Set the default log level to 1 so that console output is shown.
This can be turned off with --log level=0
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Following the example in the Appendix A.1 of the TCG EK Credential
Profile Spec Version 2.0, a ASN.1 SET is supposed to be created for
each one of the items. This patch fixes the format.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Use the GNUTLS 3.5 function gnutls_x509_crt_set_subject_alt_othername
to set the TP<M and platform manufacturer info since the other function
does not accept binary data.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Expose the logging level to the command line by extending the
log option with a level parameter.
Extend the man swtpm man page with the level parameter.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Introduce a log level for the logging functions. The log level
is defined by the number of spaces used for indentation. Adapt
the log functions to only log when the number of leading spaces
in a string is appropriate for logging.
Call the log function of libtpms to set the file descriptor to
log to, the log level, and log line prefix.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Fix the missing mentioning of the bindaddr and ifname parameters for
the --server option on the help screen.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Implement the option --vtpm-proxy that create a Linux vtpm proxy device
and makes the chardev TPM listen on the anaonymous file descriptor that
is returned from the ioctl creating the device.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Detect whether to build with the chardev interface and only run tests that
need the chardev if it is supported on a particular platform.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Support --tpm-state option as an alias for the --tpmstate option.
--tpm-state is a parameter that is also supported by the swtpm
program, so for consistency reasons we should have the same name
for the option here.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add support for UnixIO and TCP control channels. Both types of
transport require that packets are sent in big endian format
and therefore some code needs to be adjusted for that. The
ioctl interface is local and in that case no endianess conversion
is done.
Add a new test case that uses the extended swtpm_ioctl tool to
test the control channel.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Fix a typo in two command names so that they are similar to
the command name spelling used for the ioctl's.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Fix the size of the receive buffer input.body to match the largest
buffer any type of command has.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Deactivate the code around resetting the TPM established bit
since its implementation currently requires libtpms 0.6.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Implement two more control channel commands:
- CMD_STORE_VOLATILE
- CMD_HASH_DATA
Implement test cases.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add support for --connect option for the socket version of the TPM.
This parameter takes the type, port, file descriptor and disconnect
options. Only TCP connections are currently supported.
See updated man pages.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Only let certain commands that are cancelable be processed
by the thread. Directly process all other commands.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Rather than checking whether the given file descriptor is a character
device, check whether it is one of the unsupported ones. This addresses
a problem when passing anonymous file descriptors that are not character
devices.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Move the code to change process ownership into its own function and enable
--runas|-r <owner> in all implementations.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
If the 'swtpm chardev' receives an error on write() or not all bytes
could be written, log an error and terminate.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Use the macros defined in endian.h for endianess conversion.
Fix the conversion of a 64bit variable.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Replace the CUSE TPM with the new BSD implementation.
Update the license references and the license itself.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Eric Richter implemented a clean-room skeleton CUSE driver which
we will now convert to the CUSE TPM. The goal is to replace the
GPL CUSE TPM implementation with this 3-clause BSD implementation.
Among other things, this makes it easier to link with OpenSSL.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Extend the swtpm_bios tool with an option to give up physical presence.
Have the TPM error codes reflected in the exit error of 128.
Add a test case for the tool.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Move src/swtpm/swtpm.h.in to include/swtpm.h.in to make it commonly
available. Adapt all other programs to use it and display version information
in the help screen.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Implement a control channel for the 'chardev' swtpm that implements
a minimal set of control messages for now.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add support for 'swtpm chardev' that listens for TPM commands on a given
character device and sends responses through it.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Remove the hardcodes tss user and group and to configure with
--with-tss-user=tss --with-tss-group=tss to set the tss user
and group to be used.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Check for an existing device with the same name and print an error
if the device already exists.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add support for the --tpmstate dir=<dir> command line parameter.
It will be used instead of the TPM_PATH, unless it is not set.
Adapt two test cases for the new parameter.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add support for --pid file=<pidfile> command line parameter support.
The swtpm_cuse and swtpm now write their process IDs (pids) into
a file.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Disable the chown commands when building an RPM; we try to detect this
by the usage of DESTDIR.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Some more changes to tpm_ioctl.h including
- comment for request and response part of an ioctl
- unified format
- prefix all constants with PTM_
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Remove the extension of PATH to the local dir('.') from swtpm_setup.sh
and adapt test cases accordingly.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Cleanup the code a bit:
o added description to several functions
o remove empty lines between functions
o cleanup the usage screen
o fix the parameters to logerr
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
The receiving of TPM state blob ends when the last byte has been copied
into a response to the user. No more request need to be sent afterwards.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
If a blob with length 0 is set, we make sure the corresponding file
that would hold this blob is not available.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Support the read/write interface and POSIX API calls for transfer of
TPM state blobs.
Extend the swtpm_ioctl program to support this as well. Use the
environment variable SWTPM_IOCTL_BUFFERSIZE to set the size of the
buffer to use and enable the read/write interface in this (test)
program.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Since POSIX reserves the *_t namespace of types, remove it from
all our typedefs. While doing that, adjust the typedefs to all have
the prefix ptm_ .
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Move the code to get the TPM state blobs into is own function and introduce
a caching layer that retrieves the state blob from the TPM once and has
subsequent requests to copy the state work on the cached blob.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add an ioctl that lets an application retrieve which keys are in use by the
TPM, i.e., file encryption or migration key
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
The migration key ensures that TPM state blobs, when retrieved using the
ioctl for getting state blobs, are always encrypted with this key.
When the state is later on loaded back into the TPM using the ioctl
to set the state blobs, the migration key is used to decrypt them.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Have the crypto functions use a key as a parameter rather than having them
operate on a specific fixed key.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Break the key parsing function apart into a common parsing function
and one specific to the file encryption key.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Prepend a header in front of all blobs retrieved from the TPM.
Write flags into this header indicating whether the blob is
encrypted.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Integrity protect the TPM state when it is written in entrypted form.
libtpms state (for TPM1.2) is also integrity protecting the blobs, but
we better determine the integrity of the decrypted data on the layer
above it.
Change the type of the len variable from size_t to ssize_t for
comparison against neg. values to work.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Change variable type of val1 and val2 from unsigned char to char for
the comparison with neg. numbers to work.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add documentation to the options source code and introduce an explicit
default value to return in case an option was not found while parsing.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
On rare occassions TCSD refuses connections after start and nothing
works; so we test the connection with TCSD and kill it if it doesn't
work.
This now seems to fix the tests/test_parameters that occosionally
had been reporting an error.
Only allow a single command per TCP connection to be sent to
the socket TPM. This solves a problem with the test_parameters
testcase where the TPM seems to get stuck in the poll().
However, the testcase still is not entirely error-free.
Add new ioctls to get and set the 3 different types of state blobs
from and to the CUSE TPM. Add test cases for testing the new ioctl's
on a CUSE TPM that stores the state encrypted and on a CUSE TPM that
stores it non-encrypted.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Only root can change the ownership of swtpm_setup.sh to tss:tss, so
only root can install the file.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Protect the stack, create position indep. executables, use Relocation
Read-Only (RELRO) and have the linker resolve all symbols upon
program start.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Extend configure.ac to make SELinux policy extension support
chooseable. By default configure will check whether SELinux
support is installed on the local system and will add SELinux
policy extension support if support is found.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Don't build up a global LIBS variable but put the libraries into
individual variables that can be used for linking individual programs
with. Do the same for CFLAGS.
