source: trunk/packages/xen-common/xen-common/tools/vtpm_manager/manager/vtpm_manager.c @ 34

Last change on this file since 34 was 34, checked in by hartmans, 17 years ago

Add xen and xen-common

  • Property svn:mime-type set to text/cpp
File size: 9.4 KB
Line 
1// ===================================================================
2//
3// Copyright (c) 2005, Intel Corp.
4// All rights reserved.
5//
6// Redistribution and use in source and binary forms, with or without
7// modification, are permitted provided that the following conditions
8// are met:
9//
10//   * Redistributions of source code must retain the above copyright
11//     notice, this list of conditions and the following disclaimer.
12//   * Redistributions in binary form must reproduce the above
13//     copyright notice, this list of conditions and the following
14//     disclaimer in the documentation and/or other materials provided
15//     with the distribution.
16//   * Neither the name of Intel Corporation nor the names of its
17//     contributors may be used to endorse or promote products derived
18//     from this software without specific prior written permission.
19//
20// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31// OF THE POSSIBILITY OF SUCH DAMAGE.
32// ===================================================================
33//
34// vtpm_manager.c
35//
36//  This file will house the main logic of the VTPM Manager
37//
38// ==================================================================
39
40#include <stdio.h>
41#include <unistd.h>
42#include <string.h>
43
44#include "vtpm_manager.h"
45#include "vtpmpriv.h"
46#include "vtsp.h"
47#include "bsg.h"
48#include "hashtable.h"
49#include "hashtable_itr.h"
50
51#include "log.h"
52#include "buffer.h"
53
54VTPM_GLOBALS *vtpm_globals=NULL;
55
56// --------------------------- Well Known Auths --------------------------
57const TPM_AUTHDATA SRK_AUTH = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
58                                  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
59
60#ifdef WELL_KNOWN_OWNER_AUTH
61static BYTE FIXED_OWNER_AUTH[20] =  {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
62                                  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
63#endif
64
65
66// -------------------------- Hash table functions --------------------
67
68static unsigned int hashfunc32(void *ky) {
69  return (* (UINT32 *) ky);
70}
71
72static int equals32(void *k1, void *k2) {
73  return (*(UINT32 *) k1 == *(UINT32 *) k2);
74}
75
76// --------------------------- Functions ------------------------------
77
78TPM_RESULT VTPM_Create_Manager(){
79 
80  TPM_RESULT status = TPM_SUCCESS;
81 
82  // Generate Auth for Owner
83#ifdef WELL_KNOWN_OWNER_AUTH
84  memcpy(vtpm_globals->owner_usage_auth, FIXED_OWNER_AUTH, sizeof(TPM_AUTHDATA));
85#else   
86  Crypto_GetRandom(vtpm_globals->owner_usage_auth, sizeof(TPM_AUTHDATA) );
87#endif
88
89  // Take Owership of TPM
90  CRYPTO_INFO ek_cryptoInfo;
91 
92  status = VTSP_ReadPubek(vtpm_globals->manager_tcs_handle, &ek_cryptoInfo);
93 
94  // If we can read PubEK then there is no owner and we should take it.
95  // We use the abilty to read the pubEK to flag that the TPM is owned.
96  // FIXME: Change to just trying to take ownership and react to the status
97  if (status == TPM_SUCCESS) {
98    TPMTRYRETURN(VTSP_TakeOwnership(vtpm_globals->manager_tcs_handle,
99                                    (const TPM_AUTHDATA*)&vtpm_globals->owner_usage_auth,
100                                    &SRK_AUTH,
101                                    &ek_cryptoInfo,
102                                    &vtpm_globals->keyAuth));
103 
104    TPMTRYRETURN(VTSP_DisablePubekRead(vtpm_globals->manager_tcs_handle,
105                                       (const TPM_AUTHDATA*)&vtpm_globals->owner_usage_auth, 
106                                       &vtpm_globals->keyAuth));     
107  } else {
108    vtpmloginfo(VTPM_LOG_VTPM, "Failed to readEK meaning TPM has an owner. Creating Keys off existing SRK.\n");
109  }
110 
111  // Generate storage key's auth
112  Crypto_GetRandom(  &vtpm_globals->storage_key_usage_auth,
113                     sizeof(TPM_AUTHDATA) );
114 
115  TCS_AUTH osap;
116  TPM_AUTHDATA sharedsecret;
117 
118  TPMTRYRETURN( VTSP_OSAP(vtpm_globals->manager_tcs_handle,
119                          TPM_ET_KEYHANDLE,
120                          TPM_SRK_KEYHANDLE,
121                          &SRK_AUTH,
122                          &sharedsecret,
123                          &osap) );
124
125  osap.fContinueAuthSession = FALSE;
126 
127 
128  TPMTRYRETURN( VTSP_CreateWrapKey( vtpm_globals->manager_tcs_handle,
129                                    TPM_KEY_BIND,
130                                    (const TPM_AUTHDATA*)&vtpm_globals->storage_key_usage_auth,
131                                    TPM_SRK_KEYHANDLE,
132                                    (const TPM_AUTHDATA*)&sharedsecret,
133                                    &vtpm_globals->storageKeyWrap,
134                                    &osap) );
135 
136  // Generate boot key's auth
137  TPM_AUTHDATA bootKeyWrapAuth;
138  memset(&bootKeyWrapAuth, 0, sizeof(bootKeyWrapAuth));
139 
140  TPMTRYRETURN( VTSP_OSAP(vtpm_globals->manager_tcs_handle,
141                          TPM_ET_KEYHANDLE,
142                          TPM_SRK_KEYHANDLE,
143                          &SRK_AUTH,
144                          &sharedsecret,
145                          &osap) );
146
147  osap.fContinueAuthSession = FALSE;
148 
149  // FIXME: This key protects the global secrets on disk. It should use TPM
150  //        PCR bindings to limit its use to legit configurations.
151  //        Current binds are open, implying a Trusted VM contains this code.
152  //        If this VM is not Trusted, use measurement and PCR bindings.
153  TPMTRYRETURN( VTSP_CreateWrapKey( vtpm_globals->manager_tcs_handle,
154                                    TPM_KEY_BIND,
155                                    (const TPM_AUTHDATA*)&bootKeyWrapAuth,
156                                    TPM_SRK_KEYHANDLE,
157                                    (const TPM_AUTHDATA*)&sharedsecret,
158                                    &vtpm_globals->bootKeyWrap,
159                                    &osap) );
160
161  // Populate CRYPTO_INFO vtpm_globals->bootKey. This does not load it into the TPM
162  TPMTRYRETURN( VTSP_LoadKey( vtpm_globals->manager_tcs_handle,
163                              TPM_SRK_KEYHANDLE,
164                              &vtpm_globals->bootKeyWrap,
165                              NULL,
166                              NULL,
167                              NULL,
168                              &vtpm_globals->bootKey,
169                              TRUE ) );
170
171  TPMTRYRETURN( VTSP_SaveState(vtpm_globals->manager_tcs_handle) );
172  goto egress;
173 
174 abort_egress:
175  exit(1);
176 
177 egress:
178  vtpmloginfo(VTPM_LOG_VTPM, "Finished initialized new VTPM manager (Status = %d).\n", status);
179  return status;
180 
181}
182
183///////////////////////////////////////////////////////////////////////////////
184TPM_RESULT VTPM_Init_Manager() {
185  TPM_RESULT status = TPM_FAIL, serviceStatus;   
186  BYTE *randomsead;
187  UINT32 randomsize=256;
188
189  if ((vtpm_globals = (VTPM_GLOBALS *) malloc(sizeof(VTPM_GLOBALS))) == NULL){
190    status = TPM_FAIL;
191    goto abort_egress;
192  }
193  memset(vtpm_globals, 0, sizeof(VTPM_GLOBALS));
194
195  vtpm_globals->connected_dmis = 0;
196
197  if ((vtpm_globals->dmi_map = create_hashtable(10, hashfunc32, equals32)) == NULL){
198    status = TPM_FAIL;
199    goto abort_egress;
200  }
201 
202  // Create new TCS Object
203  vtpm_globals->manager_tcs_handle = 0;
204 
205  TPMTRYRETURN(TCS_create());
206 
207  // Create TCS Context for service
208  TPMTRYRETURN( TCS_OpenContext(&vtpm_globals->manager_tcs_handle ) );
209
210  TPMTRYRETURN( TCSP_GetRandom(vtpm_globals->manager_tcs_handle,
211                               &randomsize,
212                               &randomsead));
213 
214  Crypto_Init(randomsead, randomsize);
215  TPMTRYRETURN( TCS_FreeMemory (vtpm_globals->manager_tcs_handle, randomsead));
216       
217  // Create OIAP session for service's authorized commands
218  TPMTRYRETURN( VTSP_OIAP( vtpm_globals->manager_tcs_handle,
219                           &vtpm_globals->keyAuth) );
220  vtpm_globals->keyAuth.fContinueAuthSession = TRUE;
221
222  vtpm_globals->mig_keys = NULL;
223
224  // If fails, create new Manager.
225  serviceStatus = VTPM_LoadManagerData();
226  if (serviceStatus == TPM_IOERROR) {
227    vtpmloginfo(VTPM_LOG_VTPM, "Failed to read manager file. Assuming first time initialization.\n");
228    TPMTRYRETURN( VTPM_Create_Manager() );   
229    TPMTRYRETURN( VTPM_SaveManagerData() );
230  } else if (serviceStatus != TPM_SUCCESS) {
231    vtpmlogerror(VTPM_LOG_VTPM, "Failed to read existing manager file");
232    exit(1);
233  }
234
235  //Load Storage Key
236  TPMTRYRETURN( VTSP_LoadKey( vtpm_globals->manager_tcs_handle,
237                              TPM_SRK_KEYHANDLE,
238                              &vtpm_globals->storageKeyWrap,
239                              &SRK_AUTH,
240                              &vtpm_globals->storageKeyHandle,
241                              &vtpm_globals->keyAuth,
242                              &vtpm_globals->storageKey,
243                              FALSE ) );
244
245  // Create entry for Dom0 for control messages
246  TPMTRYRETURN( VTPM_Handle_New_DMI(NULL) );
247 
248  goto egress;
249 
250 abort_egress:
251 egress:
252 
253  return(status);
254}
255
256///////////////////////////////////////////////////////////////////////////////
257void VTPM_Stop_Manager() {
258  VTPM_DMI_RESOURCE *dmi_res;
259  struct hashtable_itr *dmi_itr;
260 
261  // Close all the TCS contexts. TCS should evict keys based on this
262  if (hashtable_count(vtpm_globals->dmi_map) > 0) {
263    dmi_itr = hashtable_iterator(vtpm_globals->dmi_map);
264    do {
265      dmi_res = (VTPM_DMI_RESOURCE *) hashtable_iterator_value(dmi_itr);
266      if (dmi_res->connected)
267        close_dmi( dmi_res ); // Not really interested in return code
268     
269    } while (hashtable_iterator_advance(dmi_itr));
270                free (dmi_itr);
271  }
272 
273  if ( VTPM_SaveManagerData() != TPM_SUCCESS )
274    vtpmlogerror(VTPM_LOG_VTPM, "Unable to save manager data.\n");
275
276  TCS_CloseContext(vtpm_globals->manager_tcs_handle);
277  TCS_destroy();
278 
279  hashtable_destroy(vtpm_globals->dmi_map, 1);
280  free(vtpm_globals);
281 
282  Crypto_Exit();
283       
284  vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager stopped.\n");
285}
Note: See TracBrowser for help on using the repository browser.