git: d93fbcf0222b - main - bhyve: TPM 2.0 emulation with swtpm
Date: Tue, 22 Oct 2024 12:06:51 UTC
The branch main has been updated by corvink: URL: https://cgit.FreeBSD.org/src/commit/?id=d93fbcf0222b05fcd7704b35bc94e5513c2682e2 commit d93fbcf0222b05fcd7704b35bc94e5513c2682e2 Author: Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org> AuthorDate: 2024-09-09 08:45:40 +0000 Commit: Corvin Köhne <corvink@FreeBSD.org> CommitDate: 2024-10-22 12:04:24 +0000 bhyve: TPM 2.0 emulation with swtpm Implement a TPM 2.0 emulation backend to connect to a running swtpm instance using a UNIX domain socket. Reviewed by: corvink MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D46373 --- usr.sbin/bhyve/Makefile | 1 + usr.sbin/bhyve/bhyve.8 | 26 +++++--- usr.sbin/bhyve/bhyve_config.5 | 45 ++++++++++---- usr.sbin/bhyve/tpm_emul_swtpm.c | 132 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 184 insertions(+), 20 deletions(-) diff --git a/usr.sbin/bhyve/Makefile b/usr.sbin/bhyve/Makefile index 8b6631de1519..e5e8bf9b5567 100644 --- a/usr.sbin/bhyve/Makefile +++ b/usr.sbin/bhyve/Makefile @@ -60,6 +60,7 @@ SRCS= \ sockstream.c \ tpm_device.c \ tpm_emul_passthru.c \ + tpm_emul_swtpm.c \ tpm_intf_crb.c \ tpm_ppi_qemu.c \ uart_backend.c \ diff --git a/usr.sbin/bhyve/bhyve.8 b/usr.sbin/bhyve/bhyve.8 index 5d7462a73c5e..62e567fd359d 100644 --- a/usr.sbin/bhyve/bhyve.8 +++ b/usr.sbin/bhyve/bhyve.8 @@ -435,7 +435,7 @@ PCI 16550 serial device. .It Cm lpc LPC PCI-ISA bridge with COM1, COM2, COM3, and COM4 16550 serial ports, a boot ROM, and, -optionally, a fwcfg type, and the debug/test device. +optionally, a TPM module, a fwcfg type, and the debug/test device. The LPC bridge emulation can only be configured on bus 0. .It Cm fbuf Raw framebuffer device attached to VNC server. @@ -636,16 +636,25 @@ access is appropriately restricted. .Sm on .El .Pp -Emulate a TPM device. The argument -.Ar path -needs to point to a valid TPM device path, i.e. -.Pa /dev/tpm0 . -.Pp +Emulate a TPM device. Supported options for .Ar type : .Bl -tag -width 10n .It Cm passthru -pass a physical TPM device through to the guest +Use a physical TPM device. +The argument +.Ar path +needs to point to a valid TPM device path, i.e. +.Pa /dev/tpm0 . +.It Cm swtpm +Connect to a running +.Cm swtpm +instance. +The argument +.Ar path +needs to point to a UNIX domain socket that a +.Cm swtpm +process is listening on. .El .Pp The @@ -655,7 +664,8 @@ are: .It Cm version= Ns Ar version Version of the TPM device according to the TCG specification. Defaults to -.Cm 2.0 +.Cm 2.0 , +which is the only version currently supported. .El .Ss Boot ROM device backends .Sm off diff --git a/usr.sbin/bhyve/bhyve_config.5 b/usr.sbin/bhyve/bhyve_config.5 index 51c0751f0f10..3f9d9130787b 100644 --- a/usr.sbin/bhyve/bhyve_config.5 +++ b/usr.sbin/bhyve/bhyve_config.5 @@ -160,15 +160,6 @@ Message (e.g. TightVNC). .It Va pci.enable_bars Ta bool Ta Ta Enable and map PCI BARs before executing any guest code. This setting is false by default when using a boot ROM and true otherwise. -.It Va tpm.path Ta string Ta Ta -Path to the host TPM device. -This is typically /dev/tpm0. -.It Va tpm.type Ta string Ta Ta -Type of the TPM device passed to the guest. -Currently, only "passthru" is supported. -.It Va tpm.version Ta string Ta 2.0 Ta -Version of the TPM device according to the TCG specification. -Currently, only version 2.0 is supported. .It Va rtc.use_localtime Ta bool Ta true Ta The real time clock uses the local time of the host. If this is set to false, the real time clock uses UTC. @@ -288,9 +279,8 @@ Intel e82545 network interface. VGA framebuffer device attached to VNC server. .It Li lpc LPC PCI-ISA bridge with COM1-COM4 16550 serial ports, -a boot ROM, -an optional fwcfg type, -and an optional debug/test device. +a boot ROM, and, optionally, a TPM module, a fwcfg type, +and a debug/test device. This device must be configured on bus 0. .It Li hda High Definition audio controller. @@ -602,6 +592,37 @@ This value is required for the Intel GOP driver to work properly. .It Va subdevice Ta 0 .El .El +.Ss TPM Device Settings +The TPM device stores its configuration under a top-level +.Va tpm +node rather than under the LPC TPM device's node. +Only one TPM device is supported. +The following nodes are available under +.Va tpm : +.Bl -column "tpm.version" "Format" "Default" +.It Sy Name Ta Sy Format Ta Sy Default Ta Sy Description +.It Va tpm.path Ta string Ta Ta +Path to the TPM backend. +Depending on the +.Va tpm.type , +this is either the host TPM device, typically +.Pa /dev/tpm0 , +or any UNIX domain socket on which a +.Cm swtpm +process is listening. +.It Va tpm.type Ta string Ta Ta +Type of the TPM device passed to the guest. +This can be either +.Dq passthru +to use the host TPM devices, or +.Dq swtpm +to connect to a running +.Cm swtpm +process. +.It Va tpm.version Ta string Ta 2.0 Ta +Version of the TPM device according to the TCG specification. +Currently, only version 2.0 is supported. +.El .Ss NVMe Controller Settings Each NVMe controller supports a single storage device. The device can be backed either by a memory disk described by the diff --git a/usr.sbin/bhyve/tpm_emul_swtpm.c b/usr.sbin/bhyve/tpm_emul_swtpm.c new file mode 100644 index 000000000000..aaa0c9c358cd --- /dev/null +++ b/usr.sbin/bhyve/tpm_emul_swtpm.c @@ -0,0 +1,132 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2024 Hans Rosenfeld + * Author: Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org> + */ + +#include <sys/types.h> +#include <sys/socket.h> +#include <sys/un.h> + +#include <err.h> +#include <errno.h> +#include <fcntl.h> +#include <malloc_np.h> +#include <stdlib.h> +#include <string.h> +#include <strings.h> +#include <unistd.h> + +#include "config.h" +#include "tpm_device.h" +#include "tpm_emul.h" + +struct tpm_swtpm { + int fd; +}; + +struct tpm_resp_hdr { + uint16_t tag; + uint32_t len; + uint32_t errcode; +} __packed; + +static int +tpm_swtpm_init(void **sc, nvlist_t *nvl) +{ + struct tpm_swtpm *tpm; + const char *path; + struct sockaddr_un tpm_addr; + + tpm = calloc(1, sizeof (struct tpm_swtpm)); + if (tpm == NULL) { + warnx("%s: failed to allocate tpm_swtpm", __func__); + return (ENOMEM); + } + + path = get_config_value_node(nvl, "path"); + if (path == NULL) { + warnx("%s: no socket path specified", __func__); + return (ENOENT); + } + + tpm->fd = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0); + if (tpm->fd < 0) { + warnx("%s: unable to open tpm socket", __func__); + return (ENOENT); + } + + bzero(&tpm_addr, sizeof (tpm_addr)); + tpm_addr.sun_family = AF_UNIX; + strlcpy(tpm_addr.sun_path, path, sizeof (tpm_addr.sun_path) - 1); + + if (connect(tpm->fd, (struct sockaddr *)&tpm_addr, sizeof (tpm_addr)) == + -1) { + warnx("%s: unable to connect to tpm socket \"%s\"", __func__, + path); + return (ENOENT); + } + + *sc = tpm; + + return (0); +} + +static int +tpm_swtpm_execute_cmd(void *sc, void *cmd, uint32_t cmd_size, void *rsp, + uint32_t rsp_size) +{ + struct tpm_swtpm *tpm; + ssize_t len; + + if (rsp_size < (ssize_t)sizeof(struct tpm_resp_hdr)) { + warn("%s: rsp_size of %u is too small", __func__, rsp_size); + return (EINVAL); + } + + tpm = sc; + + len = send(tpm->fd, cmd, cmd_size, MSG_NOSIGNAL|MSG_DONTWAIT); + if (len == -1) + err(1, "%s: cmd send failed, is swtpm running?", __func__); + if (len != cmd_size) { + warn("%s: cmd write failed (bytes written: %zd / %d)", __func__, + len, cmd_size); + return (EFAULT); + } + + len = recv(tpm->fd, rsp, rsp_size, 0); + if (len == -1) + err(1, "%s: rsp recv failed, is swtpm running?", __func__); + if (len < (ssize_t)sizeof(struct tpm_resp_hdr)) { + warn("%s: rsp read failed (bytes read: %zd / %d)", __func__, + len, rsp_size); + return (EFAULT); + } + + return (0); +} + +static void +tpm_swtpm_deinit(void *sc) +{ + struct tpm_swtpm *tpm; + + tpm = sc; + if (tpm == NULL) + return; + + if (tpm->fd >= 0) + close(tpm->fd); + + free(tpm); +} + +static const struct tpm_emul tpm_emul_swtpm = { + .name = "swtpm", + .init = tpm_swtpm_init, + .deinit = tpm_swtpm_deinit, + .execute_cmd = tpm_swtpm_execute_cmd, +}; +TPM_EMUL_SET(tpm_emul_swtpm);