[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 11/13] mini-os/tpmback: add tpmback_get_peercontext



This allows the XSM label of the TPM's client domain to be retrieved.

Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Acked-by: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>
---
 extras/mini-os/events.c          | 22 ++++++++++++++++++++++
 extras/mini-os/include/events.h  |  1 +
 extras/mini-os/include/tpmback.h |  2 ++
 extras/mini-os/tpmback.c         | 11 +++++++++++
 4 files changed, 36 insertions(+)

diff --git a/extras/mini-os/events.c b/extras/mini-os/events.c
index 2f359a5..5327e14 100644
--- a/extras/mini-os/events.c
+++ b/extras/mini-os/events.c
@@ -21,6 +21,7 @@
 #include <mini-os/hypervisor.h>
 #include <mini-os/events.h>
 #include <mini-os/lib.h>
+#include <xen/xsm/flask_op.h>
 
 #define NR_EVS 1024
 
@@ -258,6 +259,27 @@ int evtchn_bind_interdomain(domid_t pal, evtchn_port_t 
remote_port,
     return rc;
 }
 
+int evtchn_get_peercontext(evtchn_port_t local_port, char *ctx, int size)
+{
+    int rc;
+    uint32_t sid;
+    struct xen_flask_op op;
+    op.cmd = FLASK_GET_PEER_SID;
+    op.interface_version = XEN_FLASK_INTERFACE_VERSION;
+    op.u.peersid.evtchn = local_port;
+    rc = _hypercall1(int, xsm_op, &op);
+    if (rc)
+        return rc;
+    sid = op.u.peersid.sid;
+    op.cmd = FLASK_SID_TO_CONTEXT;
+    op.u.sid_context.sid = sid;
+    op.u.sid_context.size = size;
+    set_xen_guest_handle(op.u.sid_context.context, ctx);
+    rc = _hypercall1(int, xsm_op, &op);
+    return rc;
+}
+
+
 /*
  * Local variables:
  * mode: C
diff --git a/extras/mini-os/include/events.h b/extras/mini-os/include/events.h
index 912e4cf..0e9d3a7 100644
--- a/extras/mini-os/include/events.h
+++ b/extras/mini-os/include/events.h
@@ -37,6 +37,7 @@ int evtchn_alloc_unbound(domid_t pal, evtchn_handler_t 
handler,
 int evtchn_bind_interdomain(domid_t pal, evtchn_port_t remote_port,
                                                        evtchn_handler_t 
handler, void *data,
                                                        evtchn_port_t 
*local_port);
+int evtchn_get_peercontext(evtchn_port_t local_port, char *ctx, int size);
 void unbind_all_ports(void);
 
 static inline int notify_remote_via_evtchn(evtchn_port_t port)
diff --git a/extras/mini-os/include/tpmback.h b/extras/mini-os/include/tpmback.h
index a6cbbf1..4408986 100644
--- a/extras/mini-os/include/tpmback.h
+++ b/extras/mini-os/include/tpmback.h
@@ -99,4 +99,6 @@ void* tpmback_get_opaque(domid_t domid, unsigned int handle);
 /* Returns zero if successful, nonzero on failure (no such frontend) */
 int tpmback_set_opaque(domid_t domid, unsigned int handle, void* opaque);
 
+/* Get the XSM context of the given domain (using the tpmback event channel) */
+int tpmback_get_peercontext(domid_t domid, unsigned int handle, void* buffer, 
int buflen);
 #endif
diff --git a/extras/mini-os/tpmback.c b/extras/mini-os/tpmback.c
index cac07fc..ab69cb7 100644
--- a/extras/mini-os/tpmback.c
+++ b/extras/mini-os/tpmback.c
@@ -793,6 +793,17 @@ unsigned char* tpmback_get_uuid(domid_t domid, unsigned 
int handle)
    return tpmif->uuid;
 }
 
+int tpmback_get_peercontext(domid_t domid, unsigned int handle, void* buffer, 
int buflen)
+{
+   tpmif_t* tpmif;
+   if((tpmif = get_tpmif(domid, handle)) == NULL) {
+      TPMBACK_DEBUG("get_uuid() failed, %u/%u is an invalid frontend\n", 
(unsigned int) domid, handle);
+      return -1;
+   }
+
+   return evtchn_get_peercontext(tpmif->evtchn, buffer, buflen);
+}
+
 static void event_listener(void)
 {
    const char* bepath = "backend/vtpm2";
-- 
1.8.1


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.