From patchwork Tue Oct 29 12:49:34 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stefan Berger <stefanb@linux.vnet.ibm.com>
X-Patchwork-Id: 2003728
Return-Path: <slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256
 header.s=pp1 header.b=rfcUw8Ww;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org
 (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org;
 envelope-from=slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org;
 receiver=patchwork.ozlabs.org)
Received: from lists.ozlabs.org (lists.ozlabs.org
 [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4Xd97v5XsMz1xwc
	for <incoming@patchwork.ozlabs.org>; Tue, 29 Oct 2024 23:49:47 +1100 (AEDT)
Received: from boromir.ozlabs.org (localhost [IPv6:::1])
	by lists.ozlabs.org (Postfix) with ESMTP id 4Xd97s2hLCz30f4
	for <incoming@patchwork.ozlabs.org>; Tue, 29 Oct 2024 23:49:45 +1100 (AEDT)
X-Original-To: slof@lists.ozlabs.org
Delivered-To: slof@lists.ozlabs.org
Authentication-Results: lists.ozlabs.org;
 arc=none smtp.remote-ip=148.163.156.1
ARC-Seal: i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707; t=1730206184;
	cv=none;
 b=Ee79Ul7HCd11x1ppg9EgHhAHZtyX4JEaHXWzLtPUeR1txKxI9Tamiq1Mfh2tCtRwKcR7AUp7oXKfCWTXGUjI61MIRtk9ZX1PW+d91PteC3IVBTgM/qAZE0kCglBzp9UnbnbZrRQHQ4GZ1T8aM6Xpwn3Txx3uNYjLjRKHZEXTv4OQRCrLin+BzIzdSqqpBSUFT+8v0itvp6S4V3IY6qsmsM1JWR3VMYj9oEDZivH/eVmqbCCH7+jxFf8pT/SDDgYocyeXl0NFvLINCy7sEsuyPha9kxSDKSASV9MxT0kCaZeMSRdCGmTxn2dZ/corai3JKC6Ff6fUXCpmjFGMP97D/A==
ARC-Message-Signature: i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707;
	t=1730206184; c=relaxed/relaxed;
	bh=cYWkB95cruBOLlTtbA4u9DHWt73jnVUtWM58VsvH9gc=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=XgpbIc5suxXRJXTjSEyWXlFJ3Ht3iFcB5oqHjVGcDEn4mTm4qcSBqXuVgqcAiulZh33U4EnSaJ3Aw0aCCHnnNU1DVvwV+3KIrlfSHyghpQvF+/iP7vmIAPLARWnErPlu91kYHuXOj78x3WkoiYy+4vI6Dfl9H+yepGDPhd0o7keFhub4kq4oYrXCBbONRho9XyUJz0lXIqxRx5Cvc0RycgCdCKOkseqxk7LYb5FKfkZk7s8PGn7lIIDDmys2Y8SwQRnXIv5vx8JIUlV+f4o2ZC9OkCt82iCc6M1ktay2VjC0pSSxrTUMMcSCKX8v2BXqlfvc81ksFQBCL24XmnFNJQ==
ARC-Authentication-Results: i=1; lists.ozlabs.org;
 dmarc=pass (p=none dis=none) header.from=linux.vnet.ibm.com;
 dkim=pass (2048-bit key;
 unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256
 header.s=pp1 header.b=rfcUw8Ww; dkim-atps=neutral;
 spf=none (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com;
 envelope-from=stefanb@linux.vnet.ibm.com;
 receiver=lists.ozlabs.org) smtp.mailfrom=linux.vnet.ibm.com
Authentication-Results: lists.ozlabs.org;
 dmarc=pass (p=none dis=none) header.from=linux.vnet.ibm.com
Authentication-Results: lists.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256
 header.s=pp1 header.b=rfcUw8Ww;
	dkim-atps=neutral
Authentication-Results: lists.ozlabs.org;
 spf=none (no SPF record) smtp.mailfrom=linux.vnet.ibm.com
 (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com;
 envelope-from=stefanb@linux.vnet.ibm.com; receiver=lists.ozlabs.org)
Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com
 [148.163.156.1])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by lists.ozlabs.org (Postfix) with ESMTPS id 4Xd97q08lPz2yDx
	for <slof@lists.ozlabs.org>; Tue, 29 Oct 2024 23:49:42 +1100 (AEDT)
Received: from pps.filterd (m0356517.ppops.net [127.0.0.1])
	by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id
 49T4nKeT030265;
	Tue, 29 Oct 2024 12:49:39 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc
	:content-transfer-encoding:date:from:in-reply-to:message-id
	:mime-version:references:subject:to; s=pp1; bh=cYWkB95cruBOLlTtb
	A4u9DHWt73jnVUtWM58VsvH9gc=; b=rfcUw8WwrHqeKhqRlwKhowDDFWoJ14OlS
	llIEYMFq6GTA1fveqybX4paMIHv2RkYku+HOQFZXx0RHx0vr1d9Vu5WIpRLoC2TK
	HMy71cCeQGOvt+oTlKQk+3bSkK3XU2ETDfKTBWZeXeu+LrepCGoaL3kKvGlLFb8e
	muCiJu1P1xrWbAjpyvPiM/wd83wG3zLiYqr5n7z8JB7O0F7rq+tdqJB9/HMdnXcw
	MmNft6yVSOc6jMFFpE1BL0OWdpmxukAgLNBw16to11WTwwLh1pSxiYIl/a7/SuOh
	DcRe9rNRyBbuhsLrkDkk8ig/nVp5+iMuVQnOa6XOZFOYg6Qmoou7g==
Received: from ppma22.wdc07v.mail.ibm.com
 (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92])
	by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 42js0h21n5-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Tue, 29 Oct 2024 12:49:39 +0000 (GMT)
Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1])
	by ppma22.wdc07v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id
 49T9gZ1I028163;
	Tue, 29 Oct 2024 12:49:38 GMT
Received: from smtprelay04.dal12v.mail.ibm.com ([172.16.1.6])
	by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 42hb4xu5s5-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Tue, 29 Oct 2024 12:49:38 +0000
Received: from smtpav06.dal12v.mail.ibm.com (smtpav06.dal12v.mail.ibm.com
 [10.241.53.105])
	by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id
 49TCnbLF57213246
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Tue, 29 Oct 2024 12:49:37 GMT
Received: from smtpav06.dal12v.mail.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id E253B5805D;
	Tue, 29 Oct 2024 12:49:36 +0000 (GMT)
Received: from smtpav06.dal12v.mail.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id A9B0F58043;
	Tue, 29 Oct 2024 12:49:36 +0000 (GMT)
Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153])
	by smtpav06.dal12v.mail.ibm.com (Postfix) with ESMTP;
	Tue, 29 Oct 2024 12:49:36 +0000 (GMT)
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
To: slof@lists.ozlabs.org, aik@ozlabs.ru
Date: Tue, 29 Oct 2024 08:49:34 -0400
Message-ID: <20241029124934.3167208-3-stefanb@linux.vnet.ibm.com>
X-Mailer: git-send-email 2.47.0
In-Reply-To: <20241029124934.3167208-1-stefanb@linux.vnet.ibm.com>
References: <20241029124934.3167208-1-stefanb@linux.vnet.ibm.com>
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-Proofpoint-GUID: D6jNX1HPTNuXyWtoIp2H6q95yKiBlJ53
X-Proofpoint-ORIG-GUID: D6jNX1HPTNuXyWtoIp2H6q95yKiBlJ53
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1051,Hydra:6.0.680,FMLib:17.12.62.30
 definitions=2024-10-15_01,2024-10-11_01,2024-09-30_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
 spamscore=0 mlxscore=0
 phishscore=0 impostorscore=0 adultscore=0 clxscore=1015 mlxlogscore=999
 bulkscore=0 suspectscore=0 malwarescore=0 lowpriorityscore=0
 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.19.0-2409260000 definitions=main-2410290094
X-Spam-Status: No, score=-0.7 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
	SPF_NONE autolearn=disabled version=4.0.0
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on lists.ozlabs.org
Subject: [SLOF] [PATCH v3 2/2] tpm: Implement firmware API call
 pass-through-to-tpm
X-BeenThere: slof@lists.ozlabs.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Patches for https://github.com/aik/SLOF" <slof.lists.ozlabs.org>
List-Unsubscribe: <https://lists.ozlabs.org/options/slof>,
 <mailto:slof-request@lists.ozlabs.org?subject=unsubscribe>
List-Archive: <http://lists.ozlabs.org/pipermail/slof/>
List-Post: <mailto:slof@lists.ozlabs.org>
List-Help: <mailto:slof-request@lists.ozlabs.org?subject=help>
List-Subscribe: <https://lists.ozlabs.org/listinfo/slof>,
 <mailto:slof-request@lists.ozlabs.org?subject=subscribe>
Cc: Stefan Berger <stefanb@linux.ibm.com>
Errors-To: slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org
Sender: "SLOF" <slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>

From: Stefan Berger <stefanb@linux.ibm.com>

Implement the firmware API call pass-through-to-tpm that allows a caller
to pass a TPM command to the TPM. Since the buffer provided by the user
will be used for returning the TPM's response it must be sufficiently
large. To be safe, it should be of the size returned by the firmware API
call tpm-get-maximum-cmd-size.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 board-qemu/slof/vio-vtpm-cdriver.fs | 11 +++++++++++
 lib/libtpm/tcgbios.c                | 25 +++++++++++++++++++++++++
 lib/libtpm/tcgbios.h                |  1 +
 lib/libtpm/tpm.code                 | 11 +++++++++++
 lib/libtpm/tpm.in                   |  1 +
 5 files changed, 49 insertions(+)

diff --git a/board-qemu/slof/vio-vtpm-cdriver.fs b/board-qemu/slof/vio-vtpm-cdriver.fs
index 21c2190..ced2ac0 100644
--- a/board-qemu/slof/vio-vtpm-cdriver.fs
+++ b/board-qemu/slof/vio-vtpm-cdriver.fs
@@ -57,6 +57,17 @@ LOG-SIZE BUFFER: log-base
     THEN
 ;
 
+\ firmware API call
+: pass-through-to-tpm ( buf-addr cmd-size -- rsp-size )
+    vtpm-debug? IF
+        ." Call to pass-through-to-tpm" cr
+    THEN
+    tpm-pass-through-to-tpm                ( rsp-size )
+    vtpm-debug? IF
+        ." VTPM: tpm-pass-through-to-tpm returned size: " dup . cr
+    THEN
+;
+
 \ firmware API call
 : get-maximum-cmd-size ( -- max-size )
     vtpm-debug? IF
diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
index a64afde..366eda9 100644
--- a/lib/libtpm/tcgbios.c
+++ b/lib/libtpm/tcgbios.c
@@ -972,6 +972,31 @@ uint32_t tpm_get_maximum_cmd_size(void)
 	return PAPR_VTPM_MAX_BUFFER_SIZE;
 }
 
+uint32_t tpm_pass_through_to_tpm(void *buffer, uint32_t cmd_size)
+{
+	unsigned char respbuffer[PAPR_VTPM_MAX_BUFFER_SIZE];
+	uint32_t respbufferlen = sizeof(respbuffer);
+	struct tpm_req_header *hdr = buffer;
+	uint32_t totlen;
+	int ret;
+
+	if (cmd_size < sizeof(struct tpm_req_header))
+		return 0;
+
+	memcpy(&totlen, &hdr->totlen, sizeof(totlen));
+	if (cmd_size != be32_to_cpu(totlen))
+		return 0;
+
+	ret = spapr_transmit(0, buffer, respbuffer, &respbufferlen,
+			     TPM_DURATION_TYPE_LONG);
+	if (ret)
+		return 0;
+
+	memcpy(buffer, respbuffer, respbufferlen);
+
+	return respbufferlen;
+}
+
 /*
  * Add an EV_ACTION measurement to the list of measurements
  */
diff --git a/lib/libtpm/tcgbios.h b/lib/libtpm/tcgbios.h
index 83148e0..0e98e63 100644
--- a/lib/libtpm/tcgbios.h
+++ b/lib/libtpm/tcgbios.h
@@ -42,5 +42,6 @@ uint32_t tpm_2hash_ext_log(uint32_t pcrindex,
 			   const char *info, uint32_t infolen,
 			   const void *data, uint64_t datalen);
 uint32_t tpm_get_maximum_cmd_size(void);
+uint32_t tpm_pass_through_to_tpm(void *buffer, uint32_t cmdsize);
 
 #endif /* TCGBIOS_H */
diff --git a/lib/libtpm/tpm.code b/lib/libtpm/tpm.code
index 23075b8..27a87c9 100644
--- a/lib/libtpm/tpm.code
+++ b/lib/libtpm/tpm.code
@@ -216,3 +216,14 @@ PRIM(tpm_X2d_get_X2d_maximum_X2d_cmd_X2d_size)
 	PUSH;
 	TOS.u = tpm_get_maximum_cmd_size();
 MIRP
+
+/****************************************************************************************/
+/* SLOF:   tpm-pass-through-to-tpm ( buf-addr cmd-size -- rsp-size )                    */
+/* LIBTPM: rsp_size = tpm-pass-through-to-tpm                                           */
+/****************************************************************************************/
+PRIM(tpm_X2d_pass_X2d_through_X2d_to_X2d_tpm)
+	uint32_t cmd_size = TOS.u; POP;
+	void *buf = TOS.a;
+
+	TOS.u = tpm_pass_through_to_tpm(buf, cmd_size);
+MIRP
diff --git a/lib/libtpm/tpm.in b/lib/libtpm/tpm.in
index d76c479..b413a24 100644
--- a/lib/libtpm/tpm.in
+++ b/lib/libtpm/tpm.in
@@ -31,3 +31,4 @@ cod(tpm-measure-gpt)
 cod(tpm-hash-log-extend-event-buffer)
 cod(tpm-2hash-ext-log)
 cod(tpm-get-maximum-cmd-size)
+cod(tpm-pass-through-to-tpm)