1 /******************************************************************************
2 * tpmif.h
3 *
4 * TPM I/O interface for Xen guest OSes.
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to
8 * deal in the Software without restriction, including without limitation the
9 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
10 * sell copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
22 * DEALINGS IN THE SOFTWARE.
23 *
24 * Copyright (c) 2005, IBM Corporation
25 *
26 * Author: Stefan Berger, stefanb@us.ibm.com
27 * Grant table support: Mahadevan Gomathisankaran
28 *
29 * This code has been derived from tools/libxc/xen/io/netif.h
30 *
31 * Copyright (c) 2003-2004, Keir Fraser
32 */
33
34 #ifndef __XEN_PUBLIC_IO_TPMIF_H__
35 #define __XEN_PUBLIC_IO_TPMIF_H__
36
37 #include "../grant_table.h"
38
39 struct tpmif_tx_request {
40 unsigned long addr; /* Machine address of packet. */
41 grant_ref_t ref; /* grant table access reference */
42 uint16_t unused;
43 uint16_t size; /* Packet size in bytes. */
44 };
45 typedef struct tpmif_tx_request tpmif_tx_request_t;
46
47 /*
48 * The TPMIF_TX_RING_SIZE defines the number of pages the
49 * front-end and backend can exchange (= size of array).
50 */
51 typedef uint32_t TPMIF_RING_IDX;
52
53 #define TPMIF_TX_RING_SIZE 1
54
55 /* This structure must fit in a memory page. */
56
57 struct tpmif_ring {
58 struct tpmif_tx_request req;
59 };
60 typedef struct tpmif_ring tpmif_ring_t;
61
62 struct tpmif_tx_interface {
63 struct tpmif_ring ring[TPMIF_TX_RING_SIZE];
64 };
65 typedef struct tpmif_tx_interface tpmif_tx_interface_t;
66
67 /******************************************************************************
68 * TPM I/O interface for Xen guest OSes, v2
69 *
70 * Author: Daniel De Graaf <dgdegra@tycho.nsa.gov>
71 *
72 * This protocol emulates the request/response behavior of a TPM using a Xen
73 * shared memory interface. All interaction with the TPM is at the direction
74 * of the frontend, since a TPM (hardware or virtual) is a passive device -
75 * the backend only processes commands as requested by the frontend.
76 *
77 * The frontend sends a request to the TPM by populating the shared page with
78 * the request packet, changing the state to TPMIF_STATE_SUBMIT, and sending
79 * and event channel notification. When the backend is finished, it will set
80 * the state to TPMIF_STATE_FINISH and send an event channel notification.
81 *
82 * In order to allow long-running commands to be canceled, the frontend can
83 * at any time change the state to TPMIF_STATE_CANCEL and send a notification.
84 * The TPM can either finish the command (changing state to TPMIF_STATE_FINISH)
85 * or can cancel the command and change the state to TPMIF_STATE_IDLE. The TPM
86 * can also change the state to TPMIF_STATE_IDLE instead of TPMIF_STATE_FINISH
87 * if another reason for cancellation is required - for example, a physical
88 * TPM may cancel a command if the interface is seized by another locality.
89 *
90 * The TPM command format is defined by the TCG, and is available at
91 * http://www.trustedcomputinggroup.org/resources/tpm_main_specification
92 */
93
94 enum tpmif_state {
95 TPMIF_STATE_IDLE, /* no contents / vTPM idle / cancel complete */
96 TPMIF_STATE_SUBMIT, /* request ready / vTPM working */
97 TPMIF_STATE_FINISH, /* response ready / vTPM idle */
98 TPMIF_STATE_CANCEL, /* cancel requested / vTPM working */
99 };
100 /* Note: The backend should only change state to IDLE or FINISH, while the
101 * frontend should only change to SUBMIT or CANCEL. Status changes do not need
102 * to use atomic operations.
103 */
104
105
106 /* The shared page for vTPM request/response packets looks like:
107 *
108 * Offset Contents
109 * =================================================
110 * 0 struct tpmif_shared_page
111 * 16 [optional] List of grant IDs
112 * 16+4*nr_extra_pages TPM packet data
113 *
114 * If the TPM packet data extends beyond the end of a single page, the grant IDs
115 * defined in extra_pages are used as if they were mapped immediately following
116 * the primary shared page. The grants are allocated by the frontend and mapped
117 * by the backend. Before sending a request spanning multiple pages, the
118 * frontend should verify that the TPM supports such large requests by querying
119 * the TPM_CAP_PROP_INPUT_BUFFER property from the TPM.
120 */
121 struct tpmif_shared_page {
122 uint32_t length; /* request/response length in bytes */
123
124 uint8_t state; /* enum tpmif_state */
125 uint8_t locality; /* for the current request */
126 uint8_t pad; /* should be zero */
127
128 uint8_t nr_extra_pages; /* extra pages for long packets; may be zero */
129 uint32_t extra_pages[0]; /* grant IDs; length is actually nr_extra_pages */
130 };
131 typedef struct tpmif_shared_page tpmif_shared_page_t;
132
133 #endif
134
135 /*
136 * Local variables:
137 * mode: C
138 * c-file-style: "BSD"
139 * c-basic-offset: 4
140 * tab-width: 4
141 * indent-tabs-mode: nil
142 * End:
143 */
Cache object: b7b9821146e584dbb7c306ee6079fee6
|