Changeset 90587 in vbox for trunk/src/VBox/Devices/Security

Timestamp:

Aug 10, 2021 9:39:57 AM (4 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

146198

Message:

Devices/Security: EFI can communicate with the external TPM emulator over our own TPM interface emulation, bugref:10075

Location:

trunk/src/VBox/Devices/Security

Files:

• DevTpm.cpp (modified) (12 diffs)
• DrvTpmEmu.cpp (modified) (17 diffs)

trunk/src/VBox/Devices/Security/DevTpm.cpp

@@ -29 +29 @@
 #include <iprt/string.h>
 #include <iprt/uuid.h>
+
+#include <iprt/formats/tpm.h>
 
 #include "VBoxDD.h"
@@ -348 +350 @@
 /** Locality response buffer size register. */
 #define TPM_CRB_LOCALITY_REG_CTRL_RSP_SZ                     0x64
-/** Locality response buffer size register. */
+/** Locality response buffer address register. */
 #define TPM_CRB_LOCALITY_REG_CTRL_RSP_ADDR                   0x68
 /** Locality data buffer. */
@@ -452 +454 @@
 typedef struct DEVTPMR3
 {
+    /** Pointer to the device instance. */
+    PPDMDEVINS                      pDevIns;
     /** The base interface for LUN\#0. */
     PDMIBASE                        IBase;
@@ -936 +940 @@
                 break;
             if (   (u32 & TPM_CRB_LOCALITY_REG_CTRL_REQ_CMD_RDY)
-                && pThis->enmState == DEVTPMSTATE_IDLE)
+                && (   pThis->enmState == DEVTPMSTATE_IDLE
+                    || pThis->enmState == DEVTPMSTATE_CMD_COMPLETION))
             {
                 pThis->enmState = DEVTPMSTATE_READY;
@@ -967 +972 @@
                 && u32 == 0x1)
             {
-                pThis->enmState == DEVTPMSTATE_CMD_EXEC;
+                pThis->enmState = DEVTPMSTATE_CMD_EXEC;
                 rc = PDMDevHlpTaskTrigger(pDevIns, pThis->hTpmCmdTask);
             }
@@ -1008 +1013 @@
     Assert(!(off & (cb - 1)));
 
-    LogFlowFunc((": %RGp %#x\n", off, cb));
     VBOXSTRICTRC rc = VINF_SUCCESS;
     uint32_t uReg = tpmGetRegisterFromOffset(off);
     uint8_t bLoc = tpmGetLocalityFromOffset(off);
     PDEVTPMLOCALITY pLoc = &pThis->aLoc[bLoc];
-
 
     uint64_t u64;
@@ -1020 +1023 @@
     else
         rc = tpmMmioFifoRead(pDevIns, pThis, pLoc, bLoc, uReg, &u64);
+
+    LogFlowFunc((": %RGp %#x %#llx\n", off, cb, u64));
 
     if (rc == VINF_SUCCESS)
@@ -1085 +1090 @@
     LogFlowFunc(("\n"));
 
-    /** @todo */
-    RT_NOREF(pThis, pThisCC);
-    pThis->enmState = DEVTPMSTATE_CMD_COMPLETION;
+    int const rcLock = PDMDevHlpCritSectEnter(pDevIns, pDevIns->pCritSectRoR3, VERR_IGNORED);
+    PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, pDevIns->pCritSectRoR3, rcLock);
+
+    if (pThisCC->pDrvTpm)
+    {
+        size_t cbCmd = RTTpmReqGetSz((PCTPMREQHDR)&pThis->abCmdResp[0]);
+        int rc = pThisCC->pDrvTpm->pfnCmdExec(pThisCC->pDrvTpm, pThis->bLoc, &pThis->abCmdResp[0], cbCmd,
+                                              &pThis->abCmdResp[0], sizeof(pThis->abCmdResp));
+        if (RT_SUCCESS(rc))
+        {
+            pThis->enmState = DEVTPMSTATE_CMD_COMPLETION;
+            tpmLocSetIntSts(pThisCC->pDevIns, pThis, &pThis->aLoc[pThis->bLoc], TPM_CRB_LOCALITY_REG_INT_STS_START);
+        }
+        else
+        {
+            /* Set fatal error. */
+            pThis->enmState = DEVTPMSTATE_FATAL_ERROR;
+        }
+    }
+
+    PDMDevHlpCritSectLeave(pDevIns, pDevIns->pCritSectRoR3);
 }
 
@@ -1171 +1194 @@
 
 /**
+ * @interface_method_impl{PDMDEVREG,pfnPowerOff}
+ */
+static DECLCALLBACK(void) tpmR3PowerOff(PPDMDEVINS pDevIns)
+{
+    PDEVTPMCC pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PDEVTPMCC);
+
+    if (pThisCC->pDrvTpm)
+    {
+        int rc = pThisCC->pDrvTpm->pfnShutdown(pThisCC->pDrvTpm);
+        AssertRC(rc);
+    }
+}
+
+
+/**
  * @interface_method_impl{PDMDEVREG,pfnReset}
  */
@@ -1218 +1256 @@
 
     pThis->hTpmCmdTask = NIL_PDMTASKHANDLE;
+
+    pThisCC->pDevIns   = pDevIns;
 
     /* IBase */
@@ -1275 +1315 @@
         pThisCC->pDrvTpm = PDMIBASE_QUERY_INTERFACE(pThisCC->pDrvBase, PDMITPMCONNECTOR);
         AssertLogRelMsgReturn(pThisCC->pDrvTpm, ("TPM#%d: Driver is missing the TPM interface.\n", iInstance), VERR_PDM_MISSING_INTERFACE);
+
+        /* Startup the TPM here instead of in the power on callback as we can convey errors here to the upper layer. */
+        rc = pThisCC->pDrvTpm->pfnStartup(pThisCC->pDrvTpm, sizeof(pThis->abCmdResp));
+        if (RT_FAILURE(rc))
+            return PDMDEV_SET_ERROR(pDevIns, rc, N_("Failed to startup the TPM"));
     }
     else if (rc == VERR_PDM_NO_ATTACHED_DRIVER)
@@ -1353 +1398 @@
     /* .pfnQueryInterface = */      NULL,
     /* .pfnInitComplete = */        NULL,
-    /* .pfnPowerOff = */            NULL,
+    /* .pfnPowerOff = */            tpmR3PowerOff,
     /* .pfnSoftReset = */           NULL,
     /* .pfnReserved0 = */           NULL,

trunk/src/VBox/Devices/Security/DrvTpmEmu.cpp

@@ -35 +35 @@
 #include <iprt/uuid.h>
 #include <iprt/json.h>
+
+#include <iprt/formats/tpm.h>
 
 #include "VBoxDD.h"
@@ -258 +260 @@
     RTSOCKET            hSockData;
 
+#if 0
     /** Poll set used to wait for I/O events. */
     RTPOLLSET           hPollSet;
@@ -269 +272 @@
     /** Flag to signal whether the thread was woken up from external. */
     bool volatile       fWokenUp;
+#endif
+
     /** Currently set locality. */
     uint8_t             bLoc;
@@ -411 +416 @@
     return drvTpmEmuExecCtrlCmdEx(pThis, enmCmd, pvCmd, cbCmd, pu32Resp,
                                   NULL /*pvResp*/, 0 /*cbResp*/, cMillies);
+}
+
+
+/**
+ * Executes the given command over the control connection to the TPM emulator - variant with no command payload.
+ *
+ * @returns VBox status code.
+ * @retval  VERR_NET_IO_ERROR if the executed command returned an error in the response status field.
+ * @param   pThis               Pointer to the TPM emulator driver instance data.
+ * @param   enmCmd              The command to execute.
+ * @param   pvResp              Where to store additional resposne data.
+ * @param   cbResp              Size of the Response data in bytes (excluding the response status code which is implicit).
+ * @param   cMillies            Number of milliseconds to wait before aborting the command with a timeout error.
+ */
+static int drvTpmEmuExecCtrlCmdNoPayloadAndResp(PDRVTPMEMU pThis, SWTPMCMD enmCmd, RTMSINTERVAL cMillies)
+{
+    uint32_t u32Resp = 0;
+    int rc = drvTpmEmuExecCtrlCmdEx(pThis, enmCmd, NULL /*pvCmd*/, 0 /*cbCmd*/, &u32Resp,
+                                    NULL /*pvResp*/, 0 /*cbResp*/, cMillies);
+    if (RT_SUCCESS(rc))
+    {
+        if (u32Resp != 0)
+            rc = VERR_NET_IO_ERROR;
+    }
+
+    return rc;
 }
 
@@ -523 +554 @@
         rc = VERR_NET_IO_ERROR;
 
+    if (RT_SUCCESS(rc))
+        pThis->bLoc = bLoc;
+
     return rc;
 }
@@ -612 +646 @@
     if (RT_SUCCESS(rc))
     {
-        RT_NOREF(pInterface, bLoc, pvCmd, cbCmd, pvResp, cbResp);
+        rc = RTSocketWrite(pThis->hSockData, pvCmd, cbCmd);
+        if (RT_SUCCESS(rc))
+        {
+            rc = RTSocketSelectOne(pThis->hSockData, RT_MS_10SEC);
+            if (RT_SUCCESS(rc))
+            {
+                /* Read the response header in first. */
+                TPMRESPHDR RespHdr;
+                rc = RTSocketRead(pThis->hSockData, &RespHdr, sizeof(RespHdr), NULL /*pcbRead*/);
+                if (RT_SUCCESS(rc))
+                {
+                    size_t cbHdrResp = RTTpmRespGetSz(&RespHdr);
+                    if (cbHdrResp <= cbResp - sizeof(RespHdr))
+                    {
+                        memcpy(pvResp, &RespHdr, sizeof(RespHdr));
+
+                        if (cbHdrResp > sizeof(RespHdr))
+                            rc = RTSocketRead(pThis->hSockData, (uint8_t *)pvResp + sizeof(RespHdr), cbHdrResp - sizeof(RespHdr),
+                                              NULL /*pcbRead*/);
+                    }
+                    else
+                        rc = VERR_BUFFER_OVERFLOW;
+                }
+            }
+        }
     }
 
@@ -622 +680 @@
 static DECLCALLBACK(int) drvTpmEmuCmdCancel(PPDMITPMCONNECTOR pInterface)
 {
-    RT_NOREF(pInterface);
-    return VERR_NOT_IMPLEMENTED;
+    PDRVTPMEMU pThis = RT_FROM_MEMBER(pInterface, DRVTPMEMU, ITpmConnector);
+
+    return drvTpmEmuExecCtrlCmdNoPayloadAndResp(pThis, SWTPMCMD_CANCEL_TPM_CMD, RT_MS_10SEC);
 }
 
@@ -649 +708 @@
     if (pThis->hSockCtrl != NIL_RTSOCKET)
     {
+#if 0
         int rc = RTPollSetRemove(pThis->hPollSet, DRVTPMEMU_POLLSET_ID_SOCKET_CTRL);
         AssertRC(rc);
-
-        rc = RTSocketShutdown(pThis->hSockCtrl, true /* fRead */, true /* fWrite */);
+#endif
+
+        int rc = RTSocketShutdown(pThis->hSockCtrl, true /* fRead */, true /* fWrite */);
         AssertRC(rc);
 
@@ -663 +724 @@
     if (pThis->hSockData != NIL_RTSOCKET)
     {
+#if 0
         int rc = RTPollSetRemove(pThis->hPollSet, DRVTPMEMU_POLLSET_ID_SOCKET_DATA);
         AssertRC(rc);
-
-        rc = RTSocketShutdown(pThis->hSockData, true /* fRead */, true /* fWrite */);
+#endif
+
+        int rc = RTSocketShutdown(pThis->hSockData, true /* fRead */, true /* fWrite */);
         AssertRC(rc);
 
@@ -675 +738 @@
     }
 
+#if 0
     if (pThis->hPipeWakeR != NIL_RTPIPE)
     {
@@ -698 +762 @@
         pThis->hPollSet = NIL_RTPOLLSET;
     }
+#endif
 }
 
@@ -717 +782 @@
     pThis->bLoc                                     = TPM_NO_LOCALITY_SELECTED;
 
+#if 0
     pThis->hPollSet                                 = NIL_RTPOLLSET;
     pThis->hPipeWakeR                               = NIL_RTPIPE;
     pThis->hPipeWakeW                               = NIL_RTPIPE;
+#endif
 
     /* IBase */
@@ -744 +811 @@
                                    N_("Configuration error: querying \"Location\" resulted in %Rrc"), rc);
 
+#if 0
     rc = RTPipeCreate(&pThis->hPipeWakeR, &pThis->hPipeWakeW, 0 /* fFlags */);
     if (RT_FAILURE(rc))
@@ -761 +829 @@
                                    N_("DrvTpmEmu#%d failed to add wakeup pipe for %s to poll set"),
                                    pDrvIns->iInstance, szLocation);
+#endif
 
     /*
@@ -783 +852 @@
     if (RT_FAILURE(rc))
         return PDMDrvHlpVMSetError(pDrvIns, rc, RT_SRC_POS,
-                                   N_("DrvTpmEmu#%d failed to connect to socket %s"),
+                                   N_("DrvTpmEmu#%d failed to connect to control socket %s"),
                                    pDrvIns->iInstance, szLocation);
 
+#if 0
     rc = RTPollSetAddSocket(pThis->hPollSet, pThis->hSockCtrl,
                             RTPOLL_EVT_READ | RTPOLL_EVT_WRITE | RTPOLL_EVT_ERROR,
@@ -793 +863 @@
                                    N_("DrvTpmEmu#%d failed to add socket for %s to poll set"),
                                    pDrvIns->iInstance, szLocation);
+#endif
 
     rc = drvTpmEmuQueryCaps(pThis);
@@ -839 +910 @@
                                    N_("DrvTpmEmu#%d Emulated TPM version of %s does not offer required set of capabilities (%#x requested vs. %#x offered)"),
                                    pDrvIns->iInstance, szLocation, fCapsReq, pThis->fCaps);
+
+    /* Connect the data channel now. */
+    /** @todo Allow configuring a different port. */
+    *pszPort = '\0'; /* Overwrite temporarily to avoid copying the hostname into a temporary buffer. */
+    rc = RTTcpClientConnect(szLocation, uPort + 1, &pThis->hSockData);
+    *pszPort = ':'; /* Restore delimiter before checking the status. */
+    if (RT_FAILURE(rc))
+        return PDMDrvHlpVMSetError(pDrvIns, rc, RT_SRC_POS,
+                                   N_("DrvTpmEmu#%d failed to connect to data socket %s"),
+                                   pDrvIns->iInstance, szLocation);
 
     LogRel(("DrvTpmEmu#%d: Connected to %s, emulating TPM version %s\n", pDrvIns->iInstance, szLocation, pszTpmVers));