Allow the vtpm device to be disconnected and reconnected so that a
bootloader (like pv-grub) can submit measurements and return the vtpm
device to its initial state before booting the target kernel.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
extras/mini-os/tpmback.c | 23 ++++++++++++++++++++++-
extras/mini-os/tpmfront.c | 14 ++++++++++++--
2 files changed, 34 insertions(+), 3 deletions(-)
diff --git a/extras/mini-os/tpmback.c b/extras/mini-os/tpmback.c
index 50f8a5d..69a7f2d 100644
--- a/extras/mini-os/tpmback.c
+++ b/extras/mini-os/tpmback.c
@@ -608,6 +608,24 @@ error_post_map:
return -1;
}
+static void disconnect_fe(tpmif_t* tpmif)
+{
+ if (tpmif->status == CONNECTED) {
+ tpmif->status = DISCONNECTING;
+ mask_evtchn(tpmif->evtchn);
+
+ if(gntmap_munmap(>pmdev.map, (unsigned long)tpmif->page, 1)) {
+ TPMBACK_ERR("%u/%u Error occured while trying to unmap shared page\n", (unsigned int) tpmif->domid, tpmif->handle);
+ }
+
+ unbind_evtchn(tpmif->evtchn);
+ }
+ tpmif->status = DISCONNECTED;
+ tpmif_change_state(tpmif, XenbusStateInitWait);
+
+ TPMBACK_LOG("Frontend %u/%u disconnected\n", (unsigned int) tpmif->domid, tpmif->handle);
+}
+
static int frontend_changed(tpmif_t* tpmif)
{
int state = xenbus_read_integer(tpmif->fe_state_path);
@@ -634,8 +652,11 @@ static int frontend_changed(tpmif_t* tpmif)
tpmif_change_state(tpmif, XenbusStateClosing);
break;
- case XenbusStateUnknown: /* keep it here */
case XenbusStateClosed:
+ disconnect_fe(tpmif);
+ break;
+
+ case XenbusStateUnknown: /* keep it here */
free_tpmif(tpmif);
break;
diff --git a/extras/mini-os/tpmfront.c b/extras/mini-os/tpmfront.c
index ac9ba42..1ef51cf 100644
--- a/extras/mini-os/tpmfront.c
+++ b/extras/mini-os/tpmfront.c
@@ -146,6 +146,9 @@ static int wait_for_backend_closed(xenbus_event_queue* events, char* path)
case XenbusStateClosed:
TPMFRONT_LOG("Backend Closed\n");
return 0;
+ case XenbusStateInitWait:
+ TPMFRONT_LOG("Backend Closed (waiting for reconnect)\n");
+ return 0;
default:
xenbus_wait_for_watch(events);
}
@@ -306,10 +309,10 @@ void shutdown_tpmfront(struct tpmfront_dev* dev)
TPMFRONT_LOG("Shutting down tpmfront\n");
/* disconnect */
if(dev->state == XenbusStateConnected) {
- dev->state = XenbusStateClosing;
- //FIXME: Transaction for this?
/* Tell backend we are closing */
+ dev->state = XenbusStateClosing;
if((err = xenbus_printf(XBT_NIL, dev->nodename, "state", "%u", (unsigned int) dev->state))) {
+ TPMFRONT_ERR("Unable to write to %s, error was %s", dev->nodename, err);
free(err);
}
@@ -333,6 +336,13 @@ void shutdown_tpmfront(struct tpmfront_dev* dev)
/* Wait for the backend to close and unmap shared pages, ignore any errors */
wait_for_backend_state_changed(dev, XenbusStateClosed);
+ /* Prepare for a later reopen (possibly by a kexec'd kernel) */
+ dev->state = XenbusStateInitialising;
+ if((err = xenbus_printf(XBT_NIL, dev->nodename, "state", "%u", (unsigned int) dev->state))) {
+ TPMFRONT_ERR("Unable to write to %s, error was %s", dev->nodename, err);
+ free(err);
+ }
+
/* Close event channel and unmap shared page */
mask_evtchn(dev->evtchn);
unbind_evtchn(dev->evtchn);
--
1.7.11.7
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
bootloader (like pv-grub) can submit measurements and return the vtpm
device to its initial state before booting the target kernel.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
extras/mini-os/tpmback.c | 23 ++++++++++++++++++++++-
extras/mini-os/tpmfront.c | 14 ++++++++++++--
2 files changed, 34 insertions(+), 3 deletions(-)
diff --git a/extras/mini-os/tpmback.c b/extras/mini-os/tpmback.c
index 50f8a5d..69a7f2d 100644
--- a/extras/mini-os/tpmback.c
+++ b/extras/mini-os/tpmback.c
@@ -608,6 +608,24 @@ error_post_map:
return -1;
}
+static void disconnect_fe(tpmif_t* tpmif)
+{
+ if (tpmif->status == CONNECTED) {
+ tpmif->status = DISCONNECTING;
+ mask_evtchn(tpmif->evtchn);
+
+ if(gntmap_munmap(>pmdev.map, (unsigned long)tpmif->page, 1)) {
+ TPMBACK_ERR("%u/%u Error occured while trying to unmap shared page\n", (unsigned int) tpmif->domid, tpmif->handle);
+ }
+
+ unbind_evtchn(tpmif->evtchn);
+ }
+ tpmif->status = DISCONNECTED;
+ tpmif_change_state(tpmif, XenbusStateInitWait);
+
+ TPMBACK_LOG("Frontend %u/%u disconnected\n", (unsigned int) tpmif->domid, tpmif->handle);
+}
+
static int frontend_changed(tpmif_t* tpmif)
{
int state = xenbus_read_integer(tpmif->fe_state_path);
@@ -634,8 +652,11 @@ static int frontend_changed(tpmif_t* tpmif)
tpmif_change_state(tpmif, XenbusStateClosing);
break;
- case XenbusStateUnknown: /* keep it here */
case XenbusStateClosed:
+ disconnect_fe(tpmif);
+ break;
+
+ case XenbusStateUnknown: /* keep it here */
free_tpmif(tpmif);
break;
diff --git a/extras/mini-os/tpmfront.c b/extras/mini-os/tpmfront.c
index ac9ba42..1ef51cf 100644
--- a/extras/mini-os/tpmfront.c
+++ b/extras/mini-os/tpmfront.c
@@ -146,6 +146,9 @@ static int wait_for_backend_closed(xenbus_event_queue* events, char* path)
case XenbusStateClosed:
TPMFRONT_LOG("Backend Closed\n");
return 0;
+ case XenbusStateInitWait:
+ TPMFRONT_LOG("Backend Closed (waiting for reconnect)\n");
+ return 0;
default:
xenbus_wait_for_watch(events);
}
@@ -306,10 +309,10 @@ void shutdown_tpmfront(struct tpmfront_dev* dev)
TPMFRONT_LOG("Shutting down tpmfront\n");
/* disconnect */
if(dev->state == XenbusStateConnected) {
- dev->state = XenbusStateClosing;
- //FIXME: Transaction for this?
/* Tell backend we are closing */
+ dev->state = XenbusStateClosing;
if((err = xenbus_printf(XBT_NIL, dev->nodename, "state", "%u", (unsigned int) dev->state))) {
+ TPMFRONT_ERR("Unable to write to %s, error was %s", dev->nodename, err);
free(err);
}
@@ -333,6 +336,13 @@ void shutdown_tpmfront(struct tpmfront_dev* dev)
/* Wait for the backend to close and unmap shared pages, ignore any errors */
wait_for_backend_state_changed(dev, XenbusStateClosed);
+ /* Prepare for a later reopen (possibly by a kexec'd kernel) */
+ dev->state = XenbusStateInitialising;
+ if((err = xenbus_printf(XBT_NIL, dev->nodename, "state", "%u", (unsigned int) dev->state))) {
+ TPMFRONT_ERR("Unable to write to %s, error was %s", dev->nodename, err);
+ free(err);
+ }
+
/* Close event channel and unmap shared page */
mask_evtchn(dev->evtchn);
unbind_evtchn(dev->evtchn);
--
1.7.11.7
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel