bhyve: TPM CRB: pass actual TPM request length to backend execute_cmd()

The TPM spec (TPM Library, Part3: Commands, Section 5.2: Command Header
Validation) requires that no more bytes are written th

bhyve: TPM CRB: pass actual TPM request length to backend execute_cmd()

The TPM spec (TPM Library, Part3: Commands, Section 5.2: Command Header
Validation) requires that no more bytes are written than the size of the
commands, as given in the request header. Thus the TPM CRB interface
needs to get the command size from the request header and pass that to
the emulation backend.

As the guest OS driver can set the address and size of the command and
response buffers freely within the limits of the provided CRB data
buffer, bhyve should verify that the values set in the corresponding
registers make sense before processing a command.

Reviewed by: corvink
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D46564

show more ...

bhyve: don't crash when guest writes TPM int_enable register

FreeBSD's own TPM driver writes 0 to the INT_ENABLE register during
attach, making sure interrupts are off. bhyve really shouldn't kill t

bhyve: don't crash when guest writes TPM int_enable register

FreeBSD's own TPM driver writes 0 to the INT_ENABLE register during
attach, making sure interrupts are off. bhyve really shouldn't kill the
VM when that happens just because it doesn't support TPM interrupts.
Even if a guest was trying to enable interrupts, we should just ignore
it like real TPM hardware would.

Reviewed by: corvink
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D46562

show more ...

bhyve: avoid a potential deadlock

This unlocks a mutex in an error path, that would otherwise remain locked and
potentially cause a deadlock later on.

Reported by: Coverity Scan
CID: 1521334
Rev

bhyve: avoid a potential deadlock

This unlocks a mutex in an error path, that would otherwise remain locked and
potentially cause a deadlock later on.

Reported by: Coverity Scan
CID: 1521334
Reviewed by: corvink, markj
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45401

show more ...

usr.sbin: Automated cleanup of cdefs and other formatting

Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.

usr.sbin: Automated cleanup of cdefs and other formatting

Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.

Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/

Sponsored by: Netflix

show more ...

bhyve: add emulation for CRB register of TPM devices

Trap accesses to the CRB MMIO range and emulate them properly.

Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH &

bhyve: add emulation for CRB register of TPM devices

Trap accesses to the CRB MMIO range and emulate them properly.

Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40459

show more ...

bhyve: do not hold CRB mutex when executing TPM commands

TPM commands can take up to several seconds to execute. If we hold the
CRB mutex while executing the command, MMIO accesses could be blocked

bhyve: do not hold CRB mutex when executing TPM commands

TPM commands can take up to several seconds to execute. If we hold the
CRB mutex while executing the command, MMIO accesses could be blocked
for a long time. Therefore, just copy all required values and work on
the copied values.

Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40724

show more ...

Replace BSD-2-Clause-FreeBSD with BSD-2-Clause

Sponsored by: Netflix

bhyve/tpm: create crb thread for sending tpm commands

Commands send to a tpm are very slow. They can take up to several
seconds for completion. For that reason, create a thread which issues
the comm

bhyve/tpm: create crb thread for sending tpm commands

Commands send to a tpm are very slow. They can take up to several
seconds for completion. For that reason, create a thread which issues
the commands to the tpm device.

Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40458

show more ...

bhyve/tpm: build TPM2 table by tpm interface

Each tpm has a device specific table. Which table a tpm uses depends on
the tpm interface.

Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhof

bhyve/tpm: build TPM2 table by tpm interface

Each tpm has a device specific table. Which table a tpm uses depends on
the tpm interface.

Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40457

show more ...

bhyve: add basic CRB interface for TPM devices

Add a basic emulation for the command and response buffer interface of
TPM devices. This commit only implements some CRB register and resets
them.

Rev

bhyve: add basic CRB interface for TPM devices

Add a basic emulation for the command and response buffer interface of
TPM devices. This commit only implements some CRB register and resets
them.

Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40456

show more ...