1 /*
2 * Minimal TPM emulator for TPM test cases
3 *
4 * Copyright (c) 2018 Red Hat, Inc.
5 *
6 * Authors:
7 * Marc-André Lureau <marcandre.lureau@redhat.com>
8 *
9 * This work is licensed under the terms of the GNU GPL, version 2 or later.
10 * See the COPYING file in the top-level directory.
11 */
12
13 #include "qemu/osdep.h"
14 #include <glib/gstdio.h>
15
16 #include "backends/tpm/tpm_ioctl.h"
17 #include "io/channel-socket.h"
18 #include "qapi/error.h"
19 #include "qapi/qmp/qlist.h"
20 #include "qapi/qmp/qstring.h"
21 #include "tpm-emu.h"
22
tpm_emu_test_wait_cond(TPMTestState * s)23 void tpm_emu_test_wait_cond(TPMTestState *s)
24 {
25 gint64 end_time = g_get_monotonic_time() + 5 * G_TIME_SPAN_SECOND;
26
27 g_mutex_lock(&s->data_mutex);
28
29 if (!s->data_cond_signal &&
30 !g_cond_wait_until(&s->data_cond, &s->data_mutex, end_time)) {
31 g_assert_not_reached();
32 }
33
34 s->data_cond_signal = false;
35
36 g_mutex_unlock(&s->data_mutex);
37 }
38
tpm_emu_close_ioc(void * ioc)39 static void tpm_emu_close_ioc(void *ioc)
40 {
41 qio_channel_close(ioc, NULL);
42 }
43
tpm_emu_tpm_thread(void * data)44 static void *tpm_emu_tpm_thread(void *data)
45 {
46 TPMTestState *s = data;
47 QIOChannel *ioc = s->tpm_ioc;
48
49 qtest_add_abrt_handler(tpm_emu_close_ioc, ioc);
50
51 s->tpm_msg = g_new(struct tpm_hdr, 1);
52 while (true) {
53 int minhlen = sizeof(s->tpm_msg->tag) + sizeof(s->tpm_msg->len);
54
55 if (!qio_channel_read(ioc, (char *)s->tpm_msg, minhlen, &error_abort)) {
56 break;
57 }
58 s->tpm_msg->tag = be16_to_cpu(s->tpm_msg->tag);
59 s->tpm_msg->len = be32_to_cpu(s->tpm_msg->len);
60 g_assert_cmpint(s->tpm_msg->len, >=, minhlen);
61
62 s->tpm_msg = g_realloc(s->tpm_msg, s->tpm_msg->len);
63 qio_channel_read(ioc, (char *)&s->tpm_msg->code,
64 s->tpm_msg->len - minhlen, &error_abort);
65 s->tpm_msg->code = be32_to_cpu(s->tpm_msg->code);
66
67 /* reply error */
68 switch (s->tpm_version) {
69 case TPM_VERSION_2_0:
70 s->tpm_msg->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
71 s->tpm_msg->len = cpu_to_be32(sizeof(struct tpm_hdr));
72 s->tpm_msg->code = cpu_to_be32(TPM_RC_FAILURE);
73 break;
74 case TPM_VERSION_1_2:
75 s->tpm_msg->tag = cpu_to_be16(TPM_TAG_RSP_COMMAND);
76 s->tpm_msg->len = cpu_to_be32(sizeof(struct tpm_hdr));
77 s->tpm_msg->code = cpu_to_be32(TPM_FAIL);
78 break;
79 default:
80 g_debug("unsupported TPM version %u", s->tpm_version);
81 g_assert_not_reached();
82 }
83 qio_channel_write(ioc, (char *)s->tpm_msg, be32_to_cpu(s->tpm_msg->len),
84 &error_abort);
85 }
86
87 qtest_remove_abrt_handler(ioc);
88 g_free(s->tpm_msg);
89 s->tpm_msg = NULL;
90 object_unref(OBJECT(s->tpm_ioc));
91 return NULL;
92 }
93
tpm_emu_ctrl_thread(void * data)94 void *tpm_emu_ctrl_thread(void *data)
95 {
96 TPMTestState *s = data;
97 QIOChannelSocket *lioc = qio_channel_socket_new();
98 QIOChannel *ioc;
99
100 qio_channel_socket_listen_sync(lioc, s->addr, 1, &error_abort);
101
102 g_mutex_lock(&s->data_mutex);
103 s->data_cond_signal = true;
104 g_mutex_unlock(&s->data_mutex);
105 g_cond_signal(&s->data_cond);
106
107 qio_channel_wait(QIO_CHANNEL(lioc), G_IO_IN);
108 ioc = QIO_CHANNEL(qio_channel_socket_accept(lioc, &error_abort));
109 g_assert(ioc);
110 qtest_add_abrt_handler(tpm_emu_close_ioc, ioc);
111
112 {
113 uint32_t cmd = 0;
114 struct iovec iov = { .iov_base = &cmd, .iov_len = sizeof(cmd) };
115 int *pfd = NULL;
116 size_t nfd = 0;
117
118 qio_channel_readv_full(ioc, &iov, 1, &pfd, &nfd, 0, &error_abort);
119 cmd = be32_to_cpu(cmd);
120 g_assert_cmpint(cmd, ==, CMD_SET_DATAFD);
121 g_assert_cmpint(nfd, ==, 1);
122 s->tpm_ioc = QIO_CHANNEL(qio_channel_socket_new_fd(*pfd, &error_abort));
123 g_free(pfd);
124
125 cmd = 0;
126 qio_channel_write(ioc, (char *)&cmd, sizeof(cmd), &error_abort);
127
128 s->emu_tpm_thread = g_thread_new(NULL, tpm_emu_tpm_thread, s);
129 }
130
131 while (true) {
132 uint32_t cmd;
133 ssize_t ret;
134
135 ret = qio_channel_read(ioc, (char *)&cmd, sizeof(cmd), NULL);
136 if (ret <= 0) {
137 break;
138 }
139
140 cmd = be32_to_cpu(cmd);
141 switch (cmd) {
142 case CMD_GET_CAPABILITY: {
143 ptm_cap cap = cpu_to_be64(0x3fff);
144 qio_channel_write(ioc, (char *)&cap, sizeof(cap), &error_abort);
145 break;
146 }
147 case CMD_INIT: {
148 ptm_init init;
149 qio_channel_read(ioc, (char *)&init.u.req, sizeof(init.u.req),
150 &error_abort);
151 init.u.resp.tpm_result = 0;
152 qio_channel_write(ioc, (char *)&init.u.resp, sizeof(init.u.resp),
153 &error_abort);
154 break;
155 }
156 case CMD_SHUTDOWN: {
157 ptm_res res = 0;
158 qio_channel_write(ioc, (char *)&res, sizeof(res), &error_abort);
159 /* the tpm data thread is expected to finish now */
160 g_thread_join(s->emu_tpm_thread);
161 break;
162 }
163 case CMD_STOP: {
164 ptm_res res = 0;
165 qio_channel_write(ioc, (char *)&res, sizeof(res), &error_abort);
166 break;
167 }
168 case CMD_SET_BUFFERSIZE: {
169 ptm_setbuffersize sbs;
170 qio_channel_read(ioc, (char *)&sbs.u.req, sizeof(sbs.u.req),
171 &error_abort);
172 sbs.u.resp.buffersize = sbs.u.req.buffersize ?: cpu_to_be32(4096);
173 sbs.u.resp.tpm_result = 0;
174 sbs.u.resp.minsize = cpu_to_be32(128);
175 sbs.u.resp.maxsize = cpu_to_be32(4096);
176 qio_channel_write(ioc, (char *)&sbs.u.resp, sizeof(sbs.u.resp),
177 &error_abort);
178 break;
179 }
180 case CMD_SET_LOCALITY: {
181 ptm_loc loc;
182 /* Note: this time it's not u.req / u.resp... */
183 qio_channel_read(ioc, (char *)&loc, sizeof(loc), &error_abort);
184 g_assert_cmpint(loc.u.req.loc, ==, 0);
185 loc.u.resp.tpm_result = 0;
186 qio_channel_write(ioc, (char *)&loc, sizeof(loc), &error_abort);
187 break;
188 }
189 case CMD_GET_TPMESTABLISHED: {
190 ptm_est est = {
191 .u.resp.bit = 0,
192 };
193 qio_channel_write(ioc, (char *)&est, sizeof(est), &error_abort);
194 break;
195 }
196 default:
197 g_debug("unimplemented %u", cmd);
198 g_assert_not_reached();
199 }
200 }
201
202 qtest_remove_abrt_handler(ioc);
203 object_unref(OBJECT(ioc));
204 object_unref(OBJECT(lioc));
205 return NULL;
206 }
207
tpm_model_is_available(const char * args,const char * tpm_if)208 bool tpm_model_is_available(const char *args, const char *tpm_if)
209 {
210 QTestState *qts;
211 QDict *rsp_tpm;
212 bool ret = false;
213
214 qts = qtest_init(args);
215 if (!qts) {
216 return false;
217 }
218
219 rsp_tpm = qtest_qmp(qts, "{ 'execute': 'query-tpm'}");
220 if (!qdict_haskey(rsp_tpm, "error")) {
221 QDict *rsp_models = qtest_qmp(qts,
222 "{ 'execute': 'query-tpm-models'}");
223 if (qdict_haskey(rsp_models, "return")) {
224 QList *models = qdict_get_qlist(rsp_models, "return");
225 QListEntry *e;
226
227 QLIST_FOREACH_ENTRY(models, e) {
228 QString *s = qobject_to(QString, qlist_entry_obj(e));
229 const char *ename = qstring_get_str(s);
230 if (!strcmp(ename, tpm_if)) {
231 ret = true;
232 break;
233 }
234 }
235 }
236 qobject_unref(rsp_models);
237 }
238 qobject_unref(rsp_tpm);
239 qtest_quit(qts);
240
241 return ret;
242 }
243