git: 29200a8133c0 - main - bhyve: emulate TPM passthru by accessing /dev/tpmX
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 10 Aug 2023 07:23:56 UTC
The branch main has been updated by corvink:
URL: https://cgit.FreeBSD.org/src/commit/?id=29200a8133c0963c17508035b63f5ca43db174c8
commit 29200a8133c0963c17508035b63f5ca43db174c8
Author: Corvin Köhne <corvink@FreeBSD.org>
AuthorDate: 2022-08-29 10:10:45 +0000
Commit: Corvin Köhne <corvink@FreeBSD.org>
CommitDate: 2023-08-10 07:23:42 +0000
bhyve: emulate TPM passthru by accessing /dev/tpmX
To send commands to the TPM device, bhyve can use the host TPM driver by
reading and writing from /dev/tpmX. Using this approach, only the host
TPM driver has to detect and interact with the physical TPM interface.
This simplifies bhyve's code much. As the host TPM driver has to
interact with the TPM regardless of bhyve making use of it or not, makes
it a good approach.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40460
---
usr.sbin/bhyve/tpm_emul_passthru.c | 38 ++++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/usr.sbin/bhyve/tpm_emul_passthru.c b/usr.sbin/bhyve/tpm_emul_passthru.c
index 9d706dee7120..084d31d5fa9f 100644
--- a/usr.sbin/bhyve/tpm_emul_passthru.c
+++ b/usr.sbin/bhyve/tpm_emul_passthru.c
@@ -22,6 +22,12 @@ struct tpm_passthru {
int fd;
};
+struct tpm_resp_hdr {
+ uint16_t tag;
+ uint32_t len;
+ uint32_t errcode;
+} __packed;
+
static int
tpm_passthru_init(void **sc, nvlist_t *nvl)
{
@@ -46,6 +52,37 @@ tpm_passthru_init(void **sc, nvlist_t *nvl)
return (0);
}
+static int
+tpm_passthru_execute_cmd(void *sc, void *cmd, uint32_t cmd_size, void *rsp,
+ uint32_t rsp_size)
+{
+ struct tpm_passthru *tpm;
+ ssize_t len;
+
+ if (rsp_size < (ssize_t)sizeof(struct tpm_resp_hdr)) {
+ warn("%s: rsp_size of %u is too small", __func__, rsp_size);
+ return (EINVAL);
+ }
+
+ tpm = sc;
+
+ len = write(tpm->fd, cmd, cmd_size);
+ if (len != cmd_size) {
+ warn("%s: cmd write failed (bytes written: %zd / %d)", __func__,
+ len, cmd_size);
+ return (EFAULT);
+ }
+
+ len = read(tpm->fd, rsp, rsp_size);
+ if (len < (ssize_t)sizeof(struct tpm_resp_hdr)) {
+ warn("%s: rsp read failed (bytes read: %zd / %d)", __func__,
+ len, rsp_size);
+ return (EFAULT);
+ }
+
+ return (0);
+}
+
static void
tpm_passthru_deinit(void *sc)
{
@@ -65,5 +102,6 @@ static const struct tpm_emul tpm_emul_passthru = {
.name = "passthru",
.init = tpm_passthru_init,
.deinit = tpm_passthru_deinit,
+ .execute_cmd = tpm_passthru_execute_cmd,
};
TPM_EMUL_SET(tpm_emul_passthru);