xense-devel
[Xen-devel] Re: [Xense-devel] Infineon vtpm problem
Erdem Bayer <ebayer@xxxxxxxxxxxx> wrote on 02/29/2008
06:04:56 AM:
> Hi
>
> For the record, the patch you sent to the xen-devel list
> (http://lists.xensource.com/archives/html/xen-devel/2008-02/msg01092.html)
> eliminated the problem. Thank you very much for your time and effort.
What would really be needed is an upgrade of the tpm
emulator that's being downloaded by the build process. Version 0.4 is outdated
and a more recent version is 0.5.1. Actually Mario Strasser, the author
of the tpm emulator, said that that particular error had been fixed in
version 0.4.1. The problem with the newer version is that the Xen
patch against the emulator has almost all hunks rejected -- so forward-porting
could become quite involving...
Stefan
>
> Erdem Bayer
>
> Stefan Berger wrote On 28-02-2008 22:02:
> >
> > xen-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 02/28/2008 03:42:07
AM:
> >
> > > Hi
> > >
> > > I have looked through some source code and have the following
questions:
> > >
> > > 1)
> > > in tools/vtpm/vtpm/tpm/tpm_storage.c
> > >
> > > TPM_RESULT TPM_LoadKey2(TPM_KEY_HANDLE parentHandle, TPM_KEY
*inKey,
> > >
TPM_AUTH *auth1, TPM_KEY_HANDLE *inkeyHandle)
> > > {
> > > info("TPM_LoadKey2() is currently emulated by
TPM_LoadKey()");
> > > return TPM_LoadKey(parentHandle, inKey, auth1, inkeyHandle);
> > > }
> > >
> > > So TPM_LoadKey2 is actually a wrapper around TPM_LoadKey()
with exactly
> > > same parameters. My question is if they are using same parameters
why
> > > one fails while the other succeeds?
> >
> > It's (for example) the return path that's different. TPM_LoadKey2()
> > does NOT calculate the HMAC over the key's handle. And that's
actually
> > the source of the bug.
> >
> > >
> > > And why is it necessary to wrap the TPM_LoadKey function
with exactly
> > > same call? Any pointers would be highly appreciated.
> >
> >
> > Here's a link to a fairly recent version of the specification.
> >
> > https://www.trustedcomputinggroup.org/specs/TPM/mainP3Commandsrev103.zip
> >
> > >
> > > 2)
> > > in tools/vtpm/vtpm/tpm/tpm_commands.h
> > >
> > > * Description: ([TPM_Part3], Section 10.5)
> > >
> > > What is this TPM_Part3 document mentioned here and where
can I locate
> > > it? Is this the document named "TPM Main Part3 IBM
Commands" written by
> > > Ken Goldman and you? If that is correct, I have Revision
10 of this
> > > document dated 25 April 2005 and that document does not
have Section
> > > 10.5. Is there a more recent version that I am not
aware of?
> >
> > No, this is not referring to that document. It's referring to
the one
> > link above.
> >
> > >
> > > 3) Is this problem specific to TPM hardware (ie only infinion
tpm) or
> > > xen version?
> >
> > It's a bug in the TPM emulator.
> >
> > This patch here does the trick. When I have some time I'll try
to
> > prepare a patch for the patch that the Xen build process applies
on
> > top of the tpm emulator code. I'll also send it to the maintainer(s)
> > of the tpm emualtor.
> >
> > --- ./tpm_emulator/tpm/tpm_cmd_handler.c
2008-02-27
> > 16:35:41.000000000 -0500
> > +++ vtpm/tpm/tpm_cmd_handler.c 2008-02-28
14:43:28.000000000 -0500
> > @@ -94,12 +94,18 @@ void tpm_compute_out_param_digest(TPM_CO
> > sha1_ctx_t sha1;
> > UINT32 res = CPU_TO_BE32(rsp->result);
> > UINT32 ord = CPU_TO_BE32(ordinal);
> > + UINT32 offset = 0;
> >
> > /* compute SHA1 hash */
> > sha1_init(&sha1);
> > sha1_update(&sha1, (BYTE*)&res, 4);
> > sha1_update(&sha1, (BYTE*)&ord, 4);
> > - sha1_update(&sha1, rsp->param, rsp->paramSize);
> > + if (ordinal == TPM_ORD_LoadKey2) {
> > + offset = 4;
> > + }
> > + if (rsp->paramSize - offset > 0) {
> > + sha1_update(&sha1, rsp->param +
offset, rsp->paramSize - offset);
> > + }
> > sha1_final(&sha1, rsp->auth1->digest);
> > if (rsp->auth2 != NULL) memcpy(rsp->auth2->digest,
> > rsp->auth1->digest, sizeof(rsp->auth1->digest));
> >
> > Please try it.
> >
> >
> > >
> > > 4) You said you used some tools to trace and alter tss behaviour.
What
> > > is this tool and how can I obtain it?
> >
> > It's not a publicly available tool. It's basically forming the
TPM
> > commands directly and writes them to /dev/tpm0 and so circumvents
the
> > TSS stack.
> >
> > Stefan
> >
> >
> > >
> > > Thanks for your time
> > > Erdem Bayer
> > >
> > > Stefan Berger wrote On 28-02-2008 04:47:
> > > >
> > > > xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 02/27/2008
> > 04:02:41 PM:
> > > >
> > > > > Hi
> > > > >
> > > > > I have checked out the 0.3.2cvs version of trousers
and finally
> > get the
> > > > > tsstest working with very few differences from
when it is run under
> > > > > non-xen host. My previous attempts was on 0.3.1
(stable).
> > > > >
> > > > > However when run tpm_sealdata, I still get
> > > > >
> > > > > Tspi_Key_LoadKey failed: 0x00003113 - layer=tsp,
code=0113 (275),
> > > > > Authorization failed.
> > > >
> > > > So, I just tried this and I ran into the same problem.
I then used
> > > > some tools that let me control whether to use TPM_LoadKey()
or
> > > > TPM_LoadKey2(). Loading a key with TPM_LoadKey2() failed
due to HMAC
> > > > authorization failing, TPM_LoadKey() worked. From what
I saw is that
> > > > the TSS is using TPM_LoadKey2() and the TPM implementation
then
> > states
> > > > that TPM_LoadKey2() is emulated using TPM_LoadKey().
Well, it
> > seems to
> > > > be a bug in the TPM_LoadKey2() implementation.
> > > >
> > > > >
> > > > > This reminds me that maybe I am using vtpm wrong
way. Is there a
> > > > > document about how to use vtpm?
> > > > >
> > > > No, you are using it correctly.
> > > >
> > > > Stefan
> > > >
> > > >
> > > >
> > > > > Here is what I do from sratch:
> > > > >
> > > > > 1. Clear and reactivate TPM from bios.
> > > > > 2. Run vtpm_managerd in dom0 and let it continue
running on console.
> > > > > 3. Boot domU with vif statement in config file.
> > > > > 4. Run tcsd -f on domU and let it continue running
on console.
> > > > >
> > > > > From now on every tpm operation I run on
domU returns an error.
> > > > >
> > > > > Operations tried on domU
> > > > >
> > > > > 1. I tried tpm_takeownership with success (although
I see an
> > error on
> > > > > tcsd -f output, I assume it is normal because
I see exact same error
> > > > > when I run takeownership from non-xen host and
actually prove
> > ownership
> > > > > taken by using sealdata successfully) but when
I try
> > tpm_sealdata I get
> > > > > above error.
> > > > >
> > > > > 2. After starting from scratch, I tried tpm_sealdata
without
> > first try
> > > > > to take ownership. This time there is a different
output:
> > > > >
> > > > > Enter SRK password:
> > > > > Tspi_Key_CreateKey failed: 0x00000003 - layer=tpm,
code=0003
> > (3), Bad
> > > > > Parameter
> > > > >
> > > > > I think I am not able to use vtpm because probably
I am not
> > doing the
> > > > > right sequence of actions on domU. So if there
is a document
> > about vtpm
> > > > > usage, please point me to it.
> > > > >
> > > > > And here is another question:
> > > > >
> > > > > I never run tpm_takeownership on dom0. Whenever
I start from
> > scratch I
> > > > > let the vtpm_managerd to take ownership of tpm.
However, I do
> > not know
> > > > > the owner or srk password it uses. When I use
vtpm on domU and
> > asked
> > > > for
> > > > > the srk pasword, which password should I enter?
Also, should I take
> > > > > ownership of vtpm on domU every time I booted
it? How do I save
> > > > state of
> > > > > the vtpm for a domain across boots?
> > > > >
> > > > > Thanks for time.
> > > > > Erdem Bayer
> > > > >
> > > > >
> > > > > Stefan Berger wrote On 27-02-2008 05:59:
> > > > > >
> > > > > > xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote
on 02/26/2008
> > > > 06:28:01 PM:
> > > > > >
> > > > > > > Hi
> > > > > > >
> > > > > > > I have successfully applied the patch
mentioned here
> > > > > > >
> > > > > >
> > > >
> > (http://lists.xensource.com/archives/html/xense-devel/2007-04/msg00005.html
> > > > > )
> > > > > >
> > > > > > > to the xen v. 3.1.3 on an HP nx8325
with Infineon TPM.
> > > > > > >
> > > > > > > I cleared the tpm, deleted /var/vtpm/VTPM
file and rebooted.
> > > > > > >
> > > > > > > After reboot, vtpm_managerd runs ok.
(output is attched to the
> > > > mail.)
> > > > > > >
> > > > > > > I created a pv vm with the option vtpm
= ['instance=1,
> > > > backend=0'] The
> > > > > > > vm boots fine.
> > > > > > >
> > > > > > > I installed trousers-0.3.1 and tpm-tools-1.3.1
from sources on
> > > > the vm.
> > > > > > >
> > > > > > > I run tcsd -f on the vm. (output is
attched to the mail.)
> > > > > > >
> > > > > > > I checkout and run the trousers test
suite. 10 tests passed
> > with 230
> > > > > > > failed. (Is this expected?)
> > > > > >
> > > > > >
> > > > > > It is likely that this (v)TPM implementation
has quite a few
> > bugs,
> > > > but
> > > > > > I would not expect that many errors.
> > > > > >
> > > > > > >
> > > > > > > When I try tpm_takeownership on the
vm, the command runs fine.
> > > > > > (Although
> > > > > > > a strange warning appers on tcsd output
which is attched).
> > > > > >
> > > > > > This error may be related to older versions
of the TPM device
> > driver
> > > > > > having used an ioctl interface for sending/receiving
commands
> > to/from
> > > > > > the TPM and the TSS still tries this interface
first. This
> > should not
> > > > > > be a reason for the errors you are seeing.
> > > > > >
> > > > > > >
> > > > > > > But when I try tpm_sealdata < foo
on the vm I get the following
> > > > error.
> > > > > > >
> > > > > > > Tspi_Key_LoadKey failed: 0x00003113
- layer=tsp, code=0113
> > (275),
> > > > > > > Authorization failed
> > > > > > >
> > > > > > > But other tpm_version runs fine on vm.
> > > > > > >
> > > > > > > tpm-test:~# tpm_version
> > > > > > > TPM 1.2 Version Info:
> > > > > > > Chip Version:
1.2.0.4
> > > > > > > Spec Level:
2
> > > > > > > Errata Revision:
94
> > > > > > > TPM Vendor ID:
> > > > > > > TPM Version:
01010000
> > > > > > > Manufacturer Info: 4554485a
> > > > > > >
> > > > > > > Also this quote is from Xen User's Guide:
> > > > > > >
> > > > > > > "Similarly, the TPM frontend driver
must be compiled for the
> > kernel
> > > > > > > trying to use TPM functionality. Its
driver can be selected
> > in the
> > > > > > > kernel configuration section Device
Driver / Character
> > Devices / TPM
> > > > > > > Devices. Along with that the TPM driver
for the built-in TPM
> > must be
> > > > > > > selected."
> > > > > > >
> > > > > > > According to my understanding driver
for the built-in TPM
> > must be
> > > > > > > selected on the kernel where TPM frontend
driver is used. Am I
> > > > correct
> > > > > > > about this assumption? (The problem
is tpm_infineon driver can
> > > > not be
> > > > > >
> > > > > > The driver for the built-in Infineon TPM
must be built into
> > Domain-0,
> > > > > > the TPM frontend driver in the guest domain
and the backend driver
> > > > > > also into Domain-0. This has probably been
done correctly since
> > > > > > otherwise the vTPM would not work at all.
> > > > > >
> > > > > >
> > > > > > > selected on an unpriviledged kernel,
it can only be selected
> > on a
> > > > > > > priviledged kernel)
> > > > > > >
> > > > > > > Am I missing something here? Why do
I get auth errors?
> > > > > >
> > > > > >
> > > > > > Did you try to run the same sequence of comands
(tpm commands,
> > test
> > > > > > suite etc.) on a plain Linux kernel with
the TSS stack against the
> > > > > > built-in Infineone TPM? From what I remember,
the test suite
> > for the
> > > > > > TSS stack either tries to set a specific
TPM owner password or it
> > > > must
> > > > > > previously have been set to it by the user,
otherwise many
> > > > > > authentication errors will occur.
> > > > > >
> > > > > > Stefan
> > > > > >
> > > > > > >
> > > > > > > Thanks in advance.
> > > > > > >
> > > > > > > Erdem Bayer
> > > > > > > [attachment "vtpm_managerd.out"
deleted by Stefan
> > Berger/Watson/IBM]
> > > > > > > [attachment "tcsd.out" deleted
by Stefan Berger/Watson/IBM]
> > > > > > > _______________________________________________
> > > > > > > Xense-devel mailing list
> > > > > > > Xense-devel@xxxxxxxxxxxxxxxxxxx
> > > > > > > http://lists.xensource.com/xense-devel
> > > > >
> > > > > _______________________________________________
> > > > > Xense-devel mailing list
> > > > > Xense-devel@xxxxxxxxxxxxxxxxxxx
> > > > > http://lists.xensource.com/xense-devel
> > >
> > > _______________________________________________
> > > Xen-devel mailing list
> > > Xen-devel@xxxxxxxxxxxxxxxxxxx
> > > http://lists.xensource.com/xen-devel
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|