdd), > - BSG_TYPE_BOOL, &(auth->fContinueAuthSession) ); > - > - Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), > - (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &hm); > - > - // Compare correct HMAC with provided one. > - if (memcmp (&hm, &(auth->HMAC), sizeof(TPM_DIGEST)) == 0) { // 0 indicates > equality > - if (!auth->fContinueAuthSession) > - vtpmloginfo(VTPM_LOG_VTSP_DEEP, "Auth Session: 0x%x closed by TPM by > fContinue=0.\n", auth->AuthHandle); > - > - return (TPM_SUCCESS); > - } else { > - // If specified, reconnect the OIAP session. > - // NOTE: This only works for TCS's that never have a 0 context. > - if (hContext) { > - vtpmloginfo(VTPM_LOG_VTSP_DEEP, "Auth Session: 0x%x closed by TPM due > to failure.\n", auth->AuthHandle); > - VTSP_OIAP( hContext, auth); > - } > - return (TPM_AUTHFAIL); > - } > -} > - > -TPM_RESULT VTSP_OIAP(const TCS_CONTEXT_HANDLE hContext, > - TCS_AUTH *auth) { > - > - vtpmloginfo(VTPM_LOG_VTSP, "OIAP.\n"); > - TPM_RESULT status = TPM_SUCCESS; > - TPMTRYRETURN( TCSP_OIAP(hContext, > - &auth->AuthHandle, > - &auth->NonceEven) ); > - > - memset(&auth->HMAC, 0, sizeof(TPM_DIGEST)); > - auth->fContinueAuthSession = FALSE; > - > - vtpmloginfo(VTPM_LOG_VTSP_DEEP, "Auth Session: 0x%x opened by > TPM_OIAP.\n", auth->AuthHandle); > - goto egress; > - > - abort_egress: > - > - egress: > - > - return status; > -} > - > -TPM_RESULT VTSP_OSAP(const TCS_CONTEXT_HANDLE hContext, > - const TPM_ENTITY_TYPE entityType, > - const UINT32 entityValue, > - const TPM_AUTHDATA *usageAuth, > - TPM_SECRET *sharedSecret, > - TCS_AUTH *auth) { > - > - vtpmloginfo(VTPM_LOG_VTSP, "OSAP.\n"); > - TPM_RESULT status = TPM_SUCCESS; > - TPM_NONCE nonceEvenOSAP, nonceOddOSAP; > - > - Crypto_GetRandom((BYTE *) &nonceOddOSAP, sizeof(TPM_NONCE) ); > - > - TPMTRYRETURN( TCSP_OSAP( hContext, > - entityType, > - entityValue, > - nonceOddOSAP, > - &auth->AuthHandle, > - &auth->NonceEven, > - &nonceEvenOSAP) ); > - > - // Calculating Session Secret > - BYTE sharedSecretText[TPM_DIGEST_SIZE * 2]; > - > - BSG_PackList( sharedSecretText, 2, > - BSG_TPM_NONCE, &nonceEvenOSAP, > - BSG_TPM_NONCE, &nonceOddOSAP); > - > - Crypto_HMAC(sharedSecretText, sizeof(sharedSecretText), (BYTE *) > usageAuth, TPM_DIGEST_SIZE, (BYTE *) sharedSecret); > - > - memset(&auth->HMAC, 0, sizeof(TPM_DIGEST)); > - auth->fContinueAuthSession = FALSE; > - > - vtpmloginfo(VTPM_LOG_VTSP_DEEP, "Auth Session: 0x%x opened by > TPM_OSAP.\n", auth->AuthHandle); > - > - goto egress; > - > - abort_egress: > - > - egress: > - > - return status; > -} > - > - > -TPM_RESULT VTSP_TerminateHandle(const TCS_CONTEXT_HANDLE hContext, > - const TCS_AUTH *auth) { > - > - vtpmloginfo(VTPM_LOG_VTSP, "Terminate Handle.\n"); > - TPM_RESULT status = TPM_SUCCESS; > - TPMTRYRETURN( TCSP_TerminateHandle(hContext, auth->AuthHandle) ); > - > - vtpmloginfo(VTPM_LOG_VTSP_DEEP, "Auth Session: 0x%x closed by > TPM_TerminateHandle.\n", auth->AuthHandle); > - goto egress; > - > - abort_egress: > - > - egress: > - > - return status; > -} > - > - > -TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext, > - CRYPTO_INFO *crypto_info) { > - > - TPM_RESULT status; > - TPM_NONCE antiReplay; > - TPM_DIGEST checksum; > - BYTE *pubEKtext; > - UINT32 pubEKtextsize; > - > - vtpmloginfo(VTPM_LOG_VTSP, "Reading Public EK.\n"); > - > - // GenerateAuth new nonceOdd > - Crypto_GetRandom(&antiReplay, sizeof(TPM_NONCE) ); > - > - > - TPMTRYRETURN( TCSP_ReadPubek( hContext, > - antiReplay, > - &pubEKtextsize, > - &pubEKtext, > - &checksum) ); > - > - > - // Extract the remaining output parameters > - TPM_PUBKEY pubEK; > - > - BSG_Unpack(BSG_TPM_PUBKEY, pubEKtext, (BYTE *) &pubEK); > - > - // Build CryptoInfo for the bindingKey > - TPM_RSA_KEY_PARMS rsaKeyParms; > - > - BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, > - pubEK.algorithmParms.parms, > - &rsaKeyParms); > - > - Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, > - rsaKeyParms.exponent, > - pubEK.pubKey.keyLength, > - pubEK.pubKey.key, > - crypto_info); > - > - // Destroy rsaKeyParms > - BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms); > - > - // Set encryption scheme > - crypto_info->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1; > - //crypto_info->encScheme = pubEK.algorithmParms.encScheme; > - crypto_info->algorithmID = pubEK.algorithmParms.algorithmID; > - > - goto egress; > - > - abort_egress: > - > - egress: > - > - return status; > -} > - > -TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext, > - const TPM_AUTHDATA *ownerAuth, > - const TPM_AUTHDATA *srkAuth, > - CRYPTO_INFO *ek_cryptoInfo, > - TCS_AUTH *auth) { > - > - vtpmloginfo(VTPM_LOG_VTSP, "Taking Ownership of TPM.\n"); > - > - TPM_RESULT status = TPM_SUCCESS; > - TPM_COMMAND_CODE command = TPM_ORD_TakeOwnership; > - TPM_PROTOCOL_ID proto_id = TPM_PID_OWNER; > - BYTE *new_srk; > - > - BYTE *paramText; // Digest to make Auth. > - UINT32 paramTextSize; > - > - // vars for srkpubkey parameter > - TPM_KEY srkPub; > - TPM_KEY_PARMS srkKeyInfo = {TPM_ALG_RSA, TPM_ES_RSAESOAEP_SHA1_MGF1, > TPM_SS_NONE, 12, 0}; > - BYTE srkRSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00, > 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00}; > - srkKeyInfo.parms = (BYTE *) &srkRSAkeyInfo; > - > - struct pack_buf_t srkText; > - > - //These values are accurate for an enc(AuthData). > - struct pack_buf_t encOwnerAuth, encSrkAuth; > - > - encOwnerAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256); > - encSrkAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256); > - > - if (encOwnerAuth.data == NULL || encSrkAuth.data == NULL) { > - vtpmloginfo(VTPM_LOG_VTSP, "Could not malloc encrypted auths.\n"); > - status = TPM_RESOURCES; > - goto abort_egress; > - } > - > - Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) ownerAuth, > &encOwnerAuth.size, encOwnerAuth.data); > - Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) srkAuth, > &encSrkAuth.size, encSrkAuth.data); > - > - > - // Build srk public key struct > - srkPub.ver = TPM_STRUCT_VER_1_1; > - srkPub.keyUsage = TPM_KEY_STORAGE; > - srkPub.keyFlags = 0x00; > - srkPub.authDataUsage = TPM_AUTH_ALWAYS; > - memcpy(&srkPub.algorithmParms, &srkKeyInfo, sizeof(TPM_KEY_PARMS)); > - srkPub.PCRInfoSize = 0; > - srkPub.PCRInfo = 0; > - srkPub.pubKey.keyLength= 0; > - srkPub.encDataSize = 0; > - > - srkText.data = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - srkText.size = BSG_Pack(BSG_TPM_KEY, (BYTE *) &srkPub, srkText.data); > - > - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - > - paramTextSize = BSG_PackList(paramText, 5, > - BSG_TPM_COMMAND_CODE,&command, > - BSG_TPM_PROTOCOL_ID, &proto_id, > - BSG_TPM_SIZE32_DATA, &encOwnerAuth, > - BSG_TPM_SIZE32_DATA, &encSrkAuth, > - BSG_TPM_KEY, &srkPub); > - > - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, ownerAuth, auth) ); > - > - new_srk = srkText.data; > - TPMTRYRETURN( TCSP_TakeOwnership ( hContext, > - proto_id, > - encOwnerAuth.size, > - encOwnerAuth.data, > - encSrkAuth.size, > - encSrkAuth.data, > - &srkText.size, > - &new_srk, > - auth ) ); > - > - > - paramTextSize = BSG_PackList(paramText, 2, > - BSG_TPM_RESULT, &status, > - BSG_TPM_COMMAND_CODE, &command); > - memcpy(paramText + paramTextSize, new_srk, srkText.size); > - paramTextSize += srkText.size; > - > - > - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, > - ownerAuth, auth, > - hContext) ); > - > - goto egress; > - > - abort_egress: > - > - egress: > - > - free(srkText.data); > - free(encSrkAuth.data); > - free(encOwnerAuth.data); > - free(paramText); > - > - TCS_FreeMemory(hContext, new_srk); > - > - return status; > -} > - > -TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext, > - const TPM_AUTHDATA *ownerAuth, > - TCS_AUTH *auth) { > - > - vtpmloginfo(VTPM_LOG_VTSP, "Disabling Pubek Read.\n"); > - > - TPM_RESULT status = TPM_SUCCESS; > - TPM_COMMAND_CODE command = TPM_ORD_DisablePubekRead; > - > - BYTE *paramText; // Digest to make Auth. > - UINT32 paramTextSize; > - > - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - > - paramTextSize = BSG_PackList(paramText, 1, > - BSG_TPM_COMMAND_CODE, &command); > - > - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, > - ownerAuth, auth) ); > - > - // Call TCS > - TPMTRYRETURN( TCSP_DisablePubekRead ( hContext, // in > - auth) ); > - > - // Verify Auth > - paramTextSize = BSG_PackList(paramText, 2, > - BSG_TPM_RESULT, &status, > - BSG_TPM_COMMAND_CODE, &command); > - > - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, > - ownerAuth, auth, > - hContext) ); > - goto egress; > - > - abort_egress: > - egress: > - free(paramText); > - return status; > -} > - > -TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext, > - const TPM_KEY_USAGE usage, > - const TPM_AUTHDATA *newKeyAuth, > - const TCS_KEY_HANDLE parentHandle, > - const TPM_AUTHDATA *osapSharedSecret, > - buffer_t *pubKeyBuf, > - TCS_AUTH *auth) { > - > - int i; > - TPM_RESULT status = TPM_SUCCESS; > - TPM_COMMAND_CODE command = TPM_ORD_CreateWrapKey; > - > - vtpmloginfo(VTPM_LOG_VTSP, "Creating new key of type %d.\n", usage); > - > - // vars for Calculate encUsageAuth > - BYTE *paramText; > - UINT32 paramTextSize; > - > - // vars for Calculate encUsageAuth > - BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)]; > - TPM_DIGEST XORKey1; > - UINT32 XORbufferSize; > - TPM_SECRET encUsageAuth, encMigrationAuth; > - > - // vars for Flatten newKey prototype > - BYTE *flatKey = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - UINT32 flatKeySize = TCPA_MAX_BUFFER_LENGTH; > - struct pack_buf_t newKeyText; > - > - // Fill in newKey > - TPM_KEY newKey; > - > - BYTE RSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00, > 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00}; > - newKey.algorithmParms.algorithmID = TPM_ALG_RSA; > - newKey.algorithmParms.parms = (BYTE *) &RSAkeyInfo; > - newKey.algorithmParms.parmSize = 12; > - > - switch (usage) { > - case TPM_KEY_SIGNING: > - vtpmloginfo(VTPM_LOG_VTSP, "Creating Signing Key...\n"); > - newKey.keyUsage = TPM_KEY_SIGNING; > - newKey.algorithmParms.encScheme = TPM_ES_NONE; > - newKey.algorithmParms.sigScheme = TPM_SS_RSASSAPKCS1v15_SHA1; > - break; > - case TPM_KEY_STORAGE: > - vtpmloginfo(VTPM_LOG_VTSP, "Creating Storage Key...\n"); > - newKey.keyUsage = TPM_KEY_STORAGE; > - newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; > - newKey.algorithmParms.sigScheme = TPM_SS_NONE; > - break; > - case TPM_KEY_BIND: > - vtpmloginfo(VTPM_LOG_VTSP, "Creating Binding Key...\n"); > - newKey.keyUsage = TPM_KEY_BIND; > - newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; > - newKey.algorithmParms.sigScheme = TPM_SS_NONE; > - break; > - default: > - vtpmloginfo(VTPM_LOG_VTSP, "Cannot create key. Invalid Key Type.\n"); > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - > - newKey.ver = TPM_STRUCT_VER_1_1; > - > - newKey.keyFlags = 0; > - newKey.authDataUsage = TPM_AUTH_ALWAYS; > - newKey.pubKey.keyLength= 0; > - newKey.encDataSize = 0; > - newKey.encData = NULL; > - > - // FIXME: Support PCR bindings > - newKey.PCRInfoSize = 0; > - newKey.PCRInfo = NULL; > - > - // Calculate encUsageAuth > - XORbufferSize = BSG_PackList( XORbuffer, 2, > - BSG_TPM_SECRET, osapSharedSecret, > - BSG_TPM_NONCE, &auth->NonceEven); > - Crypto_SHA1Full(XORbuffer, XORbufferSize, (BYTE *) &XORKey1); > - > - // FIXME: No support for migratable keys. > - for (i=0; i < TPM_DIGEST_SIZE; i++) > - ((BYTE *) &encUsageAuth)[i] = ((BYTE *) &XORKey1)[i] ^ ((BYTE *) > newKeyAuth)[i]; > - > - // Flatten newKey prototype > - flatKeySize = BSG_Pack(BSG_TPM_KEY, (BYTE *) &newKey, flatKey); > - newKeyText.data = flatKey; > - newKeyText.size = flatKeySize; > - > - // Generate HMAC > - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - > - paramTextSize = BSG_PackList(paramText, 3, > - BSG_TPM_COMMAND_CODE, &command, > - BSG_TPM_AUTHDATA, &encUsageAuth, > - BSG_TPM_AUTHDATA, &encMigrationAuth); > - memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size); > - paramTextSize += newKeyText.size; > - > - > - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, > - osapSharedSecret, auth) ); > - > - // Call TCS > - TPMTRYRETURN( TCSP_CreateWrapKey( hContext, > - parentHandle, > - encUsageAuth, > - encMigrationAuth, > - &newKeyText.size, > - &newKeyText.data, > - auth) ); > - > - // Verify Auth > - paramTextSize = BSG_PackList(paramText, 2, > - BSG_TPM_RESULT, &status, > - BSG_TPM_COMMAND_CODE, &command); > - memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size); > - paramTextSize += newKeyText.size; > - > - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, > - osapSharedSecret, auth, 0) ); > - > - // Unpack/return key structure > - TPMTRYRETURN(buffer_init(pubKeyBuf, 0, 0) ); > - TPMTRYRETURN(buffer_append_raw(pubKeyBuf, newKeyText.size, > newKeyText.data) ); > - > - goto egress; > - > - abort_egress: > - > - egress: > - > - free(flatKey); > - free(paramText); > - TCS_FreeMemory(hContext, newKeyText.data); > - > - return status; > -} > - > -TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext, > - const TCS_KEY_HANDLE hUnwrappingKey, > - const buffer_t *rgbWrappedKeyBlob, > - const TPM_AUTHDATA *parentAuth, > - TPM_HANDLE *newKeyHandle, > - TCS_AUTH *auth, > - CRYPTO_INFO *cryptoinfo, > - const BOOL skipTPMLoad) { > - > - > - vtpmloginfo(VTPM_LOG_VTSP, "Loading Key %s.\n", (!skipTPMLoad ? "into TPM" > : "only into memory")); > - > - TPM_RESULT status = TPM_SUCCESS; > - TPM_COMMAND_CODE command = TPM_ORD_LoadKey; > - > - BYTE *paramText=NULL; // Digest to make Auth. > - UINT32 paramTextSize; > - > - // SkipTPMLoad stops key from being loaded into TPM, but still generates > CRYPTO_INFO for it > - if (! skipTPMLoad) { > - > - if ((rgbWrappedKeyBlob == NULL) || (parentAuth == NULL) || > - (newKeyHandle==NULL) || (auth==NULL)) { > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - // Generate Extra TCS Parameters > - TPM_HANDLE phKeyHMAC; > - > - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - > - paramTextSize = BSG_PackList(paramText, 1, > - BSG_TPM_COMMAND_CODE, &command); > - > - memcpy(paramText + paramTextSize, rgbWrappedKeyBlob->bytes, > buffer_len(rgbWrappedKeyBlob)); > - paramTextSize += buffer_len(rgbWrappedKeyBlob); > - > - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, > - parentAuth, auth) ); > - > - // Call TCS > - TPMTRYRETURN( TCSP_LoadKeyByBlob( hContext, > - hUnwrappingKey, > - buffer_len(rgbWrappedKeyBlob), > - rgbWrappedKeyBlob->bytes, > - auth, > - newKeyHandle, > - &phKeyHMAC) ); > - > - // Verify Auth > - paramTextSize = BSG_PackList(paramText, 3, > - BSG_TPM_RESULT, &status, > - BSG_TPM_COMMAND_CODE, &command, > - BSG_TPM_HANDLE, newKeyHandle); > - > - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, > - parentAuth, auth, > - hContext) ); > - } > - > - // Build cryptoinfo structure for software crypto function. > - if (cryptoinfo != NULL) { > - TPM_KEY newKey; > - > - // Unpack/return key structure > - BSG_Unpack(BSG_TPM_KEY, rgbWrappedKeyBlob->bytes , &newKey); > - TPM_RSA_KEY_PARMS rsaKeyParms; > - > - BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, > - newKey.algorithmParms.parms, > - &rsaKeyParms); > - > - Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, > - rsaKeyParms.exponent, > - newKey.pubKey.keyLength, > - newKey.pubKey.key, > - cryptoinfo); > - > - // Destroy rsaKeyParms > - BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms); > - > - // Set encryption scheme > - cryptoinfo->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1; > - } > - > - goto egress; > - > - abort_egress: > - > - egress: > - > - free(paramText); > - return status; > -} > - > -TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext, > - const TPM_KEY_HANDLE key_handle, > - const buffer_t *bound_data, > - const TPM_AUTHDATA *usage_auth, > - buffer_t *clear_data, > - TCS_AUTH *auth) { > - > - vtpmloginfo(VTPM_LOG_VTSP, "Unbinding %d bytes of data.\n", > buffer_len(bound_data)); > - > - TPM_RESULT status = TPM_SUCCESS; > - TPM_COMMAND_CODE command = TPM_ORD_UnBind; > - > - BYTE *paramText; // Digest to make Auth. > - UINT32 paramTextSize; > - > - // Generate Extra TCS Parameters > - struct pack_buf_t clear_data32; > - BYTE *clear_data_text; > - UINT32 clear_data_size; > - > - struct pack_buf_t bound_data32 = {bound_data->size, bound_data->bytes}; > - > - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - > - paramTextSize = BSG_PackList(paramText, 2, > - BSG_TPM_COMMAND_CODE, &command, > - BSG_TPM_SIZE32_DATA, &bound_data32); > - > - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, > - usage_auth, auth) ); > - > - // Call TCS > - TPMTRYRETURN( TCSP_UnBind( hContext, > - key_handle, > - buffer_len(bound_data), > - bound_data->bytes, > - auth, > - &clear_data_size, > - &clear_data_text) ); > - > - > - // Verify Auth > - clear_data32.size = clear_data_size; > - clear_data32.data = clear_data_text; > - paramTextSize = BSG_PackList(paramText, 3, > - BSG_TPM_RESULT, &status, > - BSG_TPM_COMMAND_CODE, &command, > - BSG_TPM_SIZE32_DATA, &clear_data32); > - > - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, > - usage_auth, auth, > - hContext) ); > - > - // Unpack/return key structure > - TPMTRYRETURN(buffer_init(clear_data, 0, 0)); > - TPMTRYRETURN(buffer_append_raw (clear_data, clear_data_size, > clear_data_text) ); > - > - goto egress; > - > - abort_egress: > - > - egress: > - > - free(paramText); > - TCS_FreeMemory(hContext, clear_data_text); > - > - return status; > -} > - > -TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo, > - const buffer_t *inData, > - buffer_t *outData) > -{ > - vtpmloginfo(VTPM_LOG_VTSP, "Binding %d bytes of data.\n", > buffer_len(inData)); > - TPM_RESULT status = TPM_SUCCESS; > - TPM_BOUND_DATA boundData; > - UINT32 i; > - > - // Fill boundData's accessory information > - boundData.ver = TPM_STRUCT_VER_1_1; > - boundData.payload = TPM_PT_BIND; > - boundData.payloadData = inData->bytes; > - > - // Pack boundData before encryption > - BYTE* flatBoundData = (BYTE *)malloc(sizeof(BYTE) * > - (sizeof(TPM_VERSION) + > - sizeof(TPM_PAYLOAD_TYPE) + > - buffer_len(inData))); > - if (flatBoundData == NULL) { > - return TPM_NOSPACE; > - } > - UINT32 flatBoundDataSize = 0; > - flatBoundDataSize = BSG_PackList( flatBoundData, 2, > - BSG_TPM_VERSION, &boundData.ver, > - BSG_TYPE_BYTE, &boundData.payload); > - > - memcpy(flatBoundData+flatBoundDataSize, inData->bytes, buffer_len(inData)); > - flatBoundDataSize += buffer_len(inData); > - > - BYTE out_tmp[RSA_KEY_SIZE/8]; // RSAEnc does not do blocking, So this is > what will come out. > - UINT32 out_tmp_size; > - > - // Encrypt flatBoundData > - TPMTRY(TPM_ENCRYPT_ERROR, Crypto_RSAEnc( cryptoInfo, > - flatBoundDataSize, > - flatBoundData, > - &out_tmp_size, > - out_tmp) ); > - > - if (out_tmp_size > RSA_KEY_SIZE/8) { > - // The result of RSAEnc should be a fixed size based on key size. > - vtpmlogerror(VTPM_LOG_VTSP, "Enc buffer just overflowed.\n"); > - } > - > - buffer_init(outData, 0, NULL); > - buffer_append_raw(outData, out_tmp_size, out_tmp); > - > - vtpmloginfo(VTPM_LOG_TXDATA, "Bind Generated[%d] = 0x", out_tmp_size); > - for(i = 0 ; i < out_tmp_size ; i++) { > - vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out_tmp[i]); > - } > - vtpmloginfomore(VTPM_LOG_TXDATA, "\n"); > - > - goto egress; > - abort_egress: > - egress: > - > - // Free flatBoundData > - free(flatBoundData); > - > - return TPM_SUCCESS; > -} > - > -TPM_RESULT VTSP_Seal(const TCS_CONTEXT_HANDLE hContext, > - const TPM_KEY_HANDLE keyHandle, > - const TPM_AUTHDATA *sealDataAuth, > - const TPM_PCR_COMPOSITE *pcrComp, > - const buffer_t *inData, > - TPM_STORED_DATA *sealedData, > - const TPM_SECRET *osapSharedSecret, > - TCS_AUTH *auth) { > - > - TPM_RESULT status = TPM_SUCCESS; > - TPM_COMMAND_CODE command = TPM_ORD_Seal; > - > - BYTE *paramText; // Digest to make Auth. > - UINT32 paramTextSize; > - > - // Generate PCR_Info Struct from Comp > - TPM_PCR_INFO pcrInfo; > - UINT32 pcrInfoSize, flatpcrSize; > - BYTE flatpcr[3 + // PCR_Select = 3 1 byte banks > - sizeof(UINT16) + // 2 byte UINT16 > - sizeof(UINT32) + // PCR_Comp = 4 byte UINT32 > - 24 * sizeof(TPM_PCRVALUE) ]; // up to 24 PCRs > - > - if (pcrComp != NULL) { > - //printf("\n\tBinding to PCRs: "); > - //for(int i = 0 ; i < pcrComp->select.sizeOfSelect ; i++) > - //printf("%2.2x", pcrComp->select.pcrSelect[i]); > - > - memcpy(&pcrInfo.pcrSelection, &pcrComp->select, > sizeof(TPM_PCR_SELECTION)); > - > - flatpcrSize = BSG_Pack(BSG_TPM_PCR_COMPOSITE, (BYTE *) pcrComp, > flatpcr); > - Crypto_SHA1Full((BYTE *) flatpcr, flatpcrSize, (BYTE *) > &(pcrInfo.digestAtRelease)); > - memset(&(pcrInfo.digestAtCreation), 0, sizeof(TPM_DIGEST)); > - pcrInfoSize = BSG_Pack(BSG_TPM_PCR_INFO, (BYTE *) &pcrInfo, flatpcr); > - } else { > - //printf("\n\tBinding to no PCRS."); > - pcrInfoSize = 0; > - } > - > - // Calculate encUsageAuth > - BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)]; > - UINT32 XORbufferSize = sizeof(XORbuffer); > - TPM_DIGEST XORKey; > - TPM_ENCAUTH encAuth; > - > - BSG_PackList( XORbuffer, 2, > - BSG_TPM_SECRET, osapSharedSecret, > - BSG_TPM_NONCE, &auth->NonceEven ); > - > - Crypto_SHA1Full(XORbuffer, XORbufferSize, (BYTE *) &XORKey); > - > - int i; > - for (i=0; i < TPM_DIGEST_SIZE; i++) > - ((BYTE *) &encAuth)[i] = ((BYTE *) &XORKey)[i] ^ ((BYTE *) > sealDataAuth)[i]; > - > - // Generate Extra TCS Parameters > - UINT32 inDataSize = buffer_len(inData); > - struct pack_buf_t inData_pack = {inDataSize, inData->bytes}; > - struct pack_buf_t pcrInfo_pack = {pcrInfoSize, flatpcr}; > - > - UINT32 sealedDataSize; > - BYTE *flatSealedData=NULL; > - > - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - > - paramTextSize = BSG_PackList(paramText, 4, > - BSG_TPM_COMMAND_CODE, &command, > - BSG_TPM_ENCAUTH, &encAuth, > - BSG_TPM_SIZE32_DATA, &pcrInfo_pack, > - BSG_TPM_SIZE32_DATA, &inData_pack); > - > - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, > - osapSharedSecret, auth) ); > - > - // Call TCS > - TPMTRYRETURN( TCSP_Seal( hContext, > - keyHandle, > - encAuth, > - pcrInfoSize, > - flatpcr, > - inDataSize, > - inData->bytes, > - auth, > - &sealedDataSize, > - &flatSealedData) ); > - > - // Unpack/return key structure > - BSG_Unpack( BSG_TPM_STORED_DATA, flatSealedData, sealedData ); > - > - paramTextSize = BSG_PackList(paramText, 3, > - BSG_TPM_RESULT, &status, > - BSG_TPM_COMMAND_CODE, &command, > - BSG_TPM_STORED_DATA, sealedData); > - > - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, > - osapSharedSecret, auth, > - 0) ); > - > - > - goto egress; > - > - abort_egress: > - egress: > - > - if (flatSealedData) > - TCS_FreeMemory( hContext, flatSealedData); > - > - free(paramText); > - return status; > -} > - > - > -TPM_RESULT VTSP_Unseal(const TCS_CONTEXT_HANDLE hContext, > - const TPM_KEY_HANDLE keyHandle, > - const TPM_STORED_DATA *sealedData, > - const TPM_AUTHDATA *key_usage_auth, > - const TPM_AUTHDATA *data_usage_auth, > - buffer_t *outData, > - TCS_AUTH *auth, > - TCS_AUTH *dataAuth) { > - > - TPM_RESULT status = TPM_SUCCESS; > - TPM_COMMAND_CODE command = TPM_ORD_Unseal; > - > - BYTE *paramText; // Digest to make Auth. > - UINT32 paramTextSize; > - > - // Generate Extra TCS Parameters > - UINT32 sealDataSize, clearDataSize; > - BYTE *flatSealedData= (BYTE *) malloc(sizeof(TPM_VERSION) + > - 2 * sizeof(UINT32) + > - sealedData->sealInfoSize + > - sealedData->encDataSize), > - *clearData=NULL; > - > - sealDataSize = BSG_Pack(BSG_TPM_STORED_DATA, sealedData, flatSealedData ); > - > - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - > - paramTextSize = BSG_PackList(paramText, 2, > - BSG_TPM_COMMAND_CODE, &command, > - BSG_TPM_STORED_DATA, sealedData); > - > - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, > - key_usage_auth, auth) ); > - > - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, > - data_usage_auth, dataAuth) ); > - // Call TCS > - TPMTRYRETURN( TCSP_Unseal( hContext, > - keyHandle, > - sealDataSize, > - flatSealedData, > - auth, > - dataAuth, > - &clearDataSize, > - &clearData) ); > - > - // Verify Auth > - struct pack_buf_t clearData_pack = {clearDataSize, clearData}; > - > - paramTextSize = BSG_PackList(paramText, 3, > - BSG_TPM_RESULT, &status, > - BSG_TPM_COMMAND_CODE, &command, > - BSG_TPM_SIZE32_DATA, &clearData_pack); > - > - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, > - key_usage_auth, auth, > - hContext) ); > - > - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, > - data_usage_auth, dataAuth, > - hContext) ); > - > - // Unpack/return key structure > - TPMTRYRETURN( buffer_init(outData, clearDataSize, clearData) ); > - > - goto egress; > - > - abort_egress: > - egress: > - > - if (flatSealedData) > - TCS_FreeMemory( hContext, clearData); > - > - free(paramText); > - return status; > -} > - > -TPM_RESULT VTSP_SaveState( const TCS_CONTEXT_HANDLE hContext) { > - > - vtpmloginfo(VTPM_LOG_VTSP, "Calling TPM_SaveState.\n"); > - > - TPM_RESULT status = TPM_SUCCESS; > - > - // Call TCS > - return ( TCSP_SaveState ( hContext ) ); > - > -} > - > - > -// Function Reaches into unsupported TCS command, beware. > -TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext, > - const buffer_t *inbuf, > - buffer_t *outbuf ) { > - > - vtpmloginfo(VTPM_LOG_VTSP, "Passthrough in use.\n"); > - TPM_RESULT status = TPM_SUCCESS; > - > - // Generate Extra TCS Parameters > - BYTE *resultText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); > - UINT32 resultTextSize = TCPA_MAX_BUFFER_LENGTH; > - > - // Call TCS > - TPMTRYRETURN( TCSP_RawTransmitData(buffer_len(inbuf), inbuf->bytes, > - &resultTextSize, resultText) ); > - > - // Unpack/return key structure > - TPMTRYRETURN(buffer_init (outbuf, resultTextSize, resultText) ); > - goto egress; > - > - abort_egress: > - > - egress: > - TCS_FreeMemory(hContext, resultText); > - free(resultText); > - return status; > -} > diff --git a/tools/vtpm_manager/manager/vtsp.h > b/tools/vtpm_manager/manager/vtsp.h > deleted file mode 100644 > index 2fb0440..0000000 > --- a/tools/vtpm_manager/manager/vtsp.h > +++ /dev/null > @@ -1,126 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtsp.h > -// > -// Higher level interface to TCS. > -// > -// ================================================================== > - > -#ifndef __VTSP_H__ > -#define __VTSP_H__ > - > -#include "tcg.h" > -#include "tcs.h" > - > -#define KEY_BUFFER_SIZE 2048 > - > -TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext, > - const buffer_t *inbuf, > - buffer_t *outbuf ); > - > -TPM_RESULT VTSP_OIAP( const TCS_CONTEXT_HANDLE hContext, > - TCS_AUTH *auth); > - > -TPM_RESULT VTSP_OSAP( const TCS_CONTEXT_HANDLE hContext, > - const TPM_ENTITY_TYPE entityType, > - const UINT32 entityValue, > - const TPM_AUTHDATA *usageAuth, > - TPM_SECRET *sharedsecret, > - TCS_AUTH *auth); > - > -TPM_RESULT VTSP_TerminateHandle(const TCS_CONTEXT_HANDLE hContext, > - const TCS_AUTH *auth); > - > -TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext, > - CRYPTO_INFO *cypto_info); > - > -TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext, > - const TPM_AUTHDATA *ownerAuth, > - const TPM_AUTHDATA *srkAuth, > - CRYPTO_INFO *ek_cryptoInfo, > - TCS_AUTH *auth); > - > -TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext, > - const TPM_AUTHDATA *ownerAuth, > - TCS_AUTH *auth); > - > -TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext, > - const TPM_KEY_USAGE usage, > - const TPM_AUTHDATA *newKeyAuth, > - const TCS_KEY_HANDLE parentHandle, > - const TPM_AUTHDATA *osapSharedSecret, > - buffer_t *pubKeyBuf, > - TCS_AUTH *auth); > - > -TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext, > - const TCS_KEY_HANDLE hUnwrappingKey, > - const buffer_t *rgbWrappedKeyBlob, > - const TPM_AUTHDATA *parentAuth, > - TPM_HANDLE *newKeyHandle, > - TCS_AUTH *pAuth, > - CRYPTO_INFO *cryptoinfo, > - const BOOL skipTPMLoad); > - > -TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext, > - const TPM_KEY_HANDLE key_handle, > - const buffer_t *bound_data, > - const TPM_AUTHDATA *usage_auth, > - buffer_t *clear_data, > - TCS_AUTH *auth); > - > -TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo, > - const buffer_t *inData, > - buffer_t *outData); > - > -TPM_RESULT VTSP_Seal(const TCS_CONTEXT_HANDLE hContext, > - const TPM_KEY_HANDLE keyHandle, > - const TPM_AUTHDATA *sealDataAuth, > - const TPM_PCR_COMPOSITE *pcrComp, > - const buffer_t *inData, > - TPM_STORED_DATA *sealedData, > - const TPM_SECRET *osapSharedSecret, > - TCS_AUTH *auth); > - > -TPM_RESULT VTSP_Unseal(const TCS_CONTEXT_HANDLE hContext, > - const TPM_KEY_HANDLE keyHandle, > - const TPM_STORED_DATA *sealedData, > - const TPM_AUTHDATA *key_usage_auth, > - const TPM_AUTHDATA *data_usage_auth, > - buffer_t *outData, > - TCS_AUTH *auth, > - TCS_AUTH *dataAuth); > - > -TPM_RESULT VTSP_SaveState( const TCS_CONTEXT_HANDLE hContext); > - > -#endif //_VTSP_H_ > diff --git a/tools/vtpm_manager/migration/Makefile > b/tools/vtpm_manager/migration/Makefile > deleted file mode 100644 > index e33ae95..0000000 > --- a/tools/vtpm_manager/migration/Makefile > +++ /dev/null > @@ -1,42 +0,0 @@ > -XEN_ROOT = $(CURDIR)/../../.. > -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk > - > -VPATH = ../manager > - > -BIND = vtpm_migratord > -BINC = vtpm_migrator > - > -SRCSD = vtpm_manager_if.c vtpm_migratord.c vtpm_migratord_handler.c > vtpm_ipc.c > -SRCSC = vtpm_manager_if.c vtpm_migrator_if.c vtpm_migratorc.c vtpm_ipc.c > - > -OBJSD = $(patsubst %.c,%.o,$(SRCSD)) > -OBJSC = $(patsubst %.c,%.o,$(SRCSC)) > - > -.PHONY: all > -all: build > - > -.PHONY: build > -build: $(BIND) $(BINC) > - > -.PHONY: install > -install: build > - $(INSTALL_PROG) $(BIND) $(DESTDIR)$(BINDIR) > - $(INSTALL_PROG) $(BINC) $(DESTDIR)$(BINDIR) > - > -.PHONY: clean > -clean: > - rm -f $(BINC) $(BIND) > - rm -f *.a *.so *.o *.rpm $(DEP_FILES) > - > -.PHONY: mrproper > -mrproper: clean > - rm -f *~ > - > -$(BIND): $(OBJSD) > - $(CC) $(LDFLAGS) $^ $(LIBS) -o $@ > - > -$(BINC): $(OBJSC) > - $(CC) $(LDFLAGS) $^ $(LIBS) -o $@ > - > -# libraries > -LIBS += ../util/libTCGUtils.a > diff --git a/tools/vtpm_manager/migration/vtpm_manager_if.c > b/tools/vtpm_manager/migration/vtpm_manager_if.c > deleted file mode 100644 > index 08986f4..0000000 > --- a/tools/vtpm_manager/migration/vtpm_manager_if.c > +++ /dev/null > @@ -1,186 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_manager_if.c > -// > -// Provides functions to call local vtpm manager interface (Hotplug) > -// > -// ================================================================== > - > -#include <stdio.h> > -#include <fcntl.h> > -#include <malloc.h> > -#include <string.h> > - > -#include "tcg.h" > -#include "buffer.h" > -#include "log.h" > -#include "vtpm_ipc.h" > -#include "bsg.h" > -#include "vtpm_migrator.h" > -#include "vtpm_manager.h" > - > -#define VTPM_TX_HP_FNAME "/var/vtpm/fifos/from_console.fifo" > -#define VTPM_RX_HP_FNAME "/var/vtpm/fifos/to_console.fifo" > - > -static vtpm_ipc_handle_t tx_ipc_h, rx_ipc_h; > - > -TPM_RESULT vtpm_manager_open(){ > - > - if ( (vtpm_ipc_init(&tx_ipc_h, VTPM_TX_HP_FNAME, O_RDWR, TRUE) != 0) || > //FIXME: wronly > - (vtpm_ipc_init(&rx_ipc_h, VTPM_RX_HP_FNAME, O_RDWR, TRUE) != 0) ) { > //FIXME: rdonly > - vtpmlogerror(VTPM_LOG_VTPM, "Unable to connect to vtpm_manager.\n"); > - return TPM_IOERROR; > - } > - > - return TPM_SUCCESS; > -} > - > -void vtpm_manager_close() { > - > - vtpm_ipc_close(&tx_ipc_h); > - vtpm_ipc_close(&rx_ipc_h); > -} > - > - > -TPM_RESULT vtpm_manager_command(TPM_COMMAND_CODE ord, > - buffer_t *command_param_buf, > - TPM_RESULT *cmd_status, /* out */ > - buffer_t *result_param_buf) { > - > - TPM_RESULT status = TPM_FAIL; > - int size_read, size_write, i; > - BYTE *adj_command, response_header[VTPM_COMMAND_HEADER_SIZE_SRV]; > - UINT32 dmi_id=0, adj_command_size, out_param_size, adj_param_size; > - TPM_TAG tag=VTPM_TAG_REQ; > - > - if ( (!command_param_buf) || (!result_param_buf) || (!cmd_status) ) { > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - adj_command_size = VTPM_COMMAND_HEADER_SIZE_SRV + > buffer_len(command_param_buf); > - adj_command = (BYTE *) malloc( adj_command_size ); > - if (!adj_command) { > - status = TPM_RESOURCES; > - goto abort_egress; > - } > - > - out_param_size = VTPM_COMMAND_HEADER_SIZE + buffer_len(command_param_buf); > - BSG_PackList(adj_command, 4, > - BSG_TYPE_UINT32, &dmi_id, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, &out_param_size, > - BSG_TPM_COMMAND_CODE, &ord ); > - > - memcpy(adj_command + VTPM_COMMAND_HEADER_SIZE_SRV, > command_param_buf->bytes, buffer_len(command_param_buf)); > - > - size_write = vtpm_ipc_write(&tx_ipc_h, NULL, adj_command, > adj_command_size); > - > - if (size_write > 0) { > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "SENT (MGR): 0x"); > - for (i=0; i< adj_command_size; i++) { > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", adj_command[i]); > - } > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Error writing VTPM Manager console.\n"); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - if (size_write != (int) adj_command_size ) > - vtpmlogerror(VTPM_LOG_VTPM, "Could not write entire command to mgr > (%d/%d)\n", size_write, adj_command_size); > - > - // Read header for response to manager command > - size_read = vtpm_ipc_read(&rx_ipc_h, NULL, response_header, > VTPM_COMMAND_HEADER_SIZE_SRV); > - if (size_read > 0) { > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "RECV (MGR): 0x"); > - for (i=0; i<size_read; i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", response_header[i]); > - > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Error reading from vtpm manager.\n"); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - if (size_read < (int) VTPM_COMMAND_HEADER_SIZE_SRV) { > - vtpmlogerror(VTPM_LOG_VTPM, "Command from vtpm_manager shorter than std > header.\n"); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - // Unpack response from DMI for TPM command > - BSG_UnpackList(response_header, 4, > - BSG_TYPE_UINT32, &dmi_id, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, &out_param_size, > - BSG_TPM_COMMAND_CODE, cmd_status ); > - > - // If response has parameters, read them. > - // Note that out_param_size is in the client's context > - adj_param_size = out_param_size - VTPM_COMMAND_HEADER_SIZE; > - if (adj_param_size > 0) { > - TPMTRYRETURN( buffer_init( result_param_buf, adj_param_size, NULL) ); > - size_read = vtpm_ipc_read(&rx_ipc_h, NULL, result_param_buf->bytes, > adj_param_size); > - if (size_read > 0) { > - for (i=0; i< size_read; i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", > result_param_buf->bytes[i]); > - > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Error reading from vtpm manager.\n"); > - goto abort_egress; > - } > - vtpmloginfomore(VTPM_LOG_VTPM, "\n"); > - > - if (size_read < (int)adj_param_size) { > - vtpmloginfomore(VTPM_LOG_VTPM, "\n"); > - vtpmlogerror(VTPM_LOG_VTPM, "Command read(%d) is shorter than header > indicates(%d).\n", size_read, adj_param_size); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - } else { > - vtpmloginfomore(VTPM_LOG_VTPM, "\n"); > - } > - > - status=TPM_SUCCESS; > - goto egress; > - > - abort_egress: > - egress: > - > - return status; > -} > - > - > diff --git a/tools/vtpm_manager/migration/vtpm_migrator.h > b/tools/vtpm_manager/migration/vtpm_migrator.h > deleted file mode 100644 > index 8d52e66..0000000 > --- a/tools/vtpm_manager/migration/vtpm_migrator.h > +++ /dev/null > @@ -1,104 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_migrator.h > -// > -// Public Interface header for VTPM Migrator > -// > -// ================================================================== > - > -#ifndef __VTPM_MIGRATOR_H__ > -#define __VTPM_MIGRATOR_H__ > - > -#define VTPM_MTAG_REQ 0x02c1 > -#define VTPM_MTAG_RSP 0x02c4 > - > -// Header sizes. > -#define VTPM_COMMAND_HEADER_SIZE ( 2 + 4 + 4) > -// sizeof(TPM_TAG + UINT32 + TPM_COMMAND_CODE) > - > -//*********************** Connection Info ************************** > -#define VTPM_MIG_PORT 48879 > - > -//************************ Command Codes *************************** > -#define VTPM_MORD_MIG_STEP1 0x00 > -#define VTPM_MORD_MIG_STEP2 0x01 > -#define VTPM_MORD_MIG_STEP3 0x02 > -#define VTPM_MORD_MIG_STEP4 0x03 > - > -//************************ Return Codes **************************** > -#define VTPM_SUCCESS 0 > -#define VTPM_FAIL 1 > - > -/******************* Command Parameter API ************************* > - > -VTPM Command Format > - tpm tag: 2 bytes > - command size: 4 bytes // Size of command including header but not > DMI > - ord: 4 bytes // Command ordinal above > - parameters: size - 10 bytes // Command Parameter > - > -VTPM Response Format > - tpm tag: 2 bytes > - response_size: 4 bytes > - status: 4 bytes > - parameters: size - 10 bytes > - > - > -VTPM_Mig_Phase1: > - Unsupported: (Handled by scripts) > - > -VTPM_Mig_Phase2 > - Input Parameters: > - domain_name_size: 4 bytes > - domain_name : domain_name_size bytes > - Output Parameters: > - pub_exp_size: 4 bytes > - pub_exp: pub_exp_size bytes > - pub_mod_size: 4 bytes > - pub_mod: pub_mod_size bytes > - > -VTPM_Mig_Phase3 > - Input Parameters: > - vtpm_state_size: 4 bytes > - vtpm_state: vtpm_state_size bytes > - Output Parameters: > - none > - > -VTPM_Mig_Phase4 > - Unsupported: (Handled by scripts) > - > - > -*********************************************************************/ > - > -#endif //_VTPM_MANAGER_H_ > diff --git a/tools/vtpm_manager/migration/vtpm_migrator_if.c > b/tools/vtpm_manager/migration/vtpm_migrator_if.c > deleted file mode 100644 > index de48b2d..0000000 > --- a/tools/vtpm_manager/migration/vtpm_migrator_if.c > +++ /dev/null > @@ -1,219 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// vtpm_migrator_if.c > -// > -// Provides functions to call open network connection & call > -// a function on the vtpm_migratord on the destination > -// > -// ================================================================== > - > -#include <stdio.h> > -#include <sys/types.h> > -#include <sys/socket.h> > -#include <netinet/in.h> > -#include <arpa/inet.h> > -#include <netdb.h> > -#include <string.h> > -#include <malloc.h> > - > -#include "tcg.h" > -#include "buffer.h" > -#include "log.h" > -#include "bsg.h" > -#include "vtpm_migrator.h" > - > -static int sock_desc; > - > - > -TPM_RESULT vtpm_migratord_open(char *server_address){ > - > - TPM_RESULT status = TPM_FAIL; > - > - /* network variables */ > - struct in_addr ip_addr; > - struct sockaddr_in server_addr; > - int addr_len; > - struct hostent *dns_info=NULL; > - > - /* set up connection to server*/ > - dns_info = gethostbyname(server_address); > - ip_addr.s_addr = *((unsigned long *) dns_info->h_addr_list[0]); > - > - if(ip_addr.s_addr < 0) { > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - /* set up server variable */ > - memset((char *)&server_addr, 0, sizeof(server_addr)); > - server_addr.sin_family = AF_INET; > - server_addr.sin_port = htons(VTPM_MIG_PORT); > - server_addr.sin_addr.s_addr = ip_addr.s_addr; > - > - /* open socket, make connection */ > - sock_desc = socket(AF_INET, SOCK_STREAM, 0); > - > - if (sock_desc < 0 ) { > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - if (connect(sock_desc, > - (struct sockaddr *)&server_addr, > - sizeof(server_addr)) < 0 ) { > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - status = TPM_SUCCESS; > - goto egress; > - > - abort_egress: > - egress: > - > - return status; > -} > - > -void vtpm_migratord_close() { > - close(sock_desc); > -} > - > - > -TPM_RESULT vtpm_migratord_command(TPM_COMMAND_CODE ord, > - buffer_t *command_param_buf, > - TPM_RESULT *cmd_status, /* out */ > - buffer_t *result_param_buf) { > - > - TPM_RESULT status = TPM_FAIL; > - int size_read, size_write, i; > - BYTE *command, response_header[VTPM_COMMAND_HEADER_SIZE]; > - UINT32 dmi_id=0, command_size, out_param_size, adj_param_size; > - TPM_TAG tag=VTPM_MTAG_REQ; > - > - if ( (!command_param_buf) || (!result_param_buf) || (!cmd_status) ) { > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - command_size = VTPM_COMMAND_HEADER_SIZE + buffer_len(command_param_buf); > - command = (BYTE *) malloc( command_size ); > - if (!command) { > - status = TPM_RESOURCES; > - goto abort_egress; > - } > - > - BSG_PackList(command, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, &command_size, > - BSG_TPM_COMMAND_CODE, &ord ); > - > - memcpy(command + VTPM_COMMAND_HEADER_SIZE, command_param_buf->bytes, > buffer_len(command_param_buf)); > - > - size_write = write(sock_desc, command, command_size); > - > - if (size_write > 0) { > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "SENT (MIGd): 0x"); > - for (i=0; i< command_size; i++) { > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", command[i]); > - } > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Error writing to migration server via > network.\n"); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - if (size_write != (int) command_size ) > - vtpmlogerror(VTPM_LOG_VTPM, "Could not write entire command to migration > server (%d/%d)\n", size_write, command_size); > - > - // Read header for response > - size_read = read(sock_desc, response_header, VTPM_COMMAND_HEADER_SIZE); > - if (size_read > 0) { > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "RECV (MIGd): 0x"); > - for (i=0; i<size_read; i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", response_header[i]); > - > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Error reading from Migration Server.\n"); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - if (size_read < (int) VTPM_COMMAND_HEADER_SIZE) { > - vtpmlogerror(VTPM_LOG_VTPM, "Command from migration server shorter than > std header.\n"); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - > - // Unpack response from DMI for TPM command > - BSG_UnpackList(response_header, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, &out_param_size, > - BSG_TPM_COMMAND_CODE, cmd_status ); > - > - // If response has parameters, read them. > - adj_param_size = out_param_size - VTPM_COMMAND_HEADER_SIZE; > - if (adj_param_size > 0) { > - TPMTRYRETURN( buffer_init( result_param_buf, adj_param_size, NULL) ); > - size_read = read(sock_desc, result_param_buf->bytes, adj_param_size); > - if (size_read > 0) { > - for (i=0; i< size_read; i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", > result_param_buf->bytes[i]); > - > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Error reading from migration server.\n"); > - goto abort_egress; > - } > - vtpmloginfomore(VTPM_LOG_VTPM, "\n"); > - > - if (size_read < (int)adj_param_size) { > - vtpmloginfomore(VTPM_LOG_VTPM, "\n"); > - vtpmlogerror(VTPM_LOG_VTPM, "Command read(%d) is shorter than header > indicates(%d).\n", size_read, adj_param_size); > - status = TPM_IOERROR; > - goto abort_egress; > - } > - } else { > - vtpmloginfomore(VTPM_LOG_VTPM, "\n"); > - } > - > - status=TPM_SUCCESS; > - goto egress; > - > - abort_egress: > - egress: > - > - return status; > -} > - > - > diff --git a/tools/vtpm_manager/migration/vtpm_migratorc.c > b/tools/vtpm_manager/migration/vtpm_migratorc.c > deleted file mode 100644 > index 18b3bdb..0000000 > --- a/tools/vtpm_manager/migration/vtpm_migratorc.c > +++ /dev/null > @@ -1,211 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > - > -#include <stdio.h> > -#include <string.h> > - > -#include "tcg.h" > -#include "log.h" > -#include "bsg.h" > -#include "buffer.h" > -#include "vtpm_migrator.h" > -#include "vtpm_manager.h" > - > -TPM_RESULT handle_vtpm_mig_step2(char *server_addr, > - char *name, > - UINT32 instance) { > - TPM_RESULT status, cmd_status; > - buffer_t out_param_buf=NULL_BUF, mig_key_buf=NULL_BUF, empty_buf=NULL_BUF; > - UINT32 offset; > - struct pack_buf_t addr_data32; > - > - //===== Get Destination's Public Migration Key ====== > - TPMTRYRETURN( vtpm_migratord_open(server_addr) ); > - > - TPMTRYRETURN( vtpm_migratord_command(VTPM_MORD_MIG_STEP2, > - &out_param_buf, > - &cmd_status, > - &mig_key_buf) ); > - vtpm_migratord_close(); > - > - TPMTRYRETURN(cmd_status); > - > - //===== Load migration key into vtpm_manager ======== > - > - addr_data32.data = (BYTE *)server_addr; > - addr_data32.size = strlen(server_addr) + 1; // Include the null > - > - TPMTRYRETURN ( buffer_init ( &out_param_buf, > - sizeof(UINT32) + addr_data32.size > +buffer_len(&mig_key_buf), > - NULL ) ) ; > - > - offset = BSG_PackList(out_param_buf.bytes, 1, > - BSG_TPM_SIZE32_DATA, &addr_data32); > - > - memcpy(out_param_buf.bytes + offset , mig_key_buf.bytes, > buffer_len(&mig_key_buf) ); > - > - TPMTRYRETURN ( vtpm_manager_open() ); > - > - TPMTRYRETURN ( vtpm_manager_command(VTPM_ORD_LOAD_MIG_KEY, > - &out_param_buf, > - &cmd_status, > - &empty_buf) ); > - > - vtpm_manager_close(); > - > - TPMTRYRETURN(cmd_status); > - > - goto egress; > - > - abort_egress: > - egress: > - > - buffer_free(&mig_key_buf); > - buffer_free(&out_param_buf); > - > - return status; > -} > - > - > -TPM_RESULT handle_vtpm_mig_step3(char *server_addr, > - char *name, > - UINT32 instance) { > - TPM_RESULT status, cmd_status; > - buffer_t out_param_buf=NULL_BUF, state_buf=NULL_BUF, empty_buf=NULL_BUF; > - struct pack_buf_t addr_data32, name_data32, state_data32; > - > - //===== Get vtpm state from vtpm_manager ======== > - addr_data32.data = (BYTE *)server_addr; > - addr_data32.size = strlen(server_addr) + 1; // Include the null > - > - TPMTRYRETURN ( buffer_init ( &out_param_buf, > - (2 * sizeof(UINT32)) + addr_data32.size, > - NULL ) ) ; > - > - BSG_PackList(out_param_buf.bytes, 2, > - BSG_TYPE_UINT32, &instance, > - BSG_TPM_SIZE32_DATA, &addr_data32); > - > - TPMTRYRETURN ( vtpm_manager_open() ); > - > - TPMTRYRETURN ( vtpm_manager_command(VTPM_ORD_MIGRATE_OUT, > - &out_param_buf, > - &cmd_status, > - &state_buf) ); > - > - vtpm_manager_close(); > - > - TPMTRYRETURN(cmd_status); > - > - TPMTRYRETURN( buffer_free( &out_param_buf ) ); > - > - //===== Send vtpm state to destination ====== > - name_data32.data = (BYTE *)name; > - name_data32.size = strlen(name) + 1; // Include the null > - state_data32.data = state_buf.bytes; > - state_data32.size = buffer_len(&state_buf); > - > - TPMTRYRETURN( buffer_init( &out_param_buf, > - 2 * sizeof(UINT32) + name_data32.size + > state_data32.size, > - NULL ) ) ; > - > - BSG_PackList(out_param_buf.bytes, 2, > - BSG_TPM_SIZE32_DATA, &name_data32, > - BSG_TPM_SIZE32_DATA, &state_data32); > - > - TPMTRYRETURN( vtpm_migratord_open(server_addr) ); > - > - TPMTRYRETURN( vtpm_migratord_command(VTPM_MORD_MIG_STEP3, > - &out_param_buf, > - &cmd_status, > - &empty_buf) ); > - vtpm_migratord_close(); > - > - TPMTRYRETURN(cmd_status); > - > - goto egress; > - > - abort_egress: > - egress: > - > - buffer_free( &out_param_buf); > - buffer_free( &state_buf); > - buffer_free( &empty_buf); > - > - return status; > -} > - > - > -// Usage vtpm_migrator addr domain_name instance step > - > -int main(int argc, char **argv) { > - > - /* variables for processing of command */ > - TPM_RESULT status = TPM_FAIL; > - char *server_addr, *name; > - UINT32 instance, step; > - > - if (argc != 5) { > - vtpmlogerror(VTPM_LOG_VTPM, "Usage: vtpm_migrator addr vm_name > instance step\n"); > - vtpmlogerror(VTPM_LOG_VTPM, " params given %d\n", argc); > - status= TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - server_addr = argv[1]; > - name = argv[2]; > - instance = atoi( argv[3] ); > - step = atoi( argv[4] ); > - > - switch (step) { > - case VTPM_MORD_MIG_STEP2: > - status = handle_vtpm_mig_step2(server_addr, name, instance); > - break; > - > - case VTPM_MORD_MIG_STEP3: > - status = handle_vtpm_mig_step3(server_addr, name, instance); > - break; > - > - default: > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - break; > - } > - > - goto egress; > - abort_egress: > - egress: > - > - return status; > -} > - > diff --git a/tools/vtpm_manager/migration/vtpm_migratord.c > b/tools/vtpm_manager/migration/vtpm_migratord.c > deleted file mode 100644 > index ea18c8c..0000000 > --- a/tools/vtpm_manager/migration/vtpm_migratord.c > +++ /dev/null > @@ -1,202 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > - > -#include <stdio.h> > -#include <sys/types.h> > -#include <sys/socket.h> > -#include <netinet/in.h> > -#include <arpa/inet.h> > -#include <string.h> > - > -#include "tcg.h" > -#include "log.h" > -#include "bsg.h" > -#include "buffer.h" > -#include "vtpm_migrator.h" > - > -void build_error_msg( buffer_t *buf, TPM_RESULT status) { > - TPM_TAG tag = VTPM_MTAG_RSP; > - UINT32 out_param_size = VTPM_COMMAND_HEADER_SIZE; > - > - buffer_init(buf, out_param_size, NULL); > - > - BSG_PackList(buf->bytes, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, &out_param_size, > - BSG_TPM_RESULT, &status ); > -} > - > -int main() { > - > - /* network variables */ > - int sock_descr, client_sock=-1, len; > - struct sockaddr_in addr; > - struct sockaddr_in client_addr; > - unsigned int client_length; > - int bytes; > - > - /* variables for processing of command */ > - TPM_RESULT status = TPM_FAIL; > - BYTE cmd_header[VTPM_COMMAND_HEADER_SIZE]; > - TPM_TAG tag; > - TPM_COMMAND_CODE ord; > - UINT32 in_param_size, adj_param_size; > - int i, size_read, size_write; > - buffer_t in_param_buf=NULL_BUF, result_buf=NULL_BUF; > - > - > - /* setup socket */ > - sock_descr = socket(AF_INET, SOCK_STREAM, 0); > - > - memset(&addr, 0, sizeof(addr)); > - addr.sin_family = AF_INET; > - addr.sin_addr.s_addr = htonl(INADDR_ANY); > - addr.sin_port = htons(VTPM_MIG_PORT); > - > - if (bind(sock_descr, (struct sockaddr *)&addr, sizeof(addr)) == -1 ) { > - vtpmlogerror(VTPM_LOG_VTPM, "Failed to bind to port %d.\n", > VTPM_MIG_PORT); > - return 1; > - } > - > - listen(sock_descr, 10); > - > - for(;;) { > - // ============ clear client info and wait for connection ========== > - memset(&client_addr, 0, sizeof(client_addr)); > - client_length = sizeof(client_addr); > - > - vtpmloginfo(VTPM_LOG_VTPM, "Waiting for incoming migrations...\n"); > - client_sock=accept(sock_descr, &client_addr, &client_length); > - if (client_sock == -1) { > - vtpmlogerror(VTPM_LOG_VTPM, "Incoming connectionn failed.\n"); > - goto abort_command; > - } else { > - vtpmloginfo(VTPM_LOG_VTPM, "Incoming connection accepted.\n"); > - } > - > - // =================== Read incoming command ====================== > - size_read = read( client_sock, cmd_header, VTPM_COMMAND_HEADER_SIZE); > - if (size_read > 0) { > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "RECV: 0x"); > - for (i=0; i<size_read; i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", cmd_header[i]); > - > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Error reading from socket.\n"); > - build_error_msg(&result_buf, TPM_IOERROR); > - goto abort_command_with_error; > - } > - > - if (size_read < (int) VTPM_COMMAND_HEADER_SIZE) { > - vtpmlogerror(VTPM_LOG_VTPM, "Command from socket shorter than > std header.\n"); > - build_error_msg(&result_buf, TPM_BAD_PARAMETER); > - goto abort_command_with_error; > - } > - > - // Unpack response from client > - BSG_UnpackList(cmd_header, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, &in_param_size, > - BSG_TPM_COMMAND_CODE, &ord ); > - > - > - // If response has parameters, read them. > - // Note that out_param_size is in the client's context > - adj_param_size = in_param_size - VTPM_COMMAND_HEADER_SIZE; > - if (adj_param_size > 0) { > - buffer_init( &in_param_buf, adj_param_size, NULL); > - size_read = read(client_sock, in_param_buf.bytes, > adj_param_size); > - if (size_read > 0) { > - for (i=0; i< size_read; i++) > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", > in_param_buf.bytes[i]); > - > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Error reading from socket.\n"); > - build_error_msg(&result_buf, TPM_IOERROR); > - goto abort_command_with_error; > - } > - vtpmloginfomore(VTPM_LOG_VTPM, "\n"); > - > - if (size_read < (int)adj_param_size) { > - vtpmloginfomore(VTPM_LOG_VTPM, "\n"); > - vtpmlogerror(VTPM_LOG_VTPM, "Command read(%d) is shorter > than header indicates(%d).\n", size_read, adj_param_size); > - build_error_msg(&result_buf, TPM_BAD_PARAMETER); > - goto abort_command_with_error; > - } > - } else { > - vtpmloginfomore(VTPM_LOG_VTPM, "\n"); > - } > - > - /* Handle Command */ > - switch (ord) { > - case VTPM_MORD_MIG_STEP2: > - handle_vtpm_mig_step2(&in_param_buf, &result_buf); > - break; > - > - case VTPM_MORD_MIG_STEP3: > - handle_vtpm_mig_step3(&in_param_buf, &result_buf); > - break; > - > - default: > - build_error_msg(&result_buf, TPM_BAD_PARAMETER); > - goto abort_command_with_error; > - } > - > - abort_command_with_error: > - /* Write Response */ > - size_write = write(client_sock, result_buf.bytes, > buffer_len(&result_buf)); > - > - if (size_write > 0) { > - vtpmloginfo(VTPM_LOG_VTPM_DEEP, "SENT: 0x"); > - for (i=0; i< buffer_len(&result_buf); i++) { > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "%x ", > result_buf.bytes[i]); > - } > - vtpmloginfomore(VTPM_LOG_VTPM_DEEP, "\n"); > - } else { > - vtpmlogerror(VTPM_LOG_VTPM, "Error writing response to > client.\n"); > - goto abort_command; > - } > - > - if (size_write != (int) buffer_len(&result_buf) ) > - vtpmlogerror(VTPM_LOG_VTPM, "Could not send entire response to > client(%d/%d)\n", size_write, buffer_len(&result_buf)); > - > - abort_command: > - close(client_sock); > - buffer_free(&in_param_buf); > - buffer_free(&result_buf); > - > - } // For (;;) > - > - return 0; > -} > - > diff --git a/tools/vtpm_manager/migration/vtpm_migratord_handler.c > b/tools/vtpm_manager/migration/vtpm_migratord_handler.c > deleted file mode 100644 > index 0a8a2d5..0000000 > --- a/tools/vtpm_manager/migration/vtpm_migratord_handler.c > +++ /dev/null > @@ -1,177 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > - > -#include <stdlib.h> > -#include <string.h> > - > -#include "tcg.h" > -#include "bsg.h" > -#include "log.h" > -#include "vtpm_migrator.h" > -#include "vtpm_manager.h" > - > -#define VTPM_SH_CMD_HDR "bash -c \"cd /etc/xen/scripts; source > /etc/xen/scripts/vtpm-common.sh;" > -#define VTPM_SH_CMD_FTR "\"" > -#define VTPM_SH_GETINST "vtpmdb_get_free_instancenum" > -#define VTPM_SH_ADD "vtpm_add_and_activate" > -#define VTPM_SH_RESUME "vtpm_resume" > - > -// This must be updated to the longest command name. Currently GETINST > -#define VTPM_SH_CMD_SIZE (strlen(VTPM_SH_CMD_HDR) + strlen(VTPM_SH_CMD_FTR) > + 1 + strlen(VTPM_SH_GETINST) + 2) > - > -void handle_vtpm_mig_step2(buffer_t *in_param_buf, buffer_t *result_buf) > -{ > - TPM_TAG tag = VTPM_TAG_RSP; > - buffer_t out_param_buf= NULL_BUF, mig_key_buf=NULL_BUF; > - TPM_RESULT status=TPM_SUCCESS, cmd_status; > - UINT32 out_param_size; > - > - if ( (!in_param_buf) || (!result_buf) ) { > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - // ================= Call manager and get mig key =============== > - TPMTRYRETURN( vtpm_manager_open() ); > - TPMTRYRETURN( vtpm_manager_command(VTPM_ORD_GET_MIG_KEY, > - &out_param_buf, // Empty > - &cmd_status, > - &mig_key_buf) ); > - > - vtpm_manager_close(); > - > - TPMTRYRETURN(cmd_status); > - > - // ==================== return the mig key ===================== > - out_param_size = VTPM_COMMAND_HEADER_SIZE + buffer_len(&mig_key_buf); > - > - TPMTRYRETURN( buffer_init(result_buf, > - out_param_size, > - NULL) ); > - > - BSG_PackList( result_buf->bytes, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, &out_param_size, > - BSG_TPM_RESULT, &status); > - > - memcpy(result_buf->bytes + VTPM_COMMAND_HEADER_SIZE, > - mig_key_buf.bytes, buffer_len(&mig_key_buf)); > - > - goto egress; > - > - abort_egress: > - buffer_free(result_buf); > - build_error_msg(result_buf, status); > - > - egress: > - return; > -} > - > -void handle_vtpm_mig_step3(buffer_t *in_param_buf, buffer_t *result_buf) > -{ > - TPM_TAG tag = VTPM_TAG_RSP; > - buffer_t out_param_buf= NULL_BUF, mig_key_buf=NULL_BUF, empty_buf=NULL_BUF; > - TPM_RESULT status=TPM_SUCCESS, cmd_status; > - UINT32 out_param_size, instance; > - char *shell_cmd_str=NULL; > - size_t shell_cmd_strlen; > - FILE *shell_f=NULL; > - > - if ( (!in_param_buf) || (!result_buf) ) { > - status = TPM_BAD_PARAMETER; > - goto abort_egress; > - } > - > - // ================= Read Parameters =============== > - struct pack_buf_t name_data32, state_data32; > - > - BSG_UnpackList(in_param_buf->bytes, 2, > - BSG_TPM_SIZE32_DATA, &name_data32, > - BSG_TPM_SIZE32_DATA, &state_data32); > - > - // Before using this string, protect us from a non-null term array. > - if (name_data32.data[name_data32.size -1] != 0x00) { > - name_data32.data[name_data32.size -1] = 0x00; > - } > - > - // ====== Call hotplug-script and get an instance ====== > - shell_cmd_strlen = VTPM_SH_CMD_SIZE + name_data32.size + 10; > - shell_cmd_str = (char *) malloc(shell_cmd_strlen); // 10 is just padding > for the UINT32 > - > - snprintf(shell_cmd_str, shell_cmd_strlen, > - VTPM_SH_CMD_HDR VTPM_SH_GETINST VTPM_SH_CMD_FTR); > - > - shell_f = popen(shell_cmd_str, "r"); > - fscanf(shell_f, "%d", &instance); > - pclose(shell_f); > - > - // ====== Call hotplug-script and add instance ====== > - snprintf(shell_cmd_str, shell_cmd_strlen, > - VTPM_SH_CMD_HDR VTPM_SH_ADD " %s %d" VTPM_SH_CMD_FTR, > - name_data32.data, instance); > - system(shell_cmd_str); > - > - // ========= Call vtpm_manager and load VTPM ======= > - TPMTRYRETURN( buffer_init( &out_param_buf, > - 2*sizeof(UINT32) + state_data32.size, > - NULL) ); > - > - BSG_PackList(out_param_buf.bytes, 2, > - BSG_TYPE_UINT32, &instance, > - BSG_TPM_SIZE32_DATA, &state_data32); > - > - TPMTRYRETURN( vtpm_manager_open() ); > - TPMTRYRETURN( vtpm_manager_command(VTPM_ORD_MIGRATE_IN, > - &out_param_buf, > - &cmd_status, > - &empty_buf) ); > - > - vtpm_manager_close(); > - > - TPMTRYRETURN(cmd_status); > - > - // ====== Call hotplug-script and resume instance ====== > - snprintf(shell_cmd_str, shell_cmd_strlen, > - VTPM_SH_CMD_HDR VTPM_SH_RESUME " %d" VTPM_SH_CMD_FTR, instance); > - system(shell_cmd_str); > - > - goto egress; > - abort_egress: > - egress: > - free(shell_cmd_str); > - > - // In this case no params come back, so reuse build_error_msg even for > succes. > - build_error_msg(result_buf, status); > - return; > -} > - > diff --git a/tools/vtpm_manager/tcs/Makefile b/tools/vtpm_manager/tcs/Makefile > deleted file mode 100644 > index 11af91e..0000000 > --- a/tools/vtpm_manager/tcs/Makefile > +++ /dev/null > @@ -1,24 +0,0 @@ > -XEN_ROOT = $(CURDIR)/../../.. > -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk > - > -BIN = libTCS.a > - > -.PHONY: all > -all: build > - > -.PHONY: build > -build: $(BIN) > - > -.PHONY: install > -install: build > - > -.PHONY: clean > -clean: > - rm -f *.a *.so *.o *.rpm $(DEP_FILES) > - > -.PHONY: mrproper > -mrproper: clean > - rm -f *~ > - > -$(BIN): $(OBJS) > - $(AR) rcs $(BIN) $(OBJS) > diff --git a/tools/vtpm_manager/tcs/contextmgr.c > b/tools/vtpm_manager/tcs/contextmgr.c > deleted file mode 100644 > index cf3803c..0000000 > --- a/tools/vtpm_manager/tcs/contextmgr.c > +++ /dev/null > @@ -1,224 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// contextmgr.c > -// > -// This file contains the context management functions for TCS. > -// > -// ================================================================== > - > -#include <stdio.h> > -#include <string.h> > -#include <malloc.h> > -#include "tcs.h" > -#include "contextmgr.h" > -#include "log.h" > -#include "hashtable.h" > - > -BYTE* AddMemBlock(CONTEXT_HANDLE* pContextHandle, // in > - int BlockSize) { // in > - > - BLOCK* pCurrentBlock = NULL; > - BLOCK* pBlock = NULL; > - > - // check incoming params > - if (pContextHandle == NULL || BlockSize == 0) > - return NULL; > - > - // Create New Block > - pBlock = (BLOCK *)malloc(sizeof(BLOCK)); > - if (pBlock == NULL) > - return (0); > - > - pBlock->aMemory = (BYTE *)malloc(sizeof(BYTE) * BlockSize); > - if (pBlock->aMemory == NULL) > - return (0); > - > - memset(pBlock->aMemory, 0, BlockSize); > - pBlock->nBlockSize = BlockSize; > - pBlock->pNextBlock = NULL; > - > - // search for the last block created where to add the > - // newly created block > - if(pContextHandle->pTopBlock != NULL) { > - pCurrentBlock = pContextHandle->pTopBlock; > - while(pCurrentBlock->pNextBlock != NULL) > - pCurrentBlock = pCurrentBlock->pNextBlock; > - > - > - pCurrentBlock->pNextBlock= pBlock; > - } else > - pContextHandle->pTopBlock = pBlock; > - > - > - pContextHandle->nBlockCount++; > - > - return pBlock->aMemory; > -} > - > - > -BOOL DeleteMemBlock(CONTEXT_HANDLE* pContextHandle, // in > - BYTE* pTCPA_BYTEs) { // in > - BLOCK* pCurrentBlock = NULL; > - BLOCK* pParentBlock = NULL; > - BOOL bFound = FALSE; > - > - if (pContextHandle == NULL) > - return FALSE; > - > - > - // Search for the Block in the context by aMemory pointer > - pParentBlock = NULL; > - pCurrentBlock = pContextHandle->pTopBlock; > - > - while(pCurrentBlock != NULL) { > - // If aMemory block is found, delete it > - if(pCurrentBlock->aMemory == pTCPA_BYTEs || pTCPA_BYTEs == NULL) { > - // if it is the top Block, remove it from the top, > - // otherwise remove it from the ParentBlock and stitch > - // the NextBlock to the ParentBlock > - if(pParentBlock == NULL) > - pContextHandle->pTopBlock = pContextHandle->pTopBlock->pNextBlock; > - else > - pParentBlock->pNextBlock = pCurrentBlock->pNextBlock; > - > - // delete memory Block associated with pointer pTCPA_BYTEs > - free(pCurrentBlock->aMemory); > - pCurrentBlock->aMemory = NULL; > - > - free(pCurrentBlock); > - pCurrentBlock = pParentBlock; > - > - pContextHandle->nBlockCount--; > - bFound = TRUE; > - } > - > - if(pCurrentBlock != NULL) { > - pParentBlock = pCurrentBlock; > - pCurrentBlock = pCurrentBlock->pNextBlock; > - } > - } > - > - return bFound; > -} > - > -BOOL AddHandleToList(TCS_CONTEXT_HANDLE hContext, // in > - TPM_RESOURCE_TYPE type, // in > - TPM_HANDLE handle) { // in > - HANDLE_LIST* pNewHandle = NULL; > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Adding Handle to list\n"); > - CONTEXT_HANDLE* pContextHandle = LookupContext(hContext); > - > - if (pContextHandle == NULL) > - return 0; > - > - pNewHandle = (HANDLE_LIST *)malloc(sizeof(HANDLE_LIST)); > - > - if (pNewHandle == NULL) > - return (0); > - > - pNewHandle->handle = handle; > - pNewHandle->type = type; > - pNewHandle->pNextHandle = pContextHandle->pHandleList; > - > - pContextHandle->pHandleList = pNewHandle; > - > - return 1; > -} > - > -BOOL DeleteHandleFromList( TCS_CONTEXT_HANDLE hContext, // in > - TPM_HANDLE handle) { // in > - > - CONTEXT_HANDLE* pContextHandle = LookupContext(hContext); > - > - HANDLE_LIST *pCurrentHandle = pContextHandle->pHandleList, > - *pLastHandle = pCurrentHandle; > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Deleting Handle from list\n"); > - > - if (pContextHandle == NULL) > - return 0; > - > - while (1) { > - > - if (pCurrentHandle->handle == handle) { // Found element > - if (pCurrentHandle == pLastHandle) { // First element in list > - pContextHandle->pHandleList = pCurrentHandle->pNextHandle; > - free(pCurrentHandle); > - } else { // Ordinary element > - pLastHandle->pNextHandle = pCurrentHandle->pNextHandle; > - free(pCurrentHandle); > - } > - > - return 1; > - > - } else { // Not found yet; > - pLastHandle = pCurrentHandle; > - pCurrentHandle = pCurrentHandle->pNextHandle; > - if (pCurrentHandle == NULL) // Found end of list > - return 0; > - } > - > - } > -} > - > -BOOL FreeHandleList( CONTEXT_HANDLE* pContextHandle) { // in > - HANDLE_LIST* pCurrentHandle; > - BOOL returncode = TRUE; > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Freeing all handles for context\n"); > - > - if (pContextHandle == NULL) > - return 1; > - > - pCurrentHandle = pContextHandle->pHandleList; > - while (pCurrentHandle != NULL) { > - > - switch (pCurrentHandle->type) { > - case TPM_RT_KEY: > - returncode = returncode && !TCSP_EvictKey(pContextHandle->handle, > pCurrentHandle->handle); > - break; > - case TPM_RT_AUTH: > - returncode = returncode && > !TCSP_TerminateHandle(pContextHandle->handle, pCurrentHandle->handle); > - break; > - default: > - returncode = FALSE; > - } > - > - pCurrentHandle = pCurrentHandle->pNextHandle; > - > - } > - > - return 1; > -} > diff --git a/tools/vtpm_manager/tcs/contextmgr.h > b/tools/vtpm_manager/tcs/contextmgr.h > deleted file mode 100644 > index e3fdf0f..0000000 > --- a/tools/vtpm_manager/tcs/contextmgr.h > +++ /dev/null > @@ -1,82 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// contextmgr.c > -// > -// This file contains the context management functions for TCS. > -// > -// ================================================================== > - > -#ifndef __CONTEXTMGR_H__ > -#define __CONTEXTMGR_H__ > - > -#include "tcg.h" > - > -#define BLOCK_SIZE 300 > - > -typedef struct block { > - int nBlockSize; > - BYTE* aMemory; > - struct block* pNextBlock; > -} BLOCK; > - > -typedef struct handle_List { > - TPM_HANDLE handle; > - TPM_RESOURCE_TYPE type; > - struct handle_List* pNextHandle; > -} HANDLE_LIST; > - > -typedef struct context_handle { > - TCS_CONTEXT_HANDLE handle; > - int nBlockCount; > - BLOCK* pTopBlock; > - HANDLE_LIST* pHandleList; > -} CONTEXT_HANDLE; > - > -BYTE* AddMemBlock( CONTEXT_HANDLE* pContextHandle, // in > - int BlockSize); // in > - > -BOOL DeleteMemBlock(CONTEXT_HANDLE* pContextHandle, // in > - BYTE* pTCPA_BYTEs); // in > - > - > -BOOL AddHandleToList( TCS_CONTEXT_HANDLE hContext, // in > - TPM_RESOURCE_TYPE type, // in > - TPM_HANDLE handle); // in > - > -BOOL DeleteHandleFromList( TCS_CONTEXT_HANDLE hContext, // in > - TPM_HANDLE handle); // in > - > -BOOL FreeHandleList( CONTEXT_HANDLE* pContextHandle); // in > - > -#endif //_CONTEXTMGR_H_ > diff --git a/tools/vtpm_manager/tcs/tcs.c b/tools/vtpm_manager/tcs/tcs.c > deleted file mode 100644 > index 7c1378c..0000000 > --- a/tools/vtpm_manager/tcs/tcs.c > +++ /dev/null > @@ -1,1192 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// tcs.c > -// > -// This file contains the functions that implement a TCS. > -// > -// ================================================================== > - > -#include <stdio.h> > -#include <string.h> > -#include <malloc.h> > - > -#include "tcg.h" > -#include "bsg.h" > -#include "tcs.h" > -#include "contextmgr.h" > -#include "tpmddl.h" > -#include "log.h" > -#include "hashtable.h" > -#include "hashtable_itr.h" > - > -// Static Global Vars for the TCS > -static int TCS_m_nCount = 0; > - > -#define TCPA_MAX_BUFFER_LENGTH 0x2000 > - > -static BYTE InBuf [TCPA_MAX_BUFFER_LENGTH]; > -static BYTE OutBuf[TCPA_MAX_BUFFER_LENGTH]; > - > -struct hashtable *context_ht; > - > -// -------------------------- Hash table functions -------------------- > - > -static unsigned int hashfunc32(void *ky) { > - return (* (UINT32 *) ky); > -} > - > -static int equals32(void *k1, void *k2) { > - return (*(UINT32 *) k1 == *(UINT32 *) k2); > -} > - > -CONTEXT_HANDLE *LookupContext( TCS_CONTEXT_HANDLE hContext) { > - return( (CONTEXT_HANDLE *) hashtable_search(context_ht, &hContext) ); > -} > - > -// > --------------------------------------------------------------------------------- > -// Initialization/Uninitialization SubComponent API > -// > --------------------------------------------------------------------------------- > -TPM_RESULT TCS_create() { > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TPM_RESULT result = TPM_FAIL; > - > - if (TCS_m_nCount == 0) { > - vtpmloginfo(VTPM_LOG_TCS, "Constructing new TCS:\n"); > - hRes = TDDL_Open(); > - > - context_ht = create_hashtable(10, hashfunc32, equals32); > - > - if ((hRes == TDDL_SUCCESS) && (context_ht != NULL)) { > - result = TPM_SUCCESS; > - TCS_m_nCount++; > - } else { > - result = TPM_IOERROR; > - hashtable_destroy(context_ht, 1); > - } > - } else > - TCS_m_nCount++; > - > - return(result); > -} > - > - > -void TCS_destroy() > -{ > - TCS_m_nCount--; > - > - if (TCS_m_nCount == 0) { > - vtpmloginfo(VTPM_LOG_TCS, "Destructing TCS:\n"); > - TDDL_Close(); > - > - struct hashtable_itr *context_itr; > - TCS_CONTEXT_HANDLE *hContext; > - > - // Close all the TCS contexts. TCS should evict keys based on this > - if (hashtable_count(context_ht) > 0) { > - context_itr = hashtable_iterator(context_ht); > - do { > - hContext = (TCS_CONTEXT_HANDLE *) > hashtable_iterator_key(context_itr); > - if (TCS_CloseContext(*hContext) != TPM_SUCCESS) > - vtpmlogerror(VTPM_LOG_TCS, "Failed to close context %d > properly.\n", *hContext); > - > - } while (hashtable_iterator_advance(context_itr)); > - free(context_itr); > - } > - hashtable_destroy(context_ht, 1); > - } > - > -} > - > -TPM_RESULT TCS_Malloc( TCS_CONTEXT_HANDLE hContext, // in > - UINT32 MemSize, // in > - BYTE** ppMemPtr) {// out > - > - TPM_RESULT returnCode = TPM_FAIL; > - CONTEXT_HANDLE* pContextHandle = LookupContext(hContext); > - > - if (pContextHandle != NULL && ppMemPtr != NULL) { > - *ppMemPtr = (BYTE *)AddMemBlock(pContextHandle, MemSize); > - returnCode = TPM_SUCCESS; > - } > - > - return returnCode; > -} > - > -TPM_RESULT TCS_FreeMemory( TCS_CONTEXT_HANDLE hContext, // in > - BYTE* pMemory) { // in > - TPM_RESULT returnCode = TPM_FAIL; > - CONTEXT_HANDLE* pContextHandle = LookupContext(hContext); > - > - if ( (pContextHandle != NULL && pMemory != NULL) && > - (DeleteMemBlock(pContextHandle, pMemory) == TRUE) ) > - returnCode = TPM_SUCCESS; > - > - > - return returnCode; > -} > - > -TPM_RESULT TCS_OpenContext(TCS_CONTEXT_HANDLE* hContext) { // out > - TPM_RESULT returnCode = TPM_FAIL; > - TCS_CONTEXT_HANDLE *newContext; > - > - vtpmloginfo(VTPM_LOG_TCS, "Calling TCS_OpenContext:\n"); > - > - if (hContext) { > - CONTEXT_HANDLE* pContextHandle = (CONTEXT_HANDLE *) > malloc(sizeof(CONTEXT_HANDLE)); > - if (pContextHandle == NULL) > - return TPM_SIZE; > - > - // initialize to 0 > - pContextHandle->nBlockCount = 0; > - pContextHandle->pTopBlock = NULL; > - pContextHandle->pHandleList = NULL; > - > - // Create New Block > - AddMemBlock(pContextHandle, BLOCK_SIZE); > - > - newContext = (TCS_CONTEXT_HANDLE *) malloc(sizeof(TCS_CONTEXT_HANDLE)); > - *newContext = (TCS_CONTEXT_HANDLE) (((uintptr_t) pContextHandle >> 2) & > 0xffffffff); > - > - if (hashtable_search(context_ht, &newContext) !=NULL) > - *newContext += 1; > - > - pContextHandle->handle = *newContext; > - if (!hashtable_insert(context_ht, newContext, pContextHandle)) { > - free(newContext); > - free(pContextHandle); > - returnCode = TPM_FAIL; > - } else { > - *hContext = *newContext; > - returnCode = TPM_SUCCESS; > - } > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCS_CloseContext(TCS_CONTEXT_HANDLE hContext) {// in > - //FIXME: TCS SHOULD Track failed auths and make sure > - //we don't try and re-free them here. > - TPM_RESULT returnCode = TPM_FAIL; > - > - CONTEXT_HANDLE* pContextHandle = LookupContext(hContext); > - > - if(pContextHandle != NULL) { > - // Print test info > - vtpmloginfo(VTPM_LOG_TCS, "Calling TCS_CloseContext.\n"); > - > - // free memory for all the blocks > - DeleteMemBlock(pContextHandle, NULL ); > - pContextHandle->pTopBlock = NULL; > - > - FreeHandleList(pContextHandle); > - if (pContextHandle->pHandleList != NULL) > - vtpmlogerror(VTPM_LOG_TCS, "Not all handles evicted from TPM.\n"); > - > - // Release the TPM's resources > - if (hashtable_remove(context_ht, &hContext) == NULL) > - vtpmlogerror(VTPM_LOG_TCS, "Not all handles evicted from TPM.\n"); > - > - free(pContextHandle); > - returnCode = TPM_SUCCESS; > - } > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Finished closing context\n"); > - return(returnCode); > -} > - > -// ------------------------------------------------------------------ > -// Internal Functions > -// ------------------------------------------------------------------ > -int packAuth(BYTE* dst, TCS_AUTH* auth) { > - // CHECK: according to the command specs, the outgoing auth params are: > - // nonceEven > - // nonceOdd > - // continueAuthSession > - // auth digest for return params > - // > - // this is a bit different than this code... > - > - return BSG_PackList(dst, 4, > - BSG_TYPE_UINT32, &(auth->AuthHandle), > - BSG_TPM_NONCE, &(auth->NonceOdd), > - BSG_TYPE_BOOL, &(auth->fContinueAuthSession), > - BSG_TPM_AUTHDATA, &(auth->HMAC)); > -} > - > -int unpackAuth(TCS_AUTH* auth, BYTE* src) { > - return BSG_UnpackList(src, 3, > - BSG_TPM_NONCE, &(auth->NonceEven), > - BSG_TYPE_BOOL, &(auth->fContinueAuthSession), > - BSG_TPM_AUTHDATA, &(auth->HMAC)); > -} > - > -// ------------------------------------------------------------------ > -// Authorization Commands > -// ------------------------------------------------------------------ > - > -TPM_RESULT TCSP_OIAP(TCS_CONTEXT_HANDLE hContext, // in > - TCS_AUTHHANDLE* authHandle, // out > - TPM_NONCE* nonce0) // out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_COMMAND; > - TPM_COMMAND_CODE ordinal = TPM_ORD_OIAP; > - UINT32 paramSize = 0; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (authHandle == NULL || nonce0 == NULL) > - return TPM_BAD_PARAMETER; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal); > - > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) > - == TDDL_SUCCESS) { > - > - // unpack to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList( OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_COMMAND) { > - // Extract the remaining output parameters > - BSG_UnpackList(OutBuf+i, 2, > - BSG_TYPE_UINT32, authHandle, > - BSG_TPM_NONCE, nonce0); > - > - if (!AddHandleToList(hContext, TPM_RT_AUTH, *authHandle)) > - vtpmlogerror(VTPM_LOG_TCS, "New AuthHandle not recorded\n"); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "Failed with return code %s\n", > tpm_get_error_name(returnCode)); > - > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCSP_OSAP(TCS_CONTEXT_HANDLE hContext, // in > - TPM_ENTITY_TYPE entityType, // in > - UINT32 entityValue, // in > - TPM_NONCE nonceOddOSAP, // in > - TCS_AUTHHANDLE* authHandle, // out > - TPM_NONCE* nonceEven, // out > - TPM_NONCE* nonceEvenOSAP) // out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_OSAP; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (authHandle == NULL || nonceEven == NULL || nonceEvenOSAP == NULL) > - return TPM_BAD_PARAMETER; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 6, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT16, &entityType, > - BSG_TYPE_UINT32, &entityValue, > - BSG_TPM_NONCE, &nonceOddOSAP); > - > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) > - == TDDL_SUCCESS) { > - > - // unpack to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_COMMAND) { > - // Extract the remaining output parameters > - BSG_UnpackList(OutBuf+i, 3, > - BSG_TYPE_UINT32, authHandle, > - BSG_TPM_NONCE, nonceEven, > - BSG_TPM_NONCE, nonceEvenOSAP); > - > - if (!AddHandleToList(hContext, TPM_RT_AUTH, *authHandle)) { > - vtpmlogerror(VTPM_LOG_TCS, "New AuthHandle not recorded\n"); > - } > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "Failed with return code %s\n", > tpm_get_error_name(returnCode)); > - > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCSP_TakeOwnership(TCS_CONTEXT_HANDLE hContext, // in > - UINT16 protocolID, // in > - UINT32 encOwnerAuthSize, // in > - BYTE* encOwnerAuth, // in > - UINT32 encSrkAuthSize, // in > - BYTE* encSrkAuth, // in > - UINT32* SrkSize, // in, out > - BYTE** Srk, // in, out > - TCS_AUTH* ownerAuth) // in, out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_AUTH1_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_TakeOwnership; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (encOwnerAuth == NULL || encSrkAuth == NULL || SrkSize == NULL || *Srk > == NULL) > - return TPM_BAD_PARAMETER; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 5, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT16, &protocolID, > - BSG_TYPE_UINT32, &encOwnerAuthSize); > - > - memcpy(InBuf+InLength, encOwnerAuth, encOwnerAuthSize); > - InLength += encOwnerAuthSize; > - InLength += BSG_Pack( BSG_TYPE_UINT32, > - &encSrkAuthSize, > - InBuf+InLength); > - memcpy(InBuf+InLength, encSrkAuth, encSrkAuthSize); > - InLength += encSrkAuthSize; > - memcpy(InBuf+InLength, *Srk, *SrkSize); > - InLength += *SrkSize; > - InLength += packAuth(InBuf+InLength, ownerAuth); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, > - &InLength, > - InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) > - == TDDL_SUCCESS){ > - > - // unpack to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList( OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_AUTH1_COMMAND) { > - // Extract the remaining output parameters > - TPM_KEY srkPub; > - i += BSG_Unpack(BSG_TPM_KEY, OutBuf+i, &srkPub); > - unpackAuth(ownerAuth, OutBuf+i); > - > - // fill output params > - BYTE tempBuf[1024]; > - *SrkSize = BSG_Pack(BSG_TPM_KEY, &srkPub, tempBuf); > - if (TCS_Malloc(hContext, *SrkSize, Srk) == TPM_FAIL) { > - return(TPM_SIZE); > - } > - memcpy(*Srk, tempBuf, *SrkSize); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_TakeOwnership Failed with return code > %s\n", tpm_get_error_name(returnCode)); > - } > - > - return(returnCode); > -} > - > - > -TPM_RESULT TCSP_DisablePubekRead ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_AUTH* ownerAuth) { // in, out > - > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_AUTH1_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_DisablePubekRead; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal); > - > - InLength += packAuth(InBuf+InLength, ownerAuth); > - > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) > - == TDDL_SUCCESS){ > - > - // unpack to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList( OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_AUTH1_COMMAND) { > - // Extract the remaining output parameters > - unpackAuth(ownerAuth, OutBuf+i); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_DisablePubekRead Failed with return > code %s\n", tpm_get_error_name(returnCode)); > - } > - > - return(returnCode); > -} > - > - > -TPM_RESULT TCSP_TerminateHandle(TCS_CONTEXT_HANDLE hContext, // in > - TCS_AUTHHANDLE handle) // in > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_Terminate_Handle; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 4, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT32, &handle); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) > - == TDDL_SUCCESS) { > - > - // unpack to get the tag, paramSize, & returnCode > - BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (!DeleteHandleFromList(hContext, handle)) > - vtpmlogerror(VTPM_LOG_TCS, "KeyHandle not removed from list\n"); > - > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_COMMAND) { > - // Print debug info > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_TerminateHandle Failed with return > code %s\n", tpm_get_error_name(returnCode)); > - > - } > - > - return(returnCode); > -} > - > -// TPM Mandatory > -TPM_RESULT TCSP_Extend( TCS_CONTEXT_HANDLE hContext, // in > - TPM_PCRINDEX pcrNum, // in > - TPM_DIGEST inDigest, // in > - TPM_PCRVALUE* outDigest) // out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_Extend; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 5, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT32, &pcrNum, > - BSG_TPM_DIGEST, &inDigest); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) > - == TDDL_SUCCESS) { > - > - // unpack to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_COMMAND){ > - // Extract the remaining output parameters > - BSG_Unpack(BSG_TPM_PCRVALUE, OutBuf+i, outDigest); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_Extend Failed with return code %s\n", > tpm_get_error_name(returnCode)); > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCSP_Seal( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE keyHandle, // in > - TPM_ENCAUTH encAuth, // in > - UINT32 pcrInfoSize, // in > - BYTE* PcrInfo, // in > - UINT32 inDataSize, // in > - BYTE* inData, // in > - TCS_AUTH* pubAuth, // in, out > - UINT32* SealedDataSize, // out > - BYTE** SealedData) // out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_AUTH1_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_Seal; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (inData == NULL || pubAuth == NULL || SealedDataSize == NULL || > SealedData == NULL) > - return TPM_BAD_PARAMETER; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 6, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT32, &keyHandle, > - BSG_TPM_ENCAUTH, encAuth, > - BSG_TYPE_UINT32, &pcrInfoSize); > - memcpy(InBuf+InLength, PcrInfo, pcrInfoSize); > - InLength += pcrInfoSize; > - InLength += BSG_Pack(BSG_TYPE_UINT32, &inDataSize, InBuf+InLength); > - memcpy(InBuf+InLength, inData, inDataSize); > - InLength += inDataSize; > - InLength += packAuth(InBuf+InLength, pubAuth); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) > - == TDDL_SUCCESS) { > - // unpack OutBuf to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_AUTH1_COMMAND) { > - // Extract the remaining output parameters > - TPM_STORED_DATA sealedData; > - > - i += BSG_Unpack(BSG_TPM_STORED_DATA, OutBuf+i, &sealedData); > - unpackAuth(pubAuth, OutBuf+i); > - > - // fill SealedData > - BYTE tempBuf[1024]; > - *SealedDataSize = BSG_Pack(BSG_TPM_STORED_DATA, &sealedData, tempBuf); > - if (TCS_Malloc(hContext, *SealedDataSize, SealedData) == TPM_FAIL) { > - return TPM_SIZE; > - } > - memcpy(*SealedData, tempBuf, *SealedDataSize); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_Seal Failed with return code %s\n", > tpm_get_error_name(returnCode)); > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCSP_Unseal(TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE parentHandle, // in > - UINT32 SealedDataSize, // in > - BYTE* SealedData, // in > - TCS_AUTH* parentAuth, // in, out > - TCS_AUTH* dataAuth, // in, out > - UINT32* DataSize, // out > - BYTE** Data) // out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_AUTH2_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_Unseal; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (SealedData == NULL || parentAuth == NULL || dataAuth == NULL || > - DataSize == NULL || Data == NULL) > - return TPM_BAD_PARAMETER; > - > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 4, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT32, &parentHandle); > - memcpy(InBuf+InLength, SealedData, SealedDataSize); > - InLength += SealedDataSize; > - InLength += packAuth(InBuf+InLength, parentAuth); > - InLength += packAuth(InBuf+InLength, dataAuth); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) == > TDDL_SUCCESS) { > - // unpack OutBuf to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList( OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_AUTH2_COMMAND) { > - // Extract the remaining output parameters > - i += BSG_Unpack(BSG_TYPE_UINT32, OutBuf+i, DataSize); > - if (TCS_Malloc(hContext, *DataSize, Data) == TPM_FAIL) { > - return TPM_SIZE; > - } > - memcpy(*Data, OutBuf+i, *DataSize); > - i += *DataSize; > - i += unpackAuth(parentAuth, OutBuf+i); > - unpackAuth(dataAuth, OutBuf+i); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_Unseal Failed with return code %s\n", > tpm_get_error_name(returnCode)); > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCSP_UnBind(TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE keyHandle, // in > - UINT32 inDataSize, // in > - BYTE* inData, // in > - TCS_AUTH* privAuth, // in, out > - UINT32* outDataSize, // out > - BYTE** outData) // out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_AUTH1_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_UnBind; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (inData == NULL || privAuth == NULL || outDataSize == NULL || outData > == NULL) > - return TPM_BAD_PARAMETER; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 5, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT32, &keyHandle, > - BSG_TYPE_UINT32, &inDataSize); > - memcpy(InBuf+InLength, inData, inDataSize); > - InLength += inDataSize; > - InLength += packAuth(InBuf+InLength, privAuth); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "\n\tSending paramSize = %d", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) == > TDDL_SUCCESS) { > - // unpack OutBuf to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_AUTH1_COMMAND) { > - // Extract the remaining output parameters > - i += BSG_Unpack(BSG_TYPE_UINT32, OutBuf+i, outDataSize); > - if (TCS_Malloc(hContext, *outDataSize, outData) == TPM_FAIL) > - return TPM_SIZE; > - > - memcpy(*outData, OutBuf+i, *outDataSize); > - i += *outDataSize; > - unpackAuth(privAuth, OutBuf+i); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_UnBind Failed with return code %s\n", > tpm_get_error_name(returnCode)); > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCSP_CreateWrapKey(TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE hWrappingKey, // in > - TPM_ENCAUTH KeyUsageAuth, // in > - TPM_ENCAUTH KeyMigrationAuth, // in > - UINT32* pcKeySize, // in, out > - BYTE** prgbKey, // in, out > - TCS_AUTH* pAuth) // in, out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_AUTH1_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_CreateWrapKey; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (pcKeySize == NULL || *prgbKey == NULL || pAuth == NULL) > - return TPM_BAD_PARAMETER; > - > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 6, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT32, &hWrappingKey, > - BSG_TPM_ENCAUTH, KeyUsageAuth, > - BSG_TPM_ENCAUTH, KeyMigrationAuth); > - memcpy(InBuf+InLength, *prgbKey, *pcKeySize); > - InLength += *pcKeySize; > - InLength += packAuth(InBuf+InLength, pAuth); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) == > TDDL_SUCCESS) { > - // unpack OutBuf to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_RESULT, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_AUTH1_COMMAND) { > - // Extract the remaining output parameters > - TPM_KEY wrappedKey; > - > - i += BSG_Unpack(BSG_TPM_KEY, OutBuf+i, &wrappedKey); > - unpackAuth(pAuth, OutBuf+i); > - > - // Fill prgbKey > - BYTE tempBuf[1024]; > - *pcKeySize = BSG_Pack(BSG_TPM_KEY, &wrappedKey, tempBuf); > - if (TCS_Malloc(hContext, *pcKeySize, prgbKey) == TPM_FAIL) > - return TPM_SIZE; > - > - memcpy(*prgbKey, tempBuf, *pcKeySize); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_CreateWrapKey Failed with return code > %s\n", tpm_get_error_name(returnCode)); > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCSP_LoadKeyByBlob(TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE hUnwrappingKey, // in > - UINT32 cWrappedKeyBlobSize, // in > - BYTE* rgbWrappedKeyBlob, // in > - TCS_AUTH* pAuth, // in, out > - TCS_KEY_HANDLE* phKeyTCSI, // out > - TCS_KEY_HANDLE* phKeyHMAC) // out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_AUTH1_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_LoadKey; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (rgbWrappedKeyBlob == NULL || pAuth == NULL || phKeyTCSI == NULL || > phKeyHMAC == NULL) > - return TPM_BAD_PARAMETER; > - > - *phKeyHMAC = hUnwrappingKey; // the parent key is the one that the TPM use > to make the HMAC calc > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 4, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT32, &hUnwrappingKey); > - memcpy(InBuf+InLength, rgbWrappedKeyBlob, cWrappedKeyBlobSize); > - InLength += cWrappedKeyBlobSize; > - InLength += packAuth(InBuf+InLength, pAuth); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) == > TDDL_SUCCESS) { > - // unpack OutBuf to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_AUTH1_COMMAND) { > - // Extract the remaining output parameters > - i += BSG_Unpack(BSG_TYPE_UINT32, > - OutBuf+i, > - phKeyTCSI); > - unpackAuth(pAuth, OutBuf+i); > - > - if (!AddHandleToList(hContext, TPM_RT_KEY, *phKeyTCSI)) { > - vtpmlogerror(VTPM_LOG_TCS, "New KeyHandle not recorded\n"); > - } > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_LoadKeyByBlob Failed with return code > %s\n", tpm_get_error_name(returnCode)); > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCSP_EvictKey(TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE hKey) // in > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_EvictKey; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 4, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT32, &hKey); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) == > TDDL_SUCCESS) { > - // unpack OutBuf to get the tag, paramSize, & returnCode > - BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (!DeleteHandleFromList(hContext, hKey)) { > - vtpmlogerror(VTPM_LOG_TCS, "KeyHandle not removed from list\n"); > - } > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_COMMAND) { > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else { > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_EvictKey Failed with return code > %s\n", tpm_get_error_name(returnCode)); > - } > - } > - > - return(returnCode); > -} > - > -TPM_RESULT TCSP_GetRandom(TCS_CONTEXT_HANDLE hContext, // in > - UINT32* bytesRequested, // in, out > - BYTE** randomBytes) // out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_GetRandom; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (bytesRequested == NULL || *randomBytes == NULL){ > - return TPM_BAD_PARAMETER; > - } > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 4, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TYPE_UINT32, bytesRequested); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) == > TDDL_SUCCESS) { > - // unpack OutBuf to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_COMMAND) { > - // Extract the remaining output parameters > - BSG_Unpack(BSG_TYPE_UINT32, OutBuf+i, bytesRequested); > - if (TCS_Malloc(hContext, *bytesRequested, randomBytes) == TPM_FAIL) { > - return TPM_SIZE; > - } > - memcpy(*randomBytes, OutBuf+i+sizeof(UINT32), *bytesRequested); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else { > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_GetRandom Failed with return code > %s\n", tpm_get_error_name(returnCode)); > - } > - } > - > - return(returnCode); > -} > - > - > -TPM_RESULT TCSP_ReadPubek(TCS_CONTEXT_HANDLE hContext, // in > - TPM_NONCE antiReplay, // in > - UINT32* pubEndorsementKeySize, // out > - BYTE** pubEndorsementKey, // out > - TPM_DIGEST* checksum) // out > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_ReadPubek; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // check input params > - if (pubEndorsementKeySize == NULL || pubEndorsementKey == NULL || checksum > == NULL) { > - return TPM_BAD_PARAMETER; > - } > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 4, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal, > - BSG_TPM_NONCE, &antiReplay); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) == > TDDL_SUCCESS) { > - // unpack OutBuf to get the tag, paramSize, & returnCode > - int i = BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_COMMAND) { > - // Extract the remaining output parameters > - TPM_PUBKEY pubEK; > - i += BSG_UnpackList(OutBuf+i, 2, > - BSG_TPM_PUBKEY, &pubEK, > - BSG_TPM_DIGEST, checksum); > - > - // fill EndorsementKey > - BYTE tempBuf[1024]; > - *pubEndorsementKeySize = BSG_Pack(BSG_TPM_PUBKEY, &pubEK, tempBuf); > - if (TCS_Malloc(hContext, *pubEndorsementKeySize, pubEndorsementKey) == > TPM_FAIL) { > - return TPM_SIZE; > - } > - memcpy(*pubEndorsementKey, tempBuf, *pubEndorsementKeySize); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else { > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_ReadPubek Failed with return code > %s\n", tpm_get_error_name(returnCode)); > - } > - } > - > - return(returnCode); > -} > - > - > -TPM_RESULT TCSP_SaveState(TCS_CONTEXT_HANDLE hContext) // in > -{ > - // setup input/output parameters block > - TPM_TAG tag = TPM_TAG_RQU_COMMAND; > - UINT32 paramSize = 0; > - TPM_COMMAND_CODE ordinal = TPM_ORD_SaveState; > - TPM_RESULT returnCode = TPM_SUCCESS; > - > - // setup the TPM driver input and output buffers > - TDDL_RESULT hRes = TDDL_E_FAIL; > - TDDL_UINT32 InLength = TCPA_MAX_BUFFER_LENGTH; > - TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH; > - > - // Convert Byte Input parameter in the input byte stream InBuf > - InLength = BSG_PackList(InBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &ordinal); > - // fill paramSize again as we now have the correct size > - BSG_Pack(BSG_TYPE_UINT32, &InLength, InBuf+2); > - > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Sending paramSize = %d\n", InLength); > - > - // call the TPM driver > - if ((hRes = TDDL_TransmitData(InBuf, InLength, OutBuf, &OutLength)) == > TDDL_SUCCESS) { > - // unpack OutBuf to get the tag, paramSize, & returnCode > - BSG_UnpackList(OutBuf, 3, > - BSG_TPM_TAG, &tag, > - BSG_TYPE_UINT32, ¶mSize, > - BSG_TPM_COMMAND_CODE, &returnCode); > - > - if (returnCode == TPM_SUCCESS && tag == TPM_TAG_RSP_COMMAND) { > - vtpmloginfo(VTPM_LOG_TCS_DEEP, "Received paramSize : %d\n", paramSize); > - } else { > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_SaveState Failed with return code > %s\n", tpm_get_error_name(returnCode)); > - } > - } > - > - return(returnCode); > -} > - > - > -TPM_RESULT TCSP_RawTransmitData( UINT32 inDataSize, // in > - BYTE *inData, // in > - UINT32 *outDataSize,// in/out > - BYTE *outData) { // out > - > - TDDL_RESULT hRes; > - > - vtpmloginfo(VTPM_LOG_TCS, "Calling TransmitData directly.\n"); > - //FIXME: Add Context Management > - hRes = TDDL_TransmitData( inData, > - inDataSize, > - outData, > - outDataSize); > - > - if (hRes == TDDL_SUCCESS) { > - return TPM_SUCCESS; > - } else { > - vtpmlogerror(VTPM_LOG_TCS, "TCSP_RawTransmitData Failed with return code > %s\n", tpm_get_error_name(TPM_IOERROR)); > - return TPM_IOERROR; > - } > - > -} > diff --git a/tools/vtpm_manager/tcs/tcs.h b/tools/vtpm_manager/tcs/tcs.h > deleted file mode 100644 > index 83b9cd0..0000000 > --- a/tools/vtpm_manager/tcs/tcs.h > +++ /dev/null > @@ -1,245 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// tcs.h > -// > -// This file declares the TCS API > -// > -// ================================================================== > - > -#ifndef __TCS_H__ > -#define __TCS_H__ > - > -#include "tcg.h" > -#include "contextmgr.h" > -#include "buffer.h" > - > -#define HANDLE_NULL 0 > - > -// ------------------------------------------------------------------ > -// Exposed API > -// ------------------------------------------------------------------ > - > -TPM_RESULT TCS_create(); > -void TCS_destroy(); > - > -TPM_RESULT TCS_OpenContext( /* OUT */ TCS_CONTEXT_HANDLE* hContext ); > - > -TPM_RESULT TCS_CloseContext ( /* IN */ TCS_CONTEXT_HANDLE hContext ); > - > -TPM_RESULT TCS_Malloc ( TCS_CONTEXT_HANDLE hContext, // in > - UINT32 MemSize, // in > - BYTE** ppMemPtr ); //out > - > -TPM_RESULT TCS_FreeMemory ( TCS_CONTEXT_HANDLE hContext, // in > - BYTE* pMemory); // in > - > -// ------------------------------------------------------------------ > -// Exposed API > -// ------------------------------------------------------------------ > - > -// TPM v1.1B Command Set > - > -// Authorzation > -TPM_RESULT TCSP_OIAP( TCS_CONTEXT_HANDLE hContext, // in > - TCS_AUTHHANDLE* authHandle, // out > - TPM_NONCE* nonce0 // out > - ); > - > -TPM_RESULT TCSP_OSAP ( TCS_CONTEXT_HANDLE hContext, // in > - TPM_ENTITY_TYPE entityType, // in > - UINT32 entityValue, // in > - TPM_NONCE nonceOddOSAP, // in > - TCS_AUTHHANDLE* authHandle, // out > - TPM_NONCE* nonceEven, // out > - TPM_NONCE* nonceEvenOSAP // out > - ); > - > -TPM_RESULT TCSP_TakeOwnership ( TCS_CONTEXT_HANDLE hContext, // in > - UINT16 protocolID, // in > - UINT32 encOwnerAuthSize, // in > - BYTE* encOwnerAuth, // in > - UINT32 encSrkAuthSize, // in > - BYTE* encSrkAuth, // in > - UINT32* SrkSize, // in, out > - BYTE** Srk, // in, out > - TCS_AUTH* ownerAuth // in, out > - ); > - > -TPM_RESULT TCSP_DisablePubekRead ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_AUTH* ownerAuth // in, out > - ); > - > -TPM_RESULT TCSP_TerminateHandle ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_AUTHHANDLE handle // in > - ); > - > -TPM_RESULT TCSP_FlushSpecific ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_AUTHHANDLE handle, // in > - TPM_RESOURCE_TYPE resourceType //in > - ); > - > -// TPM Mandatory > -TPM_RESULT TCSP_Extend ( TCS_CONTEXT_HANDLE hContext, // in > - TPM_PCRINDEX pcrNum, // in > - TPM_DIGEST inDigest, // in > - TPM_PCRVALUE* outDigest // out > - ); > - > -TPM_RESULT TCSP_PcrRead ( TCS_CONTEXT_HANDLE hContext, // in > - TPM_PCRINDEX pcrNum, // in > - TPM_PCRVALUE* outDigest // out > - ); > - > -TPM_RESULT TCSP_Quote ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE keyHandle, // in > - TPM_NONCE antiReplay, // in > - UINT32* PcrDataSize, // in, out > - BYTE** PcrData, // in, out > - TCS_AUTH* privAuth, // in, out > - UINT32* sigSize, // out > - BYTE** sig // out > - ); > - > -TPM_RESULT TCSP_Seal ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE keyHandle, // in > - TPM_ENCAUTH encAuth, // in > - UINT32 pcrInfoSize, // in > - BYTE* PcrInfo, // in > - UINT32 inDataSize, // in > - BYTE* inData, // in > - TCS_AUTH* pubAuth, // in, out > - UINT32* SealedDataSize, // out > - BYTE** SealedData // out > - ); > - > -TPM_RESULT TCSP_Unseal ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE parentHandle, // in > - UINT32 SealedDataSize, // in > - BYTE* SealedData, // in > - TCS_AUTH* parentAuth, // in, out > - TCS_AUTH* dataAuth, // in, out > - UINT32* DataSize, // out > - BYTE** Data // out > - ); > - > -TPM_RESULT TCSP_DirWriteAuth ( TCS_CONTEXT_HANDLE hContext, // in > - TPM_DIRINDEX dirIndex, // in > - TPM_DIRVALUE newContents, // in > - TCS_AUTH* ownerAuth // in, out > - ); > - > -TPM_RESULT TCSP_DirRead ( TCS_CONTEXT_HANDLE hContext, // in > - TPM_DIRINDEX dirIndex, // in > - TPM_DIRVALUE* dirValue // out > - ); > - > -TPM_RESULT TCSP_UnBind ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE keyHandle, // in > - UINT32 inDataSize, // in > - BYTE* inData, // in > - TCS_AUTH* privAuth, // in, out > - UINT32* outDataSize, // out > - BYTE** outData // out > - ); > - > -TPM_RESULT TCSP_CreateWrapKey ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE hWrappingKey, // in > - TPM_ENCAUTH KeyUsageAuth, // in > - TPM_ENCAUTH KeyMigrationAuth, // in > - UINT32* pcKeySize, // in, out > - BYTE** prgbKey, // in, out > - TCS_AUTH* pAuth // in, out > - ); > - > -TPM_RESULT TCSP_LoadKeyByBlob ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE hUnwrappingKey, // in > - UINT32 cWrappedKeyBlobSize, // in > - BYTE* rgbWrappedKeyBlob, // in > - TCS_AUTH* pAuth, // in, out > - TCS_KEY_HANDLE* phKeyTCSI, // out > - TCS_KEY_HANDLE* phKeyHMAC // out > - ); > - > -TPM_RESULT TCSP_GetPubKey ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE hKey, // in > - TCS_AUTH* pAuth, // in, out > - UINT32* pcPubKeySize, // out > - BYTE** prgbPubKey // out > - ); > - > -TPM_RESULT TCSP_EvictKey ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE hKey // in > - ); > - > -TPM_RESULT TCSP_Sign ( TCS_CONTEXT_HANDLE hContext, // in > - TCS_KEY_HANDLE keyHandle, // in > - UINT32 areaToSignSize, // in > - BYTE* areaToSign, // in > - TCS_AUTH* privAuth, // in, out > - UINT32* sigSize, // out > - BYTE** sig // out > - ); > - > -TPM_RESULT TCSP_GetRandom ( TCS_CONTEXT_HANDLE hContext, // in > - UINT32* bytesRequested, // in, out > - BYTE** randomBytes // out > - ); > - > -TPM_RESULT TCSP_StirRandom ( TCS_CONTEXT_HANDLE hContext, // in > - UINT32 inDataSize, // in > - BYTE* inData // in > - ); > - > -TPM_RESULT TCSP_ReadPubek ( TCS_CONTEXT_HANDLE hContext, // in > - TPM_NONCE antiReplay, // in > - UINT32* pubEndorsementKeySize, // out > - BYTE** pubEndorsementKey, // out > - TPM_DIGEST* checksum // out > - ); > - > - > -// Non-Standard TCSP calls > -TPM_RESULT TCSP_SaveState(TCS_CONTEXT_HANDLE hContext); // in > - > -//Give direct access to TransmitData. > -// Key and Auth Management is done before transfering command to TDDL. > -TPM_RESULT TCSP_RawTransmitData(UINT32 inDataSize, // in > - BYTE *inData, // in > - UINT32 *outDataSize,// in/out > - BYTE *outData); // out > - > -///////////// Private Functions //////////////////// > -CONTEXT_HANDLE* LookupContext( TCS_CONTEXT_HANDLE hContext); > - > -#endif //TCS_H > diff --git a/tools/vtpm_manager/tcs/tpmddl.h b/tools/vtpm_manager/tcs/tpmddl.h > deleted file mode 100644 > index e7e54f1..0000000 > --- a/tools/vtpm_manager/tcs/tpmddl.h > +++ /dev/null > @@ -1,69 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// tpmddl.c > -// > -// This file defines the TDDLI API > -// > -// ================================================================== > - > -#ifndef __TPMDDL_H__ > -#define __TPMDDL_H__ > - > -#define TDDL_CAP_PROP_MANUFACTURER 0x0001 > - > -#define TDDL_E_FAIL 1 > -#define TDDL_E_SUCCESS 0 > -#define TDDL_SUCCESS 0 > - > -typedef unsigned int TDDL_UINT32; > -typedef TDDL_UINT32 TDDL_RESULT; > -typedef unsigned char TDDL_BYTE; > - > -TDDL_RESULT TDDL_Open(); > -void TDDL_Close(); > -TDDL_RESULT TDDL_TransmitData( TDDL_BYTE* in, > - TDDL_UINT32 insize, > - TDDL_BYTE* out, > - TDDL_UINT32* outsize); > -TDDL_RESULT TDDL_GetStatus(); > -TDDL_RESULT TDDL_GetCapability( TDDL_UINT32 cap, > - TDDL_UINT32 sub, > - TDDL_BYTE* buffer, > - TDDL_UINT32* size); > -TDDL_RESULT TDDL_SetCapability( TDDL_UINT32 cap, > - TDDL_UINT32 sub, > - TDDL_BYTE* buffer, > - TDDL_UINT32* size); > - > -#endif // __TPMDDL_H__ > diff --git a/tools/vtpm_manager/tcs/transmit.c > b/tools/vtpm_manager/tcs/transmit.c > deleted file mode 100644 > index 74bbdca..0000000 > --- a/tools/vtpm_manager/tcs/transmit.c > +++ /dev/null > @@ -1,147 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > - > -#include <unistd.h> > -#include <stdio.h> > -#include <errno.h> > -#include <fcntl.h> > - > -#include "tcg.h" > -#include "buffer.h" > -#include "log.h" > -#include "tpmddl.h" > - > -// flag to track whether TDDL has been opened > -static int g_TDDL_open = 0; > -static int g_tx_fd = -1; // the fd to the TPM > - > -#ifndef DUMMY_TPM > - #define TPM_TX_FNAME "/dev/tpm0" > - static int *g_rx_fdp = &g_tx_fd; > -#else > - #define TPM_TX_FNAME "/var/tpm/tpm_in.fifo" > - #define TPM_RX_FNAME "/var/tpm/tpm_out.fifo" > - static int g_rx_fd = -1; > - static int *g_rx_fdp = &g_rx_fd; // the fd to the TPM > -#endif > - > -TPM_RESULT > -TDDL_TransmitData( TDDL_BYTE* in, > - TDDL_UINT32 insize, > - TDDL_BYTE* out, > - TDDL_UINT32* outsize) { > - TPM_RESULT status = TPM_SUCCESS; > - TDDL_UINT32 i; > - > - vtpmloginfo(VTPM_LOG_TXDATA, "Sending buffer = 0x"); > - for(i = 0 ; i < insize ; i++) > - vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", in[i]); > - > - vtpmloginfomore(VTPM_LOG_TXDATA, "\n"); > - > - ssize_t size = 0; > - > - // send the request > - size = write (g_tx_fd, in, insize); > - if (size < 0) { > - vtpmlogerror(VTPM_LOG_TXDATA, "write() failed"); > - ERRORDIE (TPM_IOERROR); > - } > - else if ((TDDL_UINT32) size < insize) { > - vtpmlogerror(VTPM_LOG_TXDATA, "Wrote %d instead of %d bytes!\n", (int) > size, insize); > - // ... ? > - } > - > - // read the response > - size = read (*g_rx_fdp, out, TCPA_MAX_BUFFER_LENGTH); > - if (size < 0) { > - vtpmlogerror(VTPM_LOG_TXDATA, "read() failed"); > - ERRORDIE (TPM_IOERROR); > - } > - > - vtpmloginfo(VTPM_LOG_TXDATA, "Receiving buffer = 0x"); > - for(i = 0 ; i < size ; i++) > - vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out[i]); > - > - vtpmloginfomore(VTPM_LOG_TXDATA, "\n"); > - > - *outsize = size; > - // close connection > - goto egress; > - > - abort_egress: > - egress: > - return status; > -} > - > -TPM_RESULT TDDL_Open() { > - > - TDDL_RESULT status = TDDL_SUCCESS; > - > - if (g_TDDL_open) > - return TPM_FAIL; > - > -#ifdef DUMMY_TPM > - *g_rx_fdp = open (TPM_RX_FNAME, O_RDWR); > -#endif > - > - g_tx_fd = open (TPM_TX_FNAME, O_RDWR); > - if (g_tx_fd < 0) { > - vtpmlogerror(VTPM_LOG_TXDATA, "TPM open failed"); > - return TPM_IOERROR; > - } > - > - g_TDDL_open = 1; > - > - return status; > -} > - > -void TDDL_Close() { > - if (! g_TDDL_open) > - return; > - > - if (g_tx_fd>= 0) { > - if (close(g_tx_fd) < 0) > - vtpmlogerror(VTPM_LOG_TXDATA, "closeing tpm failed"); > - g_tx_fd = -1; > - } > - > - if (*g_rx_fdp>= 0) { > - if (close(*g_rx_fdp) < 0) > - vtpmlogerror(VTPM_LOG_TXDATA, "closeing tpm failed"); > - *g_rx_fdp = -1; > - } > - > - g_TDDL_open = 0; > - > -} > diff --git a/tools/vtpm_manager/util/Makefile > b/tools/vtpm_manager/util/Makefile > deleted file mode 100644 > index 36bc38f..0000000 > --- a/tools/vtpm_manager/util/Makefile > +++ /dev/null > @@ -1,24 +0,0 @@ > -XEN_ROOT = $(CURDIR)/../../.. > -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk > - > -BIN = libTCGUtils.a > - > -.PHONY: all > -all: build > - > -.PHONY: build > -build: $(BIN) > - > -.PHONY: install > -install: build > - > -.PHONY: clean > -clean: > - rm -f *.a *.so *.o *.rpm $(DEP_FILES) > - > -.PHONY: mrproper > -mrproper: clean > - rm -f *~ > - > -$(BIN): $(OBJS) > - $(AR) rcs $(BIN) $(OBJS) > diff --git a/tools/vtpm_manager/util/bsg.c b/tools/vtpm_manager/util/bsg.c > deleted file mode 100644 > index fa36ce7..0000000 > --- a/tools/vtpm_manager/util/bsg.c > +++ /dev/null > @@ -1,829 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// bsg.cpp > -// > -// This file will handle all the TPM Byte Stream functions > -// > -// ================================================================== > - > -#include <stdio.h> > -#include <string.h> > -#include <stdarg.h> > -#include <malloc.h> > -#include "tcg.h" > -#include "crypto.h" > -#include "bsg.h" > -#include "log.h" > - > -static int g_log_recursion_level = 0; > - > -// a largest buffer size. if we get a buf size bigger than this when > unpacking, > -// will complain! > -#define BSG_MAX_BUF_SIZE (1<<18) > - > -#define bsglog(fmt, ...) do { \ > - int __i; \ > - for (__i=0; __i < g_log_recursion_level; __i++) { \ > - vtpmloginfomore (VTPM_LOG_BSG, "%s", " "); \ > - } \ > - vtpmloginfomore (VTPM_LOG_BSG, fmt, __VA_ARGS__); > \ > - } while (0) > - > - > -// FIXME: trigger the selfcheck--need to use glibc hook to do this > -//BOOL dummy1 = BSG_static_selfcheck(); > - > - > -// Interpretting Types > -// ------------------- > -// > -// Incoming Types are composed of two parts {format, info} squished into a > -// BSG_UINT32. The first 4 bits is a format spec indicating what type of > -// data it is. If the first 4 bits are zero the info corresponds to a value > in > -// BSG_s_fmt[]. This is a structure whose composition is described in > -// BSG_s_fmt[]. If the value is non-zero, info corresponds to the size of the > -// data (in bytes) being passed in. For example a UINT32 being passed in > would > -// have a format of (__FMT_CONST | 4). If both, the format and info are zero, > -// this is interpretted as the end of the structure, and the result is > returned. > - > -// these flags are mutually exclusive, so I'll just make them > -// format values which indicate the semantics of the 'info' part and the > source > -// data. The above description has been accordingly adjusted. > - > -// format values for determining what type of data the incoming type is > -// it's a 4 bit value, occupying the high 4 bits > -#define __FMT_CONST (1UL << 28) // Constant sized value > -#define __FMT_DATA (2UL << 28) // Believed to be raw data NOT {size,data} > -#define __FMT_SIZE (3UL << 28) // A size. Used in FMT_SIZE??_DATA. > -#define __FMT_HSIZE (4UL << 28) // A number of handles > -#define __FMT_PACKED (5UL << 28) // 'info' is unused; the source data > consists > - // of {size32, data} but we're to pack only > the > - // data as that is already packed, and so > - // can/must be unpacked without > - // explicitly reading it size > - > -#define __FMT_MASK 0x0FFFFFFFUL // this masks out the 4-bit format > -#define __FMT_MASK_SIZE(type) ((type) & __FMT_MASK) > -#define __FMT_MASK_FORMAT(type) ((type) & (~__FMT_MASK)) > - > -// constant (8/16/32-bits) > -#define FMT_U8 (__FMT_CONST | 1UL) > -#define FMT_U16 (__FMT_CONST | 2UL) > -#define FMT_U32 (__FMT_CONST | 4UL) > - > -// const with a compiler-computed size > -#define FMT_SIZEOF(type) (__FMT_CONST | sizeof(type)) > - > -// other data (size bytes) > -// Used primarily for DIGESTS -> FMT_DATA(20) > -#define FMT_DATA(size) (__FMT_DATA | ((BSG_UINT32) (size) & __FMT_MASK)) > - > -// 16/32-bit size followed by N bytes of data > -#define FMT_SIZE16_DATA (__FMT_SIZE | 2UL) > -#define FMT_SIZE32_DATA (__FMT_SIZE | 4UL) > - > -// 16-bit size followed by N key handles > -#define FMT_SIZE16_HANDLES (__FMT_HSIZE | 2UL) > - > -#define DIGEST_SIZE 20 > -typedef BSG_UINT32 BSG_HANDLE; > - > -// TCPA_AUTH has 11 fields! > -#define MAX_FIELDS 11 > -typedef struct BSG_Format > -{ > - BSG_Type type; > - const char* name; > - BSG_UINT32 fields[MAX_FIELDS + 1]; > -} BSG_Format; > - > -/* > - * TCPA structure data formats > - */ > -// this has to be manually kept in sync with the > -// Type enum!! the static_selfcheck() function should be used regularly! > -static BSG_Format s_fmt[] = > -{ > - {BSG_TYPE_UINT32, "BSG_TYPE_UINT32", {FMT_U32, 0}}, > - {BSG_TYPE_UINT16, "BSG_TYPE_UINT16", {FMT_U16, 0}}, > - {BSG_TYPE_BYTE, "BSG_TYPE_BYTE", {FMT_U8, 0}}, > - {BSG_TYPE_BOOL, "BSG_TYPE_BOOL", {FMT_U8, 0}}, > - {BSG_TPM_SIZE32_DATA, "BSG_TPM_SIZE32_DATA", {FMT_SIZE32_DATA, 0}}, > - {BSG_TPM_TAG, "BSG_TPM_TAG", {FMT_SIZEOF(TPM_TAG), 0}}, > - {BSG_TPM_HANDLE, "BSG_TPM_HANDLE", {FMT_SIZEOF(TPM_HANDLE), 0}}, > - {BSG_TPM_RESULT, "BSG_TPM_RESULT", {FMT_SIZEOF(TPM_RESULT), 0}}, > - {BSG_TPM_RESOURCE_TYPE, "BSG_TPM_RESOURCE_TYPE", > {FMT_SIZEOF(TPM_RESOURCE_TYPE), 0}}, > - {BSG_TPM_COMMAND_CODE, "BSG_TPM_COMMAND_CODE", {FMT_U32, 0}}, > - {BSG_TPM_AUTH_DATA_USAGE, "BSG_TPM_AUTH_DATA_USAGE", {FMT_U8, 0}}, > - {BSG_TPM_ALGORITHM_ID, "BSG_TPM_ALGORITHM_ID", {FMT_U32, 0}}, > - {BSG_TPM_PROTOCOL_ID, "BSG_TPM_PROTOCOL_ID", {FMT_SIZEOF(TPM_PROTOCOL_ID), > 0}}, > - {BSG_TPM_KEY_USAGE, "BSG_TPM_KEY_USAGE", {FMT_U16, 0}}, > - {BSG_TPM_ENC_SCHEME, "BSG_TPM_ENC_SCHEME", {FMT_U16, 0}}, > - {BSG_TPM_SIG_SCHEME, "BSG_TPM_SIG_SCHEME", {FMT_U16, 0}}, > - {BSG_TPM_MIGRATE_SCHEME, "BSG_TPM_MIGRATE_SCHEME", {FMT_U16, 0}}, > - {BSG_TPM_KEY_FLAGS, "BSG_TPM_KEY_FLAGS", {FMT_U32, 0}}, > - > - {BSG_TPM_AUTHDATA, "BSG_TPM_AUTHDATA", {FMT_DATA(DIGEST_SIZE), 0}}, > - {BSG_TPM_SECRET, "BSG_TPM_SECRET", {BSG_TPM_AUTHDATA, 0}}, > - {BSG_TPM_ENCAUTH, "BSG_TPM_ENCAUTH", {BSG_TPM_AUTHDATA, 0}}, > - {BSG_TPM_PAYLOAD_TYPE, "BSG_TPM_PAYLOAD_TYPE", > {FMT_SIZEOF(TPM_PAYLOAD_TYPE), 0}}, > - > - {BSG_TPM_VERSION, "BSG_TPM_VERSION", {FMT_DATA(4), 0}}, // vers 1.2 > - {BSG_TPM_DIGEST, "BSG_TPM_DIGEST", {FMT_DATA(DIGEST_SIZE), 0}}, > - {BSG_TPM_COMPOSITE_HASH, "BSG_TPM_COMPOSITE_HASH", {BSG_TPM_DIGEST, 0}}, > - {BSG_TPM_CHOSENID_HASH, "BSG_TPM_CHOSENID_HASH", {BSG_TPM_DIGEST, 0}}, > - > - {BSG_TPM_NONCE, "BSG_TPM_NONCE", {FMT_DATA(DIGEST_SIZE), 0}}, > - {BSG_TPM_KEY_HANDLE, "BSG_TPM_KEY_HANDLE", {FMT_SIZEOF(TPM_KEY_HANDLE), > 0}}, > - {BSG_TPM_KEY_HANDLE_LIST, "BSG_TPM_KEY_HANDLE_LIST", > - {FMT_SIZE16_HANDLES, 0}}, > - > - {BSG_TPM_KEY_PARMS, "BSG_TPM_KEY_PARMS", { > - BSG_TPM_ALGORITHM_ID, > - BSG_TPM_ENC_SCHEME, > - BSG_TPM_SIG_SCHEME, > - FMT_SIZE32_DATA, > - 0}}, > - {BSG_TPM_RSA_KEY_PARMS, "BSG_TPM_RSA_KEY_PARMS", { > - FMT_U32, FMT_U32, FMT_SIZE32_DATA, 0}}, > - {BSG_TPM_STORE_PUBKEY, "BSG_TPM_STORE_PUBKEY", {FMT_SIZE32_DATA, 0}}, > - {BSG_TPM_PUBKEY, "BSG_TPM_PUBKEY", {BSG_TPM_KEY_PARMS, > BSG_TPM_STORE_PUBKEY, 0}}, > - {BSG_TPM_KEY, "BSG_TPM_KEY", { > - BSG_TPM_VERSION, > - BSG_TPM_KEY_USAGE, > - BSG_TPM_KEY_FLAGS, > - BSG_TPM_AUTH_DATA_USAGE, > - BSG_TPM_KEY_PARMS, > - FMT_SIZE32_DATA, // the PCR_INFO > - BSG_TPM_STORE_PUBKEY, > - FMT_SIZE32_DATA, // the encrypted part > - 0}}, > - > - {BSG_TPM_MIGRATIONKEYAUTH, "BSG_TPM_MIGRATIONKEYAUTH", { > - BSG_TPM_PUBKEY, > - BSG_TPM_MIGRATE_SCHEME, > - BSG_TPM_DIGEST, 0}}, > - > - {BSG_TCPA_AUDIT_EVENT, "TCPA_AUDIT_EVENT", { > - BSG_TPM_COMMAND_CODE, > - BSG_TPM_RESULT, 0 }}, > - > - {BSG_TCPA_EVENT_CERT, "TCPA_EVENT_CERT", { > - BSG_TPM_DIGEST, > - BSG_TPM_DIGEST, > - FMT_DATA(2), > - FMT_SIZE32_DATA, 0}}, > - > - {BSG_TPM_PCR_SELECTION, "BSG_TPM_PCR_SELECTION", {FMT_SIZE16_DATA, 0} }, > - {BSG_TPM_PCR_COMPOSITE, "BSG_TPM_PCR_COMPOSITE", { BSG_TPM_PCR_SELECTION, > - FMT_SIZE32_DATA, > - 0} }, > - > - {BSG_TPM_PCR_INFO, "BSG_TPM_PCR_INFO", { BSG_TPM_PCR_SELECTION, > - BSG_TPM_COMPOSITE_HASH, > - BSG_TPM_COMPOSITE_HASH, > - 0} }, > - > - > - {BSG_TPM_STORED_DATA, "BSG_TPM_STORED_DATA", { > - BSG_TPM_VERSION, > - FMT_SIZE32_DATA, > - FMT_SIZE32_DATA, > - 0}}, > - {BSG_TPM_SYMMETRIC_KEY, "BSG_TPM_SYMMETRIC_KEY", { > - BSG_TPM_ALGORITHM_ID, > - BSG_TPM_ENC_SCHEME, > - FMT_SIZE16_DATA, > - 0}}, > - {BSG_TPM_STORE_PRIVKEY, "BSG_TPM_STORE_PRIVKEY", {FMT_SIZE32_DATA, 0}}, > - {BSG_TPM_STORE_ASYMKEY, "BSG_TPM_STORE_ASYMKEY", { > - BSG_TPM_PAYLOAD_TYPE, > - BSG_TPM_SECRET, > - BSG_TPM_SECRET, > - BSG_TPM_DIGEST, > - BSG_TPM_STORE_PRIVKEY, > - 0}}, > - {BSG_TPM_MIGRATE_ASYMKEY, "BSG_TPM_MIGRATE_ASYMKEY", { > - BSG_TPM_PAYLOAD_TYPE, > - BSG_TPM_SECRET, > - BSG_TPM_DIGEST, > - FMT_U32, > - BSG_TPM_STORE_PRIVKEY, > - 0}}, > - > - {BSG_TPM_QUOTE_INFO, "BSG_TPM_QUOTE_INFO", { > - BSG_TPM_VERSION, > - FMT_DATA(4), > - BSG_TPM_COMPOSITE_HASH, > - BSG_TPM_NONCE, > - 0}}, > - > - {BSG_TPM_IDENTITY_CONTENTS, "BSG_TPM_IDENTITY_CONTENTS", { > - BSG_TPM_VERSION, > - FMT_U32, > - BSG_TPM_CHOSENID_HASH, > - BSG_TPM_PUBKEY, > - 0}}, > - > - {BSG_TPM_PCRVALUE, "BSG_TPM_PCRVALUE", {FMT_DATA(DIGEST_SIZE), 0}}, > - > - {BSG_TCPA_PCR_FLAGS, "TCPA_PCR_FLAGS", { > - FMT_U8, > - FMT_U8, > - 0}}, > - > - {BSG_TCS_AUTH, "TCS_AUTH", { > - BSG_TYPE_UINT32, > - BSG_TPM_NONCE, > - BSG_TPM_NONCE, > - BSG_TYPE_BOOL, > - BSG_TPM_AUTHDATA, > - 0}}, > - > - {BSG_TPM_KEY_NONSENSITIVE, "BSG_TPM_KEY_NONSENSITIVE", { > - BSG_TPM_VERSION, > - BSG_TPM_KEY_USAGE, > - BSG_TPM_KEY_FLAGS, > - BSG_TPM_AUTH_DATA_USAGE, > - BSG_TPM_KEY_PARMS, > - FMT_SIZE32_DATA, > - BSG_TPM_STORE_PUBKEY, > - 0}}, > - > - {BSG_PACKED, "BSG_PACKED", { > - __FMT_PACKED, > - 0 }}, > - > - {BSG_TYPE_MAX, "", {0}}, > -}; > - > - > -static const BSG_Format* find_format (BSG_Type t) { > - BSG_Format * f = s_fmt; > - > - if (t >= BSG_TYPE_MAX) { > - return NULL; > - } > - > - // WARNING: this depends on the enum and s_fmt[] array being in sync! make > - // sure to run the static_selfcheck() to make sure > - f = s_fmt + (t - BSG_TYPE_FIRST); > - > - return f; > -} > - > -// > -// a consistency-checking routine which can be run at compile time > -// (ie. immediately after compilation) > -// > -// tasks: > -// - verify that s_fmt has one entry per Type t, and that entry is at > s_fmt[t] > -// > -// conditions: > -// - need that s_fmt[0] is the first type listed in the Type enum! ie the > first > -// Type has value 0, not 1 > -// > -// FIXME: should have a function be passed in here which is called if the > test > -// fails. Then the caller can decide what to do: abort, notify, whatever > -// > -BOOL BSG_static_selfcheck () > -{ > - int i; > - > - for (i=BSG_TYPE_FIRST; i <= BSG_TYPE_MAX; i++) { > - if (s_fmt[i - BSG_TYPE_FIRST].type != i) { > - bsglog ("%s\n", "BSG: static_selfcheck failed!\n"); > - bsglog ("failure at %i, allegedly %s\n", > - i, s_fmt[i - BSG_TYPE_FIRST].name); > - abort(); > - return FALSE; > - } > - } > - > - bsglog ("%s\n", "BSG: static_selfcheck success!"); > - return TRUE; > -} > - > - > -/** > - * Flatten a TCPA structure into a buffer in big-endian format > - * @type: TCPA structure type > - * @src: (IN) TCPA structure (OUT) end of TCPA structure > - * @dst: (OUT) flattened data > - * Returns: Flattened size or -1 for unknown types > - */ > -// make it so that it can just run through the whole process and return > -// the packed size, without packing anything. this will be done if dst is > NULL. > -static int BSG_Pack_private(BSG_Type type, const BSG_BYTE** src, BSG_BYTE* > dst) > -{ > - // check incoming parameters > - if (*src == NULL) > - return 0; > - > - const BSG_BYTE* s = *src; > - BSG_BYTE* d = dst; > - > - BSG_UINT32 size = __FMT_MASK_SIZE(type); > - BSG_UINT32 format = __FMT_MASK_FORMAT(type); > - > - if (format == __FMT_CONST) // We are dealing with a fixed length value eg. > UINT32 > - { > - BSG_UINT32 val = 0; > - switch (size) { > - case 1: val = * (BYTE*) s; break; > - case 2: val = * (unsigned short*) s; break; > - case 4: val = * (BSG_UINT32*) s; break; > - } > - if (dst) > - BSG_PackConst(val, size, d); > - > - s += size; > - d += size; > - } else if (format == __FMT_DATA) { // We are dealing with raw data. Not > sure when > - // this is used. > - > - if (dst) { > - bsglog ("BSG: __FMT_DATA size %d, src %p, dst %p\n", size, s, d); > - memcpy(d, s, size); > - } > - > - s += size; > - d += size; > - } else if (format == __FMT_SIZE || format == __FMT_HSIZE) { // It's a > size, followed by that much data or handles > - > - BSG_UINT32 psize = 0; > - switch (size) { > - case 1: psize = * (BYTE*) s; break; > - case 2: psize = * (unsigned short*) s; break; > - case 4: psize = * (BSG_UINT32*) s; break; > - } > - > - if (dst) > - BSG_PackConst(psize, size, d); > - > - s += size; > - d += size; > - > - // now 's' points to an address, so cast it to BSG_BYTE** > - const BSG_BYTE* pdata = * ((BSG_BYTE**) s); > - s += sizeof(BSG_BYTE*); > - > - if (format == __FMT_HSIZE) {// This is a list of psize Handles > - if (dst) { > - BSG_HANDLE* d2 = (BSG_HANDLE*) d; > - BSG_HANDLE* p2 = (BSG_HANDLE*) pdata; > - BSG_UINT32 i; > - for (i = 0; i < psize; i++) > - d2[i] = BSG_UnpackConst((BSG_BYTE*)(p2 + i), 4); > - > - } > - d += psize * sizeof(BSG_HANDLE); > - } else {// If it's not psize handles, it's psize data. > - if (psize > 0) { > - if (dst) { > - bsglog ("BSG: __FMT_SIZE, size=%d, src=%p, dst=%p\n", > - psize, pdata, d); > - memcpy(d, pdata, psize); > - } > - } > - d += psize; > - } > - } else if (format == __FMT_PACKED) { > - // the source buffer is a pack_constbuf_t, which has a size and a > - // pointer. just copy the buffer value, the size is not included in the > - // output stream. > - pack_constbuf_t * buf = (pack_constbuf_t*) s; > - > - if (dst) { > - bsglog ("BSG: __FMT_PACKED, size=%d, src=%p, dst=%p\n", > - buf->size, buf->data, d); > - memcpy(d, buf->data, buf->size); > - } > - > - s += buf->size; > - d += buf->size; > - } else if (format == 0) {// No flags are set. This is a structure & it > should > - // be looked up in the bsg_s_fmt[] > - > - const BSG_Format* x = find_format (type); > - if (x == NULL) { > - vtpmloginfo(VTPM_LOG_BSG, "BSG_Pack: cannot find type %d\n", type); > - return -1; > - } > - > - if (dst) > - bsglog ("BSG_Pack type %s\n", x->name); > - > - > - // iterate through the fields > - const BSG_UINT32* f = x->fields; > - for (; *f; f++) { > - int fsize; > - > - g_log_recursion_level++; > - fsize = BSG_Pack_private((BSG_Type) *f, &s, dst ? d : NULL); > - g_log_recursion_level--; > - > - if (fsize <= 0) > - return fsize; > - > - d += fsize; > - } > - } else { > - vtpmlogerror(VTPM_LOG_BSG, "BSG_Pack(): Unknown format %d\n", format); > - return -1; > - } > - > - *src = s; > - return (d - dst); > -} > - > -/** > - * Unflatten a TCPA structure from a buffer in big-endian format > - * @type: TCPA structure type > - * @src: flattened data > - * @dst: (IN) TCPA structure (OUT) end of TCPA structure > - * Returns: Flattened size > - * Note: Returns flattened size NOT the unpacked structure size > - */ > -static int BSG_Unpack_private(BSG_Type type, const BSG_BYTE* src, BSG_BYTE** > dst) { > - // check incoming parameters > - if (src == NULL) > - return 0; > - > - > - const BSG_BYTE* s = src; > - BSG_BYTE* d = dst ? *dst:NULL; > - if (dst && !d) > - dst = NULL; > - > - BSG_UINT32 size = __FMT_MASK_SIZE(type); > - BSG_UINT32 format = __FMT_MASK_FORMAT(type); > - > - if (format == __FMT_CONST) {// We are dealing with a fixed length value > ie. UINT32 > - > - BSG_UINT32 val = BSG_UnpackConst(s, size); > - > - if (dst) { > - switch (size) { > - case 1: *(BYTE *) d = (BSG_BYTE) val; break; > - case 2: *(unsigned short*) d = (unsigned short) val; break; > - case 4: *(BSG_UINT32*) d = (BSG_UINT32) val; break; > - } > - } > - > - s += size; > - d += size; > - } else if (format == __FMT_DATA) {// We are dealing with raw data. Not > sure when this is used. > - if (dst) > - memcpy(d, s, size); > - > - d += size; > - s += size; > - } else if (format == __FMT_SIZE || format == __FMT_HSIZE) {// It's a size, > followed by that much data or handles > - > - BSG_UINT32 psize = BSG_UnpackConst(s, size); > - > - if (psize > BSG_MAX_BUF_SIZE) { > - vtpmlogerror(VTPM_LOG_BSG, "BSG_Unpack runs into var-sized data bigger > than %u bytes!!\n", > - BSG_MAX_BUF_SIZE); > - return -1; > - } > - > - if (dst) { > - switch (size) { > - case 1: *(BYTE *) d = (BSG_BYTE) psize; break; > - case 2: *(unsigned short*) d = (unsigned short) psize; break; > - case 4: *(BSG_UINT32*) d = (BSG_UINT32) psize; break; > - } > - } > - > - s += size; > - d += size; > - > - BSG_BYTE* pdata = NULL; > - > - if (psize) { > - if (format == __FMT_HSIZE) { // This is a list of psize Handles > - if (dst) { > - BSG_HANDLE* s2 = (BSG_HANDLE*) s; > - pdata = (BSG_BYTE *)malloc(psize * sizeof(BSG_HANDLE)); > - if (!pdata) > - return -1; > - > - BSG_HANDLE* p2 = (BSG_HANDLE*) pdata; > - BSG_UINT32 i; > - for (i = 0; i < psize; i++) { > - BSG_PackConst(s2[i], 4, (BSG_BYTE*)(p2 + i)); > - } > - } > - s += psize * sizeof(BSG_HANDLE); > - } else { // If it's not psize handles, it's psize data. > - if (dst) { > - pdata = (BSG_BYTE *)malloc(sizeof(BSG_BYTE) * psize); > - if (!pdata) > - return -1; > - memcpy(pdata, s, psize); > - } > - s += psize; > - } > - } > - if (dst) > - *(void**) d = pdata; > - > - d += sizeof(void*); > - } else if (format == __FMT_PACKED) { > - > - // this doesn't make sense for unpacking! > - vtpmlogerror(VTPM_LOG_BSG, "BSG_Unpack() called with format > __FMT_PACKED. " > - "This does not > make sense\n"); > - > - return -1; > - } else if (format == 0) {// No flags are set. This is a structure & it > should > - // be looked up in the bsg_s_fmt[] > - > - const BSG_Format* x = find_format (type); > - if (x == NULL) { > - vtpmlogerror(VTPM_LOG_BSG, "BSG_Unpack: cannot find type %d\n", type); > - return -1; > - } > - > - const BSG_UINT32* f = x->fields; > - for (; *f; f++) { > - int fsize = BSG_Unpack_private((BSG_Type) *f, s, dst ? &d:NULL); > - if (fsize <= 0) > - return fsize; > - s += fsize; > - } > - } > - > - if (dst) > - *dst = d; > - return (s - src); > -} > - > -/** > - * Free memory associated with unpacked TCPA structure > - * @type: TCPA structure type > - * @src: (IN) TCPA structure (OUT) end of TCPA structure > - * Note: Destroy should be called on all structures created with Unpack > - * to ensure that any allocated memory is freed > - */ > -static void BSG_Destroy_private(BSG_Type type, BSG_BYTE** src) { > - BSG_BYTE* s = *src; > - > - BSG_UINT32 size = __FMT_MASK_SIZE(type); > - BSG_UINT32 format = __FMT_MASK_FORMAT(type); > - > - if ((src == NULL) || (*src == NULL)) { > - vtpmlogerror(VTPM_LOG_BSG, "BSG_Destroy() called with NULL src\n"); > - return; > - } > - > - if (format == __FMT_CONST || format == __FMT_DATA) > - s += size; > - else if (format == __FMT_SIZE || format == __FMT_HSIZE) { > - s += size; > - BSG_BYTE* ptr = *(BSG_BYTE**) s; > - free(ptr); > - s += sizeof(void*); > - } else if (format == __FMT_PACKED) { > - > - // this doesn't make sense for unpacking, hence also for Destroy() > - vtpmlogerror(VTPM_LOG_BSG, "BSG_Destroy() called with format > __FMT_PACKED. " > - "This does not > make sense\n"); > - > - return; > - } else if (format == 0) { > - const BSG_Format* x = find_format (type); > - if (x == NULL) { > - vtpmlogerror(VTPM_LOG_BSG, "BSG_Destroy: cannot find type %d\n", type); > - return; > - } > - > - const BSG_UINT32* f = x->fields; > - for (; *f; f++) > - BSG_Destroy_private((BSG_Type) *f, &s); > - } > - > - *src = s; > -} > - > -int BSG_Pack(BSG_Type type, const void* src, BSG_BYTE* dst) > -{ > - const BSG_BYTE* src2 = (const BSG_BYTE*) src; > - return BSG_Pack_private(type, &src2, dst); > -} > - > -int BSG_Unpack(BSG_Type type, const BSG_BYTE* src, void* dst) > -{ > - BSG_BYTE* dst2 = (BSG_BYTE*) dst; > - return BSG_Unpack_private(type, src, dst ? &dst2:NULL); > -} > - > -void BSG_Destroy(BSG_Type type, void* src) > -{ > - BSG_BYTE* src2 = (BSG_BYTE*) src; > - BSG_Destroy_private(type, &src2); > -} > - > -/** > - * Pack a 8/16/32-bit constant into a buffer in big-endian format > - * @val: constant value > - * @size: constant size in bytes (1, 2, or 4) > - * @dst: (OUT) buffer > - */ > -void BSG_PackConst(BSG_UINT32 val, int size, BSG_BYTE* dst) { > - bsglog ("BSG: PackConst on %d of size %i into address %p\n", val, size, > dst); > - > - switch (size) { > - case 4: > - dst[0] = (BSG_BYTE)((val >> 24) & 0xff); > - dst[1] = (BSG_BYTE)((val >> 16) & 0xff); > - dst[2] = (BSG_BYTE)((val >> 8) & 0xff); > - dst[3] = (BSG_BYTE)(val & 0xff); > - break; > - case 2: > - dst[0] = (BSG_BYTE)((val >> 8) & 0xff); > - dst[1] = (BSG_BYTE)(val & 0xff); > - break; > - case 1: > - dst[0] = (BSG_BYTE)(val & 0xff); > - break; > - } > -} > - > -/** > - * Unpack a 8/16/32-bit constant from a buffer in big-endian format > - * @src: buffer > - * @size: constant size in bytes (1, 2, or 4) > - */ > -BSG_UINT32 BSG_UnpackConst(const BSG_BYTE* src, int size) { > - BSG_UINT32 val = 0; > - > - if (src == NULL) > - return 0; > - > - switch (size) { > - case 4: > - val = (((BSG_UINT32) src[0]) << 24 > - | ((BSG_UINT32) src[1]) << 16 > - | ((BSG_UINT32) src[2]) << 8 > - | (BSG_UINT32) src[3]); > - break; > - case 2: > - val = (((BSG_UINT32) src[0]) << 8 | (BSG_UINT32) src[1]); > - break; > - case 1: > - val = (BSG_UINT32) src[0]; > - break; > - } > - return val; > -} > - > -// Pack a list of parameters. Beware not to send values, but rather you must > -// send a pointer to your values Instead. This includes UINT32's. > -int BSG_PackList( BSG_BYTE* dst, int ParamCount, ... ) { > - int ParamNumber; > - BSG_Type format; > - BSG_BYTE* val = NULL; > - int size=0; > - > - va_list paramList; > - va_start( paramList, ParamCount ); > - > - for( ParamNumber = 1; ParamNumber <= ParamCount; ParamNumber++) { > - //Strangeness with int is because gcc wanted an int rather than a enum > of ints. > - format = (BSG_Type) va_arg( paramList, int ); > - val = va_arg( paramList, BSG_BYTE* ); > - size += BSG_Pack(format, val, dst == NULL ? NULL : dst + size); > - } > - > - va_end (paramList); > - > - return size; > -} > - > -// Unpack a list of parameters. > -int BSG_UnpackList( const BSG_BYTE* src, int ParamCount, ... ) { > - int ParamNumber = 0; > - BSG_Type format; > - BSG_BYTE* val = NULL; > - int size = 0; > - > - va_list paramList; > - va_start( paramList, ParamCount ); > - > - for( ParamNumber = 1; ParamNumber <= ParamCount; ParamNumber++) { > - format = (BSG_Type) va_arg( paramList, int ); > - val = va_arg( paramList, BSG_BYTE* ); > - > - size += BSG_Unpack(format, src + size, val); > - } > - > - va_end( paramList ); > - > - return size; > -} > - > -// Destroy any memory allocated by calls to unpack > -void BSG_DestroyList(int ParamCount, ... ) { > - int ParamNumber = 0; > - BSG_Type argType; > - BSG_BYTE* paramValue = NULL; > - > - va_list paramList; > - va_start( paramList, ParamCount ); > - > - for( ParamNumber = 1; ParamNumber <= ParamCount; ParamNumber++) { > - argType = (BSG_Type) va_arg( paramList, int ); > - paramValue = va_arg( paramList, BSG_BYTE* ); > - > - BSG_Destroy(argType, paramValue); > - } > - > - va_end( paramList ); > - > - return; > -} > - > - > -// and a tuple version > -TPM_RESULT BSG_DestroyTuple (int numParams, pack_tuple_t params[]) { > - int i; > - > - for (i = 0; i < numParams; i++) > - BSG_Destroy (params[i].type, params[i].addr); > - > - return TPM_SUCCESS; > -} > - > - > -// > -// wrappers of Pack and PackList which malloc the ouput buffer. to be freed > -// by the caller later > -// > - > -int BSG_PackMalloc (BSG_Type type, const void* src, BSG_BYTE** o_dst) { > - int size = BSG_Pack (type, src, NULL); > - BSG_BYTE * dest = (BSG_BYTE*) malloc (size); > - if (dest == NULL) > - return -1; > - > - size = BSG_Pack(type, src, dest); > - *o_dst = dest; > - return size; > -} > - > - > - > -int BSG_PackListMalloc(BSG_BYTE** outBuffer, int ParamCount, ... ) { > - va_list args; > - int size; > - > - va_start (args, ParamCount); > - size = BSG_PackList (NULL, ParamCount, args); > - va_end (args); > - > - BSG_BYTE * dest = (BSG_BYTE*) malloc (size); > - if (dest == NULL) > - return -1; > - > - va_start (args, ParamCount); > - size = BSG_PackList (dest, ParamCount, args); > - va_end (args); > - > - *outBuffer = dest; > - return size; > -} > diff --git a/tools/vtpm_manager/util/bsg.h b/tools/vtpm_manager/util/bsg.h > deleted file mode 100644 > index 0896812..0000000 > --- a/tools/vtpm_manager/util/bsg.h > +++ /dev/null > @@ -1,166 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// bsg.h > -// > -// This file contains API's for the TPM Byte Stream functions > -// > -// ================================================================== > - > -#ifndef __BSG_H__ > -#define __BSG_H__ > - > -#include <stdarg.h> > -#include "buffer.h" > - > -typedef unsigned int BSG_UINT32; > -typedef unsigned char BSG_BYTE; > - > -// forward decl > -struct pack_const_tuple_t; > - > -struct pack_tuple_t; > - > - > -/** > - * Byte stream generator > - */ > -// this has to be manually kept in sync with the > -// s_fmt array!! > -// but now we have a self-check function which can make sure things are well > -// (if used!) > -typedef enum BSG_Type > -{ > - BSG_TYPE_FIRST = 1, > - BSG_TYPE_UINT32 = 1, // start at 1 so that Type 0 only serves as an > - // unused/special value > - BSG_TYPE_UINT16, > - BSG_TYPE_BYTE, > - BSG_TYPE_BOOL, > - BSG_TPM_SIZE32_DATA, // a 32 bit unsigned size, followed by > - // a pointer to that much data. can pass a > - // struct pack_buf_t as the param > - BSG_TPM_TAG, > - BSG_TPM_HANDLE, > - BSG_TPM_RESULT, > - BSG_TPM_RESOURCE_TYPE, > - BSG_TPM_COMMAND_CODE, > - BSG_TPM_AUTH_DATA_USAGE, > - BSG_TPM_ALGORITHM_ID, > - BSG_TPM_PROTOCOL_ID, > - BSG_TPM_KEY_USAGE, > - BSG_TPM_ENC_SCHEME, > - BSG_TPM_SIG_SCHEME, > - BSG_TPM_MIGRATE_SCHEME, > - BSG_TPM_KEY_FLAGS, > - BSG_TPM_AUTHDATA, > - BSG_TPM_SECRET, > - BSG_TPM_ENCAUTH, > - BSG_TPM_PAYLOAD_TYPE, > - > - BSG_TPM_VERSION, > - BSG_TPM_DIGEST, > - BSG_TPM_COMPOSITE_HASH, > - BSG_TPM_CHOSENID_HASH, > - BSG_TPM_NONCE, > - BSG_TPM_KEY_HANDLE, > - BSG_TPM_KEY_HANDLE_LIST, > - BSG_TPM_KEY_PARMS, > - BSG_TPM_RSA_KEY_PARMS, > - BSG_TPM_STORE_PUBKEY, > - BSG_TPM_PUBKEY, > - BSG_TPM_KEY, > - > - BSG_TPM_MIGRATIONKEYAUTH, > - BSG_TCPA_AUDIT_EVENT, > - BSG_TCPA_EVENT_CERT, > - BSG_TPM_PCR_SELECTION, > - BSG_TPM_PCR_COMPOSITE, > - BSG_TPM_PCR_INFO, > - BSG_TPM_STORED_DATA, > - BSG_TPM_SYMMETRIC_KEY, > - BSG_TPM_STORE_PRIVKEY, > - BSG_TPM_STORE_ASYMKEY, > - BSG_TPM_MIGRATE_ASYMKEY, > - BSG_TPM_QUOTE_INFO, > - BSG_TPM_IDENTITY_CONTENTS, > - BSG_TPM_PCRVALUE, > - BSG_TCPA_PCR_FLAGS, > - BSG_TCS_AUTH, > - > - // this is the BSG_TPM_KEY struct without the encData field > - BSG_TPM_KEY_NONSENSITIVE, > - > - BSG_PACKED, > - > - BSG_TYPE_MAX > -} BSG_Type; > - > -struct pack_const_tuple_t { > - BSG_Type type; > - const void * addr; > -}; > - > - > -typedef struct pack_tuple_t { > - BSG_Type type; > - void * addr; > -} pack_tuple_t; > - > -int BSG_Pack(BSG_Type type, const void* src, BSG_BYTE* dst); > -int BSG_Unpack(BSG_Type type, const BSG_BYTE* src, void* dst); > -void BSG_Destroy(BSG_Type type, void* src); > - > -// wrappers of Pack and PackList which malloc the ouput buffer. to be freed > -// by the caller later. returns size of allocated buffer, or -1 in case > -// allocation failed > -int BSG_PackMalloc (BSG_Type type, const void* src, BSG_BYTE** o_dst); > -int BSG_PackListMalloc (BSG_BYTE** outBuffer, int ParamCount, ... ); > - > -// a va_list version of PackList > -int BSG_PackList(BSG_BYTE* outBuffer, int ParamCount, ... ); > -int BSG_UnpackList(const BSG_BYTE* inBuffer, int ParamCount, ... ); > -void BSG_DestroyList(int ParamCount, ... ); > - > -// wrapper of PackList which uses a buffer_t > -TPM_RESULT BSG_PackListBuf (buffer_t * o_buf, int ParamCount, ...); > - > -// and a tuple version > -TPM_RESULT BSG_DestroyTuple (int numParams, pack_tuple_t params[]); > - > -void BSG_PackConst(BSG_UINT32 val, int size, BSG_BYTE* dst); > -BSG_UINT32 BSG_UnpackConst(const BSG_BYTE* src, int size); > - > -BOOL BSG_static_selfcheck (); > - > -#endif > diff --git a/tools/vtpm_manager/util/buffer.c > b/tools/vtpm_manager/util/buffer.c > deleted file mode 100644 > index df48bc2..0000000 > --- a/tools/vtpm_manager/util/buffer.c > +++ /dev/null > @@ -1,226 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > - > - > -#include <stdarg.h> > -#include <string.h> > -#include <stdlib.h> > -#include <stdio.h> > -#include <sys/param.h> > - > -#include "tcg.h" > -#include "bsg.h" > -#include "buffer.h" > - > -static TPM_RESULT buffer_priv_realloc (buffer_t * buf, tpm_size_t newsize); > - > -// > -// buffer functions! > -// > - > -TPM_RESULT buffer_init (buffer_t * buf, tpm_size_t initsize, const BYTE* > initval) { > - if (initsize == 0) { > - memset(buf, 0, sizeof(*buf)); > - return TPM_SUCCESS; > - } > - > - > - buf->bytes = (BYTE*) malloc (initsize); > - if (buf->bytes == NULL) > - return TPM_RESOURCES; > - > - buf->size = initsize; > - buf->alloc_size = initsize; > - > - if (initval) > - memcpy (buf->bytes, initval, initsize); > - > - buf->is_owner = TRUE; > - > - return TPM_SUCCESS; > -} > - > -TPM_RESULT buffer_init_convert (buffer_t * buf, tpm_size_t initsize, BYTE* > initval) { > - > - buf->size = initsize; > - buf->alloc_size = initsize; > - buf->bytes = initval; > - > - buf->is_owner = TRUE; > - > - return TPM_SUCCESS; > -} > - > -TPM_RESULT buffer_init_copy (buffer_t * buf, const buffer_t * src) { > - TPM_RESULT status = buffer_init (buf, src->size, src->bytes); > - buf->is_owner = TRUE; > - > - return status; > -} > - > - > - > -// make an alias to a constant array > -TPM_RESULT buffer_init_const (buffer_t * buf, tpm_size_t size, const BYTE* > val) { > - // TODO: try to enforce the const things somehow! > - buf->bytes = (BYTE*) val; > - buf->size = size; > - buf->alloc_size = 0; // this field is now unneeded > - > - buf->is_owner = FALSE; > - > - return TPM_SUCCESS; > -} > - > -// make an alias into buf, with given offset and length > -// if len = 0, make the alias go to the end of buf > -TPM_RESULT buffer_init_alias (buffer_t * buf, const buffer_t * b, > - tpm_size_t offset, tpm_size_t len) { > - if (offset + len > b->size) { > - return TPM_NOSPACE; > - } > - > - buf->bytes = b->bytes + offset; > - buf->size = len > 0 ? len : b->size - offset; > - > - //VS/ buf->alloc_size = 0; > - if (len ==0) > - buf->alloc_size = b->alloc_size - offset; > - else > - buf->alloc_size = MIN(b->alloc_size - offset, len); > - > - > - buf->is_owner = FALSE; > - > - return TPM_SUCCESS; > -} > - > -// make an alias buffer_t into bytestream, with given length > -TPM_RESULT buffer_init_alias_convert (buffer_t * buf, tpm_size_t size, BYTE* > val) { > - > - buf->size = size; > - buf->alloc_size = size; > - buf->bytes = val; > - > - buf->is_owner = FALSE; > - > - return TPM_SUCCESS; > -} > - > - > - > -// copy into the start of dest > -TPM_RESULT buffer_copy (buffer_t * dest, const buffer_t* src) > -{ > - TPM_RESULT status = TPM_SUCCESS; > - > - if (dest->alloc_size < src->size) { > - TPMTRYRETURN( buffer_priv_realloc (dest, src->size) ); > - } > - > - memcpy (dest->bytes, src->bytes, src->size); > - dest->size = src->size; > - > - //VS/ dest->is_owner = TRUE; > - > - abort_egress: > - > - return status; > -} > - > - > - > -BOOL buffer_eq (const buffer_t * a, const buffer_t * b) { > - return (a->size == b->size && memcmp (a->bytes, b->bytes, a->size) == 0); > -} > - > - > -void buffer_memset (buffer_t * buf, BYTE b) { > - memset (buf->bytes, b, buf->size); > -} > - > - > -TPM_RESULT buffer_append_raw (buffer_t * buf, tpm_size_t len, const BYTE* > bytes) { > - TPM_RESULT status = TPM_SUCCESS; > - > - if (buf->alloc_size < buf->size + len) { > - TPMTRYRETURN( buffer_priv_realloc (buf, buf->size + len) ); > - } > - > - memcpy (buf->bytes + buf->size, bytes, len); > - > - buf->size += len; > - > - goto egress; > - > - abort_egress: > - > - egress: > - > - return status; > -} > - > -tpm_size_t buffer_len (const buffer_t* buf) { > - return buf->size; > -} > - > -TPM_RESULT buffer_free (buffer_t * buf) { > - if (buf && buf->is_owner && buf->bytes != NULL) { > - free (buf->bytes); > - buf->bytes = NULL; > - buf->size = buf->alloc_size = 0; > - > - } > - > - return TPM_SUCCESS; > -} > - > -TPM_RESULT buffer_priv_realloc (buffer_t * buf, tpm_size_t newsize) { > - > - // we want to realloc to twice the size, or the new size, whichever > - // bigger > - > - BYTE * tmpbuf = NULL; > - > - newsize = MAX (buf->alloc_size * 2, newsize); > - > - tmpbuf = (BYTE*) realloc (buf->bytes, newsize); > - if (tmpbuf == NULL) > - return TPM_SIZE; > - > - > - buf->bytes = tmpbuf; > - buf->alloc_size = newsize; > - > - return TPM_SUCCESS; > -} > diff --git a/tools/vtpm_manager/util/buffer.h > b/tools/vtpm_manager/util/buffer.h > deleted file mode 100644 > index d8a9abc..0000000 > --- a/tools/vtpm_manager/util/buffer.h > +++ /dev/null > @@ -1,95 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > - > -#ifndef __VTPM_BUFFER_H__ > -#define __VTPM_BUFFER_H__ > - > -#include <stddef.h> // for pointer NULL > -#include "tcg.h" > - > -typedef UINT32 tpm_size_t; > - > -// first version, probably will be expanded... > - > -#define NULL_BUF {0,0,0,0} > - > -typedef struct { > - // private!! > - tpm_size_t size, alloc_size; > - BYTE * bytes; > - > - BOOL is_owner; // do we own this buffer, and need to free it? > -} buffer_t; > - > -// allocate the buffer if initsize > 0, copying over initval if provided > -TPM_RESULT buffer_init (buffer_t * buf, > - tpm_size_t initsize, > - const BYTE* initval); > - > -// Create a new buffer from a BYTE *. Use buffer_free to destroy original > BYTE * > -TPM_RESULT buffer_init_convert (buffer_t * buf, > - tpm_size_t initsize, > - BYTE* initval); > - > -// make an alias to a constant array, no copying > -TPM_RESULT buffer_init_const (buffer_t * buf, tpm_size_t size, const BYTE* > val); > - > -// make an alias into buf, with given offset and length > -// if len = 0, make the alias go to the end of buf > -TPM_RESULT buffer_init_alias (buffer_t * buf, const buffer_t * b, > - tpm_size_t offset, tpm_size_t); > - > -// make an alias buffer into a bytestream > -TPM_RESULT buffer_init_alias_convert (buffer_t * buf, > - tpm_size_t size, BYTE* val); > - > -// "copy constructor" > -TPM_RESULT buffer_init_copy (buffer_t * buf, const buffer_t * src); > - > - > -// copy into the start of a > -TPM_RESULT buffer_copy (buffer_t * dest, const buffer_t* src); > - > -// are they equal? > -BOOL buffer_eq (const buffer_t * a, const buffer_t * b); > - > -// set the buffer to a constant byte > -void buffer_memset (buffer_t * buf, BYTE b); > - > -tpm_size_t buffer_len (const buffer_t* buf); > - > -TPM_RESULT buffer_free (buffer_t * buf); > - > -TPM_RESULT buffer_append_raw (buffer_t * buf, tpm_size_t len, const BYTE* > bytes); > - > -#endif // _TOOLS_H_ > diff --git a/tools/vtpm_manager/util/hashtable.c > b/tools/vtpm_manager/util/hashtable.c > deleted file mode 100644 > index aff0e2b..0000000 > --- a/tools/vtpm_manager/util/hashtable.c > +++ /dev/null > @@ -1,316 +0,0 @@ > -/* > - * Copyright (c) 2005, Intel Corp > - * Copyright (c) 2002, Christopher Clark <firstname.lastname@xxxxxxxxxxxx> > - * All rights reserved. > - * > - * Redistribution and use in source and binary forms, with or without > - * modification, are permitted provided that the following conditions > - * are met: > - * > - * * Redistributions of source code must retain the above copyright > - * notice, this list of conditions and the following disclaimer. > - * > - * * Redistributions in binary form must reproduce the above copyright > - * notice, this list of conditions and the following disclaimer in the > - * documentation and/or other materials provided with the distribution. > - * > - * * Neither the name of the original author; nor the names of any > contributors > - * may be used to endorse or promote products derived from this software > - * without specific prior written permission. > - * > - * > - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR > - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT > OWNER > - * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, > - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, > - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR > - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF > - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING > - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS > - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > -*/ > - > -/* > - * There are duplicates of this code in: > - * - tools/xenstore/hashtable.c > - * - tools/blktap2/drivers/hashtable.c > - */ > - > -#include "hashtable.h" > -#include "hashtable_private.h" > -#include <stdlib.h> > -#include <stdio.h> > -#include <string.h> > -#include <math.h> > - > -/* > -Credit for primes table: Aaron Krowne > - http://br.endernet.org/~akrowne/ > - http://planetmath.org/encyclopedia/GoodHashTablePrimes.html > -*/ > -static const unsigned int primes[] = { > -53, 97, 193, 389, > -769, 1543, 3079, 6151, > -12289, 24593, 49157, 98317, > -196613, 393241, 786433, 1572869, > -3145739, 6291469, 12582917, 25165843, > -50331653, 100663319, 201326611, 402653189, > -805306457, 1610612741 > -}; > -const unsigned int prime_table_length = sizeof(primes)/sizeof(primes[0]); > -const float max_load_factor = 0.65; > - > -/*****************************************************************************/ > -struct hashtable * > -create_hashtable(unsigned int minsize, > - unsigned int (*hashf) (void*), > - int (*eqf) (void*,void*)) > -{ > - struct hashtable *h; > - unsigned int pindex, size = primes[0]; > - /* Check requested hashtable isn't too large */ > - if (minsize > (1u << 30)) return NULL; > - /* Enforce size as prime */ > - for (pindex=0; pindex < prime_table_length; pindex++) { > - if (primes[pindex] > minsize) { size = primes[pindex]; break; } > - } > - h = (struct hashtable *)malloc(sizeof(struct hashtable)); > - if (NULL == h) return NULL; /*oom*/ > - h->table = (struct entry **)malloc(sizeof(struct entry*) * size); > - if (NULL == h->table) { free(h); return NULL; } /*oom*/ > - memset(h->table, 0, size * sizeof(struct entry *)); > - h->tablelength = size; > - h->primeindex = pindex; > - h->entrycount = 0; > - h->hashfn = hashf; > - h->eqfn = eqf; > - h->loadlimit = (unsigned int) ceil(size * max_load_factor); > -#ifdef HASHTABLE_THREADED > - pthread_mutex_init(&h->mutex, NULL); > -#endif > - return h; > -} > - > -/*****************************************************************************/ > -unsigned int > -hash(struct hashtable *h, void *k) > -{ > - unsigned int i = h->hashfn(k); > - i += ~(i << 9); > - i ^= ((i >> 14) | (i << 18)); /* >>> */ > - i += (i << 4); > - i ^= ((i >> 10) | (i << 22)); /* >>> */ > - return i; > -} > - > -/*****************************************************************************/ > -static int > -hashtable_expand(struct hashtable *h) > -{ > - /* Double the size of the table to accomodate more entries */ > - struct entry **newtable; > - struct entry *e; > - struct entry **pE; > - unsigned int newsize, i, index; > - /* Check we're not hitting max capacity */ > - if (h->primeindex == (prime_table_length - 1)) return 0; > - newsize = primes[++(h->primeindex)]; > - > - newtable = (struct entry **)malloc(sizeof(struct entry*) * newsize); > - if (NULL != newtable) > - { > - memset(newtable, 0, newsize * sizeof(struct entry *)); > - /* This algorithm is not 'stable'. ie. it reverses the list > - * when it transfers entries between the tables */ > - for (i = 0; i < h->tablelength; i++) { > - while (NULL != (e = h->table[i])) { > - h->table[i] = e->next; > - index = indexFor(newsize,e->h); > - e->next = newtable[index]; > - newtable[index] = e; > - } > - } > - free(h->table); > - h->table = newtable; > - } > - /* Plan B: realloc instead */ > - else > - { > - newtable = (struct entry **) > - realloc(h->table, newsize * sizeof(struct entry *)); > - if (NULL == newtable) { (h->primeindex)--; return 0; } > - h->table = newtable; > - memset(newtable[h->tablelength], 0, newsize - h->tablelength); > - for (i = 0; i < h->tablelength; i++) { > - for (pE = &(newtable[i]), e = *pE; e != NULL; e = *pE) { > - index = indexFor(newsize,e->h); > - if (index == i) > - { > - pE = &(e->next); > - } > - else > - { > - *pE = e->next; > - e->next = newtable[index]; > - newtable[index] = e; > - } > - } > - } > - } > - h->tablelength = newsize; > - h->loadlimit = (unsigned int) ceil(newsize * max_load_factor); > - return -1; > -} > - > -/*****************************************************************************/ > -unsigned int > -hashtable_count(struct hashtable *h) > -{ > - unsigned int count; > -#ifdef HASHTABLE_THREADED > - pthread_mutex_lock(&h->mutex); > -#endif > - count = h->entrycount; > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&h->mutex); > -#endif > - return count; > -} > - > -/*****************************************************************************/ > -int > -hashtable_insert(struct hashtable *h, void *k, void *v) > -{ > - /* This method allows duplicate keys - but they shouldn't be used */ > - unsigned int index; > - struct entry *e; > -#ifdef HASHTABLE_THREADED > - pthread_mutex_lock(&h->mutex); > -#endif > - if (++(h->entrycount) > h->loadlimit) > - { > - /* Ignore the return value. If expand fails, we should > - * still try cramming just this value into the existing table > - * -- we may not have memory for a larger table, but one more > - * element may be ok. Next time we insert, we'll try expanding > again.*/ > - hashtable_expand(h); > - } > - e = (struct entry *)malloc(sizeof(struct entry)); > - if (NULL == e) { --(h->entrycount); return 0; } /*oom*/ > - e->h = hash(h,k); > - index = indexFor(h->tablelength,e->h); > - e->k = k; > - e->v = v; > - e->next = h->table[index]; > - h->table[index] = e; > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&h->mutex); > -#endif > - return -1; > -} > - > -/*****************************************************************************/ > -void * /* returns value associated with key */ > -hashtable_search(struct hashtable *h, void *k) > -{ > -#ifdef HASHTABLE_THREADED > - pthread_mutex_lock(&h->mutex); > -#endif > - struct entry *e; > - unsigned int hashvalue, index; > - hashvalue = hash(h,k); > - index = indexFor(h->tablelength,hashvalue); > - e = h->table[index]; > - while (NULL != e) > - { > - /* Check hash value to short circuit heavier comparison */ > - if ((hashvalue == e->h) && (h->eqfn(k, e->k))) { > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&h->mutex); > -#endif > - return e->v; > - } > - e = e->next; > - } > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&h->mutex); > -#endif > - return NULL; > -} > - > -/*****************************************************************************/ > -void * /* returns value associated with key */ > -hashtable_remove(struct hashtable *h, void *k) > -{ > - /* TODO: consider compacting the table when the load factor drops enough, > - * or provide a 'compact' method. */ > -#ifdef HASHTABLE_THREADED > - pthread_mutex_lock(&h->mutex); > -#endif > - struct entry *e; > - struct entry **pE; > - void *v; > - unsigned int hashvalue, index; > - > - hashvalue = hash(h,k); > - index = indexFor(h->tablelength,hash(h,k)); > - pE = &(h->table[index]); > - e = *pE; > - while (NULL != e) > - { > - /* Check hash value to short circuit heavier comparison */ > - if ((hashvalue == e->h) && (h->eqfn(k, e->k))) > - { > - *pE = e->next; > - h->entrycount--; > - v = e->v; > - freekey(e->k); > - free(e); > - return v; > - } > - pE = &(e->next); > - e = e->next; > - } > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&h->mutex); > -#endif > - return NULL; > -} > - > -/*****************************************************************************/ > -/* destroy */ > -void > -hashtable_destroy(struct hashtable *h, int free_values) > -{ > -#ifdef HASHTABLE_THREADED > - pthread_mutex_lock(&h->mutex); > -#endif > - unsigned int i; > - struct entry *e, *f; > - struct entry **table = h->table; > - if (free_values) > - { > - for (i = 0; i < h->tablelength; i++) > - { > - e = table[i]; > - while (NULL != e) > - { f = e; e = e->next; freekey(f->k); free(f->v); free(f); } > - } > - } > - else > - { > - for (i = 0; i < h->tablelength; i++) > - { > - e = table[i]; > - while (NULL != e) > - { f = e; e = e->next; freekey(f->k); free(f); } > - } > - } > - free(h->table); > -#ifdef HASHTABLE_THREADED > - pthread_mutex_destroy(&h->mutex); > -#endif > - free(h); > -} > diff --git a/tools/vtpm_manager/util/hashtable.h > b/tools/vtpm_manager/util/hashtable.h > deleted file mode 100644 > index dedc60a..0000000 > --- a/tools/vtpm_manager/util/hashtable.h > +++ /dev/null > @@ -1,204 +0,0 @@ > -/* > - * Copyright (c) 2005, Intel Corp > - * Copyright (c) 2002, Christopher Clark <firstname.lastname@xxxxxxxxxxxx> > - * All rights reserved. > - * > - * Redistribution and use in source and binary forms, with or without > - * modification, are permitted provided that the following conditions > - * are met: > - * > - * * Redistributions of source code must retain the above copyright > - * notice, this list of conditions and the following disclaimer. > - * > - * * Redistributions in binary form must reproduce the above copyright > - * notice, this list of conditions and the following disclaimer in the > - * documentation and/or other materials provided with the distribution. > - * > - * * Neither the name of the original author; nor the names of any > contributors > - * may be used to endorse or promote products derived from this software > - * without specific prior written permission. > - * > - * > - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR > - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT > OWNER > - * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, > - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, > - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR > - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF > - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING > - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS > - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > -*/ > - > -/* > - * There are duplicates of this code in: > - * - tools/xenstore/hashtable.h > - * - tools/blktap2/drivers/hashtable.h > - */ > - > -#ifndef __HASHTABLE_CWC22_H__ > -#define __HASHTABLE_CWC22_H__ > - > -struct hashtable; > - > -/* Example of use: > - * > - * struct hashtable *h; > - * struct some_key *k; > - * struct some_value *v; > - * > - * static unsigned int hash_from_key_fn( void *k ); > - * static int keys_equal_fn ( void *key1, void *key2 ); > - * > - * h = create_hashtable(16, hash_from_key_fn, keys_equal_fn); > - * k = (struct some_key *) malloc(sizeof(struct some_key)); > - * v = (struct some_value *) malloc(sizeof(struct some_value)); > - * > - * (initialise k and v to suitable values) > - * > - * if (! hashtable_insert(h,k,v) ) > - * { exit(-1); } > - * > - * if (NULL == (found = hashtable_search(h,k) )) > - * { printf("not found!"); } > - * > - * if (NULL == (found = hashtable_remove(h,k) )) > - * { printf("Not found\n"); } > - * > - */ > - > -/* Macros may be used to define type-safe(r) hashtable access functions, with > - * methods specialized to take known key and value types as parameters. > - * > - * Example: > - * > - * Insert this at the start of your file: > - * > - * DEFINE_HASHTABLE_INSERT(insert_some, struct some_key, struct some_value); > - * DEFINE_HASHTABLE_SEARCH(search_some, struct some_key, struct some_value); > - * DEFINE_HASHTABLE_REMOVE(remove_some, struct some_key, struct some_value); > - * > - * This defines the functions 'insert_some', 'search_some' and 'remove_some'. > - * These operate just like hashtable_insert etc., with the same parameters, > - * but their function signatures have 'struct some_key *' rather than > - * 'void *', and hence can generate compile time errors if your program is > - * supplying incorrect data as a key (and similarly for value). > - * > - * Note that the hash and key equality functions passed to create_hashtable > - * still take 'void *' parameters instead of 'some key *'. This shouldn't be > - * a difficult issue as they're only defined and passed once, and the other > - * functions will ensure that only valid keys are supplied to them. > - * > - * The cost for this checking is increased code size and runtime overhead > - * - if performance is important, it may be worth switching back to the > - * unsafe methods once your program has been debugged with the safe methods. > - * This just requires switching to some simple alternative defines - eg: > - * #define insert_some hashtable_insert > - * > - */ > - > -/***************************************************************************** > - * create_hashtable > - > - * @name create_hashtable > - * @param minsize minimum initial size of hashtable > - * @param hashfunction function for hashing keys > - * @param key_eq_fn function for determining key equality > - * @return newly created hashtable or NULL on failure > - */ > - > -struct hashtable * > -create_hashtable(unsigned int minsize, > - unsigned int (*hashfunction) (void*), > - int (*key_eq_fn) (void*,void*)); > - > -/***************************************************************************** > - * hashtable_insert > - > - * @name hashtable_insert > - * @param h the hashtable to insert into > - * @param k the key - hashtable claims ownership and will free on removal > - * @param v the value - does not claim ownership > - * @return non-zero for successful insertion > - * > - * This function will cause the table to expand if the insertion would take > - * the ratio of entries to table size over the maximum load factor. > - * > - * This function does not check for repeated insertions with a duplicate key. > - * The value returned when using a duplicate key is undefined -- when > - * the hashtable changes size, the order of retrieval of duplicate key > - * entries is reversed. > - * If in doubt, remove before insert. > - */ > - > -int > -hashtable_insert(struct hashtable *h, void *k, void *v); > - > -#define DEFINE_HASHTABLE_INSERT(fnname, keytype, valuetype) \ > -int fnname (struct hashtable *h, keytype *k, valuetype *v) \ > -{ \ > - return hashtable_insert(h,k,v); \ > -} > - > -/***************************************************************************** > - * hashtable_search > - > - * @name hashtable_search > - * @param h the hashtable to search > - * @param k the key to search for - does not claim ownership > - * @return the value associated with the key, or NULL if none found > - */ > - > -void * > -hashtable_search(struct hashtable *h, void *k); > - > -#define DEFINE_HASHTABLE_SEARCH(fnname, keytype, valuetype) \ > -valuetype * fnname (struct hashtable *h, keytype *k) \ > -{ \ > - return (valuetype *) (hashtable_search(h,k)); \ > -} > - > -/***************************************************************************** > - * hashtable_remove > - > - * @name hashtable_remove > - * @param h the hashtable to remove the item from > - * @param k the key to search for - does not claim ownership > - * @return the value associated with the key, or NULL if none found > - */ > - > -void * /* returns value */ > -hashtable_remove(struct hashtable *h, void *k); > - > -#define DEFINE_HASHTABLE_REMOVE(fnname, keytype, valuetype) \ > -valuetype * fnname (struct hashtable *h, keytype *k) \ > -{ \ > - return (valuetype *) (hashtable_remove(h,k)); \ > -} > - > - > -/***************************************************************************** > - * hashtable_count > - > - * @name hashtable_count > - * @param h the hashtable > - * @return the number of items stored in the hashtable > - */ > -unsigned int > -hashtable_count(struct hashtable *h); > - > - > -/***************************************************************************** > - * hashtable_destroy > - > - * @name hashtable_destroy > - * @param h the hashtable > - * @param free_values whether to call 'free' on the remaining > values > - */ > - > -void > -hashtable_destroy(struct hashtable *h, int free_values); > - > -#endif /* __HASHTABLE_CWC22_H__ */ > diff --git a/tools/vtpm_manager/util/hashtable_itr.c > b/tools/vtpm_manager/util/hashtable_itr.c > deleted file mode 100644 > index dcf42c8..0000000 > --- a/tools/vtpm_manager/util/hashtable_itr.c > +++ /dev/null > @@ -1,236 +0,0 @@ > -/* > - * Copyright (c) 2005, Intel Corp > - * Copyright (c) 2002, Christopher Clark <firstname.lastname@xxxxxxxxxxxx> > - * All rights reserved. > - * > - * Redistribution and use in source and binary forms, with or without > - * modification, are permitted provided that the following conditions > - * are met: > - * > - * * Redistributions of source code must retain the above copyright > - * notice, this list of conditions and the following disclaimer. > - * > - * * Redistributions in binary form must reproduce the above copyright > - * notice, this list of conditions and the following disclaimer in the > - * documentation and/or other materials provided with the distribution. > - * > - * * Neither the name of the original author; nor the names of any > contributors > - * may be used to endorse or promote products derived from this software > - * without specific prior written permission. > - * > - * > - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR > - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT > OWNER > - * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, > - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, > - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR > - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF > - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING > - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS > - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > -*/ > - > -/* > - * There are duplicates of this code in: > - * - tools/blktap2/drivers/hashtable_itr.c > - */ > - > -#include "hashtable.h" > -#include "hashtable_private.h" > -#include "hashtable_itr.h" > -#include <stdlib.h> /* defines NULL */ > - > -/*****************************************************************************/ > -/* hashtable_iterator - iterator constructor */ > - > -struct hashtable_itr * > -hashtable_iterator(struct hashtable *h) > -{ > - unsigned int i, tablelength; > - struct hashtable_itr *itr = (struct hashtable_itr *) > - malloc(sizeof(struct hashtable_itr)); > - if (NULL == itr) return NULL; > -#ifdef HASHTABLE_THREADED > - pthread_mutex_lock(&h->mutex); > -#endif > - itr->h = h; > - itr->e = NULL; > - itr->parent = NULL; > - tablelength = h->tablelength; > - itr->index = tablelength; > - if (0 == h->entrycount) { > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&h->mutex); > -#endif > - return itr; > - } > - > - for (i = 0; i < tablelength; i++) > - { > - if (NULL != h->table[i]) > - { > - itr->e = h->table[i]; > - itr->index = i; > - break; > - } > - } > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&h->mutex); > -#endif > - return itr; > -} > - > -/*****************************************************************************/ > -/* key - return the key of the (key,value) pair at the current position > */ > -/* value - return the value of the (key,value) pair at the current > position */ > - > -void * > -hashtable_iterator_key(struct hashtable_itr *i) > -{ return i->e->k; } > - > -void * > -hashtable_iterator_value(struct hashtable_itr *i) > -{ return i->e->v; } > - > -/*****************************************************************************/ > -/* advance - advance the iterator to the next element > - * returns zero if advanced to end of table */ > - > -int > -hashtable_iterator_advance(struct hashtable_itr *itr) > -{ > -#ifdef HASHTABLE_THREADED > - pthread_mutex_lock(&itr->h->mutex); > -#endif > - unsigned int j,tablelength; > - struct entry **table; > - struct entry *next; > - int ret; > - if (NULL == itr->e) { /* stupidity check */ > - ret = 0; > - goto egress; > - } > - > - next = itr->e->next; > - if (NULL != next) > - { > - itr->parent = itr->e; > - itr->e = next; > - ret = -1; > - goto egress; > - } > - > - tablelength = itr->h->tablelength; > - itr->parent = NULL; > - if (tablelength <= (j = ++(itr->index))) > - { > - itr->e = NULL; > - ret = 0; > - goto egress; > - } > - table = itr->h->table; > - while (NULL == (next = table[j])) > - { > - if (++j >= tablelength) > - { > - itr->index = tablelength; > - itr->e = NULL; > - ret = 0; > - goto egress; > - } > - } > - itr->index = j; > - itr->e = next; > - ret = -1; > - > - egress: > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&itr->h->mutex); > -#endif > - return ret; > -} > - > -/*****************************************************************************/ > -/* remove - remove the entry at the current iterator position > - * and advance the iterator, if there is a successive > - * element. > - * If you want the value, read it before you remove: > - * beware memory leaks if you don't. > - * Returns zero if end of iteration. */ > - > -int > -hashtable_iterator_remove(struct hashtable_itr *itr) > -{ > -#ifdef HASHTABLE_THREADED > - pthread_mutex_lock(&itr->h->mutex); > -#endif > - struct entry *remember_e, *remember_parent; > - int ret; > - > - /* Do the removal */ > - if (NULL == (itr->parent)) > - { > - /* element is head of a chain */ > - itr->h->table[itr->index] = itr->e->next; > - } else { > - /* element is mid-chain */ > - itr->parent->next = itr->e->next; > - } > - /* itr->e is now outside the hashtable */ > - remember_e = itr->e; > - itr->h->entrycount--; > - freekey(remember_e->k); > - > - /* Advance the iterator, correcting the parent */ > - remember_parent = itr->parent; > - ret = hashtable_iterator_advance(itr); > - if (itr->parent == remember_e) { itr->parent = remember_parent; } > - free(remember_e); > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&itr->h->mutex); > -#endif > - return ret; > -} > - > -/*****************************************************************************/ > -int /* returns zero if not found */ > -hashtable_iterator_search(struct hashtable_itr *itr, > - struct hashtable *h, void *k) > -{ > -#ifdef HASHTABLE_THREADED > - pthread_mutex_lock(&h->mutex); > -#endif > - struct entry *e, *parent; > - unsigned int hashvalue, index; > - int ret; > - > - hashvalue = hash(h,k); > - index = indexFor(h->tablelength,hashvalue); > - > - e = h->table[index]; > - parent = NULL; > - while (NULL != e) > - { > - /* Check hash value to short circuit heavier comparison */ > - if ((hashvalue == e->h) && (h->eqfn(k, e->k))) > - { > - itr->index = index; > - itr->e = e; > - itr->parent = parent; > - itr->h = h; > - ret= -1; > - goto egress; > - } > - parent = e; > - e = e->next; > - } > - ret = 0; > - > -egress: > -#ifdef HASHTABLE_THREADED > - pthread_mutex_unlock(&h->mutex); > -#endif > - return ret; > -} > diff --git a/tools/vtpm_manager/util/hashtable_itr.h > b/tools/vtpm_manager/util/hashtable_itr.h > deleted file mode 100644 > index 35654e0..0000000 > --- a/tools/vtpm_manager/util/hashtable_itr.h > +++ /dev/null > @@ -1,109 +0,0 @@ > -/* > - * Copyright (c) 2005, Intel Corp > - * Copyright (c) 2002, Christopher Clark <firstname.lastname@xxxxxxxxxxxx> > - * All rights reserved. > - * > - * Redistribution and use in source and binary forms, with or without > - * modification, are permitted provided that the following conditions > - * are met: > - * > - * * Redistributions of source code must retain the above copyright > - * notice, this list of conditions and the following disclaimer. > - * > - * * Redistributions in binary form must reproduce the above copyright > - * notice, this list of conditions and the following disclaimer in the > - * documentation and/or other materials provided with the distribution. > - * > - * * Neither the name of the original author; nor the names of any > contributors > - * may be used to endorse or promote products derived from this software > - * without specific prior written permission. > - * > - * > - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR > - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT > OWNER > - * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, > - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, > - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR > - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF > - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING > - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS > - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > -*/ > - > -/* > - * There are duplicates of this code in: > - * - tools/blktap2/drivers/hashtable_itr.h > - */ > - > - > -#ifndef __HASHTABLE_ITR_CWC22__ > -#define __HASHTABLE_ITR_CWC22__ > -#include "hashtable.h" > -#include "hashtable_private.h" /* needed to enable inlining */ > - > -/*****************************************************************************/ > -/* This struct is only concrete here to allow the inlining of two of the > - * accessor functions. */ > -struct hashtable_itr > -{ > - struct hashtable *h; > - struct entry *e; > - struct entry *parent; > - unsigned int index; > -}; > - > - > -/*****************************************************************************/ > -/* hashtable_iterator > - */ > - > -struct hashtable_itr * > -hashtable_iterator(struct hashtable *h); > - > -/*****************************************************************************/ > -/* hashtable_iterator_key > - * - return the value of the (key,value) pair at the current position */ > - > -void *hashtable_iterator_key(struct hashtable_itr *i); > - > -/*****************************************************************************/ > -/* value - return the value of the (key,value) pair at the current position > */ > - > -void *hashtable_iterator_value(struct hashtable_itr *i); > - > -/*****************************************************************************/ > -/* advance - advance the iterator to the next element > - * returns zero if advanced to end of table */ > - > -int > -hashtable_iterator_advance(struct hashtable_itr *itr); > - > -/*****************************************************************************/ > -/* remove - remove current element and advance the iterator to the next > element > - * NB: if you need the value to free it, read it before > - * removing. ie: beware memory leaks! > - * returns zero if advanced to end of table */ > - > -int > -hashtable_iterator_remove(struct hashtable_itr *itr); > - > -/*****************************************************************************/ > -/* search - overwrite the supplied iterator, to point to the entry > - * matching the supplied key. > - h points to the hashtable to be searched. > - * returns zero if not found. */ > -int > -hashtable_iterator_search(struct hashtable_itr *itr, > - struct hashtable *h, void *k); > - > -#define DEFINE_HASHTABLE_ITERATOR_SEARCH(fnname, keytype) \ > -int fnname (struct hashtable_itr *i, struct hashtable *h, keytype *k) \ > -{ \ > - return (hashtable_iterator_search(i,h,k)); \ > -} > - > - > - > -#endif /* __HASHTABLE_ITR_CWC22__*/ > diff --git a/tools/vtpm_manager/util/hashtable_private.h > b/tools/vtpm_manager/util/hashtable_private.h > deleted file mode 100644 > index d87a7f9..0000000 > --- a/tools/vtpm_manager/util/hashtable_private.h > +++ /dev/null > @@ -1,96 +0,0 @@ > -/* > - * Copyright (c) 2005, Intel Corp > - * Copyright (c) 2002, Christopher Clark <firstname.lastname@xxxxxxxxxxxx> > - * All rights reserved. > - * > - * Redistribution and use in source and binary forms, with or without > - * modification, are permitted provided that the following conditions > - * are met: > - * > - * * Redistributions of source code must retain the above copyright > - * notice, this list of conditions and the following disclaimer. > - * > - * * Redistributions in binary form must reproduce the above copyright > - * notice, this list of conditions and the following disclaimer in the > - * documentation and/or other materials provided with the distribution. > - * > - * * Neither the name of the original author; nor the names of any > contributors > - * may be used to endorse or promote products derived from this software > - * without specific prior written permission. > - * > - * > - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR > - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT > OWNER > - * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, > - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, > - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR > - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF > - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING > - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS > - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > -*/ > - > -/* > - * There are duplicates of this code in: > - * - tools/xenstore/hashtable_private.h > - * - tools/blktap2/drivers/hashtable_private.h > - */ > - > -#ifndef __HASHTABLE_PRIVATE_CWC22_H__ > -#define __HASHTABLE_PRIVATE_CWC22_H__ > - > -#include "hashtable.h" > -#ifdef HASHTABLE_THREADED > -#include <pthread.h> > -#endif > - > -/*****************************************************************************/ > -struct entry > -{ > - void *k, *v; > - unsigned int h; > - struct entry *next; > -}; > - > -struct hashtable { > - unsigned int tablelength; > - struct entry **table; > - unsigned int entrycount; > - unsigned int loadlimit; > - unsigned int primeindex; > - unsigned int (*hashfn) (void *k); > - int (*eqfn) (void *k1, void *k2); > -#ifdef HASHTABLE_THREADED > - pthread_mutex_t mutex; > -#endif > -}; > - > -/*****************************************************************************/ > -unsigned int > -hash(struct hashtable *h, void *k); > - > -/*****************************************************************************/ > -/* indexFor */ > -static inline unsigned int > -indexFor(unsigned int tablelength, unsigned int hashvalue) { > - return (hashvalue % tablelength); > -}; > - > -/* Only works if tablelength == 2^N */ > -/*static inline unsigned int > -indexFor(unsigned int tablelength, unsigned int hashvalue) > -{ > - return (hashvalue & (tablelength - 1u)); > -} > -*/ > - > -/*****************************************************************************/ > -#define freekey(X) free(X) > -/*define freekey(X) ; */ > - > - > -/*****************************************************************************/ > - > -#endif /* __HASHTABLE_PRIVATE_CWC22_H__*/ > diff --git a/tools/vtpm_manager/util/log.c b/tools/vtpm_manager/util/log.c > deleted file mode 100644 > index 75fe91a..0000000 > --- a/tools/vtpm_manager/util/log.c > +++ /dev/null > @@ -1,142 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > - > -#include <stdlib.h> > -#include <string.h> > -#include <stdio.h> > - > -#include "buffer.h" > -#include "tcg.h" > - > -// Helper code for the consts, eg. to produce messages for error codes. > - > -typedef struct error_code_entry_t { > - TPM_RESULT code; > - char * code_name; > - char * msg; > -} error_code_entry_t; > - > -static const error_code_entry_t error_msgs [] = { > - { TPM_SUCCESS, "TPM_SUCCESS", "Successful completion of the operation" }, > - { TPM_AUTHFAIL, "TPM_AUTHFAIL", "Authentication failed" }, > - { TPM_BADINDEX, "TPM_BADINDEX", "The index to a PCR, DIR or other register > is incorrect" }, > - { TPM_BAD_PARAMETER, "TPM_BAD_PARAMETER", "One or more parameter is bad" }, > - { TPM_AUDITFAILURE, "TPM_AUDITFAILURE", "An operation completed > successfully but the auditing of that operation failed." }, > - { TPM_CLEAR_DISABLED, "TPM_CLEAR_DISABLED", "The clear disable flag is set > and all clear operations now require physical access" }, > - { TPM_DEACTIVATED, "TPM_DEACTIVATED", "The TPM is deactivated" }, > - { TPM_DISABLED, "TPM_DISABLED", "The TPM is disabled" }, > - { TPM_DISABLED_CMD, "TPM_DISABLED_CMD", "The target command has been > disabled" }, > - { TPM_FAIL, "TPM_FAIL", "The operation failed" }, > - { TPM_BAD_ORDINAL, "TPM_BAD_ORDINAL", "The ordinal was unknown or > inconsistent" }, > - { TPM_INSTALL_DISABLED, "TPM_INSTALL_DISABLED", "The ability to install an > owner is disabled" }, > - { TPM_INVALID_KEYHANDLE, "TPM_INVALID_KEYHANDLE", "The key handle > presented was invalid" }, > - { TPM_KEYNOTFOUND, "TPM_KEYNOTFOUND", "The target key was not found" }, > - { TPM_INAPPROPRIATE_ENC, "TPM_INAPPROPRIATE_ENC", "Unacceptable encryption > scheme" }, > - { TPM_MIGRATEFAIL, "TPM_MIGRATEFAIL", "Migration authorization failed" }, > - { TPM_INVALID_PCR_INFO, "TPM_INVALID_PCR_INFO", "PCR information could not > be interpreted" }, > - { TPM_NOSPACE, "TPM_NOSPACE", "No room to load key." }, > - { TPM_NOSRK, "TPM_NOSRK", "There is no SRK set" }, > - { TPM_NOTSEALED_BLOB, "TPM_NOTSEALED_BLOB", "An encrypted blob is invalid > or was not created by this TPM" }, > - { TPM_OWNER_SET, "TPM_OWNER_SET", "There is already an Owner" }, > - { TPM_RESOURCES, "TPM_RESOURCES", "The TPM has insufficient internal > resources to perform the requested action." }, > - { TPM_SHORTRANDOM, "TPM_SHORTRANDOM", "A random string was too short" }, > - { TPM_SIZE, "TPM_SIZE", "The TPM does not have the space to perform the > operation." }, > - { TPM_WRONGPCRVAL, "TPM_WRONGPCRVAL", "The named PCR value does not match > the current PCR value." }, > - { TPM_BAD_PARAM_SIZE, "TPM_BAD_PARAM_SIZE", "The paramSize argument to the > command has the incorrect value" }, > - { TPM_SHA_THREAD, "TPM_SHA_THREAD", "There is no existing SHA-1 thread." }, > - { TPM_SHA_ERROR, "TPM_SHA_ERROR", "The calculation is unable to proceed > because the existing SHA-1 thread has already encountered an error." }, > - { TPM_FAILEDSELFTEST, "TPM_FAILEDSELFTEST", "Self-test has failed and the > TPM has shutdown." }, > - { TPM_AUTH2FAIL, "TPM_AUTH2FAIL", "The authorization for the second key in > a 2 key function failed authorization" }, > - { TPM_BADTAG, "TPM_BADTAG", "The tag value sent to for a command is > invalid" }, > - { TPM_IOERROR, "TPM_IOERROR", "An IO error occurred transmitting > information to the TPM" }, > - { TPM_ENCRYPT_ERROR, "TPM_ENCRYPT_ERROR", "The encryption process had a > problem." }, > - { TPM_DECRYPT_ERROR, "TPM_DECRYPT_ERROR", "The decryption process did not > complete." }, > - { TPM_INVALID_AUTHHANDLE, "TPM_INVALID_AUTHHANDLE", "An invalid handle was > used." }, > - { TPM_NO_ENDORSEMENT, "TPM_NO_ENDORSEMENT", "The TPM does not a EK > installed" }, > - { TPM_INVALID_KEYUSAGE, "TPM_INVALID_KEYUSAGE", "The usage of a key is not > allowed" }, > - { TPM_WRONG_ENTITYTYPE, "TPM_WRONG_ENTITYTYPE", "The submitted entity type > is not allowed" }, > - { TPM_INVALID_POSTINIT, "TPM_INVALID_POSTINIT", "The command was received > in the wrong sequence relative to TPM_Init and a subsequent TPM_Startup" }, > - { TPM_INAPPROPRIATE_SIG, "TPM_INAPPROPRIATE_SIG", "Signed data cannot > include additional DER information" }, > - { TPM_BAD_KEY_PROPERTY, "TPM_BAD_KEY_PROPERTY", "The key properties in > TPM_KEY_PARMs are not supported by this TPM" }, > - > - { TPM_BAD_MIGRATION, "TPM_BAD_MIGRATION", "The migration properties of > this key are incorrect." }, > - { TPM_BAD_SCHEME, "TPM_BAD_SCHEME", "The signature or encryption scheme > for this key is incorrect or not permitted in this situation." }, > - { TPM_BAD_DATASIZE, "TPM_BAD_DATASIZE", "The size of the data (or blob) > parameter is bad or inconsistent with the referenced key" }, > - { TPM_BAD_MODE, "TPM_BAD_MODE", "A mode parameter is bad, such as capArea > or subCapArea for TPM_GetCapability, phsicalPresence parameter for > TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob." }, > - { TPM_BAD_PRESENCE, "TPM_BAD_PRESENCE", "Either the physicalPresence or > physicalPresenceLock bits have the wrong value" }, > - { TPM_BAD_VERSION, "TPM_BAD_VERSION", "The TPM cannot perform this version > of the capability" }, > - { TPM_NO_WRAP_TRANSPORT, "TPM_NO_WRAP_TRANSPORT", "The TPM does not allow > for wrapped transport sessions" }, > - { TPM_AUDITFAIL_UNSUCCESSFUL, "TPM_AUDITFAIL_UNSUCCESSFUL", "TPM audit > construction failed and the underlying command was returning a failure code > also" }, > - { TPM_AUDITFAIL_SUCCESSFUL, "TPM_AUDITFAIL_SUCCESSFUL", "TPM audit > construction failed and the underlying command was returning success" }, > - { TPM_NOTRESETABLE, "TPM_NOTRESETABLE", "Attempt to reset a PCR register > that does not have the resettable attribute" }, > - { TPM_NOTLOCAL, "TPM_NOTLOCAL", "Attempt to reset a PCR register that > requires locality and locality modifier not part of command transport" }, > - { TPM_BAD_TYPE, "TPM_BAD_TYPE", "Make identity blob not properly typed" }, > - { TPM_INVALID_RESOURCE, "TPM_INVALID_RESOURCE", "When saving context > identified resource type does not match actual resource" }, > - { TPM_NOTFIPS, "TPM_NOTFIPS", "The TPM is attempting to execute a command > only available when in FIPS mode" }, > - { TPM_INVALID_FAMILY, "TPM_INVALID_FAMILY", "The command is attempting to > use an invalid family ID" }, > - { TPM_NO_NV_PERMISSION, "TPM_NO_NV_PERMISSION", "The permission to > manipulate the NV storage is not available" }, > - { TPM_REQUIRES_SIGN, "TPM_REQUIRES_SIGN", "The operation requires a signed > command" }, > - { TPM_KEY_NOTSUPPORTED, "TPM_KEY_NOTSUPPORTED", "Wrong operation to load > an NV key" }, > - { TPM_AUTH_CONFLICT, "TPM_AUTH_CONFLICT", "NV_LoadKey blob requires both > owner and blob authorization" }, > - { TPM_AREA_LOCKED, "TPM_AREA_LOCKED", "The NV area is locked and not > writtable" }, > - { TPM_BAD_LOCALITY, "TPM_BAD_LOCALITY", "The locality is incorrect for the > attempted operation" }, > - { TPM_READ_ONLY, "TPM_READ_ONLY", "The NV area is read only and can't be > written to" }, > - { TPM_PER_NOWRITE, "TPM_PER_NOWRITE", "There is no protection on the write > to the NV area" }, > - { TPM_FAMILYCOUNT, "TPM_FAMILYCOUNT", "The family count value does not > match" }, > - { TPM_WRITE_LOCKED, "TPM_WRITE_LOCKED", "The NV area has already been > written to" }, > - { TPM_BAD_ATTRIBUTES, "TPM_BAD_ATTRIBUTES", "The NV area attributes > conflict" }, > - { TPM_INVALID_STRUCTURE, "TPM_INVALID_STRUCTURE", "The structure tag and > version are invalid or inconsistent" }, > - { TPM_KEY_OWNER_CONTROL, "TPM_KEY_OWNER_CONTROL", "The key is under > control of the TPM Owner and can only be evicted by the TPM Owner." }, > - { TPM_BAD_COUNTER, "TPM_BAD_COUNTER", "The counter handle is incorrect" }, > - { TPM_NOT_FULLWRITE, "TPM_NOT_FULLWRITE", "The write is not a complete > write of the area" }, > - { TPM_CONTEXT_GAP, "TPM_CONTEXT_GAP", "The gap between saved context > counts is too large" }, > - { TPM_MAXNVWRITES, "TPM_MAXNVWRITES", "The maximum number of NV writes > without an owner has been exceeded" }, > - { TPM_NOOPERATOR, "TPM_NOOPERATOR", "No operator authorization value is > set" }, > - { TPM_RESOURCEMISSING, "TPM_RESOURCEMISSING", "The resource pointed to by > context is not loaded" }, > - { TPM_DELEGATE_LOCK, "TPM_DELEGATE_LOCK", "The delegate administration is > locked" }, > - { TPM_DELEGATE_FAMILY, "TPM_DELEGATE_FAMILY", "Attempt to manage a family > other then the delegated family" }, > - { TPM_DELEGATE_ADMIN, "TPM_DELEGATE_ADMIN", "Delegation table management > not enabled" }, > - { TPM_TRANSPORT_EXCLUSIVE, "TPM_TRANSPORT_EXCLUSIVE", "There was a command > executed outside of an exclusive transport session" }, > -}; > - > - > -// helper function for the error codes: > -const char* tpm_get_error_name (TPM_RESULT code) { > - // just do a linear scan for now > - unsigned i; > - for (i = 0; i < sizeof(error_msgs)/sizeof(error_msgs[0]); i++) > - if (code == error_msgs[i].code) > - return error_msgs[i].code_name; > - > - return("Unknown Error Code"); > -} > diff --git a/tools/vtpm_manager/util/log.h b/tools/vtpm_manager/util/log.h > deleted file mode 100644 > index 1f15f5b..0000000 > --- a/tools/vtpm_manager/util/log.h > +++ /dev/null > @@ -1,94 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > - > -#ifndef __VTPM_LOG_H__ > -#define __VTPM_LOG_H__ > - > -#include <stdint.h> // for uint32_t > -#include <stddef.h> // for pointer NULL > - > -// =========================== LOGGING ============================== > - > -// the logging module numbers > -#define VTPM_LOG_CRYPTO 1 > -#define VTPM_LOG_BSG 2 > -#define VTPM_LOG_TXDATA 3 > -#define VTPM_LOG_TCS 4 > -#define VTPM_LOG_TCS_DEEP 5 > -#define VTPM_LOG_VTSP 6 > -#define VTPM_LOG_VTPM 7 > -#define VTPM_LOG_VTPM_DEEP 8 > -#define VTPM_LOG_VTSP_DEEP 9 > - > -static char *module_names[] = { "", > - "CRYPTO", > - "BSG", > - "TXDATA", > - "TCS", > - "TCS", > - "VTSP", > - "VTPM", > - "VTPM", > - "VTSP" > - }; > - > -// Default to standard logging > -#ifndef LOGGING_MODULES > -#define LOGGING_MODULES (BITMASK(VTPM_LOG_VTPM)) > -#endif > - > -// bit-access macros > -#define BITMASK(idx) ( 1U << (idx) ) > -#define GETBIT(num,idx) ( ((num) & BITMASK(idx)) >> idx ) > -#define SETBIT(num,idx) (num) |= BITMASK(idx) > -#define CLEARBIT(num,idx) (num) &= ( ~ BITMASK(idx) ) > - > -#define vtpmloginfo(module, fmt, args...) \ > - if (GETBIT (LOGGING_MODULES, module) == 1) { \ > - fprintf (stdout, "INFO[%s]: " fmt, module_names[module], ##args); \ > - } > - > -#define vtpmloginfomore(module, fmt, args...) \ > - if (GETBIT (LOGGING_MODULES, module) == 1) { \ > - fprintf (stdout, fmt,##args); \ > - } > - > -#define vtpmlogerror(module, fmt, args...) \ > - fprintf (stderr, "ERROR[%s]: " fmt, module_names[module], ##args); > - > -//typedef UINT32 tpm_size_t; > - > -// helper function for the error codes: > -const char* tpm_get_error_name (TPM_RESULT code); > - > -#endif // _VTPM_LOG_H_ > diff --git a/tools/vtpm_manager/util/tcg.h b/tools/vtpm_manager/util/tcg.h > deleted file mode 100644 > index 5c42913..0000000 > --- a/tools/vtpm_manager/util/tcg.h > +++ /dev/null > @@ -1,503 +0,0 @@ > -// =================================================================== > -// > -// Copyright (c) 2005, Intel Corp. > -// All rights reserved. > -// > -// Redistribution and use in source and binary forms, with or without > -// modification, are permitted provided that the following conditions > -// are met: > -// > -// * Redistributions of source code must retain the above copyright > -// notice, this list of conditions and the following disclaimer. > -// * Redistributions in binary form must reproduce the above > -// copyright notice, this list of conditions and the following > -// disclaimer in the documentation and/or other materials provided > -// with the distribution. > -// * Neither the name of Intel Corporation nor the names of its > -// contributors may be used to endorse or promote products derived > -// from this software without specific prior written permission. > -// > -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > -// OF THE POSSIBILITY OF SUCH DAMAGE. > -// =================================================================== > -// > -// tcg.h > -// > -// This file contains all the structure and type definitions > -// > -// ================================================================== > - > -#ifndef __TCG_H__ > -#define __TCG_H__ > - > -// This pragma is used to disallow structure padding > -#pragma pack(push, 1) > - > -// *************************** TYPEDEFS ********************************* > -typedef unsigned char BYTE; > -typedef unsigned char BOOL; > -typedef unsigned short UINT16; > -typedef unsigned int UINT32; > -typedef unsigned long long UINT64; > - > -typedef UINT32 TPM_RESULT; > -typedef UINT32 TPM_PCRINDEX; > -typedef UINT32 TPM_DIRINDEX; > -typedef UINT32 TPM_HANDLE; > -typedef TPM_HANDLE TPM_AUTHHANDLE; > -typedef TPM_HANDLE TCPA_HASHHANDLE; > -typedef TPM_HANDLE TCPA_HMACHANDLE; > -typedef TPM_HANDLE TCPA_ENCHANDLE; > -typedef TPM_HANDLE TPM_KEY_HANDLE; > -typedef TPM_HANDLE TCPA_ENTITYHANDLE; > -typedef UINT32 TPM_RESOURCE_TYPE; > -typedef UINT32 TPM_COMMAND_CODE; > -typedef UINT16 TPM_PROTOCOL_ID; > -typedef BYTE TPM_AUTH_DATA_USAGE; > -typedef UINT16 TPM_ENTITY_TYPE; > -typedef UINT32 TPM_ALGORITHM_ID; > -typedef UINT16 TPM_KEY_USAGE; > -typedef UINT16 TPM_STARTUP_TYPE; > -typedef UINT32 TPM_CAPABILITY_AREA; > -typedef UINT16 TPM_ENC_SCHEME; > -typedef UINT16 TPM_SIG_SCHEME; > -typedef UINT16 TPM_MIGRATE_SCHEME; > -typedef UINT16 TPM_PHYSICAL_PRESENCE; > -typedef UINT32 TPM_KEY_FLAGS; > - > -#define TPM_DIGEST_SIZE 20 // Don't change this > -typedef BYTE TPM_AUTHDATA[TPM_DIGEST_SIZE]; > -typedef TPM_AUTHDATA TPM_SECRET; > -typedef TPM_AUTHDATA TPM_ENCAUTH; > -typedef BYTE TPM_PAYLOAD_TYPE; > -typedef UINT16 TPM_TAG; > - > -// Data Types of the TCS > -typedef UINT32 TCS_AUTHHANDLE; // Handle addressing a authorization session > -typedef UINT32 TCS_CONTEXT_HANDLE; // Basic context handle > -typedef UINT32 TCS_KEY_HANDLE; // Basic key handle > - > -// ************************* STRUCTURES ********************************** > - > -typedef struct TPM_VERSION { > - BYTE major; > - BYTE minor; > - BYTE revMajor; > - BYTE revMinor; > -} TPM_VERSION; > - > -static const TPM_VERSION TPM_STRUCT_VER_1_1 = { 1,1,0,0 }; > - > -typedef struct TPM_DIGEST { > - BYTE digest[TPM_DIGEST_SIZE]; > -} TPM_DIGEST; > - > -typedef TPM_DIGEST TPM_PCRVALUE; > -typedef TPM_DIGEST TPM_COMPOSITE_HASH; > -typedef TPM_DIGEST TPM_DIRVALUE; > -typedef TPM_DIGEST TPM_HMAC; > -typedef TPM_DIGEST TPM_CHOSENID_HASH; > - > -typedef struct TPM_NONCE { > - BYTE nonce[TPM_DIGEST_SIZE]; > -} TPM_NONCE; > - > -typedef struct TPM_KEY_PARMS { > - TPM_ALGORITHM_ID algorithmID; > - TPM_ENC_SCHEME encScheme; > - TPM_SIG_SCHEME sigScheme; > - UINT32 parmSize; > - BYTE* parms; > -} TPM_KEY_PARMS; > - > -typedef struct TPM_RSA_KEY_PARMS { > - UINT32 keyLength; > - UINT32 numPrimes; > - UINT32 exponentSize; > - BYTE* exponent; > -} TPM_RSA_KEY_PARMS; > - > -typedef struct TPM_STORE_PUBKEY { > - UINT32 keyLength; > - BYTE* key; > -} TPM_STORE_PUBKEY; > - > -typedef struct TPM_PUBKEY { > - TPM_KEY_PARMS algorithmParms; > - TPM_STORE_PUBKEY pubKey; > -} TPM_PUBKEY; > - > -typedef struct TPM_KEY { > - TPM_VERSION ver; > - TPM_KEY_USAGE keyUsage; > - TPM_KEY_FLAGS keyFlags; > - TPM_AUTH_DATA_USAGE authDataUsage; > - TPM_KEY_PARMS algorithmParms; > - UINT32 PCRInfoSize; > - BYTE* PCRInfo; // this should be a TPM_PCR_INFO, or NULL > - TPM_STORE_PUBKEY pubKey; > - UINT32 encDataSize; > - BYTE* encData; > -} TPM_KEY; > - > -typedef struct TPM_PCR_SELECTION { > - UINT16 sizeOfSelect; /// in bytes > - BYTE* pcrSelect; > -} TPM_PCR_SELECTION; > - > -typedef struct TPM_PCR_COMPOSITE { > - TPM_PCR_SELECTION select; > - UINT32 valueSize; > - TPM_PCRVALUE* pcrValue; > -} TPM_PCR_COMPOSITE; > - > - > -typedef struct TPM_PCR_INFO { > - TPM_PCR_SELECTION pcrSelection; > - TPM_COMPOSITE_HASH digestAtRelease; > - TPM_COMPOSITE_HASH digestAtCreation; > -} TPM_PCR_INFO; > - > - > -typedef struct TPM_BOUND_DATA { > - TPM_VERSION ver; > - TPM_PAYLOAD_TYPE payload; > - BYTE* payloadData; > -} TPM_BOUND_DATA; > - > -typedef struct TPM_STORED_DATA { > - TPM_VERSION ver; > - UINT32 sealInfoSize; > - BYTE* sealInfo; > - UINT32 encDataSize; > - BYTE* encData; > -} TPM_STORED_DATA; > - > -typedef struct TCS_AUTH { > - TCS_AUTHHANDLE AuthHandle; > - TPM_NONCE NonceOdd; // system > - TPM_NONCE NonceEven; // TPM > - BOOL fContinueAuthSession; > - TPM_AUTHDATA HMAC; > -} TCS_AUTH; > - > -// structures for dealing with sizes followed by buffers in all the > -// TCG structure. > -typedef struct pack_buf_t { > - UINT32 size; > - BYTE * data; > -} pack_buf_t; > - > -typedef struct pack_constbuf_t { > - UINT32 size; > - const BYTE* data; > -} pack_constbuf_t; > - > - > - > -// **************************** CONSTANTS ********************************* > - > -// BOOL values > -#define TRUE 0x01 > -#define FALSE 0x00 > - > -#define TCPA_MAX_BUFFER_LENGTH 0x2000 > - > -// > -// TPM_COMMAND_CODE values > -#define TPM_PROTECTED_ORDINAL 0x00000000UL > -#define TPM_UNPROTECTED_ORDINAL 0x80000000UL > -#define TPM_CONNECTION_ORDINAL 0x40000000UL > -#define TPM_VENDOR_ORDINAL 0x20000000UL > - > -#define TPM_ORD_OIAP (10UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_OSAP (11UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ChangeAuth (12UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_TakeOwnership (13UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ChangeAuthAsymStart (14UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ChangeAuthAsymFinish (15UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ChangeAuthOwner (16UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_Extend (20UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_PcrRead (21UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_Quote (22UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_Seal (23UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_Unseal (24UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_DirWriteAuth (25UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_DirRead (26UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_UnBind (30UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_CreateWrapKey (31UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_LoadKey (32UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_GetPubKey (33UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_EvictKey (34UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_CreateMigrationBlob (40UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ReWrapKey (41UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ConvertMigrationBlob (42UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_AuthorizeMigrationKey (43UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_CreateMaintenanceArchive (44UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_LoadMaintenanceArchive (45UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_KillMaintenanceFeature (46UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_LoadManuMaintPub (47UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ReadManuMaintPub (48UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_CertifyKey (50UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_Sign (60UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_GetRandom (70UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_StirRandom (71UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SelfTestFull (80UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SelfTestStartup (81UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_CertifySelfTest (82UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ContinueSelfTest (83UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_GetTestResult (84UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_Reset (90UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_OwnerClear (91UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_DisableOwnerClear (92UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ForceClear (93UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_DisableForceClear (94UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_GetCapabilitySigned (100UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_GetCapability (101UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_GetCapabilityOwner (102UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_OwnerSetDisable (110UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_PhysicalEnable (111UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_PhysicalDisable (112UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SetOwnerInstall (113UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_PhysicalSetDeactivated (114UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SetTempDeactivated (115UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_CreateEndorsementKeyPair (120UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_MakeIdentity (121UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ActivateIdentity (122UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_ReadPubek (124UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_OwnerReadPubek (125UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_DisablePubekRead (126UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_GetAuditEvent (130UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_GetAuditEventSigned (131UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_GetOrdinalAuditStatus (140UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SetOrdinalAuditStatus (141UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_Terminate_Handle (150UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_Init (151UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SaveState (152UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_Startup (153UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SetRedirection (154UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SHA1Start (160UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SHA1Update (161UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SHA1Complete (162UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SHA1CompleteExtend (163UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_FieldUpgrade (170UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SaveKeyContext (180UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_LoadKeyContext (181UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_SaveAuthContext (182UL + TPM_PROTECTED_ORDINAL) > -#define TPM_ORD_LoadAuthContext (183UL + TPM_PROTECTED_ORDINAL) > -#define TSC_ORD_PhysicalPresence (10UL + TPM_CONNECTION_ORDINAL) > - > - > - > -// > -// TPM_RESULT values > -// > -// just put in the whole table from spec 1.2 > - > -#define TPM_BASE 0x0 // The start of TPM return codes > -#define TPM_VENDOR_ERROR 0x00000400 // Mask to indicate that the error code > is vendor specific for vendor specific commands > -#define TPM_NON_FATAL 0x00000800 // Mask to indicate that the error code is > a non-fatal failure. > - > -#define TPM_SUCCESS TPM_BASE // Successful completion of the operation > -#define TPM_AUTHFAIL TPM_BASE + 1 // Authentication failed > -#define TPM_BADINDEX TPM_BASE + 2 // The index to a PCR, DIR or other > register is incorrect > -#define TPM_BAD_PARAMETER TPM_BASE + 3 // One or more parameter is bad > -#define TPM_AUDITFAILURE TPM_BASE + 4 // An operation completed > successfully but the auditing of that operation failed. > -#define TPM_CLEAR_DISABLED TPM_BASE + 5 // The clear disable flag is set > and all clear operations now require physical access > -#define TPM_DEACTIVATED TPM_BASE + 6 // The TPM is deactivated > -#define TPM_DISABLED TPM_BASE + 7 // The TPM is disabled > -#define TPM_DISABLED_CMD TPM_BASE + 8 // The target command has been > disabled > -#define TPM_FAIL TPM_BASE + 9 // The operation failed > -#define TPM_BAD_ORDINAL TPM_BASE + 10 // The ordinal was unknown or > inconsistent > -#define TPM_INSTALL_DISABLED TPM_BASE + 11 // The ability to install an > owner is disabled > -#define TPM_INVALID_KEYHANDLE TPM_BASE + 12 // The key handle presented was > invalid > -#define TPM_KEYNOTFOUND TPM_BASE + 13 // The target key was not found > -#define TPM_INAPPROPRIATE_ENC TPM_BASE + 14 // Unacceptable encryption > scheme > -#define TPM_MIGRATEFAIL TPM_BASE + 15 // Migration authorization failed > -#define TPM_INVALID_PCR_INFO TPM_BASE + 16 // PCR information could not be > interpreted > -#define TPM_NOSPACE TPM_BASE + 17 // No room to load key. > -#define TPM_NOSRK TPM_BASE + 18 // There is no SRK set > -#define TPM_NOTSEALED_BLOB TPM_BASE + 19 // An encrypted blob is invalid > or was not created by this TPM > -#define TPM_OWNER_SET TPM_BASE + 20 // There is already an Owner > -#define TPM_RESOURCES TPM_BASE + 21 // The TPM has insufficient > internal resources to perform the requested action. > -#define TPM_SHORTRANDOM TPM_BASE + 22 // A random string was too short > -#define TPM_SIZE TPM_BASE + 23 // The TPM does not have the space to > perform the operation. > -#define TPM_WRONGPCRVAL TPM_BASE + 24 // The named PCR value does not > match the current PCR value. > -#define TPM_BAD_PARAM_SIZE TPM_BASE + 25 // The paramSize argument to > the command has the incorrect value > -#define TPM_SHA_THREAD TPM_BASE + 26 // There is no existing SHA-1 > thread. > -#define TPM_SHA_ERROR TPM_BASE + 27 // The calculation is unable to > proceed because the existing SHA-1 thread has already encountered an error. > -#define TPM_FAILEDSELFTEST TPM_BASE + 28 // Self-test has failed and the > TPM has shutdown. > -#define TPM_AUTH2FAIL TPM_BASE + 29 // The authorization for the second > key in a 2 key function failed authorization > -#define TPM_BADTAG TPM_BASE + 30 // The tag value sent to for a > command is invalid > -#define TPM_IOERROR TPM_BASE + 31 // An IO error occurred transmitting > information to the TPM > -#define TPM_ENCRYPT_ERROR TPM_BASE + 32 // The encryption process had a > problem. > -#define TPM_DECRYPT_ERROR TPM_BASE + 33 // The decryption process did > not complete. > -#define TPM_INVALID_AUTHHANDLE TPM_BASE + 34 // An invalid handle was used. > -#define TPM_NO_ENDORSEMENT TPM_BASE + 35 // The TPM does not a EK > installed > -#define TPM_INVALID_KEYUSAGE TPM_BASE + 36 // The usage of a key is not > allowed > -#define TPM_WRONG_ENTITYTYPE TPM_BASE + 37 // The submitted entity type is > not allowed > -#define TPM_INVALID_POSTINIT TPM_BASE + 38 // The command was received in > the wrong sequence relative to TPM_Init and a subsequent TPM_Startup > -#define TPM_INAPPROPRIATE_SIG TPM_BASE + 39 // Signed data cannot include > additional DER information > -#define TPM_BAD_KEY_PROPERTY TPM_BASE + 40 // The key properties in > TPM_KEY_PARMs are not supported by this TPM > - > -#define TPM_BAD_MIGRATION TPM_BASE + 41 // The migration properties of > this key are incorrect. > -#define TPM_BAD_SCHEME TPM_BASE + 42 // The signature or encryption > scheme for this key is incorrect or not permitted in this situation. > -#define TPM_BAD_DATASIZE TPM_BASE + 43 // The size of the data (or > blob) parameter is bad or inconsistent with the referenced key > -#define TPM_BAD_MODE TPM_BASE + 44 // A mode parameter is bad, such as > capArea or subCapArea for TPM_GetCapability, phsicalPresence parameter for > TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob. > -#define TPM_BAD_PRESENCE TPM_BASE + 45 // Either the physicalPresence > or physicalPresenceLock bits have the wrong value > -#define TPM_BAD_VERSION TPM_BASE + 46 // The TPM cannot perform this > version of the capability > -#define TPM_NO_WRAP_TRANSPORT TPM_BASE + 47 // The TPM does not allow > for wrapped transport sessions > -#define TPM_AUDITFAIL_UNSUCCESSFUL TPM_BASE + 48 // TPM audit construction > failed and the underlying command was returning a failure code also > -#define TPM_AUDITFAIL_SUCCESSFUL TPM_BASE + 49 // TPM audit construction > failed and the underlying command was returning success > -#define TPM_NOTRESETABLE TPM_BASE + 50 // Attempt to reset a PCR > register that does not have the resettable attribute > -#define TPM_NOTLOCAL TPM_BASE + 51 // Attempt to reset a PCR register > that requires locality and locality modifier not part of command transport > -#define TPM_BAD_TYPE TPM_BASE + 52 // Make identity blob not properly > typed > -#define TPM_INVALID_RESOURCE TPM_BASE + 53 // When saving context > identified resource type does not match actual resource > -#define TPM_NOTFIPS TPM_BASE + 54 // The TPM is attempting to execute > a command only available when in FIPS mode > -#define TPM_INVALID_FAMILY TPM_BASE + 55 // The command is attempting > to use an invalid family ID > -#define TPM_NO_NV_PERMISSION TPM_BASE + 56 // The permission to > manipulate the NV storage is not available > -#define TPM_REQUIRES_SIGN TPM_BASE + 57 // The operation requires a > signed command > -#define TPM_KEY_NOTSUPPORTED TPM_BASE + 58 // Wrong operation to load an > NV key > -#define TPM_AUTH_CONFLICT TPM_BASE + 59 // NV_LoadKey blob requires > both owner and blob authorization > -#define TPM_AREA_LOCKED TPM_BASE + 60 // The NV area is locked and not > writtable > -#define TPM_BAD_LOCALITY TPM_BASE + 61 // The locality is incorrect for > the attempted operation > -#define TPM_READ_ONLY TPM_BASE + 62 // The NV area is read only and > can't be written to > -#define TPM_PER_NOWRITE TPM_BASE + 63 // There is no protection on the > write to the NV area > -#define TPM_FAMILYCOUNT TPM_BASE + 64 // The family count value does > not match > -#define TPM_WRITE_LOCKED TPM_BASE + 65 // The NV area has already been > written to > -#define TPM_BAD_ATTRIBUTES TPM_BASE + 66 // The NV area attributes > conflict > -#define TPM_INVALID_STRUCTURE TPM_BASE + 67 // The structure tag and > version are invalid or inconsistent > -#define TPM_KEY_OWNER_CONTROL TPM_BASE + 68 // The key is under control > of the TPM Owner and can only be evicted by the TPM Owner. > -#define TPM_BAD_COUNTER TPM_BASE + 69 // The counter handle is incorrect > -#define TPM_NOT_FULLWRITE TPM_BASE + 70 // The write is not a complete > write of the area > -#define TPM_CONTEXT_GAP TPM_BASE + 71 // The gap between saved context > counts is too large > -#define TPM_MAXNVWRITES TPM_BASE + 72 // The maximum number of NV > writes without an owner has been exceeded > -#define TPM_NOOPERATOR TPM_BASE + 73 // No operator authorization > value is set > -#define TPM_RESOURCEMISSING TPM_BASE + 74 // The resource pointed to by > context is not loaded > -#define TPM_DELEGATE_LOCK TPM_BASE + 75 // The delegate administration > is locked > -#define TPM_DELEGATE_FAMILY TPM_BASE + 76 // Attempt to manage a family > other then the delegated family > -#define TPM_DELEGATE_ADMIN TPM_BASE + 77 // Delegation table management > not enabled > -#define TPM_TRANSPORT_EXCLUSIVE TPM_BASE + 78 // There was a command > executed outside of an exclusive transport session > - > -// TPM_STARTUP_TYPE values > -#define TPM_ST_CLEAR 0x0001 > -#define TPM_ST_STATE 0x0002 > -#define TPM_ST_DEACTIVATED 0x003 > - > -// TPM_TAG values > -#define TPM_TAG_RQU_COMMAND 0x00c1 > -#define TPM_TAG_RQU_AUTH1_COMMAND 0x00c2 > -#define TPM_TAG_RQU_AUTH2_COMMAND 0x00c3 > -#define TPM_TAG_RSP_COMMAND 0x00c4 > -#define TPM_TAG_RSP_AUTH1_COMMAND 0x00c5 > -#define TPM_TAG_RSP_AUTH2_COMMAND 0x00c6 > - > -// TPM_PAYLOAD_TYPE values > -#define TPM_PT_ASYM 0x01 > -#define TPM_PT_BIND 0x02 > -#define TPM_PT_MIGRATE 0x03 > -#define TPM_PT_MAINT 0x04 > -#define TPM_PT_SEAL 0x05 > - > -// TPM_ENTITY_TYPE values > -#define TPM_ET_KEYHANDLE 0x0001 > -#define TPM_ET_OWNER 0x0002 > -#define TPM_ET_DATA 0x0003 > -#define TPM_ET_SRK 0x0004 > -#define TPM_ET_KEY 0x0005 > - > -/// TPM_ResourceTypes > -#define TPM_RT_KEY 0x00000001 > -#define TPM_RT_AUTH 0x00000002 > -#define TPM_RT_TRANS 0x00000004 > -#define TPM_RT_CONTEXT 0x00000005 > - > -// TPM_PROTOCOL_ID values > -#define TPM_PID_OIAP 0x0001 > -#define TPM_PID_OSAP 0x0002 > -#define TPM_PID_ADIP 0x0003 > -#define TPM_PID_ADCP 0x0004 > -#define TPM_PID_OWNER 0x0005 > - > -// TPM_ALGORITHM_ID values > -#define TPM_ALG_RSA 0x00000001 > -#define TPM_ALG_DES 0x00000002 > -#define TPM_ALG_3DES 0X00000003 > -#define TPM_ALG_SHA 0x00000004 > -#define TPM_ALG_HMAC 0x00000005 > -#define TCPA_ALG_AES 0x00000006 > - > -// TPM_ENC_SCHEME values > -#define TPM_ES_NONE 0x0001 > -#define TPM_ES_RSAESPKCSv15 0x0002 > -#define TPM_ES_RSAESOAEP_SHA1_MGF1 0x0003 > - > -// TPM_SIG_SCHEME values > -#define TPM_SS_NONE 0x0001 > -#define TPM_SS_RSASSAPKCS1v15_SHA1 0x0002 > -#define TPM_SS_RSASSAPKCS1v15_DER 0x0003 > - > -// TPM_KEY_USAGE values > -#define TPM_KEY_EK 0x0000 > -#define TPM_KEY_SIGNING 0x0010 > -#define TPM_KEY_STORAGE 0x0011 > -#define TPM_KEY_IDENTITY 0x0012 > -#define TPM_KEY_AUTHCHANGE 0X0013 > -#define TPM_KEY_BIND 0x0014 > -#define TPM_KEY_LEGACY 0x0015 > - > -// TPM_AUTH_DATA_USAGE values > -#define TPM_AUTH_NEVER 0x00 > -#define TPM_AUTH_ALWAYS 0x01 > - > -// Key Handle of owner and srk > -#define TPM_OWNER_KEYHANDLE 0x40000001 > -#define TPM_SRK_KEYHANDLE 0x40000000 > - > -// ---------------------- Functions for checking TPM_RESULTs > ----------------- > - > -#include <stdio.h> > - > -// FIXME: Review use of these and delete unneeded ones. > - > -// these are really badly dependent on local structure: > -// DEPENDS: local var 'status' of type TPM_RESULT > -// DEPENDS: label 'abort_egress' which cleans up and returns the status > -#define ERRORDIE(s) do { status = s; \ > - fprintf (stderr, "*** ERRORDIE in %s at %s: %i\n", > __func__, __FILE__, __LINE__); \ > - goto abort_egress; } \ > - while (0) > - > -// DEPENDS: local var 'status' of type TPM_RESULT > -// DEPENDS: label 'abort_egress' which cleans up and returns the status > -// Try command c. If it fails, set status to s and goto abort. > -#define TPMTRY(s,c) if (c != TPM_SUCCESS) { \ > - status = s; \ > - printf("ERROR in %s at %s:%i code: %s.\n", __func__, > __FILE__, __LINE__, tpm_get_error_name(status)); \ > - goto abort_egress; \ > - } else {\ > - status = c; \ > - } > - > -// Try command c. If it fails, print error message, set status to actual > return code. Goto abort > -#define TPMTRYRETURN(c) do { status = c; \ > - if (status != TPM_SUCCESS) { \ > - fprintf(stderr, "ERROR in %s at %s:%i code: > %s.\n", __func__, __FILE__, __LINE__, tpm_get_error_name(status)); \ > - goto abort_egress; \ > - } \ > - } while(0) > - > - > -#pragma pack(pop) > - > -#endif //__TCPA_H__ > diff --git a/tools/xenstore/hashtable.c b/tools/xenstore/hashtable.c > index 3b89223..0ba1d55 100644 > --- a/tools/xenstore/hashtable.c > +++ b/tools/xenstore/hashtable.c > @@ -3,7 +3,6 @@ > /* > * There are duplicates of this code in: > * - tools/blktap2/drivers/hashtable.c > - * - tools/vtpm_manager/util/hashtable.c > */ > > #include "hashtable.h" > diff --git a/tools/xenstore/hashtable.h b/tools/xenstore/hashtable.h > index 8e6bb5b..4d68223 100644 > --- a/tools/xenstore/hashtable.h > +++ b/tools/xenstore/hashtable.h > @@ -3,7 +3,6 @@ > /* > * There are duplicates of this code in: > * - tools/blktap2/drivers/hashtable.h > - * - tools/vtpm_manager/util/hashtable.h > */ > > #ifndef __HASHTABLE_CWC22_H__ > diff --git a/tools/xenstore/hashtable_private.h > b/tools/xenstore/hashtable_private.h > index cabaffe..a08559d 100644 > --- a/tools/xenstore/hashtable_private.h > +++ b/tools/xenstore/hashtable_private.h > @@ -3,7 +3,6 @@ > /* > * There are duplicates of this code in: > * - tools/blktap2/drivers/hashtable_private.h > - * - tools/vtpm_manager/util/hashtable_private.h > */ > > #ifndef __HASHTABLE_PRIVATE_CWC22_H__ > diff --git a/tools/xm-test/configure.ac b/tools/xm-test/configure.ac > index ad1eb78..c142140 100644 > --- a/tools/xm-test/configure.ac > +++ b/tools/xm-test/configure.ac > @@ -143,7 +143,6 @@ AC_CONFIG_FILES([ > tests/unpause/Makefile > tests/vcpu-pin/Makefile > tests/vcpu-disable/Makefile > - tests/vtpm/Makefile > tests/xapi/Makefile > tests/enforce_dom0_cpus/Makefile > tests/cpupool/Makefile > diff --git a/tools/xm-test/grouptest/default b/tools/xm-test/grouptest/default > index f0516b2..e04591b 100644 > --- a/tools/xm-test/grouptest/default > +++ b/tools/xm-test/grouptest/default > @@ -27,5 +27,4 @@ sysrq > unpause > vcpu-disable > vcpu-pin > -vtpm > xapi > diff --git a/tools/xm-test/grouptest/medium b/tools/xm-test/grouptest/medium > index bafc988..5c3e1b1 100644 > --- a/tools/xm-test/grouptest/medium > +++ b/tools/xm-test/grouptest/medium > @@ -22,4 +22,3 @@ sysrq 01_sysrq_basic_neg.test 02_sysrq_sync_pos.test > unpause > vcpu-disable > vcpu-pin > -vtpm > diff --git a/tools/xm-test/grouptest/xapi b/tools/xm-test/grouptest/xapi > index 3b04921..7a08b77 100644 > --- a/tools/xm-test/grouptest/xapi > +++ b/tools/xm-test/grouptest/xapi > @@ -1,2 +1 @@ > xapi > -vtpm 09_vtpm-xapi.test > diff --git a/tools/xm-test/lib/XmTestLib/XenDomain.py > b/tools/xm-test/lib/XmTestLib/XenDomain.py > index ae8c550..3ba7433 100644 > --- a/tools/xm-test/lib/XmTestLib/XenDomain.py > +++ b/tools/xm-test/lib/XmTestLib/XenDomain.py > @@ -59,7 +59,6 @@ class XenConfig: > # These options need to be lists > self.defaultOpts["disk"] = [] > self.defaultOpts["vif"] = [] > - self.defaultOpts["vtpm"] = [] > > self.opts = self.defaultOpts > > diff --git a/tools/xm-test/tests/Makefile.am b/tools/xm-test/tests/Makefile.am > index 8d673ed..455f50c 100644 > --- a/tools/xm-test/tests/Makefile.am > +++ b/tools/xm-test/tests/Makefile.am > @@ -25,7 +25,6 @@ SUBDIRS = \ > unpause \ > vcpu-disable \ > vcpu-pin \ > - vtpm \ > enforce_dom0_cpus \ > save restore migrate \ > cpupool > diff --git a/tools/xm-test/tests/vtpm/01_vtpm-list_pos.py > b/tools/xm-test/tests/vtpm/01_vtpm-list_pos.py > deleted file mode 100644 > index dfd1227..0000000 > --- a/tools/xm-test/tests/vtpm/01_vtpm-list_pos.py > +++ /dev/null > @@ -1,40 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -# Positive Test: create domain with virtual TPM attached at build time, > -# verify list > - > - > -from XmTestLib import * > -from vtpm_utils import * > -import commands > -import os > -import atexit > - > -config = {"vtpm":"instance=1,backend=0"} > -domain = XmTestDomain(extraConfig=config) > - > -try: > - domain.start(noConsole=True) > -except DomainError, e: > - if verbose: > - print e.extra > - vtpm_cleanup(domain.getName()) > - FAIL("Unable to create domain") > - > - > -domName = domain.getName() > - > -atexit.register(vtpm_cleanup, vtpm_get_uuid(domid(domName))) > - > -status, output = traceCommand("xm vtpm-list %s" % domain.getId()) > -eyecatcher = "/local/domain/0/backend/vtpm" > -where = output.find(eyecatcher) > -if status != 0: > - FAIL("xm vtpm-list returned bad status, expected 0, status is %i" % > status) > -elif where < 0: > - FAIL("Fail to list virtual TPM device") > - > -domain.stop() > diff --git a/tools/xm-test/tests/vtpm/02_vtpm-cat_pcrs.py > b/tools/xm-test/tests/vtpm/02_vtpm-cat_pcrs.py > deleted file mode 100644 > index a18cbab..0000000 > --- a/tools/xm-test/tests/vtpm/02_vtpm-cat_pcrs.py > +++ /dev/null > @@ -1,49 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -# Positive Test: create domain with virtual TPM attached at build time, > -# check list of pcrs > - > -from XmTestLib import * > -from vtpm_utils import * > -import commands > -import os > -import os.path > -import atexit > - > -config = {"vtpm":"instance=1,backend=0"} > -domain = XmTestDomain(extraConfig=config) > -domName = domain.getName() > - > -try: > - console = domain.start() > -except DomainError, e: > - if verbose: > - print e.extra > - FAIL("Unable to create domain (%s)" % domName) > - > -atexit.register(vtpm_cleanup, vtpm_get_uuid(domid(domName))) > - > -try: > - console.sendInput("input") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > -try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > -if re.search("No such file",run["output"]): > - FAIL("TPM frontend support not compiled into (domU?) kernel") > - > -domain.closeConsole() > - > -domain.stop() > - > -if not re.search("PCR-00:",run["output"]): > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend side") > diff --git a/tools/xm-test/tests/vtpm/03_vtpm-susp_res.py > b/tools/xm-test/tests/vtpm/03_vtpm-susp_res.py > deleted file mode 100644 > index b863f27..0000000 > --- a/tools/xm-test/tests/vtpm/03_vtpm-susp_res.py > +++ /dev/null > @@ -1,99 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -# Positive Test: create domain with virtual TPM attached at build time, > -# check list of pcrs; suspend and resume the domain and > -# check list of pcrs again > - > -from XmTestLib import * > -from vtpm_utils import * > -import commands > -import os > -import os.path > -import atexit > - > -config = {"vtpm":"instance=1,backend=0"} > -domain = XmTestDomain(extraConfig=config) > -domName = domain.getName() > -consoleHistory = "" > - > -try: > - console = domain.start() > -except DomainError, e: > - if verbose: > - print e.extra > - FAIL("Unable to create domain (%s)" % domName) > - > -atexit.register(vtpm_cleanup, vtpm_get_uuid(domid(domName))) > - > -try: > - console.sendInput("input") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > -try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > -if re.search("No such file",run["output"]): > - FAIL("TPM frontend support not compiled into (domU?) kernel") > - > -consoleHistory = console.getHistory() > -domain.closeConsole() > - > -loop = 0 > -while loop < 3: > - try: > - status, ouptut = traceCommand("xm save %s %s.save" % > - (domName, domName), > - timeout=30) > - > - except TimeoutError, e: > - saveLog(consoleHistory) > - FAIL(str(e)) > - > - if status != 0: > - saveLog(consoleHistory) > - FAIL("xm save did not succeed") > - > - try: > - status, ouptut = traceCommand("xm restore %s.save" % > - (domName), > - timeout=30) > - except TimeoutError, e: > - os.remove("%s.save" % domName) > - saveLog(consoleHistory) > - FAIL(str(e)) > - > - os.remove("%s.save" % domName) > - > - if status != 0: > - saveLog(consoleHistory) > - FAIL("xm restore did not succeed") > - > - try: > - console = domain.getConsole() > - except ConsoleError, e: > - FAIL(str(e)) > - > - try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > - except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > - if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend > side") > - > - loop += 1 > - > -domain.closeConsole() > - > -domain.stop() > - > diff --git a/tools/xm-test/tests/vtpm/04_vtpm-loc_migr.py > b/tools/xm-test/tests/vtpm/04_vtpm-loc_migr.py > deleted file mode 100644 > index ccc8b73..0000000 > --- a/tools/xm-test/tests/vtpm/04_vtpm-loc_migr.py > +++ /dev/null > @@ -1,93 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -# Positive Test: create domain with virtual TPM attached at build time, > -# check list of pcrs; locally migrate the domain and > -# check list of pcrs again > -# This test does local live migration. > - > -from XmTestLib import * > -from vtpm_utils import * > -import commands > -import os > -import os.path > -import atexit > - > -config = {"vtpm":"instance=1,backend=0"} > -domain = XmTestDomain(extraConfig=config) > -domName = domain.getName() > -consoleHistory = "" > - > -try: > - console = domain.start() > -except DomainError, e: > - if verbose: > - print e.extra > - FAIL("Unable to create domain (%s)" % domName) > - > -atexit.register(vtpm_cleanup, vtpm_get_uuid(domid(domName))) > - > -try: > - console.sendInput("input") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > -try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > -if re.search("No such file",run["output"]): > - FAIL("TPM frontend support not compiled into (domU?) kernel") > - > -consoleHistory = console.getHistory() > -domain.closeConsole() > - > -old_domid = domid(domName) > - > -loop = 0 > -while loop < 3: > - try: > - status, ouptut = traceCommand("xm migrate -l %s localhost" % > - domName, > - timeout=90) > - except TimeoutError, e: > - saveLog(consoleHistory) > - FAIL(str(e)) > - > - if status != 0: > - saveLog(consoleHistory) > - FAIL("xm migrate did not succeed. External device migration > activated?") > - > - > - domName = domain.getName() > - new_domid = domid(domName) > - > - if (old_domid == new_domid): > - FAIL("xm migrate failed, domain id is still %s (loop=%d)" % > - (old_domid,loop)) > - > - try: > - console = domain.getConsole() > - except ConsoleError, e: > - FAIL(str(e)) > - > - try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > - except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > - if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend > side") > - > - loop += 1 > - > -domain.closeConsole() > - > -domain.stop() > diff --git a/tools/xm-test/tests/vtpm/05_vtpm-loc_migr.py > b/tools/xm-test/tests/vtpm/05_vtpm-loc_migr.py > deleted file mode 100644 > index 57b87df..0000000 > --- a/tools/xm-test/tests/vtpm/05_vtpm-loc_migr.py > +++ /dev/null > @@ -1,93 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -# Positive Test: create domain with virtual TPM attached at build time, > -# check list of pcrs; locally migrate the domain and > -# check list of pcrs again > -# This test does local (non-live) migration. > - > -from XmTestLib import * > -from vtpm_utils import * > -import commands > -import os > -import os.path > -import atexit > - > -config = {"vtpm":"instance=1,backend=0"} > -domain = XmTestDomain(extraConfig=config) > -domName = domain.getName() > -consoleHistory = "" > - > -try: > - console = domain.start() > -except DomainError, e: > - if verbose: > - print e.extra > - FAIL("Unable to create domain (%s)" % domName) > - > -atexit.register(vtpm_cleanup, vtpm_get_uuid(domid(domName))) > - > -try: > - console.sendInput("input") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > -try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > -if re.search("No such file",run["output"]): > - FAIL("TPM frontend support not compiled into (domU?) kernel") > - > -consoleHistory = console.getHistory() > -domain.closeConsole() > - > -old_domid = domid(domName) > - > -loop = 0 > -while loop < 3: > - try: > - status, ouptut = traceCommand("xm migrate %s localhost" % > - domName, > - timeout=90) > - except TimeoutError, e: > - saveLog(consoleHistory) > - FAIL(str(e)) > - > - if status != 0: > - saveLog(consoleHistory) > - FAIL("xm migrate did not succeed. External device migration > activated?") > - > - > - domName = domain.getName() > - new_domid = domid(domName) > - > - if (old_domid == new_domid): > - FAIL("xm migrate failed, domain id is still %s (loop=%d)" % > - (old_domid,loop)) > - > - try: > - console = domain.getConsole() > - except ConsoleError, e: > - FAIL(str(e)) > - > - try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > - except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > - if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend > side") > - > - loop += 1 > - > -domain.closeConsole() > - > -domain.stop() > diff --git a/tools/xm-test/tests/vtpm/06_vtpm-susp_res_pcrs.py > b/tools/xm-test/tests/vtpm/06_vtpm-susp_res_pcrs.py > deleted file mode 100644 > index c70691d..0000000 > --- a/tools/xm-test/tests/vtpm/06_vtpm-susp_res_pcrs.py > +++ /dev/null > @@ -1,125 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -# Positive Test: create domain with virtual TPM attached at build time, > -# extend a pcr > -# check list of pcrs; suspend and resume the domain and > -# check list of pcrs again and validate extended pcr > - > -from XmTestLib import * > -from vtpm_utils import * > -import commands > -import os > -import os.path > -import atexit > - > -config = {"vtpm":"instance=1,backend=0"} > -domain = XmTestDomain(extraConfig=config) > -domName = domain.getName() > -consoleHistory = "" > - > -try: > - console = domain.start() > -except DomainError, e: > - if verbose: > - print e.extra > - FAIL("Unable to create domain (%s)" % domName) > - > -atexit.register(vtpm_cleanup, vtpm_get_uuid(domid(domName))) > - > -try: > - console.sendInput("input") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > -try: > - run = console.runCmd("mknod /dev/tpm0 c 10 224") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("Error while creating /dev/tpm0") > - > -try: > - run = console.runCmd("echo -ne > \"\\x00\\xc1\\x00\\x00\\x00\\x22\\x00\\x00\\x00\\x14\\x00\\x00\\x00\\x00\\x01\\x02\\x03\\x04\\x05\\x06\\x07\\x08\\x09\\x0a\\x0b\\x0c\\x0d\\x0e\\0xf\\x10\\x11\\x12\\x13\\x14\" > > seq; cat seq > /dev/tpm0") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("Error while extending PCR 0") > - > -try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > - > -if re.search("No such file",run["output"]): > - FAIL("TPM frontend support not compiled into (domU?) kernel") > - > -if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend side: > \n%s" % run["output"]) > - > -if not re.search("PCR-00: 1E A7 BD",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Extend did not lead to expected result (1E A7 BD ...): \n%s" % > run["output"]) > - > -consoleHistory = console.getHistory() > -domain.closeConsole() > - > -loop = 0 > -while loop < 3: > - try: > - status, ouptut = traceCommand("xm save %s %s.save" % > - (domName, domName), > - timeout=30) > - > - except TimeoutError, e: > - saveLog(consoleHistory) > - FAIL(str(e)) > - > - if status != 0: > - saveLog(consoleHistory) > - FAIL("xm save did not succeed") > - > - try: > - status, ouptut = traceCommand("xm restore %s.save" % > - (domName), > - timeout=30) > - except TimeoutError, e: > - os.remove("%s.save" % domName) > - saveLog(consoleHistory) > - FAIL(str(e)) > - > - os.remove("%s.save" % domName) > - > - if status != 0: > - saveLog(consoleHistory) > - FAIL("xm restore did not succeed") > - > - try: > - console = domain.getConsole() > - except ConsoleError, e: > - FAIL(str(e)) > - > - try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > - except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > - if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend > side") > - > - if not re.search("PCR-00: 1E A7 BD",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM lost PCR 0 value: \n%s" % run["output"]) > - > - loop += 1 > - > -domain.closeConsole() > - > -domain.stop() > - > diff --git a/tools/xm-test/tests/vtpm/07_vtpm-mig_pcrs.py > b/tools/xm-test/tests/vtpm/07_vtpm-mig_pcrs.py > deleted file mode 100644 > index 4ff3360..0000000 > --- a/tools/xm-test/tests/vtpm/07_vtpm-mig_pcrs.py > +++ /dev/null > @@ -1,119 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -# Positive Test: create domain with virtual TPM attached at build time, > -# extend a pcr > -# check list of pcrs; locally migrate the domain and > -# check list of pcrs again and validate extended pcr > -# This test does local live migration. > - > -from XmTestLib import * > -from vtpm_utils import * > -import commands > -import os > -import os.path > -import atexit > - > -config = {"vtpm":"instance=1,backend=0"} > -domain = XmTestDomain(extraConfig=config) > -domName = domain.getName() > -consoleHistory = "" > - > -try: > - console = domain.start() > -except DomainError, e: > - if verbose: > - print e.extra > - FAIL("Unable to create domain (%s)" % domName) > - > -atexit.register(vtpm_cleanup, vtpm_get_uuid(domid(domName))) > - > -try: > - console.sendInput("input") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > -try: > - run = console.runCmd("mknod /dev/tpm0 c 10 224") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("Error while creating /dev/tpm0") > - > -try: > - run = console.runCmd("echo -ne > \"\\x00\\xc1\\x00\\x00\\x00\\x22\\x00\\x00\\x00\\x14\\x00\\x00\\x00\\x00\\x01\\x02\\x03\\x04\\x05\\x06\\x07\\x08\\x09\\x0a\\x0b\\x0c\\x0d\\x0e\\0xf\\x10\\x11\\x12\\x13\\x14\" > > seq; cat seq > /dev/tpm0") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("Error while extending PCR 0") > - > -try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > - > -if re.search("No such file",run["output"]): > - FAIL("TPM frontend support not compiled into (domU?) kernel") > - > -if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend side: > \n%s" % run["output"]) > - > -if not re.search("PCR-00: 1E A7 BD",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Extend did not lead to expected result (1E A7 BD ...): \n%s" % > run["output"]) > - > -consoleHistory = console.getHistory() > -domain.closeConsole() > - > -old_domid = domid(domName) > - > -loop = 0 > -while loop < 3: > - try: > - status, ouptut = traceCommand("xm migrate -l %s localhost" % > - domName, > - timeout=90) > - except TimeoutError, e: > - saveLog(consoleHistory) > - FAIL(str(e)) > - > - if status != 0: > - saveLog(consoleHistory) > - FAIL("xm migrate did not succeed. External device migration > activated?") > - > - > - domName = domain.getName() > - new_domid = domid(domName) > - > - if (old_domid == new_domid): > - FAIL("xm migrate failed, domain id is still %s (loop=%d)" % > - (old_domid,loop)) > - > - try: > - console = domain.getConsole() > - except ConsoleError, e: > - FAIL(str(e)) > - > - try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > - except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > - if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend > side") > - > - if not re.search("PCR-00: 1E A7 BD",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM lost PCR 0 value: \n%s" % run["output"]) > - > - loop += 1 > - > -domain.closeConsole() > - > -domain.stop() > diff --git a/tools/xm-test/tests/vtpm/08_vtpm-mig_pcrs.py > b/tools/xm-test/tests/vtpm/08_vtpm-mig_pcrs.py > deleted file mode 100644 > index 27125fc..0000000 > --- a/tools/xm-test/tests/vtpm/08_vtpm-mig_pcrs.py > +++ /dev/null > @@ -1,119 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -# Positive Test: create domain with virtual TPM attached at build time, > -# extend a pcr > -# check list of pcrs; locally migrate the domain and > -# check list of pcrs again and validate extended pcr > -# This test does local (non-live) migration. > - > -from XmTestLib import * > -from vtpm_utils import * > -import commands > -import os > -import os.path > -import atexit > - > -config = {"vtpm":"instance=1,backend=0"} > -domain = XmTestDomain(extraConfig=config) > -domName = domain.getName() > -consoleHistory = "" > - > -try: > - console = domain.start() > -except DomainError, e: > - if verbose: > - print e.extra > - FAIL("Unable to create domain (%s)" % domName) > - > -atexit.register(vtpm_cleanup, vtpm_get_uuid(domid(domName))) > - > -try: > - console.sendInput("input") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > -try: > - run = console.runCmd("mknod /dev/tpm0 c 10 224") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("Error while creating /dev/tpm0") > - > -try: > - run = console.runCmd("echo -ne > \"\\x00\\xc1\\x00\\x00\\x00\\x22\\x00\\x00\\x00\\x14\\x00\\x00\\x00\\x00\\x01\\x02\\x03\\x04\\x05\\x06\\x07\\x08\\x09\\x0a\\x0b\\x0c\\x0d\\x0e\\0xf\\x10\\x11\\x12\\x13\\x14\" > > seq; cat seq > /dev/tpm0") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("Error while extending PCR 0") > - > -try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > - > -if re.search("No such file",run["output"]): > - FAIL("TPM frontend support not compiled into (domU?) kernel") > - > -if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend side: > \n%s" % run["output"]) > - > -if not re.search("PCR-00: 1E A7 BD",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Extend did not lead to expected result (1E A7 BD ...): \n%s" % > run["output"]) > - > -consoleHistory = console.getHistory() > -domain.closeConsole() > - > -old_domid = domid(domName) > - > -loop = 0 > -while loop < 3: > - try: > - status, ouptut = traceCommand("xm migrate %s localhost" % > - domName, > - timeout=90) > - except TimeoutError, e: > - saveLog(consoleHistory) > - FAIL(str(e)) > - > - if status != 0: > - saveLog(consoleHistory) > - FAIL("xm migrate did not succeed. External device migration > activated?") > - > - > - domName = domain.getName() > - new_domid = domid(domName) > - > - if (old_domid == new_domid): > - FAIL("xm migrate failed, domain id is still %s (loop=%d)" % > - (old_domid,loop)) > - > - try: > - console = domain.getConsole() > - except ConsoleError, e: > - FAIL(str(e)) > - > - try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > - except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("No result from dumping the PCRs") > - > - if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM is not working correctly on /dev/vtpm on backend > side") > - > - if not re.search("PCR-00: 1E A7 BD",run["output"]): > - saveLog(console.getHistory()) > - FAIL("Virtual TPM lost PCR 0 value: \n%s" % run["output"]) > - > - loop += 1 > - > -domain.closeConsole() > - > -domain.stop() > diff --git a/tools/xm-test/tests/vtpm/09_vtpm-xapi.py > b/tools/xm-test/tests/vtpm/09_vtpm-xapi.py > deleted file mode 100644 > index a1aa8b3..0000000 > --- a/tools/xm-test/tests/vtpm/09_vtpm-xapi.py > +++ /dev/null > @@ -1,158 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -# Test to test the vtpm class through the Xen-API > -# > -# Tested methods: > -# VTPM: get_uuid, get_backend, get_by_uuid, get_record > -# create, destroy, get_VM > -# VM: get_VTPMS > - > -from XmTestLib import xapi > -from XmTestLib.XenAPIDomain import XmTestAPIDomain > -from XmTestLib import * > -from vtpm_utils import * > -import commands > -import os > - > -VTPM_RECORD_KEYS = [ 'backend', 'VM', 'uuid', 'other_config' ] > - > -try: > - # XmTestAPIDomain tries to establish a connection to XenD > - domain = XmTestAPIDomain() > -except Exception, e: > - SKIP("Skipping test. Error: %s" % str(e)) > -vm_uuid = domain.get_uuid() > - > -vtpmcfg = {} > -vtpmcfg['backend'] = DOM0_UUID > -vtpmcfg['VM'] = vm_uuid > - > -session = xapi.connect() > - > -vtpm_uuid = session.xenapi.VTPM.create(vtpmcfg) > - > -vtpm_be = session.xenapi.VTPM.get_backend(vtpm_uuid) > -if vtpm_be != vtpmcfg['backend']: > - FAIL("vTPM's backend is in '%s', expected: '%s'" % > - (vtpm_be, vtpmcfg['backend'])) > - > -vtpm_rec = session.xenapi.VTPM.get_record(vtpm_uuid) > - > -miss_keys = [] > -for k in VTPM_RECORD_KEYS: > - if k not in vtpm_rec.keys(): > - miss_keys.append(k) > -if len(miss_keys) > 0: > - FAIL("vTPM record is missing key(s): %s" % miss_keys) > - > -if vtpm_rec['uuid'] != vtpm_uuid: > - FAIL("vTPM record shows vtpm uuid '%s', expected: '%s'" % > - (vtpm_rec['uuid'], vtpm_uuid)) > -if vtpm_rec['VM'] != vm_uuid: > - FAIL("vTPM record shows VM uuid '%s', expected: '%s'" % > - (vtpm_rec['VM'], vm_uuid)) > -if vtpm_rec['backend'] != vtpmcfg['backend']: > - FAIL("vTPM record shows VM bakcned '%s', expected: '%s'" % > - (vtpm_rev['backend'], vtpmcfg['backend'])) > - > -badkeys = [] > -keys = vtpm_rec.keys() > -for k in keys: > - if k not in VTPM_RECORD_KEYS: > - badkeys.append(k) > -if len(badkeys) > 0: > - FAIL("Unexpected attributes in result: %s" % badkeys) > - > -if vm_uuid != session.xenapi.VTPM.get_VM(vtpm_uuid): > - FAIL("VM uuid from VTPM.get_VM different (%s) than expected (%s)." % > - (vm_ref, vm_uuid)) > - > -uuid = session.xenapi.VTPM.get_uuid(vtpm_uuid) > -if uuid != vtpm_uuid: > - FAIL("vTPM from VTPM.get_uuid different (%s) than expected (%s)." % > - (uuid, vtpm_uuid)) > - > -vtpm_ref = session.xenapi.VTPM.get_by_uuid(vtpm_uuid) > -if vtpm_ref != vtpm_uuid: > - FAIL("vTPM from VTPM.get_by_uuid different (%s) than expected (%s)." % > - (vtpm_ref, vtpm_uuid)) > - > -vm_vtpms = session.xenapi.VM.get_VTPMs(vm_uuid) > -if len(vm_vtpms) != 1: > - FAIL("Number of vTPMs from get_VTPMs is (%d) not what was expected (%d)" > % > - (len(vm_vtpms), 1)) > -if vtpm_uuid not in vm_vtpms: > - FAIL("Other vTPM uuid (%s) returned from VM.get_VTPMs than expected > (%s)" % > - (vm_vtpms[0], vtpm_uuid)) > - > -try: > - console = domain.start() > -except DomainError, e: > - FAIL("Unable to create domain.") > - > -try: > - console.sendInput("input") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL(str(e)) > - > -try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("1. No result from dumping the PCRs") > - > -if re.search("No such file",run["output"]): > - FAIL("TPM frontend support not compiled into (domU?) kernel") > - > -if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("1. Virtual TPM is not working correctly on /dev/vtpm on backend > side: \n%s" % run["output"]) > - > -try: > - session.xenapi.VTPM.destroy(vtpm_uuid) > - #Should never get here > - FAIL("Could destroy vTPM while VM is running") > -except: > - pass > - > -rc = session.xenapi.VM.suspend(vm_uuid) > -if rc: > - FAIL("Could not suspend VM") > - > -try: > - session.xenapi.VTPM.destroy(vtpm_uuid) > - #May not throw an exception in 'suspend' state > -except: > - pass > - > -rc = session.xenapi.VM.resume(vm_uuid, False) > -if rc: > - FAIL("Could not resume VM") > - > -try: > - console = domain.getConsole() > -except ConsoleError, e: > - FAIL(str(e)) > - > -try: > - run = console.runCmd("cat /sys/devices/xen/vtpm-0/pcrs") > -except ConsoleError, e: > - saveLog(console.getHistory()) > - FAIL("2. No result from dumping the PCRs. vTPM has been removed?") > - > -if not re.search("PCR-00:",run["output"]): > - saveLog(console.getHistory()) > - FAIL("2. Virtual TPM is not working correctly on /dev/vtpm on backend > side: \n%s" % run["output"]) > - > -domain.stop() > - > -try: > - session.xenapi.VTPM.destroy(vtpm_uuid) > -except: > - FAIL("Could NOT destroy vTPM while domain is halted.") > - > -domain.destroy() > diff --git a/tools/xm-test/tests/vtpm/Makefile.am > b/tools/xm-test/tests/vtpm/Makefile.am > deleted file mode 100644 > index dd67e45..0000000 > --- a/tools/xm-test/tests/vtpm/Makefile.am > +++ /dev/null > @@ -1,27 +0,0 @@ > -SUBDIRS = > - > -TESTS = 01_vtpm-list_pos.test \ > - 02_vtpm-cat_pcrs.test \ > - 03_vtpm-susp_res.test \ > - 04_vtpm-loc_migr.test \ > - 05_vtpm-loc_migr.test \ > - 06_vtpm-susp_res_pcrs.test \ > - 07_vtpm-mig_pcrs.test \ > - 08_vtpm-mig_pcrs.test \ > - 09_vtpm-xapi.test > - > -XFAIL_TESTS = > - > -EXTRA_DIST = $(TESTS) $(XFAIL_TESTS) vtpm_utils.py > -TESTS_ENVIRONMENT=@TENV@ > - > -%.test: %.py > - cp $< $@ > - chmod +x $@ > - > -clean-local: am_config_clean-local > - > -am_config_clean-local: > - rm -f *test > - rm -f *log > - rm -f *~ > diff --git a/tools/xm-test/tests/vtpm/vtpm_utils.py > b/tools/xm-test/tests/vtpm/vtpm_utils.py > deleted file mode 100644 > index 4e5b281..0000000 > --- a/tools/xm-test/tests/vtpm/vtpm_utils.py > +++ /dev/null > @@ -1,30 +0,0 @@ > -#!/usr/bin/python > - > -# Copyright (C) International Business Machines Corp., 2006 > -# Author: Stefan Berger <stefanb@xxxxxxxxxx> > - > -from XmTestLib import * > - > -if ENABLE_HVM_SUPPORT: > - SKIP("vtpm tests not supported for HVM domains") > - > -status, output = traceCommand("COLUMNS=200 ; " > - "ps aux | grep vtpm_manager | grep -v grep") > -if output == "": > - SKIP("virtual TPM manager must be started to run this test; might " > - "need /dev/tpm0") > - > -def vtpm_cleanup(domName): > - traceCommand("/etc/xen/scripts/vtpm-delete " > - "`xenstore-read /local/domain/0/backend/vtpm/%s/0/uuid`" % > - str(domid(domName))) > - > -def vtpm_cleanup(uuid): > - from xen.xm import main > - if main.serverType != main.SERVER_XEN_API: > - traceCommand("/etc/xen/scripts/vtpm-delete %s" % uuid) > - > -def vtpm_get_uuid(domainid): > - s, o = traceCommand("xenstore-read " > - "/local/domain/0/backend/vtpm/%s/0/uuid" % domainid) > - return o > -- > 1.7.10.4 > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |