Changeset 90580 in vbox

Timestamp:

Aug 9, 2021 3:53:16 PM (3 years ago)

Author:

vboxsync

Message:

Devices/Security: Continue work on the TPM device emulation and driver interfacing with swtpm, EFI firmware detects the TPM and starts talking to it, bugref:10075

Location:

trunk/src/VBox/Devices/Security

Files:

• DevTpm.cpp (modified) (3 diffs)
• DrvTpmEmu.cpp (modified) (19 diffs)

trunk/src/VBox/Devices/Security/DevTpm.cpp

@@ -875 +875 @@
         && uReg < TPM_CRB_LOCALITY_REG_DATA_BUFFER + TPM_CRB_LOCALITY_REG_DATA_BUFFER_SIZE
         && bLoc == pThis->bLoc
-        && pThis->enmState == DEVTPMSTATE_CMD_RECEPTION)
+        && (   pThis->enmState == DEVTPMSTATE_READY
+            || pThis->enmState == DEVTPMSTATE_CMD_RECEPTION))
     {
+        pThis->enmState = DEVTPMSTATE_CMD_RECEPTION;
         memcpy(&pThis->abCmdResp[uReg - TPM_CRB_LOCALITY_REG_DATA_BUFFER], &u64, cb);
         return VINF_SUCCESS;
@@ -886 +888 @@
         {
             /* See chapter 6.5.3.2.2.1. */
+#if 0
             if (u64 & TPM_CRB_LOCALITY_REG_CTRL_RST_ESTABLISHMENT)
                 /** @todo */;
+#endif
 
             /*
@@ -1083 +1087 @@
     /** @todo */
     RT_NOREF(pThis, pThisCC);
+    pThis->enmState = DEVTPMSTATE_CMD_COMPLETION;
 }
 

trunk/src/VBox/Devices/Security/DrvTpmEmu.cpp

@@ -115 +115 @@
 
 
+/** @name Capabilities as returned by SWTPMCMD_INIT.
+ * @{ */
+#define SWTPMCMD_INIT_F_DELETE_VOLATILE RT_BIT_32(0);
+/** @} */
+
+
 /**
  * Response data for a SWTPMCMD_GET_CAPABILITY command.
@@ -151 +157 @@
 
 /**
+ * Additional command data for SWTPMCMD_SET_LOCALITY.
+ */
+typedef struct SWTPMCMDSETLOCALITY
+{
+    /** The locality to set */
+    uint8_t                     bLoc;
+} SWTPMCMDSETLOCALITY;
+/** Pointer to a command data struct for SWTPMCMD_SET_LOCALITY. */
+typedef SWTPMCMDSETLOCALITY *PSWTPMCMDSETLOCALITY;
+/** Pointer to a const command data struct for SWTPMCMD_SET_LOCALITY. */
+typedef const SWTPMCMDSETLOCALITY *PCSWTPMCMDSETLOCALITY;
+
+
+/**
  * Additional command data for SWTPMCMD_GET_CONFIG.
  */
@@ -186 +206 @@
     /** Size of the chunk returned in this response. */
     uint32_t                    cbThis;
-    /** The data returned. */
-    uint8_t                     abData[3 * _1K];
 } SWTPMRESPGETCONFIG;
 /** Pointer to a response data struct for SWTPMCMD_GET_CONFIG. */
@@ -193 +211 @@
 /** Pointer to a const response data struct for SWTPMCMD_GET_CONFIG. */
 typedef const SWTPMRESPGETCONFIG *PCSWTPMRESPGETCONFIG;
-/** @} */
+
+
+/**
+ * Response data for a SWTPMCMD_GET_TPMESTABLISHED command.
+ */
+typedef struct SWTPMRESPGETTPMEST
+{
+    /** Flag whether the TPM established bit is set for the TPM. */
+    uint8_t                     fEst;
+} SWTPMRESPGETTPMEST;
+/** Pointer to a response data struct for SWTPMCMD_GET_TPMESTABLISHED. */
+typedef SWTPMRESPGETTPMEST *PSWTPMRESPGETTPMEST;
+/** Pointer to a const response data struct for SWTPMCMD_GET_TPMESTABLISHED. */
+typedef const SWTPMRESPGETTPMEST *PCSWTPMRESPGETTPMEST;
+
+
+/**
+ * Additional command data for SWTPMCMD_RESET_TPMESTABLISHED.
+ */
+typedef struct SWTPMCMDRSTEST
+{
+    /** The locality resetting trying to reset the established bit. */
+    uint8_t                    bLoc;
+} SWTPMCMDRSTEST;
+/** Pointer to a response data struct for SWTPMCMD_GET_TPMESTABLISHED. */
+typedef SWTPMCMDRSTEST *PSWTPMCMDRSTEST;
+/** Pointer to a const response data struct for SWTPMCMD_GET_TPMESTABLISHED. */
+typedef const SWTPMCMDRSTEST *PCSWTPMCMDRSTEST;
 
 
@@ -224 +269 @@
     /** Flag to signal whether the thread was woken up from external. */
     bool volatile       fWokenUp;
+    /** Currently set locality. */
+    uint8_t             bLoc;
 
     /** TPM version offered by the emulator. */
     TPMVERSION          enmTpmVers;
+    /** Capabilities offered by the TPM emulator. */
+    uint32_t            fCaps;
 } DRVTPMEMU;
 /** Pointer to the TPM emulator instance data. */
 typedef DRVTPMEMU *PDRVTPMEMU;
+
+/** The special no current locality selected value. */
+#define TPM_NO_LOCALITY_SELECTED    0xff
 
 
@@ -282 +334 @@
                 *pu32Resp = RT_BE2H_U32(u32Resp);
                 if (*pu32Resp == 0)
-                    rc = RTSocketRead(pThis->hSockCtrl, pvResp, cbResp, NULL /*pcbRead*/);
+                {
+                    if (cbResp)
+                        rc = RTSocketRead(pThis->hSockCtrl, pvResp, cbResp, NULL /*pcbRead*/);
+                }
+                else
+                    rc = VERR_NET_IO_ERROR;
             }
         }
     }
+
+    return rc;
+}
+
+
+/**
+ * Continue receiving a response from a previous call of drvTpmEmuExecCtrlCmdEx() or
+ * drvTpmEmuExecCtrlCmdNoPayload().
+ *
+ * @param   pThis               Pointer to the TPM emulator driver instance data.
+ * @param   enmCmd              The command to execute.
+ * @param   pvResp              Where to store additional resposne data.
+ * @param   cbResp              Size of the additional response data in bytes.
+ * @param   cMillies            Number of milliseconds to wait before aborting the receive with a timeout error.
+ */
+static int drvTpmEmuExecCtrlCmdRespCont(PDRVTPMEMU pThis, void *pvResp, size_t cbResp, RTMSINTERVAL cMillies)
+{
+    int rc = RTSocketSelectOne(pThis->hSockCtrl, cMillies);
+    if (RT_SUCCESS(rc))
+        rc = RTSocketRead(pThis->hSockCtrl, pvResp, cbResp, NULL /*pcbRead*/);
 
     return rc;
@@ -318 +395 @@
 
 /**
+ * Executes the given command over the control connection to the TPM emulator - variant with no response payload other than the result.
+ *
+ * @returns VBox status code.
+ * @retval  VERR_NET_IO_ERROR if the executed command returned an error in the response status field.
+ * @param   pThis               Pointer to the TPM emulator driver instance data.
+ * @param   enmCmd              The command to execute.
+ * @param   pvCmd               Additional command data to send.
+ * @param   cbCmd               Size of the additional command data in bytes.
+ * @param   pu32Resp            Where to store the response code from the reply.
+ * @param   cMillies            Number of milliseconds to wait before aborting the command with a timeout error.
+ */
+static int drvTpmEmuExecCtrlCmdNoResp(PDRVTPMEMU pThis, SWTPMCMD enmCmd, const void *pvCmd, size_t cbCmd, uint32_t *pu32Resp,
+                                      RTMSINTERVAL cMillies)
+{
+    return drvTpmEmuExecCtrlCmdEx(pThis, enmCmd, pvCmd, cbCmd, pu32Resp,
+                                  NULL /*pvResp*/, 0 /*cbResp*/, cMillies);
+}
+
+
+/**
  * Queries the version of the TPM offered by the remote emulator.
  *
@@ -327 +424 @@
     SWTPMCMDGETCONFIG Cmd;
     SWTPMRESPGETCONFIG Resp;
+    uint8_t abData[_4K];
     uint32_t u32Resp = 0;
 
@@ -332 +430 @@
     Cmd.u64Flags = RT_H2BE_U64(SWTPM_GET_CONFIG_F_TPM_SPECIFICATION);
     Cmd.u32Offset = 0;
-    int rc = drvTpmEmuExecCtrlCmdEx(pThis, SWTPMCMD_GET_CONFIG, &Cmd, sizeof(Cmd), &u32Resp,
+    int rc = drvTpmEmuExecCtrlCmdEx(pThis, SWTPMCMD_GET_INFO, &Cmd, sizeof(Cmd), &u32Resp,
                                     &Resp, sizeof(Resp), RT_MS_10SEC);
     if (RT_SUCCESS(rc))
     {
+        /*
+         * Currently it is not necessary to get the information in chunks, a single
+         * transaction is enough. To fend off future versions of swtpm requiring this
+         * we return an error here if the total length is not equal to the length of the chunk.
+         */
         if (RT_BE2H_U32(Resp.cbTotal) == RT_BE2H_U32(Resp.cbThis))
         {
-            RTJSONVAL hJsonVal = NIL_RTJSONVAL;
-            rc = RTJsonParseFromBuf(&hJsonVal, &Resp.abData[0], sizeof(Resp.abData), NULL /*pErrInfo*/);
+            /* Fetch the response body. */
+            rc = drvTpmEmuExecCtrlCmdRespCont(pThis, &abData[0], RT_BE2H_U32(Resp.cbThis), RT_MS_10SEC);
             if (RT_SUCCESS(rc))
             {
-                /** @todo */
-                RTJsonValueRelease(hJsonVal);
+                RTJSONVAL hJsonVal = NIL_RTJSONVAL;
+                rc = RTJsonParseFromBuf(&hJsonVal, &abData[0], RT_BE2H_U32(Resp.cbThis), NULL /*pErrInfo*/);
+                if (RT_SUCCESS(rc))
+                {
+                    RTJSONVAL hJsonTpmSpec = NIL_RTJSONVAL;
+                    rc = RTJsonValueQueryByName(hJsonVal, "TPMSpecification", &hJsonTpmSpec);
+                    if (RT_SUCCESS(rc))
+                    {
+                        RTJSONVAL hJsonTpmFam = NIL_RTJSONVAL;
+                        rc = RTJsonValueQueryByName(hJsonTpmSpec, "family", &hJsonTpmFam);
+                        if (RT_SUCCESS(rc))
+                        {
+                            const char *pszFam = NULL;
+                            rc = RTJsonValueQueryString(hJsonTpmFam, &pszFam);
+                            if (RT_SUCCESS(rc))
+                            {
+                                if (!RTStrCmp(pszFam, "1.2"))
+                                    pThis->enmTpmVers = TPMVERSION_1_2;
+                                else if (!RTStrCmp(pszFam, "2.0"))
+                                    pThis->enmTpmVers = TPMVERSION_2_0;
+                                else
+                                    pThis->enmTpmVers = TPMVERSION_UNKNOWN;
+                            }
+
+                            RTJsonValueRelease(hJsonTpmFam);
+                        }
+
+                        RTJsonValueRelease(hJsonTpmSpec);
+                    }
+
+                    RTJsonValueRelease(hJsonVal);
+                }
             }
         }
@@ -361 +494 @@
  * @param   pThis               Pointer to the TPM emulator driver instance data.
  */
-static int drvTpmEmuQueryAndValidateCaps(PDRVTPMEMU pThis)
+static int drvTpmEmuQueryCaps(PDRVTPMEMU pThis)
 {
     SWTPMRESPGETCAPABILITY Resp;
     int rc = drvTpmEmuExecCtrlCmdNoPayload(pThis, SWTPMCMD_GET_CAPABILITY, &Resp, sizeof(Resp), RT_MS_10SEC);
     if (RT_SUCCESS(rc))
-    {
-        /** @todo */
-    }
+        pThis->fCaps = RT_BE2H_U32(Resp.u32Caps);
+
+    return rc;
+}
+
+
+/**
+ * Sets the given locality for the emulated TPM.
+ *
+ * @returns VBox status code.
+ * @param   pThis               Pointer to the TPM emulator driver instance data.
+ * @param   bLoc                The locality to set.
+ */
+static int drvTpmEmuSetLocality(PDRVTPMEMU pThis, uint8_t bLoc)
+{
+    SWTPMCMDSETLOCALITY Cmd;
+    uint32_t u32Resp = 0;
+
+    Cmd.bLoc = bLoc;
+    int rc = drvTpmEmuExecCtrlCmdNoResp(pThis, SWTPMCMD_SET_LOCALITY, &Cmd, sizeof(Cmd), &u32Resp, RT_MS_10SEC);
+    if (   RT_SUCCESS(rc)
+        && u32Resp != 0)
+        rc = VERR_NET_IO_ERROR;
 
     return rc;
@@ -377 +530 @@
 static DECLCALLBACK(int) drvTpmEmuStartup(PPDMITPMCONNECTOR pInterface, size_t cbCmdResp)
 {
-    RT_NOREF(pInterface, cbCmdResp);
-    return VERR_NOT_IMPLEMENTED;
+    RT_NOREF(cbCmdResp);
+    PDRVTPMEMU pThis = RT_FROM_MEMBER(pInterface, DRVTPMEMU, ITpmConnector);
+
+    SWTPMCMDTPMINIT Cmd;
+    uint32_t u32Resp = 0;
+
+    RT_ZERO(Cmd);
+    Cmd.u32Flags = 0;
+    return drvTpmEmuExecCtrlCmdEx(pThis, SWTPMCMD_INIT, &Cmd, sizeof(Cmd), &u32Resp,
+                                  NULL, 0, RT_MS_10SEC);
 }
 
@@ -385 +546 @@
 static DECLCALLBACK(int) drvTpmEmuShutdown(PPDMITPMCONNECTOR pInterface)
 {
+    PDRVTPMEMU pThis = RT_FROM_MEMBER(pInterface, DRVTPMEMU, ITpmConnector);
+
+    return drvTpmEmuExecCtrlCmdNoPayload(pThis, SWTPMCMD_SHUTDOWN, NULL, 0, RT_MS_10SEC);
+}
+
+
+/** @interface_method_impl{PDMITPMCONNECTOR,pfnReset} */
+static DECLCALLBACK(int) drvTpmEmuReset(PPDMITPMCONNECTOR pInterface)
+{
     RT_NOREF(pInterface);
     return VERR_NOT_IMPLEMENTED;
@@ -390 +560 @@
 
 
-/** @interface_method_impl{PDMITPMCONNECTOR,pfnReset} */
-static DECLCALLBACK(int) drvTpmEmuReset(PPDMITPMCONNECTOR pInterface)
-{
-    RT_NOREF(pInterface);
-    return VERR_NOT_IMPLEMENTED;
-}
-
-
 /** @interface_method_impl{PDMITPMCONNECTOR,pfnGetVersion} */
 static DECLCALLBACK(TPMVERSION) drvTpmEmuGetVersion(PPDMITPMCONNECTOR pInterface)
@@ -409 +571 @@
 static DECLCALLBACK(bool) drvTpmEmuGetEstablishedFlag(PPDMITPMCONNECTOR pInterface)
 {
-    RT_NOREF(pInterface);
+    PDRVTPMEMU pThis = RT_FROM_MEMBER(pInterface, DRVTPMEMU, ITpmConnector);
+
+    SWTPMRESPGETTPMEST Resp;
+    int rc = drvTpmEmuExecCtrlCmdNoPayload(pThis, SWTPMCMD_GET_TPMESTABLISHED, &Resp, sizeof(Resp), RT_MS_10SEC);
+    if (RT_SUCCESS(rc)
+        && Resp.fEst != 0)
+        return true;
+
     return false;
 }
@@ -417 +586 @@
 static DECLCALLBACK(int) drvTpmEmuResetEstablishedFlag(PPDMITPMCONNECTOR pInterface, uint8_t bLoc)
 {
-    RT_NOREF(pInterface, bLoc);
-    return VERR_NOT_IMPLEMENTED;
+    PDRVTPMEMU pThis = RT_FROM_MEMBER(pInterface, DRVTPMEMU, ITpmConnector);
+
+    SWTPMCMDRSTEST Cmd;
+    uint32_t u32Resp = 0;
+
+    Cmd.bLoc = bLoc;
+    int rc = drvTpmEmuExecCtrlCmdNoResp(pThis, SWTPMCMD_RESET_TPMESTABLISHED, &Cmd, sizeof(Cmd), &u32Resp, RT_MS_10SEC);
+    if (   RT_SUCCESS(rc)
+        && u32Resp != 0)
+        rc = VERR_NET_IO_ERROR;
+
+    return rc;
 }
 
@@ -425 +604 @@
 static DECLCALLBACK(int) drvTpmEmuCmdExec(PPDMITPMCONNECTOR pInterface, uint8_t bLoc, const void *pvCmd, size_t cbCmd, void *pvResp, size_t cbResp)
 {
-    RT_NOREF(pInterface, bLoc, pvCmd, cbCmd, pvResp, cbResp);
-    return VERR_NOT_IMPLEMENTED;
+    PDRVTPMEMU pThis = RT_FROM_MEMBER(pInterface, DRVTPMEMU, ITpmConnector);
+
+    int rc = VINF_SUCCESS;
+    if (pThis->bLoc != bLoc)
+        rc = drvTpmEmuSetLocality(pThis, bLoc);
+
+    if (RT_SUCCESS(rc))
+    {
+        RT_NOREF(pInterface, bLoc, pvCmd, cbCmd, pvResp, cbResp);
+    }
+
+    return rc;
 }
 
@@ -526 +715 @@
     pThis->hSockData                                = NIL_RTSOCKET;
     pThis->enmTpmVers                               = TPMVERSION_UNKNOWN;
+    pThis->bLoc                                     = TPM_NO_LOCALITY_SELECTED;
 
     pThis->hPollSet                                 = NIL_RTPOLLSET;
@@ -604 +794 @@
                                    pDrvIns->iInstance, szLocation);
 
+    rc = drvTpmEmuQueryCaps(pThis);
+    if (RT_FAILURE(rc))
+        return PDMDrvHlpVMSetError(pDrvIns, rc, RT_SRC_POS,
+                                   N_("DrvTpmEmu#%d failed to query capabilities offered by %s"),
+                                   pDrvIns->iInstance, szLocation);
+
+    if (!(pThis->fCaps & SWTPM_CAP_GET_CONFIG))
+        return PDMDrvHlpVMSetError(pDrvIns, VERR_NOT_SUPPORTED, RT_SRC_POS,
+                                   N_("DrvTpmEmu#%d Emulated TPM misses the GET_CONFIG capability"),
+                                   pDrvIns->iInstance, szLocation);
+
     rc = drvTpmEmuQueryTpmVersion(pThis);
     if (RT_FAILURE(rc))
@@ -610 +811 @@
                                    pDrvIns->iInstance, szLocation);
 
-    rc = drvTpmEmuQueryAndValidateCaps(pThis);
-    if (RT_FAILURE(rc))
-        return PDMDrvHlpVMSetError(pDrvIns, rc, RT_SRC_POS,
-                                   N_("DrvTpmEmu#%d failed to query and validate all capabilities offeres by %s"),
+    if (pThis->enmTpmVers == TPMVERSION_UNKNOWN)
+        return PDMDrvHlpVMSetError(pDrvIns, VERR_NOT_SUPPORTED, RT_SRC_POS,
+                                   N_("DrvTpmEmu#%d Emulated TPM version of %s is not supported"),
                                    pDrvIns->iInstance, szLocation);
 
-    LogRel(("DrvTpmEmu#%d: Connected to %s\n", pDrvIns->iInstance, szLocation));
+    const char *pszTpmVers = NULL;
+    uint32_t fCapsReq =   SWTPM_CAP_INIT | SWTPM_CAP_SHUTDOWN | SWTPM_CAP_GET_TPMESTABLISHED
+                        | SWTPM_CAP_SET_LOCALITY | SWTPM_CAP_CANCEL_TPM_CMD | SWTPM_CAP_GET_STATEBLOB
+                        | SWTPM_CAP_SET_STATEBLOB | SWTPM_CAP_STOP | SWTPM_CAP_SET_BUFFERSIZE;
+    switch (pThis->enmTpmVers)
+    {
+        case TPMVERSION_1_2:
+            /* No additional capabilities needed. */
+            pszTpmVers = "1.2";
+            break;
+        case TPMVERSION_2_0:
+            fCapsReq |= SWTPM_CAP_RESET_TPMESTABLISHED;
+            pszTpmVers = "2.0";
+            break;
+        default:
+            AssertLogRelReturn(("DrvTpmEmu#%d Emulated TPM version %d is not correctly handled", pDrvIns->iInstance, pThis->enmTpmVers),
+                               VERR_INVALID_STATE);
+    }
+
+    if ((pThis->fCaps & fCapsReq) != fCapsReq)
+        return PDMDrvHlpVMSetError(pDrvIns, VERR_NOT_SUPPORTED, RT_SRC_POS,
+                                   N_("DrvTpmEmu#%d Emulated TPM version of %s does not offer required set of capabilities (%#x requested vs. %#x offered)"),
+                                   pDrvIns->iInstance, szLocation, fCapsReq, pThis->fCaps);
+
+    LogRel(("DrvTpmEmu#%d: Connected to %s, emulating TPM version %s\n", pDrvIns->iInstance, szLocation, pszTpmVers));
     return VINF_SUCCESS;
 }