1 /* 2 * Minimal TPM emulator for TPM test cases 3 * 4 * Copyright (c) 2018 Red Hat, Inc. 5 * 6 * Authors: 7 * Marc-André Lureau <marcandre.lureau@redhat.com> 8 * 9 * This work is licensed under the terms of the GNU GPL, version 2 or later. 10 * See the COPYING file in the top-level directory. 11 */ 12 13 #include "qemu/osdep.h" 14 #include <glib/gstdio.h> 15 16 #include "backends/tpm/tpm_ioctl.h" 17 #include "io/channel-socket.h" 18 #include "qapi/error.h" 19 #include "qapi/qmp/qlist.h" 20 #include "qapi/qmp/qstring.h" 21 #include "tpm-emu.h" 22 23 void tpm_emu_test_wait_cond(TPMTestState *s) 24 { 25 gint64 end_time = g_get_monotonic_time() + 5 * G_TIME_SPAN_SECOND; 26 27 g_mutex_lock(&s->data_mutex); 28 29 if (!s->data_cond_signal && 30 !g_cond_wait_until(&s->data_cond, &s->data_mutex, end_time)) { 31 g_assert_not_reached(); 32 } 33 34 s->data_cond_signal = false; 35 36 g_mutex_unlock(&s->data_mutex); 37 } 38 39 static void tpm_emu_close_ioc(void *ioc) 40 { 41 qio_channel_close(ioc, NULL); 42 } 43 44 static void *tpm_emu_tpm_thread(void *data) 45 { 46 TPMTestState *s = data; 47 QIOChannel *ioc = s->tpm_ioc; 48 49 qtest_add_abrt_handler(tpm_emu_close_ioc, ioc); 50 51 s->tpm_msg = g_new(struct tpm_hdr, 1); 52 while (true) { 53 int minhlen = sizeof(s->tpm_msg->tag) + sizeof(s->tpm_msg->len); 54 55 if (!qio_channel_read(ioc, (char *)s->tpm_msg, minhlen, &error_abort)) { 56 break; 57 } 58 s->tpm_msg->tag = be16_to_cpu(s->tpm_msg->tag); 59 s->tpm_msg->len = be32_to_cpu(s->tpm_msg->len); 60 g_assert_cmpint(s->tpm_msg->len, >=, minhlen); 61 62 s->tpm_msg = g_realloc(s->tpm_msg, s->tpm_msg->len); 63 qio_channel_read(ioc, (char *)&s->tpm_msg->code, 64 s->tpm_msg->len - minhlen, &error_abort); 65 s->tpm_msg->code = be32_to_cpu(s->tpm_msg->code); 66 67 /* reply error */ 68 switch (s->tpm_version) { 69 case TPM_VERSION_2_0: 70 s->tpm_msg->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS); 71 s->tpm_msg->len = cpu_to_be32(sizeof(struct tpm_hdr)); 72 s->tpm_msg->code = cpu_to_be32(TPM_RC_FAILURE); 73 break; 74 case TPM_VERSION_1_2: 75 s->tpm_msg->tag = cpu_to_be16(TPM_TAG_RSP_COMMAND); 76 s->tpm_msg->len = cpu_to_be32(sizeof(struct tpm_hdr)); 77 s->tpm_msg->code = cpu_to_be32(TPM_FAIL); 78 break; 79 default: 80 g_debug("unsupport TPM version %u", s->tpm_version); 81 g_assert_not_reached(); 82 } 83 qio_channel_write(ioc, (char *)s->tpm_msg, be32_to_cpu(s->tpm_msg->len), 84 &error_abort); 85 } 86 87 qtest_remove_abrt_handler(ioc); 88 g_free(s->tpm_msg); 89 s->tpm_msg = NULL; 90 object_unref(OBJECT(s->tpm_ioc)); 91 return NULL; 92 } 93 94 void *tpm_emu_ctrl_thread(void *data) 95 { 96 TPMTestState *s = data; 97 QIOChannelSocket *lioc = qio_channel_socket_new(); 98 QIOChannel *ioc; 99 100 qio_channel_socket_listen_sync(lioc, s->addr, 1, &error_abort); 101 102 g_mutex_lock(&s->data_mutex); 103 s->data_cond_signal = true; 104 g_mutex_unlock(&s->data_mutex); 105 g_cond_signal(&s->data_cond); 106 107 qio_channel_wait(QIO_CHANNEL(lioc), G_IO_IN); 108 ioc = QIO_CHANNEL(qio_channel_socket_accept(lioc, &error_abort)); 109 g_assert(ioc); 110 qtest_add_abrt_handler(tpm_emu_close_ioc, ioc); 111 112 { 113 uint32_t cmd = 0; 114 struct iovec iov = { .iov_base = &cmd, .iov_len = sizeof(cmd) }; 115 int *pfd = NULL; 116 size_t nfd = 0; 117 118 qio_channel_readv_full(ioc, &iov, 1, &pfd, &nfd, &error_abort); 119 cmd = be32_to_cpu(cmd); 120 g_assert_cmpint(cmd, ==, CMD_SET_DATAFD); 121 g_assert_cmpint(nfd, ==, 1); 122 s->tpm_ioc = QIO_CHANNEL(qio_channel_socket_new_fd(*pfd, &error_abort)); 123 g_free(pfd); 124 125 cmd = 0; 126 qio_channel_write(ioc, (char *)&cmd, sizeof(cmd), &error_abort); 127 128 s->emu_tpm_thread = g_thread_new(NULL, tpm_emu_tpm_thread, s); 129 } 130 131 while (true) { 132 uint32_t cmd; 133 ssize_t ret; 134 135 ret = qio_channel_read(ioc, (char *)&cmd, sizeof(cmd), NULL); 136 if (ret <= 0) { 137 break; 138 } 139 140 cmd = be32_to_cpu(cmd); 141 switch (cmd) { 142 case CMD_GET_CAPABILITY: { 143 ptm_cap cap = cpu_to_be64(0x3fff); 144 qio_channel_write(ioc, (char *)&cap, sizeof(cap), &error_abort); 145 break; 146 } 147 case CMD_INIT: { 148 ptm_init init; 149 qio_channel_read(ioc, (char *)&init.u.req, sizeof(init.u.req), 150 &error_abort); 151 init.u.resp.tpm_result = 0; 152 qio_channel_write(ioc, (char *)&init.u.resp, sizeof(init.u.resp), 153 &error_abort); 154 break; 155 } 156 case CMD_SHUTDOWN: { 157 ptm_res res = 0; 158 qio_channel_write(ioc, (char *)&res, sizeof(res), &error_abort); 159 /* the tpm data thread is expected to finish now */ 160 g_thread_join(s->emu_tpm_thread); 161 break; 162 } 163 case CMD_STOP: { 164 ptm_res res = 0; 165 qio_channel_write(ioc, (char *)&res, sizeof(res), &error_abort); 166 break; 167 } 168 case CMD_SET_BUFFERSIZE: { 169 ptm_setbuffersize sbs; 170 qio_channel_read(ioc, (char *)&sbs.u.req, sizeof(sbs.u.req), 171 &error_abort); 172 sbs.u.resp.buffersize = sbs.u.req.buffersize ?: cpu_to_be32(4096); 173 sbs.u.resp.tpm_result = 0; 174 sbs.u.resp.minsize = cpu_to_be32(128); 175 sbs.u.resp.maxsize = cpu_to_be32(4096); 176 qio_channel_write(ioc, (char *)&sbs.u.resp, sizeof(sbs.u.resp), 177 &error_abort); 178 break; 179 } 180 case CMD_SET_LOCALITY: { 181 ptm_loc loc; 182 /* Note: this time it's not u.req / u.resp... */ 183 qio_channel_read(ioc, (char *)&loc, sizeof(loc), &error_abort); 184 g_assert_cmpint(loc.u.req.loc, ==, 0); 185 loc.u.resp.tpm_result = 0; 186 qio_channel_write(ioc, (char *)&loc, sizeof(loc), &error_abort); 187 break; 188 } 189 case CMD_GET_TPMESTABLISHED: { 190 ptm_est est = { 191 .u.resp.bit = 0, 192 }; 193 qio_channel_write(ioc, (char *)&est, sizeof(est), &error_abort); 194 break; 195 } 196 default: 197 g_debug("unimplemented %u", cmd); 198 g_assert_not_reached(); 199 } 200 } 201 202 qtest_remove_abrt_handler(ioc); 203 object_unref(OBJECT(ioc)); 204 object_unref(OBJECT(lioc)); 205 return NULL; 206 } 207 208 bool tpm_model_is_available(const char *args, const char *tpm_if) 209 { 210 QTestState *qts; 211 QDict *rsp_tpm; 212 bool ret = false; 213 214 qts = qtest_init(args); 215 if (!qts) { 216 return false; 217 } 218 219 rsp_tpm = qtest_qmp(qts, "{ 'execute': 'query-tpm'}"); 220 if (!qdict_haskey(rsp_tpm, "error")) { 221 QDict *rsp_models = qtest_qmp(qts, 222 "{ 'execute': 'query-tpm-models'}"); 223 if (qdict_haskey(rsp_models, "return")) { 224 QList *models = qdict_get_qlist(rsp_models, "return"); 225 QListEntry *e; 226 227 QLIST_FOREACH_ENTRY(models, e) { 228 QString *s = qobject_to(QString, qlist_entry_obj(e)); 229 const char *ename = qstring_get_str(s); 230 if (!strcmp(ename, tpm_if)) { 231 ret = true; 232 break; 233 } 234 } 235 } 236 qobject_unref(rsp_models); 237 } 238 qobject_unref(rsp_tpm); 239 qtest_quit(qts); 240 241 return ret; 242 } 243