| OLD | NEW |
|---|
| 1 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux | 1 /* Software-based Trusted Platform Module (TPM) Emulator |
| 2 * Copyright (C) 2006 Mario Strasser <mast@gmx.net>, | 2 * Copyright (C) 2004-2010 Mario Strasser <mast@gmx.net> |
| 3 * Swiss Federal Institute of Technology (ETH) Zurich | |
| 4 * | 3 * |
| 5 * This program is free software; you can redistribute it and/or modify | 4 * This program is free software; you can redistribute it and/or modify |
| 6 * it under the terms of the GNU General Public License as published | 5 * it under the terms of the GNU General Public License as published |
| 7 * by the Free Software Foundation; either version 2 of the License, | 6 * by the Free Software Foundation; either version 2 of the License, |
| 8 * or (at your option) any later version. | 7 * or (at your option) any later version. |
| 9 * | 8 * |
| 10 * This program is distributed in the hope that it will be useful, | 9 * This program is distributed in the hope that it will be useful, |
| 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of | 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 13 * GNU General Public License for more details. | 12 * GNU General Public License for more details. |
| 14 * | 13 * |
| 15 * $Id$ | 14 * $Id: tpmd.c 405 2010-02-18 23:11:31Z mast $ |
| 16 */ | 15 */ |
| 17 | 16 |
| 18 #include <stdio.h> | 17 #include <stdio.h> |
| 19 #include <stdlib.h> | 18 #include <stdlib.h> |
| 20 #include <unistd.h> | 19 #include <unistd.h> |
| 21 #include <signal.h> | 20 #include <signal.h> |
| 22 #include <string.h> | 21 #include <string.h> |
| 23 #include <errno.h> | 22 #include <errno.h> |
| 24 #include <syslog.h> | 23 #include <syslog.h> |
| 25 #include <stdarg.h> | 24 #include <stdarg.h> |
| 26 #include <fcntl.h> | 25 #include <fcntl.h> |
| 27 #include <sys/stat.h> | 26 #include <sys/stat.h> |
| 28 #include <sys/time.h> | 27 #include <sys/time.h> |
| 29 #include <sys/socket.h> | 28 #include <sys/socket.h> |
| 30 #include <sys/un.h> | 29 #include <sys/un.h> |
| 31 #include <pwd.h> | 30 #include <pwd.h> |
| 32 #include <grp.h> | 31 #include <grp.h> |
| 33 #include "config.h" | 32 #include "config.h" |
| 34 #include "tpm/tpm_emulator.h" | 33 #include "tpm/tpm_emulator.h" |
| 35 | 34 |
| 36 #define TPM_COMMAND_TIMEOUT 30 | 35 #define TPM_COMMAND_TIMEOUT 30 |
| 37 #define TPM_RANDOM_DEVICE "/dev/urandom" | 36 #define TPM_RANDOM_DEVICE "/dev/urandom" |
| 38 | 37 |
| 39 static volatile int stopflag = 0; | 38 static volatile int stopflag = 0; |
| 40 static int is_daemon = 0; | 39 static int is_daemon = 0; |
| 41 static int opt_debug = 0; | 40 static int opt_debug = 0; |
| 42 static int opt_foreground = 0; | 41 static int opt_foreground = 0; |
| 43 static const char *opt_socket_name = TPM_SOCKET_NAME; | 42 static const char *opt_socket_name = TPM_SOCKET_NAME; |
| 44 static const char *opt_storage_file = TPM_STORAGE_NAME; | 43 static const char *opt_storage_file = TPM_STORAGE_NAME; |
| 45 | |
| 46 static uid_t opt_uid = 0; | 44 static uid_t opt_uid = 0; |
| 47 static gid_t opt_gid = 0; | 45 static gid_t opt_gid = 0; |
| 48 static int tpm_startup = 2; | 46 static int tpm_startup = 2; |
| 47 static uint32_t tpm_config = 0; |
| 49 static int rand_fh; | 48 static int rand_fh; |
| 50 | 49 |
| 51 void *tpm_malloc(size_t size) | 50 void *tpm_malloc(size_t size) |
| 52 { | 51 { |
| 53 return malloc(size); | 52 return malloc(size); |
| 54 } | 53 } |
| 55 | 54 |
| 56 void tpm_free(/*const*/ void *ptr) | 55 void tpm_free(/*const*/ void *ptr) |
| 57 { | 56 { |
| 58 if (ptr != NULL) free((void*)ptr); | 57 if (ptr != NULL) free((void*)ptr); |
| 59 } | 58 } |
| 60 | 59 |
| 61 void tpm_log(int priority, const char *fmt, ...) | 60 void tpm_log(int priority, const char *fmt, ...) |
| 62 { | 61 { |
| 63 va_list ap, bp; | 62 va_list ap, bp; |
| 64 va_start(ap, fmt); | 63 va_start(ap, fmt); |
| 65 va_copy(bp, ap); | 64 va_copy(bp, ap); |
| 66 vsyslog(priority, fmt, ap); | 65 switch (priority) { |
| 66 case TPM_LOG_DEBUG: |
| 67 vsyslog(LOG_DEBUG, fmt, ap); |
| 68 break; |
| 69 case TPM_LOG_ERROR: |
| 70 vsyslog(LOG_ERR, fmt, ap); |
| 71 break; |
| 72 case TPM_LOG_INFO: |
| 73 default: |
| 74 vsyslog(LOG_INFO, fmt, ap); |
| 75 break; |
| 76 } |
| 67 va_end(ap); | 77 va_end(ap); |
| 68 if (!is_daemon && (priority != LOG_DEBUG || opt_debug)) { | 78 if (!is_daemon && (priority != TPM_LOG_DEBUG || opt_debug)) { |
| 69 vprintf(fmt, bp); | 79 vprintf(fmt, bp); |
| 70 } | 80 } |
| 71 va_end(bp); | 81 va_end(bp); |
| 72 } | 82 } |
| 73 | 83 |
| 74 void tpm_get_extern_random_bytes(void *buf, size_t nbytes) | 84 void tpm_get_extern_random_bytes(void *buf, size_t nbytes) |
| 75 { | 85 { |
| 76 uint8_t *p = (uint8_t*)buf; | 86 uint8_t *p = (uint8_t*)buf; |
| 77 ssize_t res; | 87 ssize_t res; |
| 78 while (nbytes > 0) { | 88 while (nbytes > 0) { |
| 79 res = read(rand_fh, p, nbytes); | 89 res = read(rand_fh, p, nbytes); |
| (...skipping 16 matching lines...) Expand all Loading... |
| 96 } | 106 } |
| 97 | 107 |
| 98 int tpm_write_to_storage(uint8_t *data, size_t data_length) | 108 int tpm_write_to_storage(uint8_t *data, size_t data_length) |
| 99 { | 109 { |
| 100 int fh; | 110 int fh; |
| 101 ssize_t res; | 111 ssize_t res; |
| 102 fh = open(opt_storage_file, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR)
; | 112 fh = open(opt_storage_file, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR)
; |
| 103 if (fh < 0) return -1; | 113 if (fh < 0) return -1; |
| 104 while (data_length > 0) { | 114 while (data_length > 0) { |
| 105 res = write(fh, data, data_length); | 115 res = write(fh, data, data_length); |
| 106 » if (res < 0) { | 116 if (res < 0) { |
| 107 » close(fh); | 117 close(fh); |
| 108 » return -1; | 118 return -1; |
| 109 » } | 119 } |
| 110 » data_length -= res; | 120 data_length -= res; |
| 111 » data += res; | 121 data += res; |
| 112 } | 122 } |
| 113 close(fh); | 123 close(fh); |
| 114 return 0; | 124 return 0; |
| 115 } | 125 } |
| 116 | 126 |
| 117 int tpm_read_from_storage(uint8_t **data, size_t *data_length) | 127 int tpm_read_from_storage(uint8_t **data, size_t *data_length) |
| 118 { | 128 { |
| 119 int fh; | 129 int fh; |
| 120 ssize_t res; | 130 ssize_t res; |
| 121 size_t total_length; | 131 size_t total_length; |
| 122 fh = open(opt_storage_file, O_RDONLY); | 132 fh = open(opt_storage_file, O_RDONLY); |
| 123 if (fh < 0) return -1; | 133 if (fh < 0) return -1; |
| 124 total_length = lseek(fh, 0, SEEK_END); | 134 total_length = lseek(fh, 0, SEEK_END); |
| 125 lseek(fh, 0, SEEK_SET); | 135 lseek(fh, 0, SEEK_SET); |
| 126 *data = tpm_malloc(total_length); | 136 *data = tpm_malloc(total_length); |
| 127 if (*data == NULL) { | 137 if (*data == NULL) { |
| 128 close(fh); | 138 close(fh); |
| 129 return -1; | 139 return -1; |
| 130 } | 140 } |
| 131 *data_length = 0; | 141 *data_length = 0; |
| 132 while (total_length > 0) { | 142 while (total_length > 0) { |
| 133 res = read(fh, &(*data)[*data_length], total_length); | 143 res = read(fh, &(*data)[*data_length], total_length); |
| 134 » if (res < 0) { | 144 if (res < 0) { |
| 135 » close(fh); | 145 close(fh); |
| 136 » tpm_free(*data); | 146 tpm_free(*data); |
| 137 » return -1; | 147 return -1; |
| 138 » } | 148 } |
| 149 if (res == 0) break; |
| 139 *data_length += res; | 150 *data_length += res; |
| 140 » total_length -= res; | 151 total_length -= res; |
| 141 } | 152 } |
| 142 close(fh); | 153 close(fh); |
| 143 return 0; | 154 return 0; |
| 144 } | 155 } |
| 145 | 156 |
| 146 static void print_usage(char *name) | 157 static void print_usage(char *name) |
| 147 { | 158 { |
| 148 printf("usage: %s [-d] [-f] [-s storage file] [-u unix socket name] " | 159 printf("usage: %s [-d] [-f] [-s storage file] [-u unix socket name] " |
| 149 "[-o user name] [-g group name] [-h] [startup mode]\n", name); | 160 "[-o user name] [-g group name] [-h] [startup mode]\n", name); |
| 150 printf(" d : enable debug mode\n"); | 161 printf(" d : enable debug mode\n"); |
| 151 printf(" f : forces the application to run in the foreground\n"); | 162 printf(" f : forces the application to run in the foreground\n"); |
| 152 printf(" s : storage file to use (default: %s)\n", opt_storage_file); | 163 printf(" s : storage file to use (default: %s)\n", opt_storage_file); |
| 153 printf(" u : unix socket name to use (default: %s)\n", opt_socket_name); | 164 printf(" u : unix socket name to use (default: %s)\n", opt_socket_name); |
| 154 printf(" o : effective user the application should run as\n"); | 165 printf(" o : effective user the application should run as\n"); |
| 155 printf(" g : effective group the application should run as\n"); | 166 printf(" g : effective group the application should run as\n"); |
| 156 printf(" h : print this help message\n"); | 167 printf(" h : print this help message\n"); |
| 157 printf(" startup mode : must be 'clear', " | 168 printf(" startup mode : must be 'clear', " |
| 158 "'save' (default) or 'deactivated\n"); | 169 "'save' (default) or 'deactivated\n"); |
| 159 } | 170 } |
| 160 | 171 |
| 161 static void parse_options(int argc, char **argv) | 172 static void parse_options(int argc, char **argv) |
| 162 { | 173 { |
| 163 char c; | 174 char c; |
| 164 struct passwd *pwd; | 175 struct passwd *pwd; |
| 165 struct group *grp; | 176 struct group *grp; |
| 166 opt_uid = getuid(); | 177 opt_uid = getuid(); |
| 167 opt_gid = getgid(); | 178 opt_gid = getgid(); |
| 168 info("parsing options"); | 179 info("parsing options"); |
| 169 while ((c = getopt (argc, argv, "dfs:u:o:g:h")) != -1) { | 180 while ((c = getopt (argc, argv, "dfs:u:o:g:c:h")) != -1) { |
| 170 debug("handling option '-%c'", c); | 181 debug("handling option '-%c'", c); |
| 171 switch (c) { | 182 switch (c) { |
| 172 case 'd': | 183 case 'd': |
| 173 opt_debug = 1; | 184 opt_debug = 1; |
| 174 setlogmask(setlogmask(0) | LOG_MASK(LOG_DEBUG)); | 185 setlogmask(setlogmask(0) | LOG_MASK(LOG_DEBUG)); |
| 175 debug("debug mode enabled"); | 186 debug("debug mode enabled"); |
| 176 break; | 187 break; |
| 177 case 'f': | 188 case 'f': |
| 178 debug("application is forced to run in foreground"); | 189 debug("application is forced to run in foreground"); |
| 179 opt_foreground = 1; | 190 opt_foreground = 1; |
| (...skipping 15 matching lines...) Expand all Loading... |
| 195 opt_uid = pwd->pw_uid; | 206 opt_uid = pwd->pw_uid; |
| 196 break; | 207 break; |
| 197 case 'g': | 208 case 'g': |
| 198 grp = getgrnam(optarg); | 209 grp = getgrnam(optarg); |
| 199 if (grp == NULL) { | 210 if (grp == NULL) { |
| 200 error("invalid group name '%s'\n", optarg); | 211 error("invalid group name '%s'\n", optarg); |
| 201 exit(EXIT_FAILURE); | 212 exit(EXIT_FAILURE); |
| 202 } | 213 } |
| 203 opt_gid = grp->gr_gid; | 214 opt_gid = grp->gr_gid; |
| 204 break; | 215 break; |
| 216 case 'c': |
| 217 tpm_config = strtol(optarg, NULL, 0); |
| 218 break; |
| 205 case '?': | 219 case '?': |
| 206 error("unknown option '-%c'", optopt); | 220 error("unknown option '-%c'", optopt); |
| 207 print_usage(argv[0]); | 221 print_usage(argv[0]); |
| 208 exit(EXIT_FAILURE); | 222 exit(EXIT_FAILURE); |
| 209 case 'h': | 223 case 'h': |
| 210 default: | 224 default: |
| 211 print_usage(argv[0]); | 225 print_usage(argv[0]); |
| 212 exit(EXIT_SUCCESS); | 226 exit(EXIT_SUCCESS); |
| 213 } | 227 } |
| 214 } | 228 } |
| (...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 372 socklen_t addr_len; | 386 socklen_t addr_len; |
| 373 fd_set rfds; | 387 fd_set rfds; |
| 374 struct timeval tv; | 388 struct timeval tv; |
| 375 | 389 |
| 376 info("staring main loop"); | 390 info("staring main loop"); |
| 377 /* open UNIX socket */ | 391 /* open UNIX socket */ |
| 378 sock = init_socket(opt_socket_name); | 392 sock = init_socket(opt_socket_name); |
| 379 if (sock < 0) exit(EXIT_FAILURE); | 393 if (sock < 0) exit(EXIT_FAILURE); |
| 380 /* init tpm emulator */ | 394 /* init tpm emulator */ |
| 381 mkdirs(opt_storage_file); | 395 mkdirs(opt_storage_file); |
| 382 debug("initializing TPM emulator: %d", tpm_startup); | 396 debug("initializing TPM emulator"); |
| 383 tpm_emulator_init(tpm_startup); | 397 tpm_emulator_init(tpm_startup, tpm_config); |
| 384 /* start command processing */ | 398 /* start command processing */ |
| 385 while (!stopflag) { | 399 while (!stopflag) { |
| 386 /* wait for incomming connections */ | 400 /* wait for incomming connections */ |
| 387 debug("waiting for connections..."); | 401 debug("waiting for connections..."); |
| 388 FD_ZERO(&rfds); | 402 FD_ZERO(&rfds); |
| 389 FD_SET(sock, &rfds); | 403 FD_SET(sock, &rfds); |
| 390 tv.tv_sec = 10; | 404 tv.tv_sec = 10; |
| 391 tv.tv_usec = 0; | 405 tv.tv_usec = 0; |
| 392 res = select(sock + 1, &rfds, NULL, NULL, &tv); | 406 res = select(sock + 1, &rfds, NULL, NULL, &tv); |
| 393 if (res < 0) { | 407 if (res < 0) { |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 426 } | 440 } |
| 427 in_len = read(fh, in, sizeof(in)); | 441 in_len = read(fh, in, sizeof(in)); |
| 428 if (in_len > 0) { | 442 if (in_len > 0) { |
| 429 debug("received %d bytes", in_len); | 443 debug("received %d bytes", in_len); |
| 430 out = NULL; | 444 out = NULL; |
| 431 res = tpm_handle_command(in, in_len, &out, &out_len); | 445 res = tpm_handle_command(in, in_len, &out, &out_len); |
| 432 if (res < 0) { | 446 if (res < 0) { |
| 433 error("tpm_handle_command() failed"); | 447 error("tpm_handle_command() failed"); |
| 434 } else { | 448 } else { |
| 435 debug("sending %d bytes", out_len); | 449 debug("sending %d bytes", out_len); |
| 436 while (out_len > 0) { | 450 uint32_t len = 0; |
| 437 res = write(fh, out, out_len); | 451 while (len < out_len) { |
| 452 res = write(fh, &out[len], out_len - len); |
| 438 if (res < 0) { | 453 if (res < 0) { |
| 439 error("write(%d) failed: %s", out_len, strerror(errn
o)); | 454 error("write(%d) failed: %s", |
| 455 out_len - len, strerror(errno)); |
| 440 break; | 456 break; |
| 441 } | 457 } |
| 442 out_len»-= res; | 458 len += res; |
| 443 } | 459 } |
| 444 tpm_free(out); | 460 tpm_free(out); |
| 445 } | 461 } |
| 446 } | 462 } |
| 447 } while (in_len > 0); | 463 } while (in_len > 0); |
| 448 close(fh); | 464 close(fh); |
| 449 } | 465 } |
| 450 /* shutdown tpm emulator */ | 466 /* shutdown tpm emulator */ |
| 451 tpm_emulator_shutdown(); | 467 tpm_emulator_shutdown(); |
| 452 /* close socket */ | 468 /* close socket */ |
| 453 close(sock); | 469 close(sock); |
| 454 unlink(opt_socket_name); | 470 unlink(opt_socket_name); |
| 455 info("main loop stopped"); | 471 info("main loop stopped"); |
| 456 } | 472 } |
| 457 | 473 |
| 458 int main(int argc, char **argv) | 474 int main(int argc, char **argv) |
| 459 { | 475 { |
| 460 openlog(argv[0], 0, LOG_DAEMON); | 476 openlog(argv[0], 0, LOG_DAEMON); |
| 461 setlogmask(~LOG_MASK(LOG_DEBUG)); | 477 setlogmask(~LOG_MASK(LOG_DEBUG)); |
| 462 syslog(LOG_INFO, "--- separator ---\n"); | 478 syslog(LOG_INFO, "--- separator ---\n"); |
| 463 info("starting TPM Emulator daemon (1.2.%d.%d-%d)", | 479 info("starting TPM Emulator daemon (1.2.%d.%d-%d)", |
| 464 VERSION_MAJOR, VERSION_MINOR, VERSION_BUILD); | 480 VERSION_MAJOR, VERSION_MINOR, VERSION_BUILD); |
| 465 parse_options(argc, argv); | 481 parse_options(argc, argv); |
| 466 /* switch uid/gid if required */ | 482 /* switch uid/gid if required */ |
| 467 switch_uid_gid(); | 483 switch_uid_gid(); |
| 468 /* open random device */ | |
| 469 init_random(); | |
| 470 /* init signal handlers */ | 484 /* init signal handlers */ |
| 471 init_signal_handler(); | 485 init_signal_handler(); |
| 472 /* unless requested otherwiese, fork and daemonize process */ | 486 /* unless requested otherwiese, fork and daemonize process */ |
| 473 if (!opt_foreground) daemonize(); | 487 if (!opt_foreground) daemonize(); |
| 488 /* open random device */ |
| 489 init_random(); |
| 474 /* start main processing loop */ | 490 /* start main processing loop */ |
| 475 main_loop(); | 491 main_loop(); |
| 476 info("stopping TPM Emulator daemon"); | 492 info("stopping TPM Emulator daemon"); |
| 493 close(rand_fh); |
| 477 closelog(); | 494 closelog(); |
| 478 return 0; | 495 return EXIT_SUCCESS; |
| 479 } | 496 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 660204:
Upgrade to tpm-emulator version 0.7. (Closed)
