// Copyright 2019 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
use std::os::raw::{c_int, c_uint};
use std::ptr;
use std::slice;
use std::sync::atomic::{AtomicBool, Ordering};
static SIMULATOR_EXISTS: AtomicBool = AtomicBool::new(false);
/// A libtpm2-based TPM simulator.
///
/// At most one simulator may exist per process because libtpm2 uses a static
/// global response buffer.
///
/// # Examples
///
/// ```no_run
/// let mut simulator = tpm2::Simulator::singleton_in_current_directory();
///
/// let command = &[ /* ... */ ];
/// let response = simulator.execute_command(command);
/// println!("{:?}", response);
/// ```
pub struct Simulator {
_priv: (),
}
impl Simulator {
/// Initializes a TPM simulator in the current working directory.
///
/// # Panics
///
/// Panics if a TPM simulator has already been initialized by this process.
pub fn singleton_in_current_directory() -> Self {
let already_existed = SIMULATOR_EXISTS.swap(true, Ordering::SeqCst);
if already_existed {
panic!("libtpm2 simulator singleton already exists");
}
// Based on trunks:
// https://chromium.googlesource.com/chromiumos/platform2/+/e4cf13c05773f3446bd76a13c4e37f0b80728711/trunks/tpm_simulator_handle.cc
tpm_manufacture(true);
plat_set_nv_avail();
plat_signal_power_on();
tpm_init();
let mut simulator = Simulator { _priv: () };
// Send TPM2_Startup(TPM_SU_CLEAR), ignore the result. This is normally
// done by firmware.
let startup_command = &[
0x80, 0x01, // TPM_ST_NO_SESSIONS
0x00, 0x00, 0x00, 0x0c, // commandSize = 12
0x00, 0x00, 0x01, 0x44, // TPM_CC_Startup
0x00, 0x00, // TPM_SU_CLEAR
];
let _ = simulator.execute_command(startup_command);
simulator
}
/// Sends a TPM command to the TPM simulator, waits for the work to be
/// performed, and receives back the TPM response.
///
/// Executing a command requires exclusive access to the TPM simulator
/// because it mutates libtpm2 static state.
///
/// The returned response buffer remains valid until the next TPM command is
/// executed.
#[must_use]
pub fn execute_command<'a>(&'a mut self, command: &[u8]) -> &'a [u8] {
let request_size = command.len() as c_uint;
let request = command.as_ptr() as *mut u8;
let mut response_size: c_uint = 0;
let mut response: *mut u8 = ptr::null_mut();
// We need to provide the following guarantees in order for this block
// of code to be safe:
//
// - The TPM must have been initialized.
//
// - There must not be a concurrently executing call to
// ExecuteCommand.
//
// - The `request` pointer must be a valid pointer to `request_size`
// bytes of data that remain valid and constant for the full
// duration of the call to ExecuteCommand. The implementation may
// read up to `request_size` bytes of data from this address.
//
// - The `response_size` pointer must be a valid pointer to a mutable
// unsigned int. The implementation will write the response buffer
// size to this address.
//
// - The `response` pointer must be a valid pointer to a mutable
// unsigned char pointer. The implementation will write a pointer to
// the start of the response buffer to this address.
//
// - No more than `response_size` bytes may be read from the response
// buffer after the call returns.
//
// - Data may be read from the response buffer only until the next
// call to ExecuteCommand.
//
// The first guarantee is enforced by the public API of the Simulator
// struct, and in particular the singleton_in_current_directory
// constructor, which only makes a value of type Simulator available
// outside of this module after TPM initialization has been performed.
// Thus any Simulator on which the caller may be calling execute_command
// from outside of this module is witness that initialization has taken
// place.
//
// The second guarantee is made jointly by the &mut self reference in
// execute_command and the singleton_in_current_directory constructor
// which uses the SIMULATOR_EXISTS atomic flag to ensure that at most
// one value of type Simulator is ever made available to code outside of
// this module. Since at most one Simulator exists, and the caller is
// holding an exclusive reference to a Simulator, we know that no other
// code can be calling execute_command at the same time because they too
// would need their own exclusive reference to the same Simulator. We
// assume here that all use of libtpm2 within crosvm happens through the
// safe bindings provided by this tpm2 crate, so that the codebase
// contains no other unsafe calls to ExecuteCommand.
//
// The remaining guarantees are upheld by the signature and
// implementation of execute_command. In particular, note the lifetime
// 'a which ties the lifetime of the response slice we return to the
// caller to the lifetime of their exclusively held reference to
// Simulator. This signature looks the same to Rust as if the response
// buffer were a field inside the Simulator struct, rather than a
// statically allocated buffer inside libtpm2. As soon as the caller
// "mutates" the Simulator by performing another call to
// execute_command, the response buffer returned by the previous call is
// assumed to be invalidated and is made inaccessible by the borrow
// checker.
//
// Altogether we have guaranteed that execute_command is a safe
// abstraction around unsafe code and is entirely safe to call from
// outside of this module.
//
// Note additionally that the call to ExecuteCommand is over FFI so we
// need to know that the signature declared by tpm2-sys is
// ABI-compatible with the symbol provided by libtpm2.
unsafe {
tpm2_sys::ExecuteCommand(request_size, request, &mut response_size, &mut response);
slice::from_raw_parts(response, response_size as usize)
}
}
}
fn tpm_manufacture(first_time: bool) {
// From libtpm2 documentation:
//
// This function initializes the TPM values in preparation for the TPM's
// first use. This function will fail if previously called. The TPM can
// be re-manufactured by calling TPM_Teardown() first and then calling
// this function again.
//
// Arguments
//
// firstTime: indicates if this is the first call from main()
//
// Return value
//
// 0 = success
// 1 = manufacturing process previously performed
//
// Unsafe only because this is over FFI and we need to know that the
// signature declared by tpm2-sys is ABI-compatible with the symbol provided
// by libtpm2. There are no other invariants to uphold.
let ret: c_int = unsafe { tpm2_sys::TPM_Manufacture(first_time as c_int) };
// We expect that the TPM must not already have been manufactured. The
// SIMULATOR_EXISTS atomic flag guards calls to this function such that only
// one call can ever be performed by a process.
assert!(ret == 0);
}
fn plat_set_nv_avail() {
// From libtpm2 documentation:
//
// Set the current NV state to available. This function is for testing
// purpose only. It is not part of the platform NV logic.
//
// The "for testing purpose only" is unsettling but trunks performs the same
// call during initialization so we trust that it is okay.
//
// Unsafe only because this is over FFI and we need to know that the
// signature declared by tpm2-sys is ABI-compatible with the symbol provided
// by libtpm2. There are no other invariants to uphold.
unsafe {
tpm2_sys::_plat__SetNvAvail();
}
}
fn plat_signal_power_on() {
// From libtpm2 documentation:
//
// Signal platform power on.
//
// The libtpm2 implementation always returns 0 but does not document what
// the return value means, so we aren't checking it.
//
// Unsafe only because this is over FFI and we need to know that the
// signature declared by tpm2-sys is ABI-compatible with the symbol provided
// by libtpm2. There are no other invariants to uphold.
unsafe {
let _: c_int = tpm2_sys::_plat__Signal_PowerOn();
}
}
fn tpm_init() {
// This function is not documented in libtpm2. Trunks performs the same call
// during initialization so we trust that it is okay.
//
// Unsafe only because this is over FFI and we need to know that the
// signature declared by tpm2-sys is ABI-compatible with the symbol provided
// by libtpm2. There are no other invariants to uphold.
unsafe {
tpm2_sys::_TPM_Init();
}
}