From patchwork Fri Oct 13 11:45:00 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 10004327 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id B7727602B3 for ; Fri, 13 Oct 2017 11:54:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A98452901B for ; Fri, 13 Oct 2017 11:54:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9E75729030; Fri, 13 Oct 2017 11:54:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id D0FDA2901B for ; Fri, 13 Oct 2017 11:54:49 +0000 (UTC) Received: from localhost ([::1]:49700 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e2yYD-0004rn-4V for patchwork-qemu-devel@patchwork.kernel.org; Fri, 13 Oct 2017 07:54:49 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50626) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e2yPB-0007M0-K0 for qemu-devel@nongnu.org; Fri, 13 Oct 2017 07:45:31 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e2yP7-0002t3-EW for qemu-devel@nongnu.org; Fri, 13 Oct 2017 07:45:29 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:37936) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e2yP7-0002sD-0p for qemu-devel@nongnu.org; Fri, 13 Oct 2017 07:45:25 -0400 Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v9DBiMdP140828 for ; Fri, 13 Oct 2017 07:45:21 -0400 Received: from e11.ny.us.ibm.com (e11.ny.us.ibm.com [129.33.205.201]) by mx0a-001b2d01.pphosted.com with ESMTP id 2djtynfb79-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Fri, 13 Oct 2017 07:45:21 -0400 Received: from localhost by e11.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 13 Oct 2017 07:45:19 -0400 Received: from b01cxnp22036.gho.pok.ibm.com (9.57.198.26) by e11.ny.us.ibm.com (146.89.104.198) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Fri, 13 Oct 2017 07:45:17 -0400 Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106]) by b01cxnp22036.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v9DBjHVA49348738; Fri, 13 Oct 2017 11:45:17 GMT Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4DADB2803E; Fri, 13 Oct 2017 07:45:10 -0400 (EDT) Received: from sbct-3.watson.ibm.com (unknown [9.47.158.153]) by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP id 4063F28041; Fri, 13 Oct 2017 07:45:10 -0400 (EDT) From: Stefan Berger To: qemu-devel@nongnu.org Date: Fri, 13 Oct 2017 07:45:00 -0400 X-Mailer: git-send-email 2.5.5 In-Reply-To: <1507895100-26457-1-git-send-email-stefanb@linux.vnet.ibm.com> References: <1507895100-26457-1-git-send-email-stefanb@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17101311-2213-0000-0000-0000022B7465 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007890; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000236; SDB=6.00930525; UDB=6.00468429; IPR=6.00710791; BA=6.00005636; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00017523; XFM=3.00000015; UTC=2017-10-13 11:45:19 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17101311-2214-0000-0000-000057D7C2C1 Message-Id: <1507895100-26457-12-git-send-email-stefanb@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-10-13_03:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1710130166 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 Subject: [Qemu-devel] [PULL v3 11/11] specs: Describe the TPM support in QEMU X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , amarnath.valluri@intel.com, marcandre.lureau@gmail.com, Stefan Berger Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP This patch adds a description of the current TPM support in QEMU to the specs. Several public specs are referenced via their landing page on the trustedcomputinggroup.org website. Signed-off-by: Stefan Berger Reviewed-by: Laszlo Ersek --- docs/specs/tpm.txt | 123 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 123 insertions(+) create mode 100644 docs/specs/tpm.txt diff --git a/docs/specs/tpm.txt b/docs/specs/tpm.txt new file mode 100644 index 0000000..914daac --- /dev/null +++ b/docs/specs/tpm.txt @@ -0,0 +1,123 @@ +QEMU TPM Device +=============== + += Guest-side Hardware Interface = + +The QEMU TPM emulation implements a TPM TIS hardware interface following the +Trusted Computing Group's specification "TCG PC Client Specific TPM Interface +Specification (TIS)", Specification Version 1.3, 21 March 2013. This +specification, or a later version of it, can be accessed from the following +URL: + +https://trustedcomputinggroup.org/pc-client-work-group-pc-client-specific-tpm-interface-specification-tis/ + +The TIS interface makes a memory mapped IO region in the area 0xfed40000 - +0xfed44fff available to the guest operating system. + + +QEMU files related to TPM TIS interface: + - hw/tpm/tpm_tis.c + - hw/tpm/tpm_tis.h + + += ACPI Interface = + +The TPM device is defined with ACPI ID "PNP0C31". QEMU builds a SSDT and passes +it into the guest through the fw_cfg device. The device description contains +the base address of the TIS interface 0xfed40000 and the size of the MMIO area +(0x5000). In case a TPM2 is used by QEMU, a TPM2 ACPI table is also provided. +The device is described to be used in polling mode rather than interrupt mode +primarily because no unused IRQ could be found. + +To support measurement logs to be written by the firmware, e.g. SeaBIOS, a TCPA +table is implemented. This table provides a 64kb buffer where the firmware can +write its log into. For TPM 2 only a more recent version of the TPM2 table +provides support for measurements logs and a TCPA table does not need to be +created. + +The TCPA and TPM2 ACPI tables follow the Trusted Computing Group specification +"TCG ACPI Specification" Family "1.2" and "2.0", Level 00 Revision 00.37. This +specification, or a later version of it, can be accessed from the following +URL: + +https://trustedcomputinggroup.org/tcg-acpi-specification/ + + +QEMU files related to TPM ACPI tables: + - hw/i386/acpi-build.c + - include/hw/acpi/tpm.h + + += TPM backend devices = + +The TPM implementation is split into two parts, frontend and backend. The +frontend part is the hardware interface, such as the TPM TIS interface +described earlier, and the other part is the TPM backend interface. The backend +interfaces implement the interaction with a TPM device, which may be a physical +or an emulated device. The split between the front- and backend devices allows +a frontend to be connected with any available backend. This enables the TIS +interface to be used with the passthrough backend or the (future) swtpm backend. + + +QEMU files related to TPM backends: + - backends/tpm.c + - include/sysemu/tpm_backend.h + - include/sysemu/tpm_backend_int.h + + +== The QEMU TPM passthrough device == + +In case QEMU is run on Linux as the host operating system it is possible to +make the hardware TPM device available to a single QEMU guest. In this case the +user must make sure that no other program is using the device, e.g., /dev/tpm0, +before trying to start QEMU with it. + +The passthrough driver uses the host's TPM device for sending TPM commands +and receiving responses from. Besides that it accesses the TPM device's sysfs +entry for support of command cancellation. Since none of the state of a +hardware TPM can be migrated between hosts, virtual machine migration is +disabled when the TPM passthrough driver is used. + +Since the host's TPM device will already be initialized by the host's firmware, +certain commands, e.g. TPM_Startup(), sent by the virtual firmware for device +initialization, will fail. In this case the firmware should not use the TPM. + +Sharing the device with the host is generally not a recommended usage scenario +for a TPM device. The primary reason for this is that two operating systems can +then access the device's single set of resources, such as platform configuration +registers (PCRs). Applications or kernel security subsystems, such as the +Linux Integrity Measurement Architecture (IMA), are not expecting to share PCRs. + + +QEMU files related to the TPM passthrough device: + - hw/tpm/tpm_passthrough.c + - hw/tpm/tpm_util.c + - hw/tpm/tpm_util.h + + +Command line to start QEMU with the TPM passthrough device using the host's +hardware TPM /dev/tpm0: + +qemu-system-x86_64 -display sdl -enable-kvm \ + -m 1024 -boot d -bios bios-256k.bin -boot menu=on \ + -tpmdev passthrough,id=tpm0,path=/dev/tpm0 \ + -device tpm-tis,tpmdev=tpm0 test.img + +The following commands should result in similar output inside the VM with a +Linux kernel that either has the TPM TIS driver built-in or available as a +module: + +#> dmesg | grep -i tpm +[ 0.711310] tpm_tis 00:06: 1.2 TPM (device=id 0x1, rev-id 1) + +#> dmesg | grep TCPA +[ 0.000000] ACPI: TCPA 0x0000000003FFD191C 000032 (v02 BOCHS \ + BXPCTCPA 0000001 BXPC 00000001) + +#> ls -l /dev/tpm* +crw-------. 1 root root 10, 224 Jul 11 10:11 /dev/tpm0 + +#> find /sys/devices/ | grep pcrs$ | xargs cat +PCR-00: 35 4E 3B CE 23 9F 38 59 ... +... +PCR-23: 00 00 00 00 00 00 00 00 ...