From patchwork Thu Oct 5 16:47:27 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 9987607 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5B8436029B for ; Thu, 5 Oct 2017 16:56:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4DF6F28CFE for ; Thu, 5 Oct 2017 16:56:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4308528D00; Thu, 5 Oct 2017 16:56:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 9553828CFE for ; Thu, 5 Oct 2017 16:56:48 +0000 (UTC) Received: from localhost ([::1]:40949 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e09S3-0003x1-Qv for patchwork-qemu-devel@patchwork.kernel.org; Thu, 05 Oct 2017 12:56:47 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:58924) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e09JG-0005Yd-6M for qemu-devel@nongnu.org; Thu, 05 Oct 2017 12:47:44 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e09JB-0000eV-2Y for qemu-devel@nongnu.org; Thu, 05 Oct 2017 12:47:42 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:39100 helo=mx0a-001b2d01.pphosted.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e09JA-0000dg-QZ for qemu-devel@nongnu.org; Thu, 05 Oct 2017 12:47:36 -0400 Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v95GivYu040670 for ; Thu, 5 Oct 2017 12:47:33 -0400 Received: from e17.ny.us.ibm.com (e17.ny.us.ibm.com [129.33.205.207]) by mx0b-001b2d01.pphosted.com with ESMTP id 2ddqw6jabd-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 05 Oct 2017 12:47:33 -0400 Received: from localhost by e17.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 5 Oct 2017 12:47:32 -0400 Received: from b01cxnp23033.gho.pok.ibm.com (9.57.198.28) by e17.ny.us.ibm.com (146.89.104.204) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 5 Oct 2017 12:47:31 -0400 Received: from b01ledav003.gho.pok.ibm.com (b01ledav003.gho.pok.ibm.com [9.57.199.108]) by b01cxnp23033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v95GlUvb56950868; Thu, 5 Oct 2017 16:47:30 GMT Received: from b01ledav003.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1FD2AB204E; Thu, 5 Oct 2017 12:44:49 -0400 (EDT) Received: from sbct-3.watson.ibm.com (unknown [9.47.158.153]) by b01ledav003.gho.pok.ibm.com (Postfix) with ESMTP id 0927FB2046; Thu, 5 Oct 2017 12:44:49 -0400 (EDT) From: Stefan Berger To: qemu-devel@nongnu.org Date: Thu, 5 Oct 2017 12:47:27 -0400 X-Mailer: git-send-email 2.5.5 X-TM-AS-GCONF: 00 x-cbid: 17100516-0040-0000-0000-000003AD6BAC X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007847; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000235; SDB=6.00926881; UDB=6.00466332; IPR=6.00707127; BA=6.00005623; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00017408; XFM=3.00000015; UTC=2017-10-05 16:47:32 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17100516-0041-0000-0000-000007A27CDD Message-Id: <1507222047-20115-1-git-send-email-stefanb@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-10-05_08:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1710050231 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.158.5 Subject: [Qemu-devel] [PATCH] specs: Extend TPM spec with TPM emulator description X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: amarnath.valluri@intel.com, marcandre.lureau@gmail.com, Stefan Berger Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP Following the recent extension of QEMU with a TPM emulator device, update the specs describing for how to interact with the device. The results of commands run inside a Linux VM are expected to be similar to those when the TPM passthrough device is used, so we just reuse that. Fix a typo on the way. Signed-off-by: Stefan Berger Reviewed-by: Marc-André Lureau --- docs/specs/tpm.txt | 79 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) diff --git a/docs/specs/tpm.txt b/docs/specs/tpm.txt index 914daac..9bef8b3 100644 --- a/docs/specs/tpm.txt +++ b/docs/specs/tpm.txt @@ -121,3 +121,82 @@ crw-------. 1 root root 10, 224 Jul 11 10:11 /dev/tpm0 PCR-00: 35 4E 3B CE 23 9F 38 59 ... ... PCR-23: 00 00 00 00 00 00 00 00 ... + + +== The QEMU TPM emulator device == + +The TPM emulator device uses an external TPM emulator called 'swtpm' for +sending TPM commands to and receiving responses from. The swtpm program +must have been started before trying to access it through the TPM emulator +with QEMU. + +The TPM emulator implements a command channel for transferring TPM commands +and responses as well as a control channel over which control commands can +be sent. The specification for the control channel can be found here: + +https://github.com/stefanberger/swtpm/blob/master/man/man3/swtpm_ioctls.pod + + +The control channel serves the purpose of resetting, initializing, and +migrating the TPM state, among other things. + +The swtpm program behaves like a hardware TPM and therefore needs to be +initialized by the firmware running inside the QEMU virtual machine. +One necessary step for initializing the device is to send the TPM_Startup +command to it. SeaBIOS, for example, has been instrumented to initialize +a TPM 1.2 or TPM 2 device using this command. + + +QEMU files related to the TPM emulator device: + - hw/tpm/tpm_emulator.c + - hw/tpm/tpm_util.c + - hw/tpm/tpm_util.h + + +The following commands start the swtpm with a UnixIO control channel over +a socket interface. They do not need to be run as root. + +mkdir /tmp/mytpm1 +swtpm socket --tpmstate dir=/tmp/mytpm1 \ + --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \ + --log level=20 + +Command line to start QEMU with the TPM emulator device using the host's +hardware TPM /dev/tpm0: + +qemu-system-x86_64 -display sdl -enable-kvm \ + -m 1024 -boot d -bios bios-256k.bin -boot menu=on \ + -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \ + -tpmdev emulator,id=tpm0,chardev=chrtpm \ + -device tpm-tis,tpmdev=tpm0 test.img + + +In case SeaBIOS is used as firmware, it should show the TPM menu item +after entering the menu with 'ESC'. + +Select boot device: +1. DVD/CD [ata1-0: QEMU DVD-ROM ATAPI-4 DVD/CD] +[...] +5. Legacy option rom + +t. TPM Configuration + + +The following commands should result in similar output inside the VM with a +Linux kernel that either has the TPM TIS driver built-in or available as a +module: + +#> dmesg | grep -i tpm +[ 0.711310] tpm_tis 00:06: 1.2 TPM (device=id 0x1, rev-id 1) + +#> dmesg | grep TCPA +[ 0.000000] ACPI: TCPA 0x0000000003FFD191C 000032 (v02 BOCHS \ + BXPCTCPA 0000001 BXPC 00000001) + +#> ls -l /dev/tpm* +crw-------. 1 root root 10, 224 Jul 11 10:11 /dev/tpm0 + +#> find /sys/devices/ | grep pcrs$ | xargs cat +PCR-00: 35 4E 3B CE 23 9F 38 59 ... +... +PCR-23: 00 00 00 00 00 00 00 00 ...