aboutsummaryrefslogtreecommitdiffstats
path: root/backends
diff options
context:
space:
mode:
authorTimos Ampelikiotis <t.ampelikiotis@virtualopensystems.com>2023-10-10 11:40:56 +0000
committerTimos Ampelikiotis <t.ampelikiotis@virtualopensystems.com>2023-10-10 11:40:56 +0000
commite02cda008591317b1625707ff8e115a4841aa889 (patch)
treeaee302e3cf8b59ec2d32ec481be3d1afddfc8968 /backends
parentcc668e6b7e0ffd8c9d130513d12053cf5eda1d3b (diff)
Introduce Virtio-loopback epsilon release:
Epsilon release introduces a new compatibility layer which make virtio-loopback design to work with QEMU and rust-vmm vhost-user backend without require any changes. Signed-off-by: Timos Ampelikiotis <t.ampelikiotis@virtualopensystems.com> Change-Id: I52e57563e08a7d0bdc002f8e928ee61ba0c53dd9
Diffstat (limited to 'backends')
-rw-r--r--backends/Kconfig1
-rw-r--r--backends/confidential-guest-support.c33
-rw-r--r--backends/cryptodev-builtin.c391
-rw-r--r--backends/cryptodev-vhost-user.c378
-rw-r--r--backends/cryptodev-vhost.c350
-rw-r--r--backends/cryptodev.c255
-rw-r--r--backends/dbus-vmstate.c517
-rw-r--r--backends/hostmem-epc.c82
-rw-r--r--backends/hostmem-file.c228
-rw-r--r--backends/hostmem-memfd.c172
-rw-r--r--backends/hostmem-ram.c57
-rw-r--r--backends/hostmem.c567
-rw-r--r--backends/meson.build21
-rw-r--r--backends/rng-builtin.c79
-rw-r--r--backends/rng-egd.c169
-rw-r--r--backends/rng-random.c153
-rw-r--r--backends/rng.c148
-rw-r--r--backends/tpm/Kconfig14
-rw-r--r--backends/tpm/meson.build8
-rw-r--r--backends/tpm/tpm_backend.c208
-rw-r--r--backends/tpm/tpm_emulator.c1000
-rw-r--r--backends/tpm/tpm_int.h88
-rw-r--r--backends/tpm/tpm_ioctl.h275
-rw-r--r--backends/tpm/tpm_passthrough.c404
-rw-r--r--backends/tpm/tpm_util.c369
-rw-r--r--backends/tpm/trace-events33
-rw-r--r--backends/tpm/trace.h1
-rw-r--r--backends/trace-events7
-rw-r--r--backends/trace.h1
-rw-r--r--backends/vhost-user.c207
30 files changed, 6216 insertions, 0 deletions
diff --git a/backends/Kconfig b/backends/Kconfig
new file mode 100644
index 000000000..f35abc160
--- /dev/null
+++ b/backends/Kconfig
@@ -0,0 +1 @@
+source tpm/Kconfig
diff --git a/backends/confidential-guest-support.c b/backends/confidential-guest-support.c
new file mode 100644
index 000000000..052fde8db
--- /dev/null
+++ b/backends/confidential-guest-support.c
@@ -0,0 +1,33 @@
+/*
+ * QEMU Confidential Guest support
+ *
+ * Copyright Red Hat.
+ *
+ * Authors:
+ * David Gibson <david@gibson.dropbear.id.au>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later. See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+
+#include "exec/confidential-guest-support.h"
+
+OBJECT_DEFINE_ABSTRACT_TYPE(ConfidentialGuestSupport,
+ confidential_guest_support,
+ CONFIDENTIAL_GUEST_SUPPORT,
+ OBJECT)
+
+static void confidential_guest_support_class_init(ObjectClass *oc, void *data)
+{
+}
+
+static void confidential_guest_support_init(Object *obj)
+{
+}
+
+static void confidential_guest_support_finalize(Object *obj)
+{
+}
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
new file mode 100644
index 000000000..0671bf9f3
--- /dev/null
+++ b/backends/cryptodev-builtin.c
@@ -0,0 +1,391 @@
+/*
+ * QEMU Cryptodev backend for QEMU cipher APIs
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/cryptodev.h"
+#include "qapi/error.h"
+#include "standard-headers/linux/virtio_crypto.h"
+#include "crypto/cipher.h"
+#include "qom/object.h"
+
+
+/**
+ * @TYPE_CRYPTODEV_BACKEND_BUILTIN:
+ * name of backend that uses QEMU cipher API
+ */
+#define TYPE_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"
+
+OBJECT_DECLARE_SIMPLE_TYPE(CryptoDevBackendBuiltin, CRYPTODEV_BACKEND_BUILTIN)
+
+
+typedef struct CryptoDevBackendBuiltinSession {
+ QCryptoCipher *cipher;
+ uint8_t direction; /* encryption or decryption */
+ uint8_t type; /* cipher? hash? aead? */
+ QTAILQ_ENTRY(CryptoDevBackendBuiltinSession) next;
+} CryptoDevBackendBuiltinSession;
+
+/* Max number of symmetric sessions */
+#define MAX_NUM_SESSIONS 256
+
+#define CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN 512
+#define CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN 64
+
+struct CryptoDevBackendBuiltin {
+ CryptoDevBackend parent_obj;
+
+ CryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
+};
+
+static void cryptodev_builtin_init(
+ CryptoDevBackend *backend, Error **errp)
+{
+ /* Only support one queue */
+ int queues = backend->conf.peers.queues;
+ CryptoDevBackendClient *cc;
+
+ if (queues != 1) {
+ error_setg(errp,
+ "Only support one queue in cryptdov-builtin backend");
+ return;
+ }
+
+ cc = cryptodev_backend_new_client(
+ "cryptodev-builtin", NULL);
+ cc->info_str = g_strdup_printf("cryptodev-builtin0");
+ cc->queue_index = 0;
+ cc->type = CRYPTODEV_BACKEND_TYPE_BUILTIN;
+ backend->conf.peers.ccs[0] = cc;
+
+ backend->conf.crypto_services =
+ 1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
+ 1u << VIRTIO_CRYPTO_SERVICE_HASH |
+ 1u << VIRTIO_CRYPTO_SERVICE_MAC;
+ backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
+ backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
+ /*
+ * Set the Maximum length of crypto request.
+ * Why this value? Just avoid to overflow when
+ * memory allocation for each crypto request.
+ */
+ backend->conf.max_size = LONG_MAX - sizeof(CryptoDevBackendSymOpInfo);
+ backend->conf.max_cipher_key_len = CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN;
+ backend->conf.max_auth_key_len = CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN;
+
+ cryptodev_backend_set_ready(backend, true);
+}
+
+static int
+cryptodev_builtin_get_unused_session_index(
+ CryptoDevBackendBuiltin *builtin)
+{
+ size_t i;
+
+ for (i = 0; i < MAX_NUM_SESSIONS; i++) {
+ if (builtin->sessions[i] == NULL) {
+ return i;
+ }
+ }
+
+ return -1;
+}
+
+#define AES_KEYSIZE_128 16
+#define AES_KEYSIZE_192 24
+#define AES_KEYSIZE_256 32
+#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256
+#define AES_KEYSIZE_256_XTS 64
+
+static int
+cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp)
+{
+ int algo;
+
+ if (key_len == AES_KEYSIZE_128) {
+ algo = QCRYPTO_CIPHER_ALG_AES_128;
+ } else if (key_len == AES_KEYSIZE_192) {
+ algo = QCRYPTO_CIPHER_ALG_AES_192;
+ } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */
+ if (mode == QCRYPTO_CIPHER_MODE_XTS) {
+ algo = QCRYPTO_CIPHER_ALG_AES_128;
+ } else {
+ algo = QCRYPTO_CIPHER_ALG_AES_256;
+ }
+ } else if (key_len == AES_KEYSIZE_256_XTS) {
+ if (mode == QCRYPTO_CIPHER_MODE_XTS) {
+ algo = QCRYPTO_CIPHER_ALG_AES_256;
+ } else {
+ goto err;
+ }
+ } else {
+ goto err;
+ }
+
+ return algo;
+
+err:
+ error_setg(errp, "Unsupported key length :%u", key_len);
+ return -1;
+}
+
+static int cryptodev_builtin_create_cipher_session(
+ CryptoDevBackendBuiltin *builtin,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ Error **errp)
+{
+ int algo;
+ int mode;
+ QCryptoCipher *cipher;
+ int index;
+ CryptoDevBackendBuiltinSession *sess;
+
+ if (sess_info->op_type != VIRTIO_CRYPTO_SYM_OP_CIPHER) {
+ error_setg(errp, "Unsupported optype :%u", sess_info->op_type);
+ return -1;
+ }
+
+ index = cryptodev_builtin_get_unused_session_index(builtin);
+ if (index < 0) {
+ error_setg(errp, "Total number of sessions created exceeds %u",
+ MAX_NUM_SESSIONS);
+ return -1;
+ }
+
+ switch (sess_info->cipher_alg) {
+ case VIRTIO_CRYPTO_CIPHER_AES_ECB:
+ mode = QCRYPTO_CIPHER_MODE_ECB;
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ mode, errp);
+ if (algo < 0) {
+ return -1;
+ }
+ break;
+ case VIRTIO_CRYPTO_CIPHER_AES_CBC:
+ mode = QCRYPTO_CIPHER_MODE_CBC;
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ mode, errp);
+ if (algo < 0) {
+ return -1;
+ }
+ break;
+ case VIRTIO_CRYPTO_CIPHER_AES_CTR:
+ mode = QCRYPTO_CIPHER_MODE_CTR;
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ mode, errp);
+ if (algo < 0) {
+ return -1;
+ }
+ break;
+ case VIRTIO_CRYPTO_CIPHER_AES_XTS:
+ mode = QCRYPTO_CIPHER_MODE_XTS;
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ mode, errp);
+ if (algo < 0) {
+ return -1;
+ }
+ break;
+ case VIRTIO_CRYPTO_CIPHER_3DES_ECB:
+ mode = QCRYPTO_CIPHER_MODE_ECB;
+ algo = QCRYPTO_CIPHER_ALG_3DES;
+ break;
+ case VIRTIO_CRYPTO_CIPHER_3DES_CBC:
+ mode = QCRYPTO_CIPHER_MODE_CBC;
+ algo = QCRYPTO_CIPHER_ALG_3DES;
+ break;
+ case VIRTIO_CRYPTO_CIPHER_3DES_CTR:
+ mode = QCRYPTO_CIPHER_MODE_CTR;
+ algo = QCRYPTO_CIPHER_ALG_3DES;
+ break;
+ default:
+ error_setg(errp, "Unsupported cipher alg :%u",
+ sess_info->cipher_alg);
+ return -1;
+ }
+
+ cipher = qcrypto_cipher_new(algo, mode,
+ sess_info->cipher_key,
+ sess_info->key_len,
+ errp);
+ if (!cipher) {
+ return -1;
+ }
+
+ sess = g_new0(CryptoDevBackendBuiltinSession, 1);
+ sess->cipher = cipher;
+ sess->direction = sess_info->direction;
+ sess->type = sess_info->op_type;
+
+ builtin->sessions[index] = sess;
+
+ return index;
+}
+
+static int64_t cryptodev_builtin_sym_create_session(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
+ int64_t session_id = -1;
+ int ret;
+
+ switch (sess_info->op_code) {
+ case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
+ ret = cryptodev_builtin_create_cipher_session(
+ builtin, sess_info, errp);
+ if (ret < 0) {
+ return ret;
+ } else {
+ session_id = ret;
+ }
+ break;
+ case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
+ case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
+ default:
+ error_setg(errp, "Unsupported opcode :%" PRIu32 "",
+ sess_info->op_code);
+ return -1;
+ }
+
+ return session_id;
+}
+
+static int cryptodev_builtin_sym_close_session(
+ CryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
+
+ assert(session_id < MAX_NUM_SESSIONS && builtin->sessions[session_id]);
+
+ qcrypto_cipher_free(builtin->sessions[session_id]->cipher);
+ g_free(builtin->sessions[session_id]);
+ builtin->sessions[session_id] = NULL;
+ return 0;
+}
+
+static int cryptodev_builtin_sym_operation(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
+ CryptoDevBackendBuiltinSession *sess;
+ int ret;
+
+ if (op_info->session_id >= MAX_NUM_SESSIONS ||
+ builtin->sessions[op_info->session_id] == NULL) {
+ error_setg(errp, "Cannot find a valid session id: %" PRIu64 "",
+ op_info->session_id);
+ return -VIRTIO_CRYPTO_INVSESS;
+ }
+
+ if (op_info->op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
+ error_setg(errp,
+ "Algorithm chain is unsupported for cryptdoev-builtin");
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
+
+ sess = builtin->sessions[op_info->session_id];
+
+ if (op_info->iv_len > 0) {
+ ret = qcrypto_cipher_setiv(sess->cipher, op_info->iv,
+ op_info->iv_len, errp);
+ if (ret < 0) {
+ return -VIRTIO_CRYPTO_ERR;
+ }
+ }
+
+ if (sess->direction == VIRTIO_CRYPTO_OP_ENCRYPT) {
+ ret = qcrypto_cipher_encrypt(sess->cipher, op_info->src,
+ op_info->dst, op_info->src_len, errp);
+ if (ret < 0) {
+ return -VIRTIO_CRYPTO_ERR;
+ }
+ } else {
+ ret = qcrypto_cipher_decrypt(sess->cipher, op_info->src,
+ op_info->dst, op_info->src_len, errp);
+ if (ret < 0) {
+ return -VIRTIO_CRYPTO_ERR;
+ }
+ }
+ return VIRTIO_CRYPTO_OK;
+}
+
+static void cryptodev_builtin_cleanup(
+ CryptoDevBackend *backend,
+ Error **errp)
+{
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
+ size_t i;
+ int queues = backend->conf.peers.queues;
+ CryptoDevBackendClient *cc;
+
+ for (i = 0; i < MAX_NUM_SESSIONS; i++) {
+ if (builtin->sessions[i] != NULL) {
+ cryptodev_builtin_sym_close_session(backend, i, 0, &error_abort);
+ }
+ }
+
+ for (i = 0; i < queues; i++) {
+ cc = backend->conf.peers.ccs[i];
+ if (cc) {
+ cryptodev_backend_free_client(cc);
+ backend->conf.peers.ccs[i] = NULL;
+ }
+ }
+
+ cryptodev_backend_set_ready(backend, false);
+}
+
+static void
+cryptodev_builtin_class_init(ObjectClass *oc, void *data)
+{
+ CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
+
+ bc->init = cryptodev_builtin_init;
+ bc->cleanup = cryptodev_builtin_cleanup;
+ bc->create_session = cryptodev_builtin_sym_create_session;
+ bc->close_session = cryptodev_builtin_sym_close_session;
+ bc->do_sym_op = cryptodev_builtin_sym_operation;
+}
+
+static const TypeInfo cryptodev_builtin_info = {
+ .name = TYPE_CRYPTODEV_BACKEND_BUILTIN,
+ .parent = TYPE_CRYPTODEV_BACKEND,
+ .class_init = cryptodev_builtin_class_init,
+ .instance_size = sizeof(CryptoDevBackendBuiltin),
+};
+
+static void
+cryptodev_builtin_register_types(void)
+{
+ type_register_static(&cryptodev_builtin_info);
+}
+
+type_init(cryptodev_builtin_register_types);
diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
new file mode 100644
index 000000000..bedb45247
--- /dev/null
+++ b/backends/cryptodev-vhost-user.c
@@ -0,0 +1,378 @@
+/*
+ * QEMU Cryptodev backend for QEMU cipher APIs
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
+#include "hw/virtio/vhost-user.h"
+#include "standard-headers/linux/virtio_crypto.h"
+#include "sysemu/cryptodev-vhost.h"
+#include "chardev/char-fe.h"
+#include "sysemu/cryptodev-vhost-user.h"
+#include "qom/object.h"
+
+
+/**
+ * @TYPE_CRYPTODEV_BACKEND_VHOST_USER:
+ * name of backend that uses vhost user server
+ */
+#define TYPE_CRYPTODEV_BACKEND_VHOST_USER "cryptodev-vhost-user"
+
+OBJECT_DECLARE_SIMPLE_TYPE(CryptoDevBackendVhostUser, CRYPTODEV_BACKEND_VHOST_USER)
+
+
+struct CryptoDevBackendVhostUser {
+ CryptoDevBackend parent_obj;
+
+ VhostUserState vhost_user;
+ CharBackend chr;
+ char *chr_name;
+ bool opened;
+ CryptoDevBackendVhost *vhost_crypto[MAX_CRYPTO_QUEUE_NUM];
+};
+
+static int
+cryptodev_vhost_user_running(
+ CryptoDevBackendVhost *crypto)
+{
+ return crypto ? 1 : 0;
+}
+
+CryptoDevBackendVhost *
+cryptodev_vhost_user_get_vhost(
+ CryptoDevBackendClient *cc,
+ CryptoDevBackend *b,
+ uint16_t queue)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(b);
+ assert(cc->type == CRYPTODEV_BACKEND_TYPE_VHOST_USER);
+ assert(queue < MAX_CRYPTO_QUEUE_NUM);
+
+ return s->vhost_crypto[queue];
+}
+
+static void cryptodev_vhost_user_stop(int queues,
+ CryptoDevBackendVhostUser *s)
+{
+ size_t i;
+
+ for (i = 0; i < queues; i++) {
+ if (!cryptodev_vhost_user_running(s->vhost_crypto[i])) {
+ continue;
+ }
+
+ cryptodev_vhost_cleanup(s->vhost_crypto[i]);
+ s->vhost_crypto[i] = NULL;
+ }
+}
+
+static int
+cryptodev_vhost_user_start(int queues,
+ CryptoDevBackendVhostUser *s)
+{
+ CryptoDevBackendVhostOptions options;
+ CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
+ int max_queues;
+ size_t i;
+
+ for (i = 0; i < queues; i++) {
+ if (cryptodev_vhost_user_running(s->vhost_crypto[i])) {
+ continue;
+ }
+
+ options.opaque = &s->vhost_user;
+ options.backend_type = VHOST_BACKEND_TYPE_USER;
+ options.cc = b->conf.peers.ccs[i];
+ s->vhost_crypto[i] = cryptodev_vhost_init(&options);
+ if (!s->vhost_crypto[i]) {
+ error_report("failed to init vhost_crypto for queue %zu", i);
+ goto err;
+ }
+
+ if (i == 0) {
+ max_queues =
+ cryptodev_vhost_get_max_queues(s->vhost_crypto[i]);
+ if (queues > max_queues) {
+ error_report("you are asking more queues than supported: %d",
+ max_queues);
+ goto err;
+ }
+ }
+ }
+
+ return 0;
+
+err:
+ cryptodev_vhost_user_stop(i + 1, s);
+ return -1;
+}
+
+static Chardev *
+cryptodev_vhost_claim_chardev(CryptoDevBackendVhostUser *s,
+ Error **errp)
+{
+ Chardev *chr;
+
+ if (s->chr_name == NULL) {
+ error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
+ "chardev", "a valid character device");
+ return NULL;
+ }
+
+ chr = qemu_chr_find(s->chr_name);
+ if (chr == NULL) {
+ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
+ "Device '%s' not found", s->chr_name);
+ return NULL;
+ }
+
+ return chr;
+}
+
+static void cryptodev_vhost_user_event(void *opaque, QEMUChrEvent event)
+{
+ CryptoDevBackendVhostUser *s = opaque;
+ CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
+ int queues = b->conf.peers.queues;
+
+ assert(queues < MAX_CRYPTO_QUEUE_NUM);
+
+ switch (event) {
+ case CHR_EVENT_OPENED:
+ if (cryptodev_vhost_user_start(queues, s) < 0) {
+ exit(1);
+ }
+ b->ready = true;
+ break;
+ case CHR_EVENT_CLOSED:
+ b->ready = false;
+ cryptodev_vhost_user_stop(queues, s);
+ break;
+ case CHR_EVENT_BREAK:
+ case CHR_EVENT_MUX_IN:
+ case CHR_EVENT_MUX_OUT:
+ /* Ignore */
+ break;
+ }
+}
+
+static void cryptodev_vhost_user_init(
+ CryptoDevBackend *backend, Error **errp)
+{
+ int queues = backend->conf.peers.queues;
+ size_t i;
+ Error *local_err = NULL;
+ Chardev *chr;
+ CryptoDevBackendClient *cc;
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(backend);
+
+ chr = cryptodev_vhost_claim_chardev(s, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ return;
+ }
+
+ s->opened = true;
+
+ for (i = 0; i < queues; i++) {
+ cc = cryptodev_backend_new_client(
+ "cryptodev-vhost-user", NULL);
+ cc->info_str = g_strdup_printf("cryptodev-vhost-user%zu to %s ",
+ i, chr->label);
+ cc->queue_index = i;
+ cc->type = CRYPTODEV_BACKEND_TYPE_VHOST_USER;
+
+ backend->conf.peers.ccs[i] = cc;
+
+ if (i == 0) {
+ if (!qemu_chr_fe_init(&s->chr, chr, errp)) {
+ return;
+ }
+ }
+ }
+
+ if (!vhost_user_init(&s->vhost_user, &s->chr, errp)) {
+ return;
+ }
+
+ qemu_chr_fe_set_handlers(&s->chr, NULL, NULL,
+ cryptodev_vhost_user_event, NULL, s, NULL, true);
+
+ backend->conf.crypto_services =
+ 1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
+ 1u << VIRTIO_CRYPTO_SERVICE_HASH |
+ 1u << VIRTIO_CRYPTO_SERVICE_MAC;
+ backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
+ backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
+
+ backend->conf.max_size = UINT64_MAX;
+ backend->conf.max_cipher_key_len = VHOST_USER_MAX_CIPHER_KEY_LEN;
+ backend->conf.max_auth_key_len = VHOST_USER_MAX_AUTH_KEY_LEN;
+}
+
+static int64_t cryptodev_vhost_user_sym_create_session(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendClient *cc =
+ backend->conf.peers.ccs[queue_index];
+ CryptoDevBackendVhost *vhost_crypto;
+ uint64_t session_id = 0;
+ int ret;
+
+ vhost_crypto = cryptodev_vhost_user_get_vhost(cc, backend, queue_index);
+ if (vhost_crypto) {
+ struct vhost_dev *dev = &(vhost_crypto->dev);
+ ret = dev->vhost_ops->vhost_crypto_create_session(dev,
+ sess_info,
+ &session_id);
+ if (ret < 0) {
+ return -1;
+ } else {
+ return session_id;
+ }
+ }
+ return -1;
+}
+
+static int cryptodev_vhost_user_sym_close_session(
+ CryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendClient *cc =
+ backend->conf.peers.ccs[queue_index];
+ CryptoDevBackendVhost *vhost_crypto;
+ int ret;
+
+ vhost_crypto = cryptodev_vhost_user_get_vhost(cc, backend, queue_index);
+ if (vhost_crypto) {
+ struct vhost_dev *dev = &(vhost_crypto->dev);
+ ret = dev->vhost_ops->vhost_crypto_close_session(dev,
+ session_id);
+ if (ret < 0) {
+ return -1;
+ } else {
+ return 0;
+ }
+ }
+ return -1;
+}
+
+static void cryptodev_vhost_user_cleanup(
+ CryptoDevBackend *backend,
+ Error **errp)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(backend);
+ size_t i;
+ int queues = backend->conf.peers.queues;
+ CryptoDevBackendClient *cc;
+
+ cryptodev_vhost_user_stop(queues, s);
+
+ for (i = 0; i < queues; i++) {
+ cc = backend->conf.peers.ccs[i];
+ if (cc) {
+ cryptodev_backend_free_client(cc);
+ backend->conf.peers.ccs[i] = NULL;
+ }
+ }
+
+ vhost_user_cleanup(&s->vhost_user);
+}
+
+static void cryptodev_vhost_user_set_chardev(Object *obj,
+ const char *value, Error **errp)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(obj);
+
+ if (s->opened) {
+ error_setg(errp, QERR_PERMISSION_DENIED);
+ } else {
+ g_free(s->chr_name);
+ s->chr_name = g_strdup(value);
+ }
+}
+
+static char *
+cryptodev_vhost_user_get_chardev(Object *obj, Error **errp)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(obj);
+ Chardev *chr = qemu_chr_fe_get_driver(&s->chr);
+
+ if (chr && chr->label) {
+ return g_strdup(chr->label);
+ }
+
+ return NULL;
+}
+
+static void cryptodev_vhost_user_finalize(Object *obj)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(obj);
+
+ qemu_chr_fe_deinit(&s->chr, false);
+
+ g_free(s->chr_name);
+}
+
+static void
+cryptodev_vhost_user_class_init(ObjectClass *oc, void *data)
+{
+ CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
+
+ bc->init = cryptodev_vhost_user_init;
+ bc->cleanup = cryptodev_vhost_user_cleanup;
+ bc->create_session = cryptodev_vhost_user_sym_create_session;
+ bc->close_session = cryptodev_vhost_user_sym_close_session;
+ bc->do_sym_op = NULL;
+
+ object_class_property_add_str(oc, "chardev",
+ cryptodev_vhost_user_get_chardev,
+ cryptodev_vhost_user_set_chardev);
+
+}
+
+static const TypeInfo cryptodev_vhost_user_info = {
+ .name = TYPE_CRYPTODEV_BACKEND_VHOST_USER,
+ .parent = TYPE_CRYPTODEV_BACKEND,
+ .class_init = cryptodev_vhost_user_class_init,
+ .instance_finalize = cryptodev_vhost_user_finalize,
+ .instance_size = sizeof(CryptoDevBackendVhostUser),
+};
+
+static void
+cryptodev_vhost_user_register_types(void)
+{
+ type_register_static(&cryptodev_vhost_user_info);
+}
+
+type_init(cryptodev_vhost_user_register_types);
diff --git a/backends/cryptodev-vhost.c b/backends/cryptodev-vhost.c
new file mode 100644
index 000000000..bc13e466b
--- /dev/null
+++ b/backends/cryptodev-vhost.c
@@ -0,0 +1,350 @@
+/*
+ * QEMU Cryptodev backend for QEMU cipher APIs
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ * Jay Zhou <jianjay.zhou@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "hw/virtio/virtio-bus.h"
+#include "sysemu/cryptodev-vhost.h"
+
+#ifdef CONFIG_VHOST_CRYPTO
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
+#include "hw/virtio/virtio-crypto.h"
+#include "sysemu/cryptodev-vhost-user.h"
+
+uint64_t
+cryptodev_vhost_get_max_queues(
+ CryptoDevBackendVhost *crypto)
+{
+ return crypto->dev.max_queues;
+}
+
+void cryptodev_vhost_cleanup(CryptoDevBackendVhost *crypto)
+{
+ vhost_dev_cleanup(&crypto->dev);
+ g_free(crypto);
+}
+
+struct CryptoDevBackendVhost *
+cryptodev_vhost_init(
+ CryptoDevBackendVhostOptions *options)
+{
+ int r;
+ CryptoDevBackendVhost *crypto;
+ Error *local_err = NULL;
+
+ crypto = g_new(CryptoDevBackendVhost, 1);
+ crypto->dev.max_queues = 1;
+ crypto->dev.nvqs = 1;
+ crypto->dev.vqs = crypto->vqs;
+
+ crypto->cc = options->cc;
+
+ crypto->dev.protocol_features = 0;
+ crypto->backend = -1;
+
+ /* vhost-user needs vq_index to initiate a specific queue pair */
+ crypto->dev.vq_index = crypto->cc->queue_index * crypto->dev.nvqs;
+
+ r = vhost_dev_init(&crypto->dev, options->opaque, options->backend_type, 0,
+ &local_err);
+ if (r < 0) {
+ error_report_err(local_err);
+ goto fail;
+ }
+
+ return crypto;
+fail:
+ g_free(crypto);
+ return NULL;
+}
+
+static int
+cryptodev_vhost_start_one(CryptoDevBackendVhost *crypto,
+ VirtIODevice *dev)
+{
+ int r;
+
+ crypto->dev.nvqs = 1;
+ crypto->dev.vqs = crypto->vqs;
+
+ r = vhost_dev_enable_notifiers(&crypto->dev, dev);
+ if (r < 0) {
+ goto fail_notifiers;
+ }
+
+ r = vhost_dev_start(&crypto->dev, dev);
+ if (r < 0) {
+ goto fail_start;
+ }
+
+ return 0;
+
+fail_start:
+ vhost_dev_disable_notifiers(&crypto->dev, dev);
+fail_notifiers:
+ return r;
+}
+
+static void
+cryptodev_vhost_stop_one(CryptoDevBackendVhost *crypto,
+ VirtIODevice *dev)
+{
+ vhost_dev_stop(&crypto->dev, dev);
+ vhost_dev_disable_notifiers(&crypto->dev, dev);
+}
+
+CryptoDevBackendVhost *
+cryptodev_get_vhost(CryptoDevBackendClient *cc,
+ CryptoDevBackend *b,
+ uint16_t queue)
+{
+ CryptoDevBackendVhost *vhost_crypto = NULL;
+
+ if (!cc) {
+ return NULL;
+ }
+
+ switch (cc->type) {
+#if defined(CONFIG_VHOST_USER) && defined(CONFIG_LINUX)
+ case CRYPTODEV_BACKEND_TYPE_VHOST_USER:
+ vhost_crypto = cryptodev_vhost_user_get_vhost(cc, b, queue);
+ break;
+#endif
+ default:
+ break;
+ }
+
+ return vhost_crypto;
+}
+
+static void
+cryptodev_vhost_set_vq_index(CryptoDevBackendVhost *crypto,
+ int vq_index)
+{
+ crypto->dev.vq_index = vq_index;
+}
+
+static int
+vhost_set_vring_enable(CryptoDevBackendClient *cc,
+ CryptoDevBackend *b,
+ uint16_t queue, int enable)
+{
+ CryptoDevBackendVhost *crypto =
+ cryptodev_get_vhost(cc, b, queue);
+ const VhostOps *vhost_ops;
+
+ cc->vring_enable = enable;
+
+ if (!crypto) {
+ return 0;
+ }
+
+ vhost_ops = crypto->dev.vhost_ops;
+ if (vhost_ops->vhost_set_vring_enable) {
+ return vhost_ops->vhost_set_vring_enable(&crypto->dev, enable);
+ }
+
+ return 0;
+}
+
+int cryptodev_vhost_start(VirtIODevice *dev, int total_queues)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(dev)));
+ VirtioBusState *vbus = VIRTIO_BUS(qbus);
+ VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(vbus);
+ int r, e;
+ int i;
+ CryptoDevBackend *b = vcrypto->cryptodev;
+ CryptoDevBackendVhost *vhost_crypto;
+ CryptoDevBackendClient *cc;
+
+ if (!k->set_guest_notifiers) {
+ error_report("binding does not support guest notifiers");
+ return -ENOSYS;
+ }
+
+ for (i = 0; i < total_queues; i++) {
+ cc = b->conf.peers.ccs[i];
+
+ vhost_crypto = cryptodev_get_vhost(cc, b, i);
+ cryptodev_vhost_set_vq_index(vhost_crypto, i);
+
+ /* Suppress the masking guest notifiers on vhost user
+ * because vhost user doesn't interrupt masking/unmasking
+ * properly.
+ */
+ if (cc->type == CRYPTODEV_BACKEND_TYPE_VHOST_USER) {
+ dev->use_guest_notifier_mask = false;
+ }
+ }
+
+ r = k->set_guest_notifiers(qbus->parent, total_queues, true);
+ if (r < 0) {
+ error_report("error binding guest notifier: %d", -r);
+ goto err;
+ }
+
+ for (i = 0; i < total_queues; i++) {
+ cc = b->conf.peers.ccs[i];
+
+ vhost_crypto = cryptodev_get_vhost(cc, b, i);
+ r = cryptodev_vhost_start_one(vhost_crypto, dev);
+
+ if (r < 0) {
+ goto err_start;
+ }
+
+ if (cc->vring_enable) {
+ /* restore vring enable state */
+ r = vhost_set_vring_enable(cc, b, i, cc->vring_enable);
+
+ if (r < 0) {
+ goto err_start;
+ }
+ }
+ }
+
+ return 0;
+
+err_start:
+ while (--i >= 0) {
+ cc = b->conf.peers.ccs[i];
+ vhost_crypto = cryptodev_get_vhost(cc, b, i);
+ cryptodev_vhost_stop_one(vhost_crypto, dev);
+ }
+ e = k->set_guest_notifiers(qbus->parent, total_queues, false);
+ if (e < 0) {
+ error_report("vhost guest notifier cleanup failed: %d", e);
+ }
+err:
+ return r;
+}
+
+void cryptodev_vhost_stop(VirtIODevice *dev, int total_queues)
+{
+ BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(dev)));
+ VirtioBusState *vbus = VIRTIO_BUS(qbus);
+ VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(vbus);
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ CryptoDevBackend *b = vcrypto->cryptodev;
+ CryptoDevBackendVhost *vhost_crypto;
+ CryptoDevBackendClient *cc;
+ size_t i;
+ int r;
+
+ for (i = 0; i < total_queues; i++) {
+ cc = b->conf.peers.ccs[i];
+
+ vhost_crypto = cryptodev_get_vhost(cc, b, i);
+ cryptodev_vhost_stop_one(vhost_crypto, dev);
+ }
+
+ r = k->set_guest_notifiers(qbus->parent, total_queues, false);
+ if (r < 0) {
+ error_report("vhost guest notifier cleanup failed: %d", r);
+ }
+ assert(r >= 0);
+}
+
+void cryptodev_vhost_virtqueue_mask(VirtIODevice *dev,
+ int queue,
+ int idx, bool mask)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ CryptoDevBackend *b = vcrypto->cryptodev;
+ CryptoDevBackendVhost *vhost_crypto;
+ CryptoDevBackendClient *cc;
+
+ assert(queue < MAX_CRYPTO_QUEUE_NUM);
+
+ cc = b->conf.peers.ccs[queue];
+ vhost_crypto = cryptodev_get_vhost(cc, b, queue);
+
+ vhost_virtqueue_mask(&vhost_crypto->dev, dev, idx, mask);
+}
+
+bool cryptodev_vhost_virtqueue_pending(VirtIODevice *dev,
+ int queue, int idx)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ CryptoDevBackend *b = vcrypto->cryptodev;
+ CryptoDevBackendVhost *vhost_crypto;
+ CryptoDevBackendClient *cc;
+
+ assert(queue < MAX_CRYPTO_QUEUE_NUM);
+
+ cc = b->conf.peers.ccs[queue];
+ vhost_crypto = cryptodev_get_vhost(cc, b, queue);
+
+ return vhost_virtqueue_pending(&vhost_crypto->dev, idx);
+}
+
+#else
+uint64_t
+cryptodev_vhost_get_max_queues(CryptoDevBackendVhost *crypto)
+{
+ return 0;
+}
+
+void cryptodev_vhost_cleanup(CryptoDevBackendVhost *crypto)
+{
+}
+
+struct CryptoDevBackendVhost *
+cryptodev_vhost_init(CryptoDevBackendVhostOptions *options)
+{
+ return NULL;
+}
+
+CryptoDevBackendVhost *
+cryptodev_get_vhost(CryptoDevBackendClient *cc,
+ CryptoDevBackend *b,
+ uint16_t queue)
+{
+ return NULL;
+}
+
+int cryptodev_vhost_start(VirtIODevice *dev, int total_queues)
+{
+ return -1;
+}
+
+void cryptodev_vhost_stop(VirtIODevice *dev, int total_queues)
+{
+}
+
+void cryptodev_vhost_virtqueue_mask(VirtIODevice *dev,
+ int queue,
+ int idx, bool mask)
+{
+}
+
+bool cryptodev_vhost_virtqueue_pending(VirtIODevice *dev,
+ int queue, int idx)
+{
+ return false;
+}
+#endif
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
new file mode 100644
index 000000000..bf5247616
--- /dev/null
+++ b/backends/cryptodev.c
@@ -0,0 +1,255 @@
+/*
+ * QEMU Crypto Device Implementation
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/cryptodev.h"
+#include "qapi/error.h"
+#include "qapi/visitor.h"
+#include "qemu/config-file.h"
+#include "qom/object_interfaces.h"
+#include "hw/virtio/virtio-crypto.h"
+
+
+static QTAILQ_HEAD(, CryptoDevBackendClient) crypto_clients;
+
+
+CryptoDevBackendClient *
+cryptodev_backend_new_client(const char *model,
+ const char *name)
+{
+ CryptoDevBackendClient *cc;
+
+ cc = g_malloc0(sizeof(CryptoDevBackendClient));
+ cc->model = g_strdup(model);
+ if (name) {
+ cc->name = g_strdup(name);
+ }
+
+ QTAILQ_INSERT_TAIL(&crypto_clients, cc, next);
+
+ return cc;
+}
+
+void cryptodev_backend_free_client(
+ CryptoDevBackendClient *cc)
+{
+ QTAILQ_REMOVE(&crypto_clients, cc, next);
+ g_free(cc->name);
+ g_free(cc->model);
+ g_free(cc->info_str);
+ g_free(cc);
+}
+
+void cryptodev_backend_cleanup(
+ CryptoDevBackend *backend,
+ Error **errp)
+{
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->cleanup) {
+ bc->cleanup(backend, errp);
+ }
+}
+
+int64_t cryptodev_backend_sym_create_session(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->create_session) {
+ return bc->create_session(backend, sess_info, queue_index, errp);
+ }
+
+ return -1;
+}
+
+int cryptodev_backend_sym_close_session(
+ CryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->close_session) {
+ return bc->close_session(backend, session_id, queue_index, errp);
+ }
+
+ return -1;
+}
+
+static int cryptodev_backend_sym_operation(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->do_sym_op) {
+ return bc->do_sym_op(backend, op_info, queue_index, errp);
+ }
+
+ return -VIRTIO_CRYPTO_ERR;
+}
+
+int cryptodev_backend_crypto_operation(
+ CryptoDevBackend *backend,
+ void *opaque,
+ uint32_t queue_index, Error **errp)
+{
+ VirtIOCryptoReq *req = opaque;
+
+ if (req->flags == CRYPTODEV_BACKEND_ALG_SYM) {
+ CryptoDevBackendSymOpInfo *op_info;
+ op_info = req->u.sym_op_info;
+
+ return cryptodev_backend_sym_operation(backend,
+ op_info, queue_index, errp);
+ } else {
+ error_setg(errp, "Unsupported cryptodev alg type: %" PRIu32 "",
+ req->flags);
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
+
+ return -VIRTIO_CRYPTO_ERR;
+}
+
+static void
+cryptodev_backend_get_queues(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(obj);
+ uint32_t value = backend->conf.peers.queues;
+
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+cryptodev_backend_set_queues(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(obj);
+ uint32_t value;
+
+ if (!visit_type_uint32(v, name, &value, errp)) {
+ return;
+ }
+ if (!value) {
+ error_setg(errp, "Property '%s.%s' doesn't take value '%" PRIu32 "'",
+ object_get_typename(obj), name, value);
+ return;
+ }
+ backend->conf.peers.queues = value;
+}
+
+static void
+cryptodev_backend_complete(UserCreatable *uc, Error **errp)
+{
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(uc);
+ CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_GET_CLASS(uc);
+
+ if (bc->init) {
+ bc->init(backend, errp);
+ }
+}
+
+void cryptodev_backend_set_used(CryptoDevBackend *backend, bool used)
+{
+ backend->is_used = used;
+}
+
+bool cryptodev_backend_is_used(CryptoDevBackend *backend)
+{
+ return backend->is_used;
+}
+
+void cryptodev_backend_set_ready(CryptoDevBackend *backend, bool ready)
+{
+ backend->ready = ready;
+}
+
+bool cryptodev_backend_is_ready(CryptoDevBackend *backend)
+{
+ return backend->ready;
+}
+
+static bool
+cryptodev_backend_can_be_deleted(UserCreatable *uc)
+{
+ return !cryptodev_backend_is_used(CRYPTODEV_BACKEND(uc));
+}
+
+static void cryptodev_backend_instance_init(Object *obj)
+{
+ /* Initialize devices' queues property to 1 */
+ object_property_set_int(obj, "queues", 1, NULL);
+}
+
+static void cryptodev_backend_finalize(Object *obj)
+{
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(obj);
+
+ cryptodev_backend_cleanup(backend, NULL);
+}
+
+static void
+cryptodev_backend_class_init(ObjectClass *oc, void *data)
+{
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+
+ ucc->complete = cryptodev_backend_complete;
+ ucc->can_be_deleted = cryptodev_backend_can_be_deleted;
+
+ QTAILQ_INIT(&crypto_clients);
+ object_class_property_add(oc, "queues", "uint32",
+ cryptodev_backend_get_queues,
+ cryptodev_backend_set_queues,
+ NULL, NULL);
+}
+
+static const TypeInfo cryptodev_backend_info = {
+ .name = TYPE_CRYPTODEV_BACKEND,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(CryptoDevBackend),
+ .instance_init = cryptodev_backend_instance_init,
+ .instance_finalize = cryptodev_backend_finalize,
+ .class_size = sizeof(CryptoDevBackendClass),
+ .class_init = cryptodev_backend_class_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+static void
+cryptodev_backend_register_types(void)
+{
+ type_register_static(&cryptodev_backend_info);
+}
+
+type_init(cryptodev_backend_register_types);
diff --git a/backends/dbus-vmstate.c b/backends/dbus-vmstate.c
new file mode 100644
index 000000000..9cfd758c4
--- /dev/null
+++ b/backends/dbus-vmstate.c
@@ -0,0 +1,517 @@
+/*
+ * QEMU dbus-vmstate
+ *
+ * Copyright (C) 2019 Red Hat Inc
+ *
+ * Authors:
+ * Marc-André Lureau <marcandre.lureau@redhat.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/units.h"
+#include "qemu/dbus.h"
+#include "qemu/error-report.h"
+#include "qapi/error.h"
+#include "qom/object_interfaces.h"
+#include "qapi/qmp/qerror.h"
+#include "migration/vmstate.h"
+#include "trace.h"
+#include "qom/object.h"
+
+
+#define TYPE_DBUS_VMSTATE "dbus-vmstate"
+OBJECT_DECLARE_SIMPLE_TYPE(DBusVMState,
+ DBUS_VMSTATE)
+
+
+struct DBusVMState {
+ Object parent;
+
+ GDBusConnection *bus;
+ char *dbus_addr;
+ char *id_list;
+
+ uint32_t data_size;
+ uint8_t *data;
+};
+
+static const GDBusPropertyInfo vmstate_property_info[] = {
+ { -1, (char *) "Id", (char *) "s",
+ G_DBUS_PROPERTY_INFO_FLAGS_READABLE, NULL },
+};
+
+static const GDBusPropertyInfo * const vmstate_property_info_pointers[] = {
+ &vmstate_property_info[0],
+ NULL
+};
+
+static const GDBusInterfaceInfo vmstate1_interface_info = {
+ -1,
+ (char *) "org.qemu.VMState1",
+ (GDBusMethodInfo **) NULL,
+ (GDBusSignalInfo **) NULL,
+ (GDBusPropertyInfo **) &vmstate_property_info_pointers,
+ NULL,
+};
+
+#define DBUS_VMSTATE_SIZE_LIMIT (1 * MiB)
+
+static GHashTable *
+get_id_list_set(DBusVMState *self)
+{
+ g_auto(GStrv) ids = NULL;
+ g_autoptr(GHashTable) set = NULL;
+ int i;
+
+ if (!self->id_list) {
+ return NULL;
+ }
+
+ ids = g_strsplit(self->id_list, ",", -1);
+ set = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, NULL);
+ for (i = 0; ids[i]; i++) {
+ g_hash_table_add(set, ids[i]);
+ ids[i] = NULL;
+ }
+
+ return g_steal_pointer(&set);
+}
+
+static GHashTable *
+dbus_get_proxies(DBusVMState *self, GError **err)
+{
+ g_autoptr(GHashTable) proxies = NULL;
+ g_autoptr(GHashTable) ids = NULL;
+ g_auto(GStrv) names = NULL;
+ Error *error = NULL;
+ size_t i;
+
+ ids = get_id_list_set(self);
+ proxies = g_hash_table_new_full(g_str_hash, g_str_equal,
+ g_free, g_object_unref);
+
+ names = qemu_dbus_get_queued_owners(self->bus, "org.qemu.VMState1", &error);
+ if (!names) {
+ g_set_error(err, G_IO_ERROR, G_IO_ERROR_FAILED, "%s",
+ error_get_pretty(error));
+ error_free(error);
+ return NULL;
+ }
+
+ for (i = 0; names[i]; i++) {
+ g_autoptr(GDBusProxy) proxy = NULL;
+ g_autoptr(GVariant) result = NULL;
+ g_autofree char *id = NULL;
+ size_t size;
+
+ proxy = g_dbus_proxy_new_sync(self->bus, G_DBUS_PROXY_FLAGS_NONE,
+ (GDBusInterfaceInfo *) &vmstate1_interface_info,
+ names[i],
+ "/org/qemu/VMState1",
+ "org.qemu.VMState1",
+ NULL, err);
+ if (!proxy) {
+ return NULL;
+ }
+
+ result = g_dbus_proxy_get_cached_property(proxy, "Id");
+ if (!result) {
+ g_set_error_literal(err, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "VMState Id property is missing.");
+ return NULL;
+ }
+
+ id = g_variant_dup_string(result, &size);
+ if (ids && !g_hash_table_remove(ids, id)) {
+ g_clear_pointer(&id, g_free);
+ g_clear_object(&proxy);
+ continue;
+ }
+ if (size == 0 || size >= 256) {
+ g_set_error(err, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "VMState Id '%s' is invalid.", id);
+ return NULL;
+ }
+
+ if (!g_hash_table_insert(proxies, id, proxy)) {
+ g_set_error(err, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Duplicated VMState Id '%s'", id);
+ return NULL;
+ }
+ id = NULL;
+ proxy = NULL;
+
+ g_clear_pointer(&result, g_variant_unref);
+ }
+
+ if (ids) {
+ g_autofree char **left = NULL;
+
+ left = (char **)g_hash_table_get_keys_as_array(ids, NULL);
+ if (*left) {
+ g_autofree char *leftids = g_strjoinv(",", left);
+ g_set_error(err, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Required VMState Id are missing: %s", leftids);
+ return NULL;
+ }
+ }
+
+ return g_steal_pointer(&proxies);
+}
+
+static int
+dbus_load_state_proxy(GDBusProxy *proxy, const uint8_t *data, size_t size)
+{
+ g_autoptr(GError) err = NULL;
+ g_autoptr(GVariant) result = NULL;
+ g_autoptr(GVariant) value = NULL;
+
+ value = g_variant_new_fixed_array(G_VARIANT_TYPE_BYTE,
+ data, size, sizeof(char));
+ result = g_dbus_proxy_call_sync(proxy, "Load",
+ g_variant_new("(@ay)",
+ g_steal_pointer(&value)),
+ G_DBUS_CALL_FLAGS_NO_AUTO_START,
+ -1, NULL, &err);
+ if (!result) {
+ error_report("%s: Failed to Load: %s", __func__, err->message);
+ return -1;
+ }
+
+ return 0;
+}
+
+static int dbus_vmstate_post_load(void *opaque, int version_id)
+{
+ DBusVMState *self = DBUS_VMSTATE(opaque);
+ g_autoptr(GInputStream) m = NULL;
+ g_autoptr(GDataInputStream) s = NULL;
+ g_autoptr(GError) err = NULL;
+ g_autoptr(GHashTable) proxies = NULL;
+ uint32_t nelem;
+
+ trace_dbus_vmstate_post_load(version_id);
+
+ proxies = dbus_get_proxies(self, &err);
+ if (!proxies) {
+ error_report("%s: Failed to get proxies: %s", __func__, err->message);
+ return -1;
+ }
+
+ m = g_memory_input_stream_new_from_data(self->data, self->data_size, NULL);
+ s = g_data_input_stream_new(m);
+ g_data_input_stream_set_byte_order(s, G_DATA_STREAM_BYTE_ORDER_BIG_ENDIAN);
+ g_buffered_input_stream_set_buffer_size(G_BUFFERED_INPUT_STREAM(s),
+ DBUS_VMSTATE_SIZE_LIMIT);
+
+ nelem = g_data_input_stream_read_uint32(s, NULL, &err);
+ if (err) {
+ goto error;
+ }
+
+ while (nelem > 0) {
+ GDBusProxy *proxy = NULL;
+ uint32_t len;
+ gsize bytes_read, avail;
+ char id[256];
+
+ len = g_data_input_stream_read_uint32(s, NULL, &err);
+ if (err) {
+ goto error;
+ }
+ if (len >= 256) {
+ error_report("%s: Invalid DBus vmstate proxy name %u",
+ __func__, len);
+ return -1;
+ }
+ if (!g_input_stream_read_all(G_INPUT_STREAM(s), id, len,
+ &bytes_read, NULL, &err)) {
+ goto error;
+ }
+ if (bytes_read != len) {
+ error_report("%s: Short read", __func__);
+ return -1;
+ }
+ id[len] = 0;
+
+ trace_dbus_vmstate_loading(id);
+
+ proxy = g_hash_table_lookup(proxies, id);
+ if (!proxy) {
+ error_report("%s: Failed to find proxy Id '%s'", __func__, id);
+ return -1;
+ }
+
+ len = g_data_input_stream_read_uint32(s, NULL, &err);
+ if (len > DBUS_VMSTATE_SIZE_LIMIT) {
+ error_report("%s: Invalid vmstate size: %u", __func__, len);
+ return -1;
+ }
+
+ g_buffered_input_stream_fill(G_BUFFERED_INPUT_STREAM(s), len, NULL,
+ &err);
+ if (err) {
+ goto error;
+ }
+
+ avail = g_buffered_input_stream_get_available(
+ G_BUFFERED_INPUT_STREAM(s));
+ if (len > avail) {
+ error_report("%s: Not enough data available to load for Id: '%s'. "
+ "Available data size: %zu, Actual vmstate size: %u",
+ __func__, id, avail, len);
+ return -1;
+ }
+
+ if (dbus_load_state_proxy(proxy,
+ g_buffered_input_stream_peek_buffer(G_BUFFERED_INPUT_STREAM(s),
+ NULL),
+ len) < 0) {
+ error_report("%s: Failed to restore Id '%s'", __func__, id);
+ return -1;
+ }
+
+ if (!g_seekable_seek(G_SEEKABLE(s), len, G_SEEK_CUR, NULL, &err)) {
+ goto error;
+ }
+
+ nelem -= 1;
+ }
+
+ return 0;
+
+error:
+ error_report("%s: Failed to read from stream: %s", __func__, err->message);
+ return -1;
+}
+
+static void
+dbus_save_state_proxy(gpointer key,
+ gpointer value,
+ gpointer user_data)
+{
+ GDataOutputStream *s = user_data;
+ const char *id = key;
+ GDBusProxy *proxy = value;
+ g_autoptr(GVariant) result = NULL;
+ g_autoptr(GVariant) child = NULL;
+ g_autoptr(GError) err = NULL;
+ const uint8_t *data;
+ gsize size;
+
+ trace_dbus_vmstate_saving(id);
+
+ result = g_dbus_proxy_call_sync(proxy, "Save",
+ NULL, G_DBUS_CALL_FLAGS_NO_AUTO_START,
+ -1, NULL, &err);
+ if (!result) {
+ error_report("%s: Failed to Save: %s", __func__, err->message);
+ return;
+ }
+
+ child = g_variant_get_child_value(result, 0);
+ data = g_variant_get_fixed_array(child, &size, sizeof(char));
+ if (!data) {
+ error_report("%s: Failed to Save: not a byte array", __func__);
+ return;
+ }
+ if (size > DBUS_VMSTATE_SIZE_LIMIT) {
+ error_report("%s: Too large vmstate data to save: %zu",
+ __func__, (size_t)size);
+ return;
+ }
+
+ if (!g_data_output_stream_put_uint32(s, strlen(id), NULL, &err) ||
+ !g_data_output_stream_put_string(s, id, NULL, &err) ||
+ !g_data_output_stream_put_uint32(s, size, NULL, &err) ||
+ !g_output_stream_write_all(G_OUTPUT_STREAM(s),
+ data, size, NULL, NULL, &err)) {
+ error_report("%s: Failed to write to stream: %s",
+ __func__, err->message);
+ }
+}
+
+static int dbus_vmstate_pre_save(void *opaque)
+{
+ DBusVMState *self = DBUS_VMSTATE(opaque);
+ g_autoptr(GOutputStream) m = NULL;
+ g_autoptr(GDataOutputStream) s = NULL;
+ g_autoptr(GHashTable) proxies = NULL;
+ g_autoptr(GError) err = NULL;
+
+ trace_dbus_vmstate_pre_save();
+
+ proxies = dbus_get_proxies(self, &err);
+ if (!proxies) {
+ error_report("%s: Failed to get proxies: %s", __func__, err->message);
+ return -1;
+ }
+
+ m = g_memory_output_stream_new_resizable();
+ s = g_data_output_stream_new(m);
+ g_data_output_stream_set_byte_order(s, G_DATA_STREAM_BYTE_ORDER_BIG_ENDIAN);
+
+ if (!g_data_output_stream_put_uint32(s, g_hash_table_size(proxies),
+ NULL, &err)) {
+ error_report("%s: Failed to write to stream: %s",
+ __func__, err->message);
+ return -1;
+ }
+
+ g_hash_table_foreach(proxies, dbus_save_state_proxy, s);
+
+ if (g_memory_output_stream_get_size(G_MEMORY_OUTPUT_STREAM(m))
+ > UINT32_MAX) {
+ error_report("%s: DBus vmstate buffer is too large", __func__);
+ return -1;
+ }
+
+ if (!g_output_stream_close(G_OUTPUT_STREAM(m), NULL, &err)) {
+ error_report("%s: Failed to close stream: %s", __func__, err->message);
+ return -1;
+ }
+
+ g_free(self->data);
+ self->data_size =
+ g_memory_output_stream_get_size(G_MEMORY_OUTPUT_STREAM(m));
+ self->data =
+ g_memory_output_stream_steal_data(G_MEMORY_OUTPUT_STREAM(m));
+
+ return 0;
+}
+
+static const VMStateDescription dbus_vmstate = {
+ .name = TYPE_DBUS_VMSTATE,
+ .version_id = 0,
+ .pre_save = dbus_vmstate_pre_save,
+ .post_load = dbus_vmstate_post_load,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT32(data_size, DBusVMState),
+ VMSTATE_VBUFFER_ALLOC_UINT32(data, DBusVMState, 0, 0, data_size),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void
+dbus_vmstate_complete(UserCreatable *uc, Error **errp)
+{
+ DBusVMState *self = DBUS_VMSTATE(uc);
+ g_autoptr(GError) err = NULL;
+
+ if (!object_resolve_path_type("", TYPE_DBUS_VMSTATE, NULL)) {
+ error_setg(errp, "There is already an instance of %s",
+ TYPE_DBUS_VMSTATE);
+ return;
+ }
+
+ if (!self->dbus_addr) {
+ error_setg(errp, QERR_MISSING_PARAMETER, "addr");
+ return;
+ }
+
+ self->bus = g_dbus_connection_new_for_address_sync(self->dbus_addr,
+ G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT |
+ G_DBUS_CONNECTION_FLAGS_MESSAGE_BUS_CONNECTION,
+ NULL, NULL, &err);
+ if (err) {
+ error_setg(errp, "failed to connect to DBus: '%s'", err->message);
+ return;
+ }
+
+ if (vmstate_register(VMSTATE_IF(self), VMSTATE_INSTANCE_ID_ANY,
+ &dbus_vmstate, self) < 0) {
+ error_setg(errp, "Failed to register vmstate");
+ }
+}
+
+static void
+dbus_vmstate_finalize(Object *o)
+{
+ DBusVMState *self = DBUS_VMSTATE(o);
+
+ vmstate_unregister(VMSTATE_IF(self), &dbus_vmstate, self);
+
+ g_clear_object(&self->bus);
+ g_free(self->dbus_addr);
+ g_free(self->id_list);
+ g_free(self->data);
+}
+
+static char *
+get_dbus_addr(Object *o, Error **errp)
+{
+ DBusVMState *self = DBUS_VMSTATE(o);
+
+ return g_strdup(self->dbus_addr);
+}
+
+static void
+set_dbus_addr(Object *o, const char *str, Error **errp)
+{
+ DBusVMState *self = DBUS_VMSTATE(o);
+
+ g_free(self->dbus_addr);
+ self->dbus_addr = g_strdup(str);
+}
+
+static char *
+get_id_list(Object *o, Error **errp)
+{
+ DBusVMState *self = DBUS_VMSTATE(o);
+
+ return g_strdup(self->id_list);
+}
+
+static void
+set_id_list(Object *o, const char *str, Error **errp)
+{
+ DBusVMState *self = DBUS_VMSTATE(o);
+
+ g_free(self->id_list);
+ self->id_list = g_strdup(str);
+}
+
+static char *
+dbus_vmstate_get_id(VMStateIf *vmif)
+{
+ return g_strdup(TYPE_DBUS_VMSTATE);
+}
+
+static void
+dbus_vmstate_class_init(ObjectClass *oc, void *data)
+{
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+ VMStateIfClass *vc = VMSTATE_IF_CLASS(oc);
+
+ ucc->complete = dbus_vmstate_complete;
+ vc->get_id = dbus_vmstate_get_id;
+
+ object_class_property_add_str(oc, "addr",
+ get_dbus_addr, set_dbus_addr);
+ object_class_property_add_str(oc, "id-list",
+ get_id_list, set_id_list);
+}
+
+static const TypeInfo dbus_vmstate_info = {
+ .name = TYPE_DBUS_VMSTATE,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(DBusVMState),
+ .instance_finalize = dbus_vmstate_finalize,
+ .class_init = dbus_vmstate_class_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { TYPE_VMSTATE_IF },
+ { }
+ }
+};
+
+static void
+register_types(void)
+{
+ type_register_static(&dbus_vmstate_info);
+}
+
+type_init(register_types);
diff --git a/backends/hostmem-epc.c b/backends/hostmem-epc.c
new file mode 100644
index 000000000..b47f98b6a
--- /dev/null
+++ b/backends/hostmem-epc.c
@@ -0,0 +1,82 @@
+/*
+ * QEMU host SGX EPC memory backend
+ *
+ * Copyright (C) 2019 Intel Corporation
+ *
+ * Authors:
+ * Sean Christopherson <sean.j.christopherson@intel.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include <sys/ioctl.h>
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "qom/object_interfaces.h"
+#include "qapi/error.h"
+#include "sysemu/hostmem.h"
+#include "hw/i386/hostmem-epc.h"
+
+static void
+sgx_epc_backend_memory_alloc(HostMemoryBackend *backend, Error **errp)
+{
+ uint32_t ram_flags;
+ char *name;
+ int fd;
+
+ if (!backend->size) {
+ error_setg(errp, "can't create backend with size 0");
+ return;
+ }
+
+ fd = qemu_open_old("/dev/sgx_vepc", O_RDWR);
+ if (fd < 0) {
+ error_setg_errno(errp, errno,
+ "failed to open /dev/sgx_vepc to alloc SGX EPC");
+ return;
+ }
+
+ name = object_get_canonical_path(OBJECT(backend));
+ ram_flags = (backend->share ? RAM_SHARED : 0) | RAM_PROTECTED;
+ memory_region_init_ram_from_fd(&backend->mr, OBJECT(backend),
+ name, backend->size, ram_flags,
+ fd, 0, errp);
+ g_free(name);
+}
+
+static void sgx_epc_backend_instance_init(Object *obj)
+{
+ HostMemoryBackend *m = MEMORY_BACKEND(obj);
+
+ m->share = true;
+ m->merge = false;
+ m->dump = false;
+}
+
+static void sgx_epc_backend_class_init(ObjectClass *oc, void *data)
+{
+ HostMemoryBackendClass *bc = MEMORY_BACKEND_CLASS(oc);
+
+ bc->alloc = sgx_epc_backend_memory_alloc;
+}
+
+static const TypeInfo sgx_epc_backed_info = {
+ .name = TYPE_MEMORY_BACKEND_EPC,
+ .parent = TYPE_MEMORY_BACKEND,
+ .instance_init = sgx_epc_backend_instance_init,
+ .class_init = sgx_epc_backend_class_init,
+ .instance_size = sizeof(HostMemoryBackendEpc),
+};
+
+static void register_types(void)
+{
+ int fd = qemu_open_old("/dev/sgx_vepc", O_RDWR);
+ if (fd >= 0) {
+ close(fd);
+
+ type_register_static(&sgx_epc_backed_info);
+ }
+}
+
+type_init(register_types);
diff --git a/backends/hostmem-file.c b/backends/hostmem-file.c
new file mode 100644
index 000000000..cd038024f
--- /dev/null
+++ b/backends/hostmem-file.c
@@ -0,0 +1,228 @@
+/*
+ * QEMU Host Memory Backend for hugetlbfs
+ *
+ * Copyright (C) 2013-2014 Red Hat Inc
+ *
+ * Authors:
+ * Paolo Bonzini <pbonzini@redhat.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+#include "qemu/module.h"
+#include "sysemu/hostmem.h"
+#include "qom/object_interfaces.h"
+#include "qom/object.h"
+
+OBJECT_DECLARE_SIMPLE_TYPE(HostMemoryBackendFile, MEMORY_BACKEND_FILE)
+
+
+struct HostMemoryBackendFile {
+ HostMemoryBackend parent_obj;
+
+ char *mem_path;
+ uint64_t align;
+ bool discard_data;
+ bool is_pmem;
+ bool readonly;
+};
+
+static void
+file_backend_memory_alloc(HostMemoryBackend *backend, Error **errp)
+{
+#ifndef CONFIG_POSIX
+ error_setg(errp, "backend '%s' not supported on this host",
+ object_get_typename(OBJECT(backend)));
+#else
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(backend);
+ uint32_t ram_flags;
+ gchar *name;
+
+ if (!backend->size) {
+ error_setg(errp, "can't create backend with size 0");
+ return;
+ }
+ if (!fb->mem_path) {
+ error_setg(errp, "mem-path property not set");
+ return;
+ }
+
+ name = host_memory_backend_get_name(backend);
+ ram_flags = backend->share ? RAM_SHARED : 0;
+ ram_flags |= backend->reserve ? 0 : RAM_NORESERVE;
+ ram_flags |= fb->is_pmem ? RAM_PMEM : 0;
+ memory_region_init_ram_from_file(&backend->mr, OBJECT(backend), name,
+ backend->size, fb->align, ram_flags,
+ fb->mem_path, fb->readonly, errp);
+ g_free(name);
+#endif
+}
+
+static char *get_mem_path(Object *o, Error **errp)
+{
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(o);
+
+ return g_strdup(fb->mem_path);
+}
+
+static void set_mem_path(Object *o, const char *str, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(o);
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(o);
+
+ if (host_memory_backend_mr_inited(backend)) {
+ error_setg(errp, "cannot change property 'mem-path' of %s",
+ object_get_typename(o));
+ return;
+ }
+ g_free(fb->mem_path);
+ fb->mem_path = g_strdup(str);
+}
+
+static bool file_memory_backend_get_discard_data(Object *o, Error **errp)
+{
+ return MEMORY_BACKEND_FILE(o)->discard_data;
+}
+
+static void file_memory_backend_set_discard_data(Object *o, bool value,
+ Error **errp)
+{
+ MEMORY_BACKEND_FILE(o)->discard_data = value;
+}
+
+static void file_memory_backend_get_align(Object *o, Visitor *v,
+ const char *name, void *opaque,
+ Error **errp)
+{
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(o);
+ uint64_t val = fb->align;
+
+ visit_type_size(v, name, &val, errp);
+}
+
+static void file_memory_backend_set_align(Object *o, Visitor *v,
+ const char *name, void *opaque,
+ Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(o);
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(o);
+ uint64_t val;
+
+ if (host_memory_backend_mr_inited(backend)) {
+ error_setg(errp, "cannot change property '%s' of %s", name,
+ object_get_typename(o));
+ return;
+ }
+
+ if (!visit_type_size(v, name, &val, errp)) {
+ return;
+ }
+ fb->align = val;
+}
+
+#ifdef CONFIG_LIBPMEM
+static bool file_memory_backend_get_pmem(Object *o, Error **errp)
+{
+ return MEMORY_BACKEND_FILE(o)->is_pmem;
+}
+
+static void file_memory_backend_set_pmem(Object *o, bool value, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(o);
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(o);
+
+ if (host_memory_backend_mr_inited(backend)) {
+ error_setg(errp, "cannot change property 'pmem' of %s.",
+ object_get_typename(o));
+ return;
+ }
+
+ fb->is_pmem = value;
+}
+#endif /* CONFIG_LIBPMEM */
+
+static bool file_memory_backend_get_readonly(Object *obj, Error **errp)
+{
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(obj);
+
+ return fb->readonly;
+}
+
+static void file_memory_backend_set_readonly(Object *obj, bool value,
+ Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(obj);
+
+ if (host_memory_backend_mr_inited(backend)) {
+ error_setg(errp, "cannot change property 'readonly' of %s.",
+ object_get_typename(obj));
+ return;
+ }
+
+ fb->readonly = value;
+}
+
+static void file_backend_unparent(Object *obj)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(obj);
+
+ if (host_memory_backend_mr_inited(backend) && fb->discard_data) {
+ void *ptr = memory_region_get_ram_ptr(&backend->mr);
+ uint64_t sz = memory_region_size(&backend->mr);
+
+ qemu_madvise(ptr, sz, QEMU_MADV_REMOVE);
+ }
+}
+
+static void
+file_backend_class_init(ObjectClass *oc, void *data)
+{
+ HostMemoryBackendClass *bc = MEMORY_BACKEND_CLASS(oc);
+
+ bc->alloc = file_backend_memory_alloc;
+ oc->unparent = file_backend_unparent;
+
+ object_class_property_add_bool(oc, "discard-data",
+ file_memory_backend_get_discard_data, file_memory_backend_set_discard_data);
+ object_class_property_add_str(oc, "mem-path",
+ get_mem_path, set_mem_path);
+ object_class_property_add(oc, "align", "int",
+ file_memory_backend_get_align,
+ file_memory_backend_set_align,
+ NULL, NULL);
+#ifdef CONFIG_LIBPMEM
+ object_class_property_add_bool(oc, "pmem",
+ file_memory_backend_get_pmem, file_memory_backend_set_pmem);
+#endif
+ object_class_property_add_bool(oc, "readonly",
+ file_memory_backend_get_readonly,
+ file_memory_backend_set_readonly);
+}
+
+static void file_backend_instance_finalize(Object *o)
+{
+ HostMemoryBackendFile *fb = MEMORY_BACKEND_FILE(o);
+
+ g_free(fb->mem_path);
+}
+
+static const TypeInfo file_backend_info = {
+ .name = TYPE_MEMORY_BACKEND_FILE,
+ .parent = TYPE_MEMORY_BACKEND,
+ .class_init = file_backend_class_init,
+ .instance_finalize = file_backend_instance_finalize,
+ .instance_size = sizeof(HostMemoryBackendFile),
+};
+
+static void register_types(void)
+{
+ type_register_static(&file_backend_info);
+}
+
+type_init(register_types);
diff --git a/backends/hostmem-memfd.c b/backends/hostmem-memfd.c
new file mode 100644
index 000000000..3fc85c3db
--- /dev/null
+++ b/backends/hostmem-memfd.c
@@ -0,0 +1,172 @@
+/*
+ * QEMU host memfd memory backend
+ *
+ * Copyright (C) 2018 Red Hat Inc
+ *
+ * Authors:
+ * Marc-André Lureau <marcandre.lureau@redhat.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/hostmem.h"
+#include "qom/object_interfaces.h"
+#include "qemu/memfd.h"
+#include "qemu/module.h"
+#include "qapi/error.h"
+#include "qom/object.h"
+
+#define TYPE_MEMORY_BACKEND_MEMFD "memory-backend-memfd"
+
+OBJECT_DECLARE_SIMPLE_TYPE(HostMemoryBackendMemfd, MEMORY_BACKEND_MEMFD)
+
+
+struct HostMemoryBackendMemfd {
+ HostMemoryBackend parent_obj;
+
+ bool hugetlb;
+ uint64_t hugetlbsize;
+ bool seal;
+};
+
+static void
+memfd_backend_memory_alloc(HostMemoryBackend *backend, Error **errp)
+{
+ HostMemoryBackendMemfd *m = MEMORY_BACKEND_MEMFD(backend);
+ uint32_t ram_flags;
+ char *name;
+ int fd;
+
+ if (!backend->size) {
+ error_setg(errp, "can't create backend with size 0");
+ return;
+ }
+
+ fd = qemu_memfd_create(TYPE_MEMORY_BACKEND_MEMFD, backend->size,
+ m->hugetlb, m->hugetlbsize, m->seal ?
+ F_SEAL_GROW | F_SEAL_SHRINK | F_SEAL_SEAL : 0,
+ errp);
+ if (fd == -1) {
+ return;
+ }
+
+ name = host_memory_backend_get_name(backend);
+ ram_flags = backend->share ? RAM_SHARED : 0;
+ ram_flags |= backend->reserve ? 0 : RAM_NORESERVE;
+ memory_region_init_ram_from_fd(&backend->mr, OBJECT(backend), name,
+ backend->size, ram_flags, fd, 0, errp);
+ g_free(name);
+}
+
+static bool
+memfd_backend_get_hugetlb(Object *o, Error **errp)
+{
+ return MEMORY_BACKEND_MEMFD(o)->hugetlb;
+}
+
+static void
+memfd_backend_set_hugetlb(Object *o, bool value, Error **errp)
+{
+ MEMORY_BACKEND_MEMFD(o)->hugetlb = value;
+}
+
+static void
+memfd_backend_set_hugetlbsize(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ HostMemoryBackendMemfd *m = MEMORY_BACKEND_MEMFD(obj);
+ uint64_t value;
+
+ if (host_memory_backend_mr_inited(MEMORY_BACKEND(obj))) {
+ error_setg(errp, "cannot change property value");
+ return;
+ }
+
+ if (!visit_type_size(v, name, &value, errp)) {
+ return;
+ }
+ if (!value) {
+ error_setg(errp, "Property '%s.%s' doesn't take value '%" PRIu64 "'",
+ object_get_typename(obj), name, value);
+ return;
+ }
+ m->hugetlbsize = value;
+}
+
+static void
+memfd_backend_get_hugetlbsize(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ HostMemoryBackendMemfd *m = MEMORY_BACKEND_MEMFD(obj);
+ uint64_t value = m->hugetlbsize;
+
+ visit_type_size(v, name, &value, errp);
+}
+
+static bool
+memfd_backend_get_seal(Object *o, Error **errp)
+{
+ return MEMORY_BACKEND_MEMFD(o)->seal;
+}
+
+static void
+memfd_backend_set_seal(Object *o, bool value, Error **errp)
+{
+ MEMORY_BACKEND_MEMFD(o)->seal = value;
+}
+
+static void
+memfd_backend_instance_init(Object *obj)
+{
+ HostMemoryBackendMemfd *m = MEMORY_BACKEND_MEMFD(obj);
+
+ /* default to sealed file */
+ m->seal = true;
+ MEMORY_BACKEND(m)->share = true;
+}
+
+static void
+memfd_backend_class_init(ObjectClass *oc, void *data)
+{
+ HostMemoryBackendClass *bc = MEMORY_BACKEND_CLASS(oc);
+
+ bc->alloc = memfd_backend_memory_alloc;
+
+ if (qemu_memfd_check(MFD_HUGETLB)) {
+ object_class_property_add_bool(oc, "hugetlb",
+ memfd_backend_get_hugetlb,
+ memfd_backend_set_hugetlb);
+ object_class_property_set_description(oc, "hugetlb",
+ "Use huge pages");
+ object_class_property_add(oc, "hugetlbsize", "int",
+ memfd_backend_get_hugetlbsize,
+ memfd_backend_set_hugetlbsize,
+ NULL, NULL);
+ object_class_property_set_description(oc, "hugetlbsize",
+ "Huge pages size (ex: 2M, 1G)");
+ }
+ object_class_property_add_bool(oc, "seal",
+ memfd_backend_get_seal,
+ memfd_backend_set_seal);
+ object_class_property_set_description(oc, "seal",
+ "Seal growing & shrinking");
+}
+
+static const TypeInfo memfd_backend_info = {
+ .name = TYPE_MEMORY_BACKEND_MEMFD,
+ .parent = TYPE_MEMORY_BACKEND,
+ .instance_init = memfd_backend_instance_init,
+ .class_init = memfd_backend_class_init,
+ .instance_size = sizeof(HostMemoryBackendMemfd),
+};
+
+static void register_types(void)
+{
+ if (qemu_memfd_check(MFD_ALLOW_SEALING)) {
+ type_register_static(&memfd_backend_info);
+ }
+}
+
+type_init(register_types);
diff --git a/backends/hostmem-ram.c b/backends/hostmem-ram.c
new file mode 100644
index 000000000..b8e55cdbd
--- /dev/null
+++ b/backends/hostmem-ram.c
@@ -0,0 +1,57 @@
+/*
+ * QEMU Host Memory Backend
+ *
+ * Copyright (C) 2013-2014 Red Hat Inc
+ *
+ * Authors:
+ * Igor Mammedov <imammedo@redhat.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/hostmem.h"
+#include "qapi/error.h"
+#include "qemu/module.h"
+#include "qom/object_interfaces.h"
+
+static void
+ram_backend_memory_alloc(HostMemoryBackend *backend, Error **errp)
+{
+ uint32_t ram_flags;
+ char *name;
+
+ if (!backend->size) {
+ error_setg(errp, "can't create backend with size 0");
+ return;
+ }
+
+ name = host_memory_backend_get_name(backend);
+ ram_flags = backend->share ? RAM_SHARED : 0;
+ ram_flags |= backend->reserve ? 0 : RAM_NORESERVE;
+ memory_region_init_ram_flags_nomigrate(&backend->mr, OBJECT(backend), name,
+ backend->size, ram_flags, errp);
+ g_free(name);
+}
+
+static void
+ram_backend_class_init(ObjectClass *oc, void *data)
+{
+ HostMemoryBackendClass *bc = MEMORY_BACKEND_CLASS(oc);
+
+ bc->alloc = ram_backend_memory_alloc;
+}
+
+static const TypeInfo ram_backend_info = {
+ .name = TYPE_MEMORY_BACKEND_RAM,
+ .parent = TYPE_MEMORY_BACKEND,
+ .class_init = ram_backend_class_init,
+};
+
+static void register_types(void)
+{
+ type_register_static(&ram_backend_info);
+}
+
+type_init(register_types);
diff --git a/backends/hostmem.c b/backends/hostmem.c
new file mode 100644
index 000000000..4c05862ed
--- /dev/null
+++ b/backends/hostmem.c
@@ -0,0 +1,567 @@
+/*
+ * QEMU Host Memory Backend
+ *
+ * Copyright (C) 2013-2014 Red Hat Inc
+ *
+ * Authors:
+ * Igor Mammedov <imammedo@redhat.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/hostmem.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "qapi/qapi-builtin-visit.h"
+#include "qapi/visitor.h"
+#include "qemu/config-file.h"
+#include "qom/object_interfaces.h"
+#include "qemu/mmap-alloc.h"
+
+#ifdef CONFIG_NUMA
+#include <numaif.h>
+QEMU_BUILD_BUG_ON(HOST_MEM_POLICY_DEFAULT != MPOL_DEFAULT);
+QEMU_BUILD_BUG_ON(HOST_MEM_POLICY_PREFERRED != MPOL_PREFERRED);
+QEMU_BUILD_BUG_ON(HOST_MEM_POLICY_BIND != MPOL_BIND);
+QEMU_BUILD_BUG_ON(HOST_MEM_POLICY_INTERLEAVE != MPOL_INTERLEAVE);
+#endif
+
+char *
+host_memory_backend_get_name(HostMemoryBackend *backend)
+{
+ if (!backend->use_canonical_path) {
+ return g_strdup(object_get_canonical_path_component(OBJECT(backend)));
+ }
+
+ return object_get_canonical_path(OBJECT(backend));
+}
+
+static void
+host_memory_backend_get_size(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ uint64_t value = backend->size;
+
+ visit_type_size(v, name, &value, errp);
+}
+
+static void
+host_memory_backend_set_size(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ uint64_t value;
+
+ if (host_memory_backend_mr_inited(backend)) {
+ error_setg(errp, "cannot change property %s of %s ", name,
+ object_get_typename(obj));
+ return;
+ }
+
+ if (!visit_type_size(v, name, &value, errp)) {
+ return;
+ }
+ if (!value) {
+ error_setg(errp,
+ "property '%s' of %s doesn't take value '%" PRIu64 "'",
+ name, object_get_typename(obj), value);
+ return;
+ }
+ backend->size = value;
+}
+
+static void
+host_memory_backend_get_host_nodes(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ uint16List *host_nodes = NULL;
+ uint16List **tail = &host_nodes;
+ unsigned long value;
+
+ value = find_first_bit(backend->host_nodes, MAX_NODES);
+ if (value == MAX_NODES) {
+ goto ret;
+ }
+
+ QAPI_LIST_APPEND(tail, value);
+
+ do {
+ value = find_next_bit(backend->host_nodes, MAX_NODES, value + 1);
+ if (value == MAX_NODES) {
+ break;
+ }
+
+ QAPI_LIST_APPEND(tail, value);
+ } while (true);
+
+ret:
+ visit_type_uint16List(v, name, &host_nodes, errp);
+ qapi_free_uint16List(host_nodes);
+}
+
+static void
+host_memory_backend_set_host_nodes(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+#ifdef CONFIG_NUMA
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ uint16List *l, *host_nodes = NULL;
+
+ visit_type_uint16List(v, name, &host_nodes, errp);
+
+ for (l = host_nodes; l; l = l->next) {
+ if (l->value >= MAX_NODES) {
+ error_setg(errp, "Invalid host-nodes value: %d", l->value);
+ goto out;
+ }
+ }
+
+ for (l = host_nodes; l; l = l->next) {
+ bitmap_set(backend->host_nodes, l->value, 1);
+ }
+
+out:
+ qapi_free_uint16List(host_nodes);
+#else
+ error_setg(errp, "NUMA node binding are not supported by this QEMU");
+#endif
+}
+
+static int
+host_memory_backend_get_policy(Object *obj, Error **errp G_GNUC_UNUSED)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ return backend->policy;
+}
+
+static void
+host_memory_backend_set_policy(Object *obj, int policy, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ backend->policy = policy;
+
+#ifndef CONFIG_NUMA
+ if (policy != HOST_MEM_POLICY_DEFAULT) {
+ error_setg(errp, "NUMA policies are not supported by this QEMU");
+ }
+#endif
+}
+
+static bool host_memory_backend_get_merge(Object *obj, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+
+ return backend->merge;
+}
+
+static void host_memory_backend_set_merge(Object *obj, bool value, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+
+ if (!host_memory_backend_mr_inited(backend)) {
+ backend->merge = value;
+ return;
+ }
+
+ if (value != backend->merge) {
+ void *ptr = memory_region_get_ram_ptr(&backend->mr);
+ uint64_t sz = memory_region_size(&backend->mr);
+
+ qemu_madvise(ptr, sz,
+ value ? QEMU_MADV_MERGEABLE : QEMU_MADV_UNMERGEABLE);
+ backend->merge = value;
+ }
+}
+
+static bool host_memory_backend_get_dump(Object *obj, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+
+ return backend->dump;
+}
+
+static void host_memory_backend_set_dump(Object *obj, bool value, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+
+ if (!host_memory_backend_mr_inited(backend)) {
+ backend->dump = value;
+ return;
+ }
+
+ if (value != backend->dump) {
+ void *ptr = memory_region_get_ram_ptr(&backend->mr);
+ uint64_t sz = memory_region_size(&backend->mr);
+
+ qemu_madvise(ptr, sz,
+ value ? QEMU_MADV_DODUMP : QEMU_MADV_DONTDUMP);
+ backend->dump = value;
+ }
+}
+
+static bool host_memory_backend_get_prealloc(Object *obj, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+
+ return backend->prealloc;
+}
+
+static void host_memory_backend_set_prealloc(Object *obj, bool value,
+ Error **errp)
+{
+ Error *local_err = NULL;
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+
+ if (!backend->reserve && value) {
+ error_setg(errp, "'prealloc=on' and 'reserve=off' are incompatible");
+ return;
+ }
+
+ if (!host_memory_backend_mr_inited(backend)) {
+ backend->prealloc = value;
+ return;
+ }
+
+ if (value && !backend->prealloc) {
+ int fd = memory_region_get_fd(&backend->mr);
+ void *ptr = memory_region_get_ram_ptr(&backend->mr);
+ uint64_t sz = memory_region_size(&backend->mr);
+
+ os_mem_prealloc(fd, ptr, sz, backend->prealloc_threads, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ return;
+ }
+ backend->prealloc = true;
+ }
+}
+
+static void host_memory_backend_get_prealloc_threads(Object *obj, Visitor *v,
+ const char *name, void *opaque, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ visit_type_uint32(v, name, &backend->prealloc_threads, errp);
+}
+
+static void host_memory_backend_set_prealloc_threads(Object *obj, Visitor *v,
+ const char *name, void *opaque, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ uint32_t value;
+
+ if (!visit_type_uint32(v, name, &value, errp)) {
+ return;
+ }
+ if (value <= 0) {
+ error_setg(errp, "property '%s' of %s doesn't take value '%d'", name,
+ object_get_typename(obj), value);
+ return;
+ }
+ backend->prealloc_threads = value;
+}
+
+static void host_memory_backend_init(Object *obj)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+ MachineState *machine = MACHINE(qdev_get_machine());
+
+ /* TODO: convert access to globals to compat properties */
+ backend->merge = machine_mem_merge(machine);
+ backend->dump = machine_dump_guest_core(machine);
+ backend->reserve = true;
+ backend->prealloc_threads = 1;
+}
+
+static void host_memory_backend_post_init(Object *obj)
+{
+ object_apply_compat_props(obj);
+}
+
+bool host_memory_backend_mr_inited(HostMemoryBackend *backend)
+{
+ /*
+ * NOTE: We forbid zero-length memory backend, so here zero means
+ * "we haven't inited the backend memory region yet".
+ */
+ return memory_region_size(&backend->mr) != 0;
+}
+
+MemoryRegion *host_memory_backend_get_memory(HostMemoryBackend *backend)
+{
+ return host_memory_backend_mr_inited(backend) ? &backend->mr : NULL;
+}
+
+void host_memory_backend_set_mapped(HostMemoryBackend *backend, bool mapped)
+{
+ backend->is_mapped = mapped;
+}
+
+bool host_memory_backend_is_mapped(HostMemoryBackend *backend)
+{
+ return backend->is_mapped;
+}
+
+#ifdef __linux__
+size_t host_memory_backend_pagesize(HostMemoryBackend *memdev)
+{
+ Object *obj = OBJECT(memdev);
+ char *path = object_property_get_str(obj, "mem-path", NULL);
+ size_t pagesize = qemu_mempath_getpagesize(path);
+
+ g_free(path);
+ return pagesize;
+}
+#else
+size_t host_memory_backend_pagesize(HostMemoryBackend *memdev)
+{
+ return qemu_real_host_page_size;
+}
+#endif
+
+static void
+host_memory_backend_memory_complete(UserCreatable *uc, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(uc);
+ HostMemoryBackendClass *bc = MEMORY_BACKEND_GET_CLASS(uc);
+ Error *local_err = NULL;
+ void *ptr;
+ uint64_t sz;
+
+ if (bc->alloc) {
+ bc->alloc(backend, &local_err);
+ if (local_err) {
+ goto out;
+ }
+
+ ptr = memory_region_get_ram_ptr(&backend->mr);
+ sz = memory_region_size(&backend->mr);
+
+ if (backend->merge) {
+ qemu_madvise(ptr, sz, QEMU_MADV_MERGEABLE);
+ }
+ if (!backend->dump) {
+ qemu_madvise(ptr, sz, QEMU_MADV_DONTDUMP);
+ }
+#ifdef CONFIG_NUMA
+ unsigned long lastbit = find_last_bit(backend->host_nodes, MAX_NODES);
+ /* lastbit == MAX_NODES means maxnode = 0 */
+ unsigned long maxnode = (lastbit + 1) % (MAX_NODES + 1);
+ /* ensure policy won't be ignored in case memory is preallocated
+ * before mbind(). note: MPOL_MF_STRICT is ignored on hugepages so
+ * this doesn't catch hugepage case. */
+ unsigned flags = MPOL_MF_STRICT | MPOL_MF_MOVE;
+
+ /* check for invalid host-nodes and policies and give more verbose
+ * error messages than mbind(). */
+ if (maxnode && backend->policy == MPOL_DEFAULT) {
+ error_setg(errp, "host-nodes must be empty for policy default,"
+ " or you should explicitly specify a policy other"
+ " than default");
+ return;
+ } else if (maxnode == 0 && backend->policy != MPOL_DEFAULT) {
+ error_setg(errp, "host-nodes must be set for policy %s",
+ HostMemPolicy_str(backend->policy));
+ return;
+ }
+
+ /* We can have up to MAX_NODES nodes, but we need to pass maxnode+1
+ * as argument to mbind() due to an old Linux bug (feature?) which
+ * cuts off the last specified node. This means backend->host_nodes
+ * must have MAX_NODES+1 bits available.
+ */
+ assert(sizeof(backend->host_nodes) >=
+ BITS_TO_LONGS(MAX_NODES + 1) * sizeof(unsigned long));
+ assert(maxnode <= MAX_NODES);
+
+ if (maxnode &&
+ mbind(ptr, sz, backend->policy, backend->host_nodes, maxnode + 1,
+ flags)) {
+ if (backend->policy != MPOL_DEFAULT || errno != ENOSYS) {
+ error_setg_errno(errp, errno,
+ "cannot bind memory to host NUMA nodes");
+ return;
+ }
+ }
+#endif
+ /* Preallocate memory after the NUMA policy has been instantiated.
+ * This is necessary to guarantee memory is allocated with
+ * specified NUMA policy in place.
+ */
+ if (backend->prealloc) {
+ os_mem_prealloc(memory_region_get_fd(&backend->mr), ptr, sz,
+ backend->prealloc_threads, &local_err);
+ if (local_err) {
+ goto out;
+ }
+ }
+ }
+out:
+ error_propagate(errp, local_err);
+}
+
+static bool
+host_memory_backend_can_be_deleted(UserCreatable *uc)
+{
+ if (host_memory_backend_is_mapped(MEMORY_BACKEND(uc))) {
+ return false;
+ } else {
+ return true;
+ }
+}
+
+static bool host_memory_backend_get_share(Object *o, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(o);
+
+ return backend->share;
+}
+
+static void host_memory_backend_set_share(Object *o, bool value, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(o);
+
+ if (host_memory_backend_mr_inited(backend)) {
+ error_setg(errp, "cannot change property value");
+ return;
+ }
+ backend->share = value;
+}
+
+#ifdef CONFIG_LINUX
+static bool host_memory_backend_get_reserve(Object *o, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(o);
+
+ return backend->reserve;
+}
+
+static void host_memory_backend_set_reserve(Object *o, bool value, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(o);
+
+ if (host_memory_backend_mr_inited(backend)) {
+ error_setg(errp, "cannot change property value");
+ return;
+ }
+ if (backend->prealloc && !value) {
+ error_setg(errp, "'prealloc=on' and 'reserve=off' are incompatible");
+ return;
+ }
+ backend->reserve = value;
+}
+#endif /* CONFIG_LINUX */
+
+static bool
+host_memory_backend_get_use_canonical_path(Object *obj, Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+
+ return backend->use_canonical_path;
+}
+
+static void
+host_memory_backend_set_use_canonical_path(Object *obj, bool value,
+ Error **errp)
+{
+ HostMemoryBackend *backend = MEMORY_BACKEND(obj);
+
+ backend->use_canonical_path = value;
+}
+
+static void
+host_memory_backend_class_init(ObjectClass *oc, void *data)
+{
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+
+ ucc->complete = host_memory_backend_memory_complete;
+ ucc->can_be_deleted = host_memory_backend_can_be_deleted;
+
+ object_class_property_add_bool(oc, "merge",
+ host_memory_backend_get_merge,
+ host_memory_backend_set_merge);
+ object_class_property_set_description(oc, "merge",
+ "Mark memory as mergeable");
+ object_class_property_add_bool(oc, "dump",
+ host_memory_backend_get_dump,
+ host_memory_backend_set_dump);
+ object_class_property_set_description(oc, "dump",
+ "Set to 'off' to exclude from core dump");
+ object_class_property_add_bool(oc, "prealloc",
+ host_memory_backend_get_prealloc,
+ host_memory_backend_set_prealloc);
+ object_class_property_set_description(oc, "prealloc",
+ "Preallocate memory");
+ object_class_property_add(oc, "prealloc-threads", "int",
+ host_memory_backend_get_prealloc_threads,
+ host_memory_backend_set_prealloc_threads,
+ NULL, NULL);
+ object_class_property_set_description(oc, "prealloc-threads",
+ "Number of CPU threads to use for prealloc");
+ object_class_property_add(oc, "size", "int",
+ host_memory_backend_get_size,
+ host_memory_backend_set_size,
+ NULL, NULL);
+ object_class_property_set_description(oc, "size",
+ "Size of the memory region (ex: 500M)");
+ object_class_property_add(oc, "host-nodes", "int",
+ host_memory_backend_get_host_nodes,
+ host_memory_backend_set_host_nodes,
+ NULL, NULL);
+ object_class_property_set_description(oc, "host-nodes",
+ "Binds memory to the list of NUMA host nodes");
+ object_class_property_add_enum(oc, "policy", "HostMemPolicy",
+ &HostMemPolicy_lookup,
+ host_memory_backend_get_policy,
+ host_memory_backend_set_policy);
+ object_class_property_set_description(oc, "policy",
+ "Set the NUMA policy");
+ object_class_property_add_bool(oc, "share",
+ host_memory_backend_get_share, host_memory_backend_set_share);
+ object_class_property_set_description(oc, "share",
+ "Mark the memory as private to QEMU or shared");
+#ifdef CONFIG_LINUX
+ object_class_property_add_bool(oc, "reserve",
+ host_memory_backend_get_reserve, host_memory_backend_set_reserve);
+ object_class_property_set_description(oc, "reserve",
+ "Reserve swap space (or huge pages) if applicable");
+#endif /* CONFIG_LINUX */
+ /*
+ * Do not delete/rename option. This option must be considered stable
+ * (as if it didn't have the 'x-' prefix including deprecation period) as
+ * long as 4.0 and older machine types exists.
+ * Option will be used by upper layers to override (disable) canonical path
+ * for ramblock-id set by compat properties on old machine types ( <= 4.0),
+ * to keep migration working when backend is used for main RAM with
+ * -machine memory-backend= option (main RAM historically used prefix-less
+ * ramblock-id).
+ */
+ object_class_property_add_bool(oc, "x-use-canonical-path-for-ramblock-id",
+ host_memory_backend_get_use_canonical_path,
+ host_memory_backend_set_use_canonical_path);
+}
+
+static const TypeInfo host_memory_backend_info = {
+ .name = TYPE_MEMORY_BACKEND,
+ .parent = TYPE_OBJECT,
+ .abstract = true,
+ .class_size = sizeof(HostMemoryBackendClass),
+ .class_init = host_memory_backend_class_init,
+ .instance_size = sizeof(HostMemoryBackend),
+ .instance_init = host_memory_backend_init,
+ .instance_post_init = host_memory_backend_post_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+static void register_types(void)
+{
+ type_register_static(&host_memory_backend_info);
+}
+
+type_init(register_types);
diff --git a/backends/meson.build b/backends/meson.build
new file mode 100644
index 000000000..6e6894552
--- /dev/null
+++ b/backends/meson.build
@@ -0,0 +1,21 @@
+softmmu_ss.add([files(
+ 'cryptodev-builtin.c',
+ 'cryptodev.c',
+ 'hostmem-ram.c',
+ 'hostmem.c',
+ 'rng-builtin.c',
+ 'rng-egd.c',
+ 'rng.c',
+ 'confidential-guest-support.c',
+), numa])
+
+softmmu_ss.add(when: 'CONFIG_POSIX', if_true: files('rng-random.c'))
+softmmu_ss.add(when: 'CONFIG_POSIX', if_true: files('hostmem-file.c'))
+softmmu_ss.add(when: 'CONFIG_LINUX', if_true: files('hostmem-memfd.c'))
+softmmu_ss.add(when: ['CONFIG_VHOST_USER', 'CONFIG_VIRTIO'], if_true: files('vhost-user.c'))
+softmmu_ss.add(when: 'CONFIG_VIRTIO_CRYPTO', if_true: files('cryptodev-vhost.c'))
+softmmu_ss.add(when: ['CONFIG_VIRTIO_CRYPTO', 'CONFIG_VHOST_CRYPTO'], if_true: files('cryptodev-vhost-user.c'))
+softmmu_ss.add(when: 'CONFIG_GIO', if_true: [files('dbus-vmstate.c'), gio])
+softmmu_ss.add(when: 'CONFIG_SGX', if_true: files('hostmem-epc.c'))
+
+subdir('tpm')
diff --git a/backends/rng-builtin.c b/backends/rng-builtin.c
new file mode 100644
index 000000000..f367eb665
--- /dev/null
+++ b/backends/rng-builtin.c
@@ -0,0 +1,79 @@
+/*
+ * QEMU Builtin Random Number Generator Backend
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/rng.h"
+#include "qemu/main-loop.h"
+#include "qemu/guest-random.h"
+#include "qom/object.h"
+#include "sysemu/replay.h"
+
+OBJECT_DECLARE_SIMPLE_TYPE(RngBuiltin, RNG_BUILTIN)
+
+struct RngBuiltin {
+ RngBackend parent;
+ QEMUBH *bh;
+};
+
+static void rng_builtin_receive_entropy_bh(void *opaque)
+{
+ RngBuiltin *s = opaque;
+
+ while (!QSIMPLEQ_EMPTY(&s->parent.requests)) {
+ RngRequest *req = QSIMPLEQ_FIRST(&s->parent.requests);
+
+ qemu_guest_getrandom_nofail(req->data, req->size);
+
+ req->receive_entropy(req->opaque, req->data, req->size);
+
+ rng_backend_finalize_request(&s->parent, req);
+ }
+}
+
+static void rng_builtin_request_entropy(RngBackend *b, RngRequest *req)
+{
+ RngBuiltin *s = RNG_BUILTIN(b);
+
+ replay_bh_schedule_event(s->bh);
+}
+
+static void rng_builtin_init(Object *obj)
+{
+ RngBuiltin *s = RNG_BUILTIN(obj);
+
+ s->bh = qemu_bh_new(rng_builtin_receive_entropy_bh, s);
+}
+
+static void rng_builtin_finalize(Object *obj)
+{
+ RngBuiltin *s = RNG_BUILTIN(obj);
+
+ qemu_bh_delete(s->bh);
+}
+
+static void rng_builtin_class_init(ObjectClass *klass, void *data)
+{
+ RngBackendClass *rbc = RNG_BACKEND_CLASS(klass);
+
+ rbc->request_entropy = rng_builtin_request_entropy;
+}
+
+static const TypeInfo rng_builtin_info = {
+ .name = TYPE_RNG_BUILTIN,
+ .parent = TYPE_RNG_BACKEND,
+ .instance_size = sizeof(RngBuiltin),
+ .instance_init = rng_builtin_init,
+ .instance_finalize = rng_builtin_finalize,
+ .class_init = rng_builtin_class_init,
+};
+
+static void register_types(void)
+{
+ type_register_static(&rng_builtin_info);
+}
+
+type_init(register_types);
diff --git a/backends/rng-egd.c b/backends/rng-egd.c
new file mode 100644
index 000000000..4de142b9d
--- /dev/null
+++ b/backends/rng-egd.c
@@ -0,0 +1,169 @@
+/*
+ * QEMU Random Number Generator Backend
+ *
+ * Copyright IBM, Corp. 2012
+ *
+ * Authors:
+ * Anthony Liguori <aliguori@us.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/rng.h"
+#include "chardev/char-fe.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/module.h"
+#include "qom/object.h"
+
+#define TYPE_RNG_EGD "rng-egd"
+OBJECT_DECLARE_SIMPLE_TYPE(RngEgd, RNG_EGD)
+
+struct RngEgd {
+ RngBackend parent;
+
+ CharBackend chr;
+ char *chr_name;
+};
+
+static void rng_egd_request_entropy(RngBackend *b, RngRequest *req)
+{
+ RngEgd *s = RNG_EGD(b);
+ size_t size = req->size;
+
+ while (size > 0) {
+ uint8_t header[2];
+ uint8_t len = MIN(size, 255);
+
+ /* synchronous entropy request */
+ header[0] = 0x02;
+ header[1] = len;
+
+ /* XXX this blocks entire thread. Rewrite to use
+ * qemu_chr_fe_write and background I/O callbacks */
+ qemu_chr_fe_write_all(&s->chr, header, sizeof(header));
+
+ size -= len;
+ }
+}
+
+static int rng_egd_chr_can_read(void *opaque)
+{
+ RngEgd *s = RNG_EGD(opaque);
+ RngRequest *req;
+ int size = 0;
+
+ QSIMPLEQ_FOREACH(req, &s->parent.requests, next) {
+ size += req->size - req->offset;
+ }
+
+ return size;
+}
+
+static void rng_egd_chr_read(void *opaque, const uint8_t *buf, int size)
+{
+ RngEgd *s = RNG_EGD(opaque);
+ size_t buf_offset = 0;
+
+ while (size > 0 && !QSIMPLEQ_EMPTY(&s->parent.requests)) {
+ RngRequest *req = QSIMPLEQ_FIRST(&s->parent.requests);
+ int len = MIN(size, req->size - req->offset);
+
+ memcpy(req->data + req->offset, buf + buf_offset, len);
+ buf_offset += len;
+ req->offset += len;
+ size -= len;
+
+ if (req->offset == req->size) {
+ req->receive_entropy(req->opaque, req->data, req->size);
+
+ rng_backend_finalize_request(&s->parent, req);
+ }
+ }
+}
+
+static void rng_egd_opened(RngBackend *b, Error **errp)
+{
+ RngEgd *s = RNG_EGD(b);
+ Chardev *chr;
+
+ if (s->chr_name == NULL) {
+ error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
+ "chardev", "a valid character device");
+ return;
+ }
+
+ chr = qemu_chr_find(s->chr_name);
+ if (chr == NULL) {
+ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
+ "Device '%s' not found", s->chr_name);
+ return;
+ }
+ if (!qemu_chr_fe_init(&s->chr, chr, errp)) {
+ return;
+ }
+
+ /* FIXME we should resubmit pending requests when the CDS reconnects. */
+ qemu_chr_fe_set_handlers(&s->chr, rng_egd_chr_can_read,
+ rng_egd_chr_read, NULL, NULL, s, NULL, true);
+}
+
+static void rng_egd_set_chardev(Object *obj, const char *value, Error **errp)
+{
+ RngBackend *b = RNG_BACKEND(obj);
+ RngEgd *s = RNG_EGD(b);
+
+ if (b->opened) {
+ error_setg(errp, QERR_PERMISSION_DENIED);
+ } else {
+ g_free(s->chr_name);
+ s->chr_name = g_strdup(value);
+ }
+}
+
+static char *rng_egd_get_chardev(Object *obj, Error **errp)
+{
+ RngEgd *s = RNG_EGD(obj);
+ Chardev *chr = qemu_chr_fe_get_driver(&s->chr);
+
+ if (chr && chr->label) {
+ return g_strdup(chr->label);
+ }
+
+ return NULL;
+}
+
+static void rng_egd_finalize(Object *obj)
+{
+ RngEgd *s = RNG_EGD(obj);
+
+ qemu_chr_fe_deinit(&s->chr, false);
+ g_free(s->chr_name);
+}
+
+static void rng_egd_class_init(ObjectClass *klass, void *data)
+{
+ RngBackendClass *rbc = RNG_BACKEND_CLASS(klass);
+
+ rbc->request_entropy = rng_egd_request_entropy;
+ rbc->opened = rng_egd_opened;
+ object_class_property_add_str(klass, "chardev",
+ rng_egd_get_chardev, rng_egd_set_chardev);
+}
+
+static const TypeInfo rng_egd_info = {
+ .name = TYPE_RNG_EGD,
+ .parent = TYPE_RNG_BACKEND,
+ .instance_size = sizeof(RngEgd),
+ .class_init = rng_egd_class_init,
+ .instance_finalize = rng_egd_finalize,
+};
+
+static void register_types(void)
+{
+ type_register_static(&rng_egd_info);
+}
+
+type_init(register_types);
diff --git a/backends/rng-random.c b/backends/rng-random.c
new file mode 100644
index 000000000..7add272ed
--- /dev/null
+++ b/backends/rng-random.c
@@ -0,0 +1,153 @@
+/*
+ * QEMU Random Number Generator Backend
+ *
+ * Copyright IBM, Corp. 2012
+ *
+ * Authors:
+ * Anthony Liguori <aliguori@us.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/rng-random.h"
+#include "sysemu/rng.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/main-loop.h"
+#include "qemu/module.h"
+
+struct RngRandom
+{
+ RngBackend parent;
+
+ int fd;
+ char *filename;
+};
+
+/**
+ * A simple and incomplete backend to request entropy from /dev/random.
+ *
+ * This backend exposes an additional "filename" property that can be used to
+ * set the filename to use to open the backend.
+ */
+
+static void entropy_available(void *opaque)
+{
+ RngRandom *s = RNG_RANDOM(opaque);
+
+ while (!QSIMPLEQ_EMPTY(&s->parent.requests)) {
+ RngRequest *req = QSIMPLEQ_FIRST(&s->parent.requests);
+ ssize_t len;
+
+ len = read(s->fd, req->data, req->size);
+ if (len < 0 && errno == EAGAIN) {
+ return;
+ }
+ g_assert(len != -1);
+
+ req->receive_entropy(req->opaque, req->data, len);
+
+ rng_backend_finalize_request(&s->parent, req);
+ }
+
+ /* We've drained all requests, the fd handler can be reset. */
+ qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
+}
+
+static void rng_random_request_entropy(RngBackend *b, RngRequest *req)
+{
+ RngRandom *s = RNG_RANDOM(b);
+
+ if (QSIMPLEQ_EMPTY(&s->parent.requests)) {
+ /* If there are no pending requests yet, we need to
+ * install our fd handler. */
+ qemu_set_fd_handler(s->fd, entropy_available, NULL, s);
+ }
+}
+
+static void rng_random_opened(RngBackend *b, Error **errp)
+{
+ RngRandom *s = RNG_RANDOM(b);
+
+ if (s->filename == NULL) {
+ error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
+ "filename", "a valid filename");
+ } else {
+ s->fd = qemu_open_old(s->filename, O_RDONLY | O_NONBLOCK);
+ if (s->fd == -1) {
+ error_setg_file_open(errp, errno, s->filename);
+ }
+ }
+}
+
+static char *rng_random_get_filename(Object *obj, Error **errp)
+{
+ RngRandom *s = RNG_RANDOM(obj);
+
+ return g_strdup(s->filename);
+}
+
+static void rng_random_set_filename(Object *obj, const char *filename,
+ Error **errp)
+{
+ RngBackend *b = RNG_BACKEND(obj);
+ RngRandom *s = RNG_RANDOM(obj);
+
+ if (b->opened) {
+ error_setg(errp, QERR_PERMISSION_DENIED);
+ return;
+ }
+
+ g_free(s->filename);
+ s->filename = g_strdup(filename);
+}
+
+static void rng_random_init(Object *obj)
+{
+ RngRandom *s = RNG_RANDOM(obj);
+
+ s->filename = g_strdup("/dev/urandom");
+ s->fd = -1;
+}
+
+static void rng_random_finalize(Object *obj)
+{
+ RngRandom *s = RNG_RANDOM(obj);
+
+ if (s->fd != -1) {
+ qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
+ qemu_close(s->fd);
+ }
+
+ g_free(s->filename);
+}
+
+static void rng_random_class_init(ObjectClass *klass, void *data)
+{
+ RngBackendClass *rbc = RNG_BACKEND_CLASS(klass);
+
+ rbc->request_entropy = rng_random_request_entropy;
+ rbc->opened = rng_random_opened;
+ object_class_property_add_str(klass, "filename",
+ rng_random_get_filename,
+ rng_random_set_filename);
+
+}
+
+static const TypeInfo rng_random_info = {
+ .name = TYPE_RNG_RANDOM,
+ .parent = TYPE_RNG_BACKEND,
+ .instance_size = sizeof(RngRandom),
+ .class_init = rng_random_class_init,
+ .instance_init = rng_random_init,
+ .instance_finalize = rng_random_finalize,
+};
+
+static void register_types(void)
+{
+ type_register_static(&rng_random_info);
+}
+
+type_init(register_types);
diff --git a/backends/rng.c b/backends/rng.c
new file mode 100644
index 000000000..3757b0448
--- /dev/null
+++ b/backends/rng.c
@@ -0,0 +1,148 @@
+/*
+ * QEMU Random Number Generator Backend
+ *
+ * Copyright IBM, Corp. 2012
+ *
+ * Authors:
+ * Anthony Liguori <aliguori@us.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/rng.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/module.h"
+#include "qom/object_interfaces.h"
+
+void rng_backend_request_entropy(RngBackend *s, size_t size,
+ EntropyReceiveFunc *receive_entropy,
+ void *opaque)
+{
+ RngBackendClass *k = RNG_BACKEND_GET_CLASS(s);
+ RngRequest *req;
+
+ if (k->request_entropy) {
+ req = g_malloc(sizeof(*req));
+
+ req->offset = 0;
+ req->size = size;
+ req->receive_entropy = receive_entropy;
+ req->opaque = opaque;
+ req->data = g_malloc(req->size);
+
+ k->request_entropy(s, req);
+
+ QSIMPLEQ_INSERT_TAIL(&s->requests, req, next);
+ }
+}
+
+static bool rng_backend_prop_get_opened(Object *obj, Error **errp)
+{
+ RngBackend *s = RNG_BACKEND(obj);
+
+ return s->opened;
+}
+
+static void rng_backend_complete(UserCreatable *uc, Error **errp)
+{
+ object_property_set_bool(OBJECT(uc), "opened", true, errp);
+}
+
+static void rng_backend_prop_set_opened(Object *obj, bool value, Error **errp)
+{
+ RngBackend *s = RNG_BACKEND(obj);
+ RngBackendClass *k = RNG_BACKEND_GET_CLASS(s);
+ Error *local_err = NULL;
+
+ if (value == s->opened) {
+ return;
+ }
+
+ if (!value && s->opened) {
+ error_setg(errp, QERR_PERMISSION_DENIED);
+ return;
+ }
+
+ if (k->opened) {
+ k->opened(s, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ return;
+ }
+ }
+
+ s->opened = true;
+}
+
+static void rng_backend_free_request(RngRequest *req)
+{
+ g_free(req->data);
+ g_free(req);
+}
+
+static void rng_backend_free_requests(RngBackend *s)
+{
+ RngRequest *req, *next;
+
+ QSIMPLEQ_FOREACH_SAFE(req, &s->requests, next, next) {
+ rng_backend_free_request(req);
+ }
+
+ QSIMPLEQ_INIT(&s->requests);
+}
+
+void rng_backend_finalize_request(RngBackend *s, RngRequest *req)
+{
+ QSIMPLEQ_REMOVE(&s->requests, req, RngRequest, next);
+ rng_backend_free_request(req);
+}
+
+static void rng_backend_init(Object *obj)
+{
+ RngBackend *s = RNG_BACKEND(obj);
+
+ QSIMPLEQ_INIT(&s->requests);
+}
+
+static void rng_backend_finalize(Object *obj)
+{
+ RngBackend *s = RNG_BACKEND(obj);
+
+ rng_backend_free_requests(s);
+}
+
+static void rng_backend_class_init(ObjectClass *oc, void *data)
+{
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+
+ ucc->complete = rng_backend_complete;
+
+ object_class_property_add_bool(oc, "opened",
+ rng_backend_prop_get_opened,
+ rng_backend_prop_set_opened);
+}
+
+static const TypeInfo rng_backend_info = {
+ .name = TYPE_RNG_BACKEND,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(RngBackend),
+ .instance_init = rng_backend_init,
+ .instance_finalize = rng_backend_finalize,
+ .class_size = sizeof(RngBackendClass),
+ .class_init = rng_backend_class_init,
+ .abstract = true,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+static void register_types(void)
+{
+ type_register_static(&rng_backend_info);
+}
+
+type_init(register_types);
diff --git a/backends/tpm/Kconfig b/backends/tpm/Kconfig
new file mode 100644
index 000000000..5d91eb89c
--- /dev/null
+++ b/backends/tpm/Kconfig
@@ -0,0 +1,14 @@
+config TPM_BACKEND
+ bool
+ depends on TPM
+
+config TPM_PASSTHROUGH
+ bool
+ default y
+ # FIXME: should check for x86 host as well
+ depends on TPM_BACKEND && LINUX
+
+config TPM_EMULATOR
+ bool
+ default y
+ depends on TPM_BACKEND
diff --git a/backends/tpm/meson.build b/backends/tpm/meson.build
new file mode 100644
index 000000000..857929082
--- /dev/null
+++ b/backends/tpm/meson.build
@@ -0,0 +1,8 @@
+tpm_ss = ss.source_set()
+
+tpm_ss.add(files('tpm_backend.c'))
+tpm_ss.add(files('tpm_util.c'))
+tpm_ss.add(when: 'CONFIG_TPM_PASSTHROUGH', if_true: files('tpm_passthrough.c'))
+tpm_ss.add(when: 'CONFIG_TPM_EMULATOR', if_true: files('tpm_emulator.c'))
+
+softmmu_ss.add_all(when: 'CONFIG_TPM', if_true: tpm_ss)
diff --git a/backends/tpm/tpm_backend.c b/backends/tpm/tpm_backend.c
new file mode 100644
index 000000000..375587e74
--- /dev/null
+++ b/backends/tpm/tpm_backend.c
@@ -0,0 +1,208 @@
+/*
+ * QEMU TPM Backend
+ *
+ * Copyright IBM, Corp. 2013
+ *
+ * Authors:
+ * Stefan Berger <stefanb@us.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * Based on backends/rng.c by Anthony Liguori
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/tpm_backend.h"
+#include "qapi/error.h"
+#include "sysemu/tpm.h"
+#include "qemu/thread.h"
+#include "qemu/main-loop.h"
+#include "qemu/module.h"
+#include "block/thread-pool.h"
+#include "qemu/error-report.h"
+
+static void tpm_backend_request_completed(void *opaque, int ret)
+{
+ TPMBackend *s = TPM_BACKEND(opaque);
+ TPMIfClass *tic = TPM_IF_GET_CLASS(s->tpmif);
+
+ tic->request_completed(s->tpmif, ret);
+
+ /* no need for atomic, as long the BQL is taken */
+ s->cmd = NULL;
+ object_unref(OBJECT(s));
+}
+
+static int tpm_backend_worker_thread(gpointer data)
+{
+ TPMBackend *s = TPM_BACKEND(data);
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+ Error *err = NULL;
+
+ k->handle_request(s, s->cmd, &err);
+ if (err) {
+ error_report_err(err);
+ return -1;
+ }
+
+ return 0;
+}
+
+void tpm_backend_finish_sync(TPMBackend *s)
+{
+ while (s->cmd) {
+ aio_poll(qemu_get_aio_context(), true);
+ }
+}
+
+enum TpmType tpm_backend_get_type(TPMBackend *s)
+{
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+
+ return k->type;
+}
+
+int tpm_backend_init(TPMBackend *s, TPMIf *tpmif, Error **errp)
+{
+ if (s->tpmif) {
+ error_setg(errp, "TPM backend '%s' is already initialized", s->id);
+ return -1;
+ }
+
+ s->tpmif = tpmif;
+ object_ref(OBJECT(tpmif));
+
+ s->had_startup_error = false;
+
+ return 0;
+}
+
+int tpm_backend_startup_tpm(TPMBackend *s, size_t buffersize)
+{
+ int res = 0;
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+
+ /* terminate a running TPM */
+ tpm_backend_finish_sync(s);
+
+ res = k->startup_tpm ? k->startup_tpm(s, buffersize) : 0;
+
+ s->had_startup_error = (res != 0);
+
+ return res;
+}
+
+bool tpm_backend_had_startup_error(TPMBackend *s)
+{
+ return s->had_startup_error;
+}
+
+void tpm_backend_deliver_request(TPMBackend *s, TPMBackendCmd *cmd)
+{
+ ThreadPool *pool = aio_get_thread_pool(qemu_get_aio_context());
+
+ if (s->cmd != NULL) {
+ error_report("There is a TPM request pending");
+ return;
+ }
+
+ s->cmd = cmd;
+ object_ref(OBJECT(s));
+ thread_pool_submit_aio(pool, tpm_backend_worker_thread, s,
+ tpm_backend_request_completed, s);
+}
+
+void tpm_backend_reset(TPMBackend *s)
+{
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+
+ if (k->reset) {
+ k->reset(s);
+ }
+
+ tpm_backend_finish_sync(s);
+
+ s->had_startup_error = false;
+}
+
+void tpm_backend_cancel_cmd(TPMBackend *s)
+{
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+
+ k->cancel_cmd(s);
+}
+
+bool tpm_backend_get_tpm_established_flag(TPMBackend *s)
+{
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+
+ return k->get_tpm_established_flag ?
+ k->get_tpm_established_flag(s) : false;
+}
+
+int tpm_backend_reset_tpm_established_flag(TPMBackend *s, uint8_t locty)
+{
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+
+ return k->reset_tpm_established_flag ?
+ k->reset_tpm_established_flag(s, locty) : 0;
+}
+
+TPMVersion tpm_backend_get_tpm_version(TPMBackend *s)
+{
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+
+ return k->get_tpm_version(s);
+}
+
+size_t tpm_backend_get_buffer_size(TPMBackend *s)
+{
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+
+ return k->get_buffer_size(s);
+}
+
+TPMInfo *tpm_backend_query_tpm(TPMBackend *s)
+{
+ TPMInfo *info = g_new0(TPMInfo, 1);
+ TPMBackendClass *k = TPM_BACKEND_GET_CLASS(s);
+ TPMIfClass *tic = TPM_IF_GET_CLASS(s->tpmif);
+
+ info->id = g_strdup(s->id);
+ info->model = tic->model;
+ info->options = k->get_tpm_options(s);
+
+ return info;
+}
+
+static void tpm_backend_instance_finalize(Object *obj)
+{
+ TPMBackend *s = TPM_BACKEND(obj);
+
+ object_unref(OBJECT(s->tpmif));
+ g_free(s->id);
+}
+
+static const TypeInfo tpm_backend_info = {
+ .name = TYPE_TPM_BACKEND,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(TPMBackend),
+ .instance_finalize = tpm_backend_instance_finalize,
+ .class_size = sizeof(TPMBackendClass),
+ .abstract = true,
+};
+
+static const TypeInfo tpm_if_info = {
+ .name = TYPE_TPM_IF,
+ .parent = TYPE_INTERFACE,
+ .class_size = sizeof(TPMIfClass),
+};
+
+static void register_types(void)
+{
+ type_register_static(&tpm_backend_info);
+ type_register_static(&tpm_if_info);
+}
+
+type_init(register_types);
diff --git a/backends/tpm/tpm_emulator.c b/backends/tpm/tpm_emulator.c
new file mode 100644
index 000000000..87d061e9b
--- /dev/null
+++ b/backends/tpm/tpm_emulator.c
@@ -0,0 +1,1000 @@
+/*
+ * Emulator TPM driver
+ *
+ * Copyright (c) 2017 Intel Corporation
+ * Author: Amarnath Valluri <amarnath.valluri@intel.com>
+ *
+ * Copyright (c) 2010 - 2013, 2018 IBM Corporation
+ * Authors:
+ * Stefan Berger <stefanb@us.ibm.com>
+ *
+ * Copyright (C) 2011 IAIK, Graz University of Technology
+ * Author: Andreas Niederl
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/error-report.h"
+#include "qemu/module.h"
+#include "qemu/sockets.h"
+#include "qemu/lockable.h"
+#include "io/channel-socket.h"
+#include "sysemu/tpm_backend.h"
+#include "sysemu/tpm_util.h"
+#include "tpm_int.h"
+#include "tpm_ioctl.h"
+#include "migration/blocker.h"
+#include "migration/vmstate.h"
+#include "qapi/error.h"
+#include "qapi/clone-visitor.h"
+#include "qapi/qapi-visit-tpm.h"
+#include "chardev/char-fe.h"
+#include "trace.h"
+#include "qom/object.h"
+
+#define TYPE_TPM_EMULATOR "tpm-emulator"
+OBJECT_DECLARE_SIMPLE_TYPE(TPMEmulator, TPM_EMULATOR)
+
+#define TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(S, cap) (((S)->caps & (cap)) == (cap))
+
+/* data structures */
+
+/* blobs from the TPM; part of VM state when migrating */
+typedef struct TPMBlobBuffers {
+ uint32_t permanent_flags;
+ TPMSizedBuffer permanent;
+
+ uint32_t volatil_flags;
+ TPMSizedBuffer volatil;
+
+ uint32_t savestate_flags;
+ TPMSizedBuffer savestate;
+} TPMBlobBuffers;
+
+struct TPMEmulator {
+ TPMBackend parent;
+
+ TPMEmulatorOptions *options;
+ CharBackend ctrl_chr;
+ QIOChannel *data_ioc;
+ TPMVersion tpm_version;
+ ptm_cap caps; /* capabilities of the TPM */
+ uint8_t cur_locty_number; /* last set locality */
+ Error *migration_blocker;
+
+ QemuMutex mutex;
+
+ unsigned int established_flag:1;
+ unsigned int established_flag_cached:1;
+
+ TPMBlobBuffers state_blobs;
+};
+
+struct tpm_error {
+ uint32_t tpm_result;
+ const char *string;
+};
+
+static const struct tpm_error tpm_errors[] = {
+ /* TPM 1.2 error codes */
+ { TPM_BAD_PARAMETER , "a parameter is bad" },
+ { TPM_FAIL , "operation failed" },
+ { TPM_KEYNOTFOUND , "key could not be found" },
+ { TPM_BAD_PARAM_SIZE , "bad parameter size"},
+ { TPM_ENCRYPT_ERROR , "encryption error" },
+ { TPM_DECRYPT_ERROR , "decryption error" },
+ { TPM_BAD_KEY_PROPERTY, "bad key property" },
+ { TPM_BAD_MODE , "bad (encryption) mode" },
+ { TPM_BAD_VERSION , "bad version identifier" },
+ { TPM_BAD_LOCALITY , "bad locality" },
+ /* TPM 2 error codes */
+ { TPM_RC_FAILURE , "operation failed" },
+ { TPM_RC_LOCALITY , "bad locality" },
+ { TPM_RC_INSUFFICIENT, "insufficient amount of data" },
+};
+
+static const char *tpm_emulator_strerror(uint32_t tpm_result)
+{
+ size_t i;
+
+ for (i = 0; i < ARRAY_SIZE(tpm_errors); i++) {
+ if (tpm_errors[i].tpm_result == tpm_result) {
+ return tpm_errors[i].string;
+ }
+ }
+ return "";
+}
+
+static int tpm_emulator_ctrlcmd(TPMEmulator *tpm, unsigned long cmd, void *msg,
+ size_t msg_len_in, size_t msg_len_out)
+{
+ CharBackend *dev = &tpm->ctrl_chr;
+ uint32_t cmd_no = cpu_to_be32(cmd);
+ ssize_t n = sizeof(uint32_t) + msg_len_in;
+ uint8_t *buf = NULL;
+
+ WITH_QEMU_LOCK_GUARD(&tpm->mutex) {
+ buf = g_alloca(n);
+ memcpy(buf, &cmd_no, sizeof(cmd_no));
+ memcpy(buf + sizeof(cmd_no), msg, msg_len_in);
+
+ n = qemu_chr_fe_write_all(dev, buf, n);
+ if (n <= 0) {
+ return -1;
+ }
+
+ if (msg_len_out != 0) {
+ n = qemu_chr_fe_read_all(dev, msg, msg_len_out);
+ if (n <= 0) {
+ return -1;
+ }
+ }
+ }
+
+ return 0;
+}
+
+static int tpm_emulator_unix_tx_bufs(TPMEmulator *tpm_emu,
+ const uint8_t *in, uint32_t in_len,
+ uint8_t *out, uint32_t out_len,
+ bool *selftest_done,
+ Error **errp)
+{
+ ssize_t ret;
+ bool is_selftest = false;
+
+ if (selftest_done) {
+ *selftest_done = false;
+ is_selftest = tpm_util_is_selftest(in, in_len);
+ }
+
+ ret = qio_channel_write_all(tpm_emu->data_ioc, (char *)in, in_len, errp);
+ if (ret != 0) {
+ return -1;
+ }
+
+ ret = qio_channel_read_all(tpm_emu->data_ioc, (char *)out,
+ sizeof(struct tpm_resp_hdr), errp);
+ if (ret != 0) {
+ return -1;
+ }
+
+ ret = qio_channel_read_all(tpm_emu->data_ioc,
+ (char *)out + sizeof(struct tpm_resp_hdr),
+ tpm_cmd_get_size(out) - sizeof(struct tpm_resp_hdr), errp);
+ if (ret != 0) {
+ return -1;
+ }
+
+ if (is_selftest) {
+ *selftest_done = tpm_cmd_get_errcode(out) == 0;
+ }
+
+ return 0;
+}
+
+static int tpm_emulator_set_locality(TPMEmulator *tpm_emu, uint8_t locty_number,
+ Error **errp)
+{
+ ptm_loc loc;
+
+ if (tpm_emu->cur_locty_number == locty_number) {
+ return 0;
+ }
+
+ trace_tpm_emulator_set_locality(locty_number);
+
+ memset(&loc, 0, sizeof(loc));
+ loc.u.req.loc = locty_number;
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_LOCALITY, &loc,
+ sizeof(loc), sizeof(loc)) < 0) {
+ error_setg(errp, "tpm-emulator: could not set locality : %s",
+ strerror(errno));
+ return -1;
+ }
+
+ loc.u.resp.tpm_result = be32_to_cpu(loc.u.resp.tpm_result);
+ if (loc.u.resp.tpm_result != 0) {
+ error_setg(errp, "tpm-emulator: TPM result for set locality : 0x%x",
+ loc.u.resp.tpm_result);
+ return -1;
+ }
+
+ tpm_emu->cur_locty_number = locty_number;
+
+ return 0;
+}
+
+static void tpm_emulator_handle_request(TPMBackend *tb, TPMBackendCmd *cmd,
+ Error **errp)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+
+ trace_tpm_emulator_handle_request();
+
+ if (tpm_emulator_set_locality(tpm_emu, cmd->locty, errp) < 0 ||
+ tpm_emulator_unix_tx_bufs(tpm_emu, cmd->in, cmd->in_len,
+ cmd->out, cmd->out_len,
+ &cmd->selftest_done, errp) < 0) {
+ tpm_util_write_fatal_error_response(cmd->out, cmd->out_len);
+ }
+}
+
+static int tpm_emulator_probe_caps(TPMEmulator *tpm_emu)
+{
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_CAPABILITY,
+ &tpm_emu->caps, 0, sizeof(tpm_emu->caps)) < 0) {
+ error_report("tpm-emulator: probing failed : %s", strerror(errno));
+ return -1;
+ }
+
+ tpm_emu->caps = be64_to_cpu(tpm_emu->caps);
+
+ trace_tpm_emulator_probe_caps(tpm_emu->caps);
+
+ return 0;
+}
+
+static int tpm_emulator_check_caps(TPMEmulator *tpm_emu)
+{
+ ptm_cap caps = 0;
+ const char *tpm = NULL;
+
+ /* check for min. required capabilities */
+ switch (tpm_emu->tpm_version) {
+ case TPM_VERSION_1_2:
+ caps = PTM_CAP_INIT | PTM_CAP_SHUTDOWN | PTM_CAP_GET_TPMESTABLISHED |
+ PTM_CAP_SET_LOCALITY | PTM_CAP_SET_DATAFD | PTM_CAP_STOP |
+ PTM_CAP_SET_BUFFERSIZE;
+ tpm = "1.2";
+ break;
+ case TPM_VERSION_2_0:
+ caps = PTM_CAP_INIT | PTM_CAP_SHUTDOWN | PTM_CAP_GET_TPMESTABLISHED |
+ PTM_CAP_SET_LOCALITY | PTM_CAP_RESET_TPMESTABLISHED |
+ PTM_CAP_SET_DATAFD | PTM_CAP_STOP | PTM_CAP_SET_BUFFERSIZE;
+ tpm = "2";
+ break;
+ case TPM_VERSION_UNSPEC:
+ error_report("tpm-emulator: TPM version has not been set");
+ return -1;
+ }
+
+ if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, caps)) {
+ error_report("tpm-emulator: TPM does not implement minimum set of "
+ "required capabilities for TPM %s (0x%x)", tpm, (int)caps);
+ return -1;
+ }
+
+ return 0;
+}
+
+static int tpm_emulator_stop_tpm(TPMBackend *tb)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+ ptm_res res;
+
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_STOP, &res, 0, sizeof(res)) < 0) {
+ error_report("tpm-emulator: Could not stop TPM: %s",
+ strerror(errno));
+ return -1;
+ }
+
+ res = be32_to_cpu(res);
+ if (res) {
+ error_report("tpm-emulator: TPM result for CMD_STOP: 0x%x %s", res,
+ tpm_emulator_strerror(res));
+ return -1;
+ }
+
+ return 0;
+}
+
+static int tpm_emulator_set_buffer_size(TPMBackend *tb,
+ size_t wanted_size,
+ size_t *actual_size)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+ ptm_setbuffersize psbs;
+
+ if (tpm_emulator_stop_tpm(tb) < 0) {
+ return -1;
+ }
+
+ psbs.u.req.buffersize = cpu_to_be32(wanted_size);
+
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_BUFFERSIZE, &psbs,
+ sizeof(psbs.u.req), sizeof(psbs.u.resp)) < 0) {
+ error_report("tpm-emulator: Could not set buffer size: %s",
+ strerror(errno));
+ return -1;
+ }
+
+ psbs.u.resp.tpm_result = be32_to_cpu(psbs.u.resp.tpm_result);
+ if (psbs.u.resp.tpm_result != 0) {
+ error_report("tpm-emulator: TPM result for set buffer size : 0x%x %s",
+ psbs.u.resp.tpm_result,
+ tpm_emulator_strerror(psbs.u.resp.tpm_result));
+ return -1;
+ }
+
+ if (actual_size) {
+ *actual_size = be32_to_cpu(psbs.u.resp.buffersize);
+ }
+
+ trace_tpm_emulator_set_buffer_size(
+ be32_to_cpu(psbs.u.resp.buffersize),
+ be32_to_cpu(psbs.u.resp.minsize),
+ be32_to_cpu(psbs.u.resp.maxsize));
+
+ return 0;
+}
+
+static int tpm_emulator_startup_tpm_resume(TPMBackend *tb, size_t buffersize,
+ bool is_resume)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+ ptm_init init = {
+ .u.req.init_flags = 0,
+ };
+ ptm_res res;
+
+ trace_tpm_emulator_startup_tpm_resume(is_resume, buffersize);
+
+ if (buffersize != 0 &&
+ tpm_emulator_set_buffer_size(tb, buffersize, NULL) < 0) {
+ goto err_exit;
+ }
+
+ if (is_resume) {
+ init.u.req.init_flags |= cpu_to_be32(PTM_INIT_FLAG_DELETE_VOLATILE);
+ }
+
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_INIT, &init, sizeof(init),
+ sizeof(init)) < 0) {
+ error_report("tpm-emulator: could not send INIT: %s",
+ strerror(errno));
+ goto err_exit;
+ }
+
+ res = be32_to_cpu(init.u.resp.tpm_result);
+ if (res) {
+ error_report("tpm-emulator: TPM result for CMD_INIT: 0x%x %s", res,
+ tpm_emulator_strerror(res));
+ goto err_exit;
+ }
+ return 0;
+
+err_exit:
+ return -1;
+}
+
+static int tpm_emulator_startup_tpm(TPMBackend *tb, size_t buffersize)
+{
+ return tpm_emulator_startup_tpm_resume(tb, buffersize, false);
+}
+
+static bool tpm_emulator_get_tpm_established_flag(TPMBackend *tb)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+ ptm_est est;
+
+ if (tpm_emu->established_flag_cached) {
+ return tpm_emu->established_flag;
+ }
+
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_TPMESTABLISHED, &est,
+ 0, sizeof(est)) < 0) {
+ error_report("tpm-emulator: Could not get the TPM established flag: %s",
+ strerror(errno));
+ return false;
+ }
+ trace_tpm_emulator_get_tpm_established_flag(est.u.resp.bit);
+
+ tpm_emu->established_flag_cached = 1;
+ tpm_emu->established_flag = (est.u.resp.bit != 0);
+
+ return tpm_emu->established_flag;
+}
+
+static int tpm_emulator_reset_tpm_established_flag(TPMBackend *tb,
+ uint8_t locty)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+ ptm_reset_est reset_est;
+ ptm_res res;
+
+ /* only a TPM 2.0 will support this */
+ if (tpm_emu->tpm_version != TPM_VERSION_2_0) {
+ return 0;
+ }
+
+ reset_est.u.req.loc = tpm_emu->cur_locty_number;
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_RESET_TPMESTABLISHED,
+ &reset_est, sizeof(reset_est),
+ sizeof(reset_est)) < 0) {
+ error_report("tpm-emulator: Could not reset the establishment bit: %s",
+ strerror(errno));
+ return -1;
+ }
+
+ res = be32_to_cpu(reset_est.u.resp.tpm_result);
+ if (res) {
+ error_report(
+ "tpm-emulator: TPM result for rest established flag: 0x%x %s",
+ res, tpm_emulator_strerror(res));
+ return -1;
+ }
+
+ tpm_emu->established_flag_cached = 0;
+
+ return 0;
+}
+
+static void tpm_emulator_cancel_cmd(TPMBackend *tb)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+ ptm_res res;
+
+ if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, PTM_CAP_CANCEL_TPM_CMD)) {
+ trace_tpm_emulator_cancel_cmd_not_supt();
+ return;
+ }
+
+ /* FIXME: make the function non-blocking, or it may block a VCPU */
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_CANCEL_TPM_CMD, &res, 0,
+ sizeof(res)) < 0) {
+ error_report("tpm-emulator: Could not cancel command: %s",
+ strerror(errno));
+ } else if (res != 0) {
+ error_report("tpm-emulator: Failed to cancel TPM: 0x%x",
+ be32_to_cpu(res));
+ }
+}
+
+static TPMVersion tpm_emulator_get_tpm_version(TPMBackend *tb)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+
+ return tpm_emu->tpm_version;
+}
+
+static size_t tpm_emulator_get_buffer_size(TPMBackend *tb)
+{
+ size_t actual_size;
+
+ if (tpm_emulator_set_buffer_size(tb, 0, &actual_size) < 0) {
+ return 4096;
+ }
+
+ return actual_size;
+}
+
+static int tpm_emulator_block_migration(TPMEmulator *tpm_emu)
+{
+ Error *err = NULL;
+ ptm_cap caps = PTM_CAP_GET_STATEBLOB | PTM_CAP_SET_STATEBLOB |
+ PTM_CAP_STOP;
+
+ if (!TPM_EMULATOR_IMPLEMENTS_ALL_CAPS(tpm_emu, caps)) {
+ error_setg(&tpm_emu->migration_blocker,
+ "Migration disabled: TPM emulator does not support "
+ "migration");
+ if (migrate_add_blocker(tpm_emu->migration_blocker, &err) < 0) {
+ error_report_err(err);
+ error_free(tpm_emu->migration_blocker);
+ tpm_emu->migration_blocker = NULL;
+
+ return -1;
+ }
+ }
+
+ return 0;
+}
+
+static int tpm_emulator_prepare_data_fd(TPMEmulator *tpm_emu)
+{
+ ptm_res res;
+ Error *err = NULL;
+ int fds[2] = { -1, -1 };
+
+ if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds) < 0) {
+ error_report("tpm-emulator: Failed to create socketpair");
+ return -1;
+ }
+
+ qemu_chr_fe_set_msgfds(&tpm_emu->ctrl_chr, fds + 1, 1);
+
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_DATAFD, &res, 0,
+ sizeof(res)) < 0 || res != 0) {
+ error_report("tpm-emulator: Failed to send CMD_SET_DATAFD: %s",
+ strerror(errno));
+ goto err_exit;
+ }
+
+ tpm_emu->data_ioc = QIO_CHANNEL(qio_channel_socket_new_fd(fds[0], &err));
+ if (err) {
+ error_prepend(&err, "tpm-emulator: Failed to create io channel: ");
+ error_report_err(err);
+ goto err_exit;
+ }
+
+ closesocket(fds[1]);
+
+ return 0;
+
+err_exit:
+ closesocket(fds[0]);
+ closesocket(fds[1]);
+ return -1;
+}
+
+static int tpm_emulator_handle_device_opts(TPMEmulator *tpm_emu, QemuOpts *opts)
+{
+ const char *value;
+ Error *err = NULL;
+ Chardev *dev;
+
+ value = qemu_opt_get(opts, "chardev");
+ if (!value) {
+ error_report("tpm-emulator: parameter 'chardev' is missing");
+ goto err;
+ }
+
+ dev = qemu_chr_find(value);
+ if (!dev) {
+ error_report("tpm-emulator: tpm chardev '%s' not found", value);
+ goto err;
+ }
+
+ if (!qemu_chr_fe_init(&tpm_emu->ctrl_chr, dev, &err)) {
+ error_prepend(&err, "tpm-emulator: No valid chardev found at '%s':",
+ value);
+ error_report_err(err);
+ goto err;
+ }
+
+ tpm_emu->options->chardev = g_strdup(value);
+
+ if (tpm_emulator_prepare_data_fd(tpm_emu) < 0) {
+ goto err;
+ }
+
+ /* FIXME: tpm_util_test_tpmdev() accepts only on socket fd, as it also used
+ * by passthrough driver, which not yet using GIOChannel.
+ */
+ if (tpm_util_test_tpmdev(QIO_CHANNEL_SOCKET(tpm_emu->data_ioc)->fd,
+ &tpm_emu->tpm_version)) {
+ error_report("'%s' is not emulating TPM device. Error: %s",
+ tpm_emu->options->chardev, strerror(errno));
+ goto err;
+ }
+
+ switch (tpm_emu->tpm_version) {
+ case TPM_VERSION_1_2:
+ trace_tpm_emulator_handle_device_opts_tpm12();
+ break;
+ case TPM_VERSION_2_0:
+ trace_tpm_emulator_handle_device_opts_tpm2();
+ break;
+ default:
+ trace_tpm_emulator_handle_device_opts_unspec();
+ }
+
+ if (tpm_emulator_probe_caps(tpm_emu) ||
+ tpm_emulator_check_caps(tpm_emu)) {
+ goto err;
+ }
+
+ return tpm_emulator_block_migration(tpm_emu);
+
+err:
+ trace_tpm_emulator_handle_device_opts_startup_error();
+
+ return -1;
+}
+
+static TPMBackend *tpm_emulator_create(QemuOpts *opts)
+{
+ TPMBackend *tb = TPM_BACKEND(object_new(TYPE_TPM_EMULATOR));
+
+ if (tpm_emulator_handle_device_opts(TPM_EMULATOR(tb), opts)) {
+ object_unref(OBJECT(tb));
+ return NULL;
+ }
+
+ return tb;
+}
+
+static TpmTypeOptions *tpm_emulator_get_tpm_options(TPMBackend *tb)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+ TpmTypeOptions *options = g_new0(TpmTypeOptions, 1);
+
+ options->type = TPM_TYPE_EMULATOR;
+ options->u.emulator.data = QAPI_CLONE(TPMEmulatorOptions, tpm_emu->options);
+
+ return options;
+}
+
+static const QemuOptDesc tpm_emulator_cmdline_opts[] = {
+ TPM_STANDARD_CMDLINE_OPTS,
+ {
+ .name = "chardev",
+ .type = QEMU_OPT_STRING,
+ .help = "Character device to use for out-of-band control messages",
+ },
+ { /* end of list */ },
+};
+
+/*
+ * Transfer a TPM state blob from the TPM into a provided buffer.
+ *
+ * @tpm_emu: TPMEmulator
+ * @type: the type of blob to transfer
+ * @tsb: the TPMSizeBuffer to fill with the blob
+ * @flags: the flags to return to the caller
+ */
+static int tpm_emulator_get_state_blob(TPMEmulator *tpm_emu,
+ uint8_t type,
+ TPMSizedBuffer *tsb,
+ uint32_t *flags)
+{
+ ptm_getstate pgs;
+ ptm_res res;
+ ssize_t n;
+ uint32_t totlength, length;
+
+ tpm_sized_buffer_reset(tsb);
+
+ pgs.u.req.state_flags = cpu_to_be32(PTM_STATE_FLAG_DECRYPTED);
+ pgs.u.req.type = cpu_to_be32(type);
+ pgs.u.req.offset = 0;
+
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_STATEBLOB,
+ &pgs, sizeof(pgs.u.req),
+ offsetof(ptm_getstate, u.resp.data)) < 0) {
+ error_report("tpm-emulator: could not get state blob type %d : %s",
+ type, strerror(errno));
+ return -1;
+ }
+
+ res = be32_to_cpu(pgs.u.resp.tpm_result);
+ if (res != 0 && (res & 0x800) == 0) {
+ error_report("tpm-emulator: Getting the stateblob (type %d) failed "
+ "with a TPM error 0x%x %s", type, res,
+ tpm_emulator_strerror(res));
+ return -1;
+ }
+
+ totlength = be32_to_cpu(pgs.u.resp.totlength);
+ length = be32_to_cpu(pgs.u.resp.length);
+ if (totlength != length) {
+ error_report("tpm-emulator: Expecting to read %u bytes "
+ "but would get %u", totlength, length);
+ return -1;
+ }
+
+ *flags = be32_to_cpu(pgs.u.resp.state_flags);
+
+ if (totlength > 0) {
+ tsb->buffer = g_try_malloc(totlength);
+ if (!tsb->buffer) {
+ error_report("tpm-emulator: Out of memory allocating %u bytes",
+ totlength);
+ return -1;
+ }
+
+ n = qemu_chr_fe_read_all(&tpm_emu->ctrl_chr, tsb->buffer, totlength);
+ if (n != totlength) {
+ error_report("tpm-emulator: Could not read stateblob (type %d); "
+ "expected %u bytes, got %zd",
+ type, totlength, n);
+ return -1;
+ }
+ }
+ tsb->size = totlength;
+
+ trace_tpm_emulator_get_state_blob(type, tsb->size, *flags);
+
+ return 0;
+}
+
+static int tpm_emulator_get_state_blobs(TPMEmulator *tpm_emu)
+{
+ TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs;
+
+ if (tpm_emulator_get_state_blob(tpm_emu, PTM_BLOB_TYPE_PERMANENT,
+ &state_blobs->permanent,
+ &state_blobs->permanent_flags) < 0 ||
+ tpm_emulator_get_state_blob(tpm_emu, PTM_BLOB_TYPE_VOLATILE,
+ &state_blobs->volatil,
+ &state_blobs->volatil_flags) < 0 ||
+ tpm_emulator_get_state_blob(tpm_emu, PTM_BLOB_TYPE_SAVESTATE,
+ &state_blobs->savestate,
+ &state_blobs->savestate_flags) < 0) {
+ goto err_exit;
+ }
+
+ return 0;
+
+ err_exit:
+ tpm_sized_buffer_reset(&state_blobs->volatil);
+ tpm_sized_buffer_reset(&state_blobs->permanent);
+ tpm_sized_buffer_reset(&state_blobs->savestate);
+
+ return -1;
+}
+
+/*
+ * Transfer a TPM state blob to the TPM emulator.
+ *
+ * @tpm_emu: TPMEmulator
+ * @type: the type of TPM state blob to transfer
+ * @tsb: TPMSizedBuffer containing the TPM state blob
+ * @flags: Flags describing the (encryption) state of the TPM state blob
+ */
+static int tpm_emulator_set_state_blob(TPMEmulator *tpm_emu,
+ uint32_t type,
+ TPMSizedBuffer *tsb,
+ uint32_t flags)
+{
+ ssize_t n;
+ ptm_setstate pss;
+ ptm_res tpm_result;
+
+ if (tsb->size == 0) {
+ return 0;
+ }
+
+ pss = (ptm_setstate) {
+ .u.req.state_flags = cpu_to_be32(flags),
+ .u.req.type = cpu_to_be32(type),
+ .u.req.length = cpu_to_be32(tsb->size),
+ };
+
+ /* write the header only */
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_STATEBLOB, &pss,
+ offsetof(ptm_setstate, u.req.data), 0) < 0) {
+ error_report("tpm-emulator: could not set state blob type %d : %s",
+ type, strerror(errno));
+ return -1;
+ }
+
+ /* now the body */
+ n = qemu_chr_fe_write_all(&tpm_emu->ctrl_chr, tsb->buffer, tsb->size);
+ if (n != tsb->size) {
+ error_report("tpm-emulator: Writing the stateblob (type %d) "
+ "failed; could not write %u bytes, but only %zd",
+ type, tsb->size, n);
+ return -1;
+ }
+
+ /* now get the result */
+ n = qemu_chr_fe_read_all(&tpm_emu->ctrl_chr,
+ (uint8_t *)&pss, sizeof(pss.u.resp));
+ if (n != sizeof(pss.u.resp)) {
+ error_report("tpm-emulator: Reading response from writing stateblob "
+ "(type %d) failed; expected %zu bytes, got %zd", type,
+ sizeof(pss.u.resp), n);
+ return -1;
+ }
+
+ tpm_result = be32_to_cpu(pss.u.resp.tpm_result);
+ if (tpm_result != 0) {
+ error_report("tpm-emulator: Setting the stateblob (type %d) failed "
+ "with a TPM error 0x%x %s", type, tpm_result,
+ tpm_emulator_strerror(tpm_result));
+ return -1;
+ }
+
+ trace_tpm_emulator_set_state_blob(type, tsb->size, flags);
+
+ return 0;
+}
+
+/*
+ * Set all the TPM state blobs.
+ *
+ * Returns a negative errno code in case of error.
+ */
+static int tpm_emulator_set_state_blobs(TPMBackend *tb)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+ TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs;
+
+ trace_tpm_emulator_set_state_blobs();
+
+ if (tpm_emulator_stop_tpm(tb) < 0) {
+ trace_tpm_emulator_set_state_blobs_error("Could not stop TPM");
+ return -EIO;
+ }
+
+ if (tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_PERMANENT,
+ &state_blobs->permanent,
+ state_blobs->permanent_flags) < 0 ||
+ tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_VOLATILE,
+ &state_blobs->volatil,
+ state_blobs->volatil_flags) < 0 ||
+ tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_SAVESTATE,
+ &state_blobs->savestate,
+ state_blobs->savestate_flags) < 0) {
+ return -EIO;
+ }
+
+ trace_tpm_emulator_set_state_blobs_done();
+
+ return 0;
+}
+
+static int tpm_emulator_pre_save(void *opaque)
+{
+ TPMBackend *tb = opaque;
+ TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
+
+ trace_tpm_emulator_pre_save();
+
+ tpm_backend_finish_sync(tb);
+
+ /* get the state blobs from the TPM */
+ return tpm_emulator_get_state_blobs(tpm_emu);
+}
+
+/*
+ * Load the TPM state blobs into the TPM.
+ *
+ * Returns negative errno codes in case of error.
+ */
+static int tpm_emulator_post_load(void *opaque, int version_id)
+{
+ TPMBackend *tb = opaque;
+ int ret;
+
+ ret = tpm_emulator_set_state_blobs(tb);
+ if (ret < 0) {
+ return ret;
+ }
+
+ if (tpm_emulator_startup_tpm_resume(tb, 0, true) < 0) {
+ return -EIO;
+ }
+
+ return 0;
+}
+
+static const VMStateDescription vmstate_tpm_emulator = {
+ .name = "tpm-emulator",
+ .version_id = 0,
+ .pre_save = tpm_emulator_pre_save,
+ .post_load = tpm_emulator_post_load,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT32(state_blobs.permanent_flags, TPMEmulator),
+ VMSTATE_UINT32(state_blobs.permanent.size, TPMEmulator),
+ VMSTATE_VBUFFER_ALLOC_UINT32(state_blobs.permanent.buffer,
+ TPMEmulator, 0, 0,
+ state_blobs.permanent.size),
+
+ VMSTATE_UINT32(state_blobs.volatil_flags, TPMEmulator),
+ VMSTATE_UINT32(state_blobs.volatil.size, TPMEmulator),
+ VMSTATE_VBUFFER_ALLOC_UINT32(state_blobs.volatil.buffer,
+ TPMEmulator, 0, 0,
+ state_blobs.volatil.size),
+
+ VMSTATE_UINT32(state_blobs.savestate_flags, TPMEmulator),
+ VMSTATE_UINT32(state_blobs.savestate.size, TPMEmulator),
+ VMSTATE_VBUFFER_ALLOC_UINT32(state_blobs.savestate.buffer,
+ TPMEmulator, 0, 0,
+ state_blobs.savestate.size),
+
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void tpm_emulator_inst_init(Object *obj)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(obj);
+
+ trace_tpm_emulator_inst_init();
+
+ tpm_emu->options = g_new0(TPMEmulatorOptions, 1);
+ tpm_emu->cur_locty_number = ~0;
+ qemu_mutex_init(&tpm_emu->mutex);
+
+ vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY,
+ &vmstate_tpm_emulator, obj);
+}
+
+/*
+ * Gracefully shut down the external TPM
+ */
+static void tpm_emulator_shutdown(TPMEmulator *tpm_emu)
+{
+ ptm_res res;
+
+ if (!tpm_emu->options->chardev) {
+ /* was never properly initialized */
+ return;
+ }
+
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SHUTDOWN, &res, 0, sizeof(res)) < 0) {
+ error_report("tpm-emulator: Could not cleanly shutdown the TPM: %s",
+ strerror(errno));
+ } else if (res != 0) {
+ error_report("tpm-emulator: TPM result for shutdown: 0x%x %s",
+ be32_to_cpu(res), tpm_emulator_strerror(be32_to_cpu(res)));
+ }
+}
+
+static void tpm_emulator_inst_finalize(Object *obj)
+{
+ TPMEmulator *tpm_emu = TPM_EMULATOR(obj);
+ TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs;
+
+ tpm_emulator_shutdown(tpm_emu);
+
+ object_unref(OBJECT(tpm_emu->data_ioc));
+
+ qemu_chr_fe_deinit(&tpm_emu->ctrl_chr, false);
+
+ qapi_free_TPMEmulatorOptions(tpm_emu->options);
+
+ if (tpm_emu->migration_blocker) {
+ migrate_del_blocker(tpm_emu->migration_blocker);
+ error_free(tpm_emu->migration_blocker);
+ }
+
+ tpm_sized_buffer_reset(&state_blobs->volatil);
+ tpm_sized_buffer_reset(&state_blobs->permanent);
+ tpm_sized_buffer_reset(&state_blobs->savestate);
+
+ qemu_mutex_destroy(&tpm_emu->mutex);
+
+ vmstate_unregister(NULL, &vmstate_tpm_emulator, obj);
+}
+
+static void tpm_emulator_class_init(ObjectClass *klass, void *data)
+{
+ TPMBackendClass *tbc = TPM_BACKEND_CLASS(klass);
+
+ tbc->type = TPM_TYPE_EMULATOR;
+ tbc->opts = tpm_emulator_cmdline_opts;
+ tbc->desc = "TPM emulator backend driver";
+ tbc->create = tpm_emulator_create;
+ tbc->startup_tpm = tpm_emulator_startup_tpm;
+ tbc->cancel_cmd = tpm_emulator_cancel_cmd;
+ tbc->get_tpm_established_flag = tpm_emulator_get_tpm_established_flag;
+ tbc->reset_tpm_established_flag = tpm_emulator_reset_tpm_established_flag;
+ tbc->get_tpm_version = tpm_emulator_get_tpm_version;
+ tbc->get_buffer_size = tpm_emulator_get_buffer_size;
+ tbc->get_tpm_options = tpm_emulator_get_tpm_options;
+
+ tbc->handle_request = tpm_emulator_handle_request;
+}
+
+static const TypeInfo tpm_emulator_info = {
+ .name = TYPE_TPM_EMULATOR,
+ .parent = TYPE_TPM_BACKEND,
+ .instance_size = sizeof(TPMEmulator),
+ .class_init = tpm_emulator_class_init,
+ .instance_init = tpm_emulator_inst_init,
+ .instance_finalize = tpm_emulator_inst_finalize,
+};
+
+static void tpm_emulator_register(void)
+{
+ type_register_static(&tpm_emulator_info);
+}
+
+type_init(tpm_emulator_register)
diff --git a/backends/tpm/tpm_int.h b/backends/tpm/tpm_int.h
new file mode 100644
index 000000000..ba6109306
--- /dev/null
+++ b/backends/tpm/tpm_int.h
@@ -0,0 +1,88 @@
+/*
+ * TPM configuration
+ *
+ * Copyright (C) 2011-2013 IBM Corporation
+ *
+ * Authors:
+ * Stefan Berger <stefanb@us.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#ifndef BACKENDS_TPM_INT_H
+#define BACKENDS_TPM_INT_H
+
+#include "qemu/option.h"
+#include "sysemu/tpm.h"
+
+#define TPM_STANDARD_CMDLINE_OPTS \
+ { \
+ .name = "type", \
+ .type = QEMU_OPT_STRING, \
+ .help = "Type of TPM backend", \
+ }
+
+struct tpm_req_hdr {
+ uint16_t tag;
+ uint32_t len;
+ uint32_t ordinal;
+} QEMU_PACKED;
+
+struct tpm_resp_hdr {
+ uint16_t tag;
+ uint32_t len;
+ uint32_t errcode;
+} QEMU_PACKED;
+
+#define TPM_TAG_RQU_COMMAND 0xc1
+#define TPM_TAG_RQU_AUTH1_COMMAND 0xc2
+#define TPM_TAG_RQU_AUTH2_COMMAND 0xc3
+
+#define TPM_TAG_RSP_COMMAND 0xc4
+#define TPM_TAG_RSP_AUTH1_COMMAND 0xc5
+#define TPM_TAG_RSP_AUTH2_COMMAND 0xc6
+
+#define TPM_BAD_PARAMETER 3
+#define TPM_FAIL 9
+#define TPM_KEYNOTFOUND 13
+#define TPM_BAD_PARAM_SIZE 25
+#define TPM_ENCRYPT_ERROR 32
+#define TPM_DECRYPT_ERROR 33
+#define TPM_BAD_KEY_PROPERTY 40
+#define TPM_BAD_MODE 44
+#define TPM_BAD_VERSION 46
+#define TPM_BAD_LOCALITY 61
+
+#define TPM_ORD_ContinueSelfTest 0x53
+#define TPM_ORD_GetTicks 0xf1
+#define TPM_ORD_GetCapability 0x65
+
+#define TPM_CAP_PROPERTY 0x05
+
+#define TPM_CAP_PROP_INPUT_BUFFER 0x124
+
+/* TPM2 defines */
+#define TPM2_ST_NO_SESSIONS 0x8001
+
+#define TPM2_CC_ReadClock 0x00000181
+#define TPM2_CC_GetCapability 0x0000017a
+
+#define TPM2_CAP_TPM_PROPERTIES 0x6
+
+#define TPM2_PT_MAX_COMMAND_SIZE 0x11e
+
+#define TPM_RC_INSUFFICIENT 0x9a
+#define TPM_RC_FAILURE 0x101
+#define TPM_RC_LOCALITY 0x907
+
+int tpm_util_get_buffer_size(int tpm_fd, TPMVersion tpm_version,
+ size_t *buffersize);
+
+typedef struct TPMSizedBuffer {
+ uint32_t size;
+ uint8_t *buffer;
+} TPMSizedBuffer;
+
+void tpm_sized_buffer_reset(TPMSizedBuffer *tsb);
+
+#endif /* BACKENDS_TPM_INT_H */
diff --git a/backends/tpm/tpm_ioctl.h b/backends/tpm/tpm_ioctl.h
new file mode 100644
index 000000000..bd6c12cb8
--- /dev/null
+++ b/backends/tpm/tpm_ioctl.h
@@ -0,0 +1,275 @@
+/*
+ * tpm_ioctl.h
+ *
+ * (c) Copyright IBM Corporation 2014, 2015.
+ *
+ * This file is licensed under the terms of the 3-clause BSD license
+ */
+
+#ifndef TPM_IOCTL_H
+#define TPM_IOCTL_H
+
+#include <sys/uio.h>
+#include <sys/ioctl.h>
+
+#ifdef HAVE_SYS_IOCCOM_H
+#include <sys/ioccom.h>
+#endif
+
+/*
+ * Every response from a command involving a TPM command execution must hold
+ * the ptm_res as the first element.
+ * ptm_res corresponds to the error code of a command executed by the TPM.
+ */
+
+typedef uint32_t ptm_res;
+
+/* PTM_GET_TPMESTABLISHED: get the establishment bit */
+struct ptm_est {
+ union {
+ struct {
+ ptm_res tpm_result;
+ unsigned char bit; /* TPM established bit */
+ } resp; /* response */
+ } u;
+};
+
+/* PTM_RESET_TPMESTABLISHED: reset establishment bit */
+struct ptm_reset_est {
+ union {
+ struct {
+ uint8_t loc; /* locality to use */
+ } req; /* request */
+ struct {
+ ptm_res tpm_result;
+ } resp; /* response */
+ } u;
+};
+
+/* PTM_INIT */
+struct ptm_init {
+ union {
+ struct {
+ uint32_t init_flags; /* see definitions below */
+ } req; /* request */
+ struct {
+ ptm_res tpm_result;
+ } resp; /* response */
+ } u;
+};
+
+/* above init_flags */
+#define PTM_INIT_FLAG_DELETE_VOLATILE (1 << 0)
+ /* delete volatile state file after reading it */
+
+/* PTM_SET_LOCALITY */
+struct ptm_loc {
+ union {
+ struct {
+ uint8_t loc; /* locality to set */
+ } req; /* request */
+ struct {
+ ptm_res tpm_result;
+ } resp; /* response */
+ } u;
+};
+
+/* PTM_HASH_DATA: hash given data */
+struct ptm_hdata {
+ union {
+ struct {
+ uint32_t length;
+ uint8_t data[4096];
+ } req; /* request */
+ struct {
+ ptm_res tpm_result;
+ } resp; /* response */
+ } u;
+};
+
+/*
+ * size of the TPM state blob to transfer; x86_64 can handle 8k,
+ * ppc64le only ~7k; keep the response below a 4k page size
+ */
+#define PTM_STATE_BLOB_SIZE (3 * 1024)
+
+/*
+ * The following is the data structure to get state blobs from the TPM.
+ * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple reads
+ * with this ioctl and with adjusted offset are necessary. All bytes
+ * must be transferred and the transfer is done once the last byte has been
+ * returned.
+ * It is possible to use the read() interface for reading the data; however, the
+ * first bytes of the state blob will be part of the response to the ioctl(); a
+ * subsequent read() is only necessary if the total length (totlength) exceeds
+ * the number of received bytes. seek() is not supported.
+ */
+struct ptm_getstate {
+ union {
+ struct {
+ uint32_t state_flags; /* may be: PTM_STATE_FLAG_DECRYPTED */
+ uint32_t type; /* which blob to pull */
+ uint32_t offset; /* offset from where to read */
+ } req; /* request */
+ struct {
+ ptm_res tpm_result;
+ uint32_t state_flags; /* may be: PTM_STATE_FLAG_ENCRYPTED */
+ uint32_t totlength; /* total length that will be transferred */
+ uint32_t length; /* number of bytes in following buffer */
+ uint8_t data[PTM_STATE_BLOB_SIZE];
+ } resp; /* response */
+ } u;
+};
+
+/* TPM state blob types */
+#define PTM_BLOB_TYPE_PERMANENT 1
+#define PTM_BLOB_TYPE_VOLATILE 2
+#define PTM_BLOB_TYPE_SAVESTATE 3
+
+/* state_flags above : */
+#define PTM_STATE_FLAG_DECRYPTED 1 /* on input: get decrypted state */
+#define PTM_STATE_FLAG_ENCRYPTED 2 /* on output: state is encrypted */
+
+/*
+ * The following is the data structure to set state blobs in the TPM.
+ * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple
+ * 'writes' using this ioctl are necessary. The last packet is indicated
+ * by the length being smaller than the PTM_STATE_BLOB_SIZE.
+ * The very first packet may have a length indicator of '0' enabling
+ * a write() with all the bytes from a buffer. If the write() interface
+ * is used, a final ioctl with a non-full buffer must be made to indicate
+ * that all data were transferred (a write with 0 bytes would not work).
+ */
+struct ptm_setstate {
+ union {
+ struct {
+ uint32_t state_flags; /* may be PTM_STATE_FLAG_ENCRYPTED */
+ uint32_t type; /* which blob to set */
+ uint32_t length; /* length of the data;
+ use 0 on the first packet to
+ transfer using write() */
+ uint8_t data[PTM_STATE_BLOB_SIZE];
+ } req; /* request */
+ struct {
+ ptm_res tpm_result;
+ } resp; /* response */
+ } u;
+};
+
+/*
+ * PTM_GET_CONFIG: Data structure to get runtime configuration information
+ * such as which keys are applied.
+ */
+struct ptm_getconfig {
+ union {
+ struct {
+ ptm_res tpm_result;
+ uint32_t flags;
+ } resp; /* response */
+ } u;
+};
+
+#define PTM_CONFIG_FLAG_FILE_KEY 0x1
+#define PTM_CONFIG_FLAG_MIGRATION_KEY 0x2
+
+/*
+ * PTM_SET_BUFFERSIZE: Set the buffer size to be used by the TPM.
+ * A 0 on input queries for the current buffer size. Any other
+ * number will try to set the buffer size. The returned number is
+ * the buffer size that will be used, which can be larger than the
+ * requested one, if it was below the minimum, or smaller than the
+ * requested one, if it was above the maximum.
+ */
+struct ptm_setbuffersize {
+ union {
+ struct {
+ uint32_t buffersize; /* 0 to query for current buffer size */
+ } req; /* request */
+ struct {
+ ptm_res tpm_result;
+ uint32_t buffersize; /* buffer size in use */
+ uint32_t minsize; /* min. supported buffer size */
+ uint32_t maxsize; /* max. supported buffer size */
+ } resp; /* response */
+ } u;
+};
+
+
+typedef uint64_t ptm_cap;
+typedef struct ptm_est ptm_est;
+typedef struct ptm_reset_est ptm_reset_est;
+typedef struct ptm_loc ptm_loc;
+typedef struct ptm_hdata ptm_hdata;
+typedef struct ptm_init ptm_init;
+typedef struct ptm_getstate ptm_getstate;
+typedef struct ptm_setstate ptm_setstate;
+typedef struct ptm_getconfig ptm_getconfig;
+typedef struct ptm_setbuffersize ptm_setbuffersize;
+
+/* capability flags returned by PTM_GET_CAPABILITY */
+#define PTM_CAP_INIT (1)
+#define PTM_CAP_SHUTDOWN (1 << 1)
+#define PTM_CAP_GET_TPMESTABLISHED (1 << 2)
+#define PTM_CAP_SET_LOCALITY (1 << 3)
+#define PTM_CAP_HASHING (1 << 4)
+#define PTM_CAP_CANCEL_TPM_CMD (1 << 5)
+#define PTM_CAP_STORE_VOLATILE (1 << 6)
+#define PTM_CAP_RESET_TPMESTABLISHED (1 << 7)
+#define PTM_CAP_GET_STATEBLOB (1 << 8)
+#define PTM_CAP_SET_STATEBLOB (1 << 9)
+#define PTM_CAP_STOP (1 << 10)
+#define PTM_CAP_GET_CONFIG (1 << 11)
+#define PTM_CAP_SET_DATAFD (1 << 12)
+#define PTM_CAP_SET_BUFFERSIZE (1 << 13)
+
+enum {
+ PTM_GET_CAPABILITY = _IOR('P', 0, ptm_cap),
+ PTM_INIT = _IOWR('P', 1, ptm_init),
+ PTM_SHUTDOWN = _IOR('P', 2, ptm_res),
+ PTM_GET_TPMESTABLISHED = _IOR('P', 3, ptm_est),
+ PTM_SET_LOCALITY = _IOWR('P', 4, ptm_loc),
+ PTM_HASH_START = _IOR('P', 5, ptm_res),
+ PTM_HASH_DATA = _IOWR('P', 6, ptm_hdata),
+ PTM_HASH_END = _IOR('P', 7, ptm_res),
+ PTM_CANCEL_TPM_CMD = _IOR('P', 8, ptm_res),
+ PTM_STORE_VOLATILE = _IOR('P', 9, ptm_res),
+ PTM_RESET_TPMESTABLISHED = _IOWR('P', 10, ptm_reset_est),
+ PTM_GET_STATEBLOB = _IOWR('P', 11, ptm_getstate),
+ PTM_SET_STATEBLOB = _IOWR('P', 12, ptm_setstate),
+ PTM_STOP = _IOR('P', 13, ptm_res),
+ PTM_GET_CONFIG = _IOR('P', 14, ptm_getconfig),
+ PTM_SET_DATAFD = _IOR('P', 15, ptm_res),
+ PTM_SET_BUFFERSIZE = _IOWR('P', 16, ptm_setbuffersize),
+};
+
+/*
+ * Commands used by the non-CUSE TPMs
+ *
+ * All messages container big-endian data.
+ *
+ * The return messages only contain the 'resp' part of the unions
+ * in the data structures above. Besides that the limits in the
+ * buffers above (ptm_hdata:u.req.data and ptm_get_state:u.resp.data
+ * and ptm_set_state:u.req.data) are 0xffffffff.
+ */
+enum {
+ CMD_GET_CAPABILITY = 1,
+ CMD_INIT,
+ CMD_SHUTDOWN,
+ CMD_GET_TPMESTABLISHED,
+ CMD_SET_LOCALITY,
+ CMD_HASH_START,
+ CMD_HASH_DATA,
+ CMD_HASH_END,
+ CMD_CANCEL_TPM_CMD,
+ CMD_STORE_VOLATILE,
+ CMD_RESET_TPMESTABLISHED,
+ CMD_GET_STATEBLOB,
+ CMD_SET_STATEBLOB,
+ CMD_STOP,
+ CMD_GET_CONFIG,
+ CMD_SET_DATAFD,
+ CMD_SET_BUFFERSIZE,
+};
+
+#endif /* TPM_IOCTL_H */
diff --git a/backends/tpm/tpm_passthrough.c b/backends/tpm/tpm_passthrough.c
new file mode 100644
index 000000000..d5558fae6
--- /dev/null
+++ b/backends/tpm/tpm_passthrough.c
@@ -0,0 +1,404 @@
+/*
+ * passthrough TPM driver
+ *
+ * Copyright (c) 2010 - 2013 IBM Corporation
+ * Authors:
+ * Stefan Berger <stefanb@us.ibm.com>
+ *
+ * Copyright (C) 2011 IAIK, Graz University of Technology
+ * Author: Andreas Niederl
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "qemu/error-report.h"
+#include "qemu/module.h"
+#include "qemu/sockets.h"
+#include "sysemu/tpm_backend.h"
+#include "sysemu/tpm_util.h"
+#include "tpm_int.h"
+#include "qapi/clone-visitor.h"
+#include "qapi/qapi-visit-tpm.h"
+#include "trace.h"
+#include "qom/object.h"
+
+#define TYPE_TPM_PASSTHROUGH "tpm-passthrough"
+OBJECT_DECLARE_SIMPLE_TYPE(TPMPassthruState, TPM_PASSTHROUGH)
+
+/* data structures */
+struct TPMPassthruState {
+ TPMBackend parent;
+
+ TPMPassthroughOptions *options;
+ const char *tpm_dev;
+ int tpm_fd;
+ bool tpm_executing;
+ bool tpm_op_canceled;
+ int cancel_fd;
+
+ TPMVersion tpm_version;
+ size_t tpm_buffersize;
+};
+
+
+#define TPM_PASSTHROUGH_DEFAULT_DEVICE "/dev/tpm0"
+
+/* functions */
+
+static void tpm_passthrough_cancel_cmd(TPMBackend *tb);
+
+static int tpm_passthrough_unix_read(int fd, uint8_t *buf, uint32_t len)
+{
+ int ret;
+ reread:
+ ret = read(fd, buf, len);
+ if (ret < 0) {
+ if (errno != EINTR && errno != EAGAIN) {
+ return -1;
+ }
+ goto reread;
+ }
+ return ret;
+}
+
+static void tpm_passthrough_unix_tx_bufs(TPMPassthruState *tpm_pt,
+ const uint8_t *in, uint32_t in_len,
+ uint8_t *out, uint32_t out_len,
+ bool *selftest_done, Error **errp)
+{
+ ssize_t ret;
+ bool is_selftest;
+
+ /* FIXME: protect shared variables or use other sync mechanism */
+ tpm_pt->tpm_op_canceled = false;
+ tpm_pt->tpm_executing = true;
+ *selftest_done = false;
+
+ is_selftest = tpm_util_is_selftest(in, in_len);
+
+ ret = qemu_write_full(tpm_pt->tpm_fd, in, in_len);
+ if (ret != in_len) {
+ if (!tpm_pt->tpm_op_canceled || errno != ECANCELED) {
+ error_setg_errno(errp, errno, "tpm_passthrough: error while "
+ "transmitting data to TPM");
+ }
+ goto err_exit;
+ }
+
+ tpm_pt->tpm_executing = false;
+
+ ret = tpm_passthrough_unix_read(tpm_pt->tpm_fd, out, out_len);
+ if (ret < 0) {
+ if (!tpm_pt->tpm_op_canceled || errno != ECANCELED) {
+ error_setg_errno(errp, errno, "tpm_passthrough: error while "
+ "reading data from TPM");
+ }
+ } else if (ret < sizeof(struct tpm_resp_hdr) ||
+ tpm_cmd_get_size(out) != ret) {
+ ret = -1;
+ error_setg_errno(errp, errno, "tpm_passthrough: received invalid "
+ "response packet from TPM");
+ }
+
+ if (is_selftest && (ret >= sizeof(struct tpm_resp_hdr))) {
+ *selftest_done = tpm_cmd_get_errcode(out) == 0;
+ }
+
+err_exit:
+ if (ret < 0) {
+ tpm_util_write_fatal_error_response(out, out_len);
+ }
+
+ tpm_pt->tpm_executing = false;
+}
+
+static void tpm_passthrough_handle_request(TPMBackend *tb, TPMBackendCmd *cmd,
+ Error **errp)
+{
+ TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb);
+
+ trace_tpm_passthrough_handle_request(cmd);
+
+ tpm_passthrough_unix_tx_bufs(tpm_pt, cmd->in, cmd->in_len,
+ cmd->out, cmd->out_len, &cmd->selftest_done,
+ errp);
+}
+
+static void tpm_passthrough_reset(TPMBackend *tb)
+{
+ trace_tpm_passthrough_reset();
+
+ tpm_passthrough_cancel_cmd(tb);
+}
+
+static bool tpm_passthrough_get_tpm_established_flag(TPMBackend *tb)
+{
+ return false;
+}
+
+static int tpm_passthrough_reset_tpm_established_flag(TPMBackend *tb,
+ uint8_t locty)
+{
+ /* only a TPM 2.0 will support this */
+ return 0;
+}
+
+static void tpm_passthrough_cancel_cmd(TPMBackend *tb)
+{
+ TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb);
+ int n;
+
+ /*
+ * As of Linux 3.7 the tpm_tis driver does not properly cancel
+ * commands on all TPM manufacturers' TPMs.
+ * Only cancel if we're busy so we don't cancel someone else's
+ * command, e.g., a command executed on the host.
+ */
+ if (tpm_pt->tpm_executing) {
+ if (tpm_pt->cancel_fd >= 0) {
+ tpm_pt->tpm_op_canceled = true;
+ n = write(tpm_pt->cancel_fd, "-", 1);
+ if (n != 1) {
+ error_report("Canceling TPM command failed: %s",
+ strerror(errno));
+ }
+ } else {
+ error_report("Cannot cancel TPM command due to missing "
+ "TPM sysfs cancel entry");
+ }
+ }
+}
+
+static TPMVersion tpm_passthrough_get_tpm_version(TPMBackend *tb)
+{
+ TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb);
+
+ return tpm_pt->tpm_version;
+}
+
+static size_t tpm_passthrough_get_buffer_size(TPMBackend *tb)
+{
+ TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb);
+ int ret;
+
+ ret = tpm_util_get_buffer_size(tpm_pt->tpm_fd, tpm_pt->tpm_version,
+ &tpm_pt->tpm_buffersize);
+ if (ret < 0) {
+ tpm_pt->tpm_buffersize = 4096;
+ }
+ return tpm_pt->tpm_buffersize;
+}
+
+/*
+ * Unless path or file descriptor set has been provided by user,
+ * determine the sysfs cancel file following kernel documentation
+ * in Documentation/ABI/stable/sysfs-class-tpm.
+ * From /dev/tpm0 create /sys/class/tpm/tpm0/device/cancel
+ * before 4.0: /sys/class/misc/tpm0/device/cancel
+ */
+static int tpm_passthrough_open_sysfs_cancel(TPMPassthruState *tpm_pt)
+{
+ int fd = -1;
+ char *dev;
+ char path[PATH_MAX];
+
+ if (tpm_pt->options->cancel_path) {
+ fd = qemu_open_old(tpm_pt->options->cancel_path, O_WRONLY);
+ if (fd < 0) {
+ error_report("tpm_passthrough: Could not open TPM cancel path: %s",
+ strerror(errno));
+ }
+ return fd;
+ }
+
+ dev = strrchr(tpm_pt->tpm_dev, '/');
+ if (!dev) {
+ error_report("tpm_passthrough: Bad TPM device path %s",
+ tpm_pt->tpm_dev);
+ return -1;
+ }
+
+ dev++;
+ if (snprintf(path, sizeof(path), "/sys/class/tpm/%s/device/cancel",
+ dev) < sizeof(path)) {
+ fd = qemu_open_old(path, O_WRONLY);
+ if (fd < 0) {
+ if (snprintf(path, sizeof(path), "/sys/class/misc/%s/device/cancel",
+ dev) < sizeof(path)) {
+ fd = qemu_open_old(path, O_WRONLY);
+ }
+ }
+ }
+
+ if (fd < 0) {
+ error_report("tpm_passthrough: Could not guess TPM cancel path");
+ } else {
+ tpm_pt->options->cancel_path = g_strdup(path);
+ }
+
+ return fd;
+}
+
+static int
+tpm_passthrough_handle_device_opts(TPMPassthruState *tpm_pt, QemuOpts *opts)
+{
+ const char *value;
+
+ value = qemu_opt_get(opts, "cancel-path");
+ if (value) {
+ tpm_pt->options->cancel_path = g_strdup(value);
+ tpm_pt->options->has_cancel_path = true;
+ }
+
+ value = qemu_opt_get(opts, "path");
+ if (value) {
+ tpm_pt->options->has_path = true;
+ tpm_pt->options->path = g_strdup(value);
+ }
+
+ tpm_pt->tpm_dev = value ? value : TPM_PASSTHROUGH_DEFAULT_DEVICE;
+ tpm_pt->tpm_fd = qemu_open_old(tpm_pt->tpm_dev, O_RDWR);
+ if (tpm_pt->tpm_fd < 0) {
+ error_report("Cannot access TPM device using '%s': %s",
+ tpm_pt->tpm_dev, strerror(errno));
+ return -1;
+ }
+
+ if (tpm_util_test_tpmdev(tpm_pt->tpm_fd, &tpm_pt->tpm_version)) {
+ error_report("'%s' is not a TPM device.",
+ tpm_pt->tpm_dev);
+ return -1;
+ }
+
+ tpm_pt->cancel_fd = tpm_passthrough_open_sysfs_cancel(tpm_pt);
+ if (tpm_pt->cancel_fd < 0) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static TPMBackend *tpm_passthrough_create(QemuOpts *opts)
+{
+ Object *obj = object_new(TYPE_TPM_PASSTHROUGH);
+
+ if (tpm_passthrough_handle_device_opts(TPM_PASSTHROUGH(obj), opts)) {
+ object_unref(obj);
+ return NULL;
+ }
+
+ return TPM_BACKEND(obj);
+}
+
+static int tpm_passthrough_startup_tpm(TPMBackend *tb, size_t buffersize)
+{
+ TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb);
+
+ if (buffersize && buffersize < tpm_pt->tpm_buffersize) {
+ error_report("Requested buffer size of %zu is smaller than host TPM's "
+ "fixed buffer size of %zu",
+ buffersize, tpm_pt->tpm_buffersize);
+ return -1;
+ }
+
+ return 0;
+}
+
+static TpmTypeOptions *tpm_passthrough_get_tpm_options(TPMBackend *tb)
+{
+ TpmTypeOptions *options = g_new0(TpmTypeOptions, 1);
+
+ options->type = TPM_TYPE_PASSTHROUGH;
+ options->u.passthrough.data = QAPI_CLONE(TPMPassthroughOptions,
+ TPM_PASSTHROUGH(tb)->options);
+
+ return options;
+}
+
+static const QemuOptDesc tpm_passthrough_cmdline_opts[] = {
+ TPM_STANDARD_CMDLINE_OPTS,
+ {
+ .name = "cancel-path",
+ .type = QEMU_OPT_STRING,
+ .help = "Sysfs file entry for canceling TPM commands",
+ },
+ {
+ .name = "path",
+ .type = QEMU_OPT_STRING,
+ .help = "Path to TPM device on the host",
+ },
+ { /* end of list */ },
+};
+
+static void tpm_passthrough_inst_init(Object *obj)
+{
+ TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(obj);
+
+ tpm_pt->options = g_new0(TPMPassthroughOptions, 1);
+ tpm_pt->tpm_fd = -1;
+ tpm_pt->cancel_fd = -1;
+}
+
+static void tpm_passthrough_inst_finalize(Object *obj)
+{
+ TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(obj);
+
+ tpm_passthrough_cancel_cmd(TPM_BACKEND(obj));
+
+ if (tpm_pt->tpm_fd >= 0) {
+ qemu_close(tpm_pt->tpm_fd);
+ }
+ if (tpm_pt->cancel_fd >= 0) {
+ qemu_close(tpm_pt->cancel_fd);
+ }
+ qapi_free_TPMPassthroughOptions(tpm_pt->options);
+}
+
+static void tpm_passthrough_class_init(ObjectClass *klass, void *data)
+{
+ TPMBackendClass *tbc = TPM_BACKEND_CLASS(klass);
+
+ tbc->type = TPM_TYPE_PASSTHROUGH;
+ tbc->opts = tpm_passthrough_cmdline_opts;
+ tbc->desc = "Passthrough TPM backend driver";
+ tbc->create = tpm_passthrough_create;
+ tbc->startup_tpm = tpm_passthrough_startup_tpm;
+ tbc->reset = tpm_passthrough_reset;
+ tbc->cancel_cmd = tpm_passthrough_cancel_cmd;
+ tbc->get_tpm_established_flag = tpm_passthrough_get_tpm_established_flag;
+ tbc->reset_tpm_established_flag =
+ tpm_passthrough_reset_tpm_established_flag;
+ tbc->get_tpm_version = tpm_passthrough_get_tpm_version;
+ tbc->get_buffer_size = tpm_passthrough_get_buffer_size;
+ tbc->get_tpm_options = tpm_passthrough_get_tpm_options;
+ tbc->handle_request = tpm_passthrough_handle_request;
+}
+
+static const TypeInfo tpm_passthrough_info = {
+ .name = TYPE_TPM_PASSTHROUGH,
+ .parent = TYPE_TPM_BACKEND,
+ .instance_size = sizeof(TPMPassthruState),
+ .class_init = tpm_passthrough_class_init,
+ .instance_init = tpm_passthrough_inst_init,
+ .instance_finalize = tpm_passthrough_inst_finalize,
+};
+
+static void tpm_passthrough_register(void)
+{
+ type_register_static(&tpm_passthrough_info);
+}
+
+type_init(tpm_passthrough_register)
diff --git a/backends/tpm/tpm_util.c b/backends/tpm/tpm_util.c
new file mode 100644
index 000000000..a6e6d3e72
--- /dev/null
+++ b/backends/tpm/tpm_util.c
@@ -0,0 +1,369 @@
+/*
+ * TPM utility functions
+ *
+ * Copyright (c) 2010 - 2015 IBM Corporation
+ * Authors:
+ * Stefan Berger <stefanb@us.ibm.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/error-report.h"
+#include "qapi/error.h"
+#include "qapi/visitor.h"
+#include "tpm_int.h"
+#include "exec/memory.h"
+#include "hw/qdev-properties.h"
+#include "sysemu/tpm_backend.h"
+#include "sysemu/tpm_util.h"
+#include "trace.h"
+
+/* tpm backend property */
+
+static void get_tpm(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ TPMBackend **be = object_field_prop_ptr(obj, opaque);
+ char *p;
+
+ p = g_strdup(*be ? (*be)->id : "");
+ visit_type_str(v, name, &p, errp);
+ g_free(p);
+}
+
+static void set_tpm(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ TPMBackend *s, **be = object_field_prop_ptr(obj, prop);
+ char *str;
+
+ if (!visit_type_str(v, name, &str, errp)) {
+ return;
+ }
+
+ s = qemu_find_tpm_be(str);
+ if (s == NULL) {
+ error_setg(errp, "Property '%s.%s' can't find value '%s'",
+ object_get_typename(obj), name, str);
+ } else if (tpm_backend_init(s, TPM_IF(obj), errp) == 0) {
+ *be = s; /* weak reference, avoid cyclic ref */
+ }
+ g_free(str);
+}
+
+static void release_tpm(Object *obj, const char *name, void *opaque)
+{
+ Property *prop = opaque;
+ TPMBackend **be = object_field_prop_ptr(obj, prop);
+
+ if (*be) {
+ tpm_backend_reset(*be);
+ }
+}
+
+const PropertyInfo qdev_prop_tpm = {
+ .name = "str",
+ .description = "ID of a tpm to use as a backend",
+ .get = get_tpm,
+ .set = set_tpm,
+ .release = release_tpm,
+};
+
+/*
+ * Write an error message in the given output buffer.
+ */
+void tpm_util_write_fatal_error_response(uint8_t *out, uint32_t out_len)
+{
+ if (out_len >= sizeof(struct tpm_resp_hdr)) {
+ tpm_cmd_set_tag(out, TPM_TAG_RSP_COMMAND);
+ tpm_cmd_set_size(out, sizeof(struct tpm_resp_hdr));
+ tpm_cmd_set_error(out, TPM_FAIL);
+ }
+}
+
+bool tpm_util_is_selftest(const uint8_t *in, uint32_t in_len)
+{
+ if (in_len >= sizeof(struct tpm_req_hdr)) {
+ return tpm_cmd_get_ordinal(in) == TPM_ORD_ContinueSelfTest;
+ }
+
+ return false;
+}
+
+/*
+ * Send request to a TPM device. We expect a response within one second.
+ */
+static int tpm_util_request(int fd,
+ const void *request,
+ size_t requestlen,
+ void *response,
+ size_t responselen)
+{
+ fd_set readfds;
+ int n;
+ struct timeval tv = {
+ .tv_sec = 1,
+ .tv_usec = 0,
+ };
+
+ n = write(fd, request, requestlen);
+ if (n < 0) {
+ return -errno;
+ }
+ if (n != requestlen) {
+ return -EFAULT;
+ }
+
+ FD_ZERO(&readfds);
+ FD_SET(fd, &readfds);
+
+ /* wait for a second */
+ n = select(fd + 1, &readfds, NULL, NULL, &tv);
+ if (n != 1) {
+ return -errno;
+ }
+
+ n = read(fd, response, responselen);
+ if (n < sizeof(struct tpm_resp_hdr)) {
+ return -EFAULT;
+ }
+
+ /* check the header */
+ if (tpm_cmd_get_size(response) != n) {
+ return -EMSGSIZE;
+ }
+
+ return 0;
+}
+
+/*
+ * A basic test of a TPM device. We expect a well formatted response header
+ * (error response is fine).
+ */
+static int tpm_util_test(int fd,
+ const void *request,
+ size_t requestlen,
+ uint16_t *return_tag)
+{
+ char buf[1024];
+ ssize_t ret;
+
+ ret = tpm_util_request(fd, request, requestlen,
+ buf, sizeof(buf));
+ if (ret < 0) {
+ return ret;
+ }
+
+ *return_tag = tpm_cmd_get_tag(buf);
+
+ return 0;
+}
+
+/*
+ * Probe for the TPM device in the back
+ * Returns 0 on success with the version of the probed TPM set, 1 on failure.
+ */
+int tpm_util_test_tpmdev(int tpm_fd, TPMVersion *tpm_version)
+{
+ /*
+ * Sending a TPM1.2 command to a TPM2 should return a TPM1.2
+ * header (tag = 0xc4) and error code (TPM_BADTAG = 0x1e)
+ *
+ * Sending a TPM2 command to a TPM 2 will give a TPM 2 tag in the
+ * header.
+ * Sending a TPM2 command to a TPM 1.2 will give a TPM 1.2 tag
+ * in the header and an error code.
+ */
+ const struct tpm_req_hdr test_req = {
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
+ .len = cpu_to_be32(sizeof(test_req)),
+ .ordinal = cpu_to_be32(TPM_ORD_GetTicks),
+ };
+
+ const struct tpm_req_hdr test_req_tpm2 = {
+ .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
+ .len = cpu_to_be32(sizeof(test_req_tpm2)),
+ .ordinal = cpu_to_be32(TPM2_CC_ReadClock),
+ };
+ uint16_t return_tag;
+ int ret;
+
+ /* Send TPM 2 command */
+ ret = tpm_util_test(tpm_fd, &test_req_tpm2,
+ sizeof(test_req_tpm2), &return_tag);
+ /* TPM 2 would respond with a tag of TPM2_ST_NO_SESSIONS */
+ if (!ret && return_tag == TPM2_ST_NO_SESSIONS) {
+ *tpm_version = TPM_VERSION_2_0;
+ return 0;
+ }
+
+ /* Send TPM 1.2 command */
+ ret = tpm_util_test(tpm_fd, &test_req,
+ sizeof(test_req), &return_tag);
+ if (!ret && return_tag == TPM_TAG_RSP_COMMAND) {
+ *tpm_version = TPM_VERSION_1_2;
+ /* this is a TPM 1.2 */
+ return 0;
+ }
+
+ *tpm_version = TPM_VERSION_UNSPEC;
+
+ return 1;
+}
+
+int tpm_util_get_buffer_size(int tpm_fd, TPMVersion tpm_version,
+ size_t *buffersize)
+{
+ int ret;
+
+ switch (tpm_version) {
+ case TPM_VERSION_1_2: {
+ const struct tpm_req_get_buffer_size {
+ struct tpm_req_hdr hdr;
+ uint32_t capability;
+ uint32_t len;
+ uint32_t subcap;
+ } QEMU_PACKED tpm_get_buffer_size = {
+ .hdr = {
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
+ .len = cpu_to_be32(sizeof(tpm_get_buffer_size)),
+ .ordinal = cpu_to_be32(TPM_ORD_GetCapability),
+ },
+ .capability = cpu_to_be32(TPM_CAP_PROPERTY),
+ .len = cpu_to_be32(sizeof(uint32_t)),
+ .subcap = cpu_to_be32(TPM_CAP_PROP_INPUT_BUFFER),
+ };
+ struct tpm_resp_get_buffer_size {
+ struct tpm_resp_hdr hdr;
+ uint32_t len;
+ uint32_t buffersize;
+ } QEMU_PACKED tpm_resp;
+
+ ret = tpm_util_request(tpm_fd, &tpm_get_buffer_size,
+ sizeof(tpm_get_buffer_size),
+ &tpm_resp, sizeof(tpm_resp));
+ if (ret < 0) {
+ return ret;
+ }
+
+ if (be32_to_cpu(tpm_resp.hdr.len) != sizeof(tpm_resp) ||
+ be32_to_cpu(tpm_resp.len) != sizeof(uint32_t)) {
+ trace_tpm_util_get_buffer_size_hdr_len(
+ be32_to_cpu(tpm_resp.hdr.len),
+ sizeof(tpm_resp));
+ trace_tpm_util_get_buffer_size_len(be32_to_cpu(tpm_resp.len),
+ sizeof(uint32_t));
+ error_report("tpm_util: Got unexpected response to "
+ "TPM_GetCapability; errcode: 0x%x",
+ be32_to_cpu(tpm_resp.hdr.errcode));
+ return -EFAULT;
+ }
+ *buffersize = be32_to_cpu(tpm_resp.buffersize);
+ break;
+ }
+ case TPM_VERSION_2_0: {
+ const struct tpm2_req_get_buffer_size {
+ struct tpm_req_hdr hdr;
+ uint32_t capability;
+ uint32_t property;
+ uint32_t count;
+ } QEMU_PACKED tpm2_get_buffer_size = {
+ .hdr = {
+ .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
+ .len = cpu_to_be32(sizeof(tpm2_get_buffer_size)),
+ .ordinal = cpu_to_be32(TPM2_CC_GetCapability),
+ },
+ .capability = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES),
+ .property = cpu_to_be32(TPM2_PT_MAX_COMMAND_SIZE),
+ .count = cpu_to_be32(2), /* also get TPM2_PT_MAX_RESPONSE_SIZE */
+ };
+ struct tpm2_resp_get_buffer_size {
+ struct tpm_resp_hdr hdr;
+ uint8_t more;
+ uint32_t capability;
+ uint32_t count;
+ uint32_t property1;
+ uint32_t value1;
+ uint32_t property2;
+ uint32_t value2;
+ } QEMU_PACKED tpm2_resp;
+
+ ret = tpm_util_request(tpm_fd, &tpm2_get_buffer_size,
+ sizeof(tpm2_get_buffer_size),
+ &tpm2_resp, sizeof(tpm2_resp));
+ if (ret < 0) {
+ return ret;
+ }
+
+ if (be32_to_cpu(tpm2_resp.hdr.len) != sizeof(tpm2_resp) ||
+ be32_to_cpu(tpm2_resp.count) != 2) {
+ trace_tpm_util_get_buffer_size_hdr_len2(
+ be32_to_cpu(tpm2_resp.hdr.len),
+ sizeof(tpm2_resp));
+ trace_tpm_util_get_buffer_size_len2(
+ be32_to_cpu(tpm2_resp.count), 2);
+ error_report("tpm_util: Got unexpected response to "
+ "TPM2_GetCapability; errcode: 0x%x",
+ be32_to_cpu(tpm2_resp.hdr.errcode));
+ return -EFAULT;
+ }
+ *buffersize = MAX(be32_to_cpu(tpm2_resp.value1),
+ be32_to_cpu(tpm2_resp.value2));
+ break;
+ }
+ case TPM_VERSION_UNSPEC:
+ return -EFAULT;
+ }
+
+ trace_tpm_util_get_buffer_size(*buffersize);
+
+ return 0;
+}
+
+void tpm_sized_buffer_reset(TPMSizedBuffer *tsb)
+{
+ g_free(tsb->buffer);
+ tsb->buffer = NULL;
+ tsb->size = 0;
+}
+
+void tpm_util_show_buffer(const unsigned char *buffer,
+ size_t buffer_size, const char *string)
+{
+ size_t len, i;
+ char *line_buffer, *p;
+
+ if (!trace_event_get_state_backends(TRACE_TPM_UTIL_SHOW_BUFFER)) {
+ return;
+ }
+ len = MIN(tpm_cmd_get_size(buffer), buffer_size);
+
+ /*
+ * allocate enough room for 3 chars per buffer entry plus a
+ * newline after every 16 chars and a final null terminator.
+ */
+ line_buffer = g_malloc(len * 3 + (len / 16) + 1);
+
+ for (i = 0, p = line_buffer; i < len; i++) {
+ if (i && !(i % 16)) {
+ p += sprintf(p, "\n");
+ }
+ p += sprintf(p, "%.2X ", buffer[i]);
+ }
+ trace_tpm_util_show_buffer(string, len, line_buffer);
+
+ g_free(line_buffer);
+}
diff --git a/backends/tpm/trace-events b/backends/tpm/trace-events
new file mode 100644
index 000000000..3298766dd
--- /dev/null
+++ b/backends/tpm/trace-events
@@ -0,0 +1,33 @@
+# See docs/devel/tracing.rst for syntax documentation.
+
+# tpm_passthrough.c
+tpm_passthrough_handle_request(void *cmd) "processing command %p"
+tpm_passthrough_reset(void) "reset"
+
+# tpm_util.c
+tpm_util_get_buffer_size_hdr_len(uint32_t len, size_t expected) "tpm_resp->hdr.len = %u, expected = %zu"
+tpm_util_get_buffer_size_len(uint32_t len, size_t expected) "tpm_resp->len = %u, expected = %zu"
+tpm_util_get_buffer_size_hdr_len2(uint32_t len, size_t expected) "tpm2_resp->hdr.len = %u, expected = %zu"
+tpm_util_get_buffer_size_len2(uint32_t len, size_t expected) "tpm2_resp->len = %u, expected = %zu"
+tpm_util_get_buffer_size(size_t len) "buffersize of device: %zu"
+tpm_util_show_buffer(const char *direction, size_t len, const char *buf) "direction: %s len: %zu\n%s"
+
+# tpm_emulator.c
+tpm_emulator_set_locality(uint8_t locty) "setting locality to %d"
+tpm_emulator_handle_request(void) "processing TPM command"
+tpm_emulator_probe_caps(uint64_t caps) "capabilities: 0x%"PRIx64
+tpm_emulator_set_buffer_size(uint32_t buffersize, uint32_t minsize, uint32_t maxsize) "buffer size: %u, min: %u, max: %u"
+tpm_emulator_startup_tpm_resume(bool is_resume, size_t buffersize) "is_resume: %d, buffer size: %zu"
+tpm_emulator_get_tpm_established_flag(uint8_t flag) "got established flag: %d"
+tpm_emulator_cancel_cmd_not_supt(void) "Backend does not support CANCEL_TPM_CMD"
+tpm_emulator_handle_device_opts_tpm12(void) "TPM Version 1.2"
+tpm_emulator_handle_device_opts_tpm2(void) "TPM Version 2"
+tpm_emulator_handle_device_opts_unspec(void) "TPM Version Unspecified"
+tpm_emulator_handle_device_opts_startup_error(void) "Startup error"
+tpm_emulator_get_state_blob(uint8_t type, uint32_t size, uint32_t flags) "got state blob type %d, %u bytes, flags 0x%08x"
+tpm_emulator_set_state_blob(uint8_t type, uint32_t size, uint32_t flags) "set state blob type %d, %u bytes, flags 0x%08x"
+tpm_emulator_set_state_blobs(void) "setting state blobs"
+tpm_emulator_set_state_blobs_error(const char *msg) "error while setting state blobs: %s"
+tpm_emulator_set_state_blobs_done(void) "Done setting state blobs"
+tpm_emulator_pre_save(void) ""
+tpm_emulator_inst_init(void) ""
diff --git a/backends/tpm/trace.h b/backends/tpm/trace.h
new file mode 100644
index 000000000..40c472988
--- /dev/null
+++ b/backends/tpm/trace.h
@@ -0,0 +1 @@
+#include "trace/trace-backends_tpm.h"
diff --git a/backends/trace-events b/backends/trace-events
new file mode 100644
index 000000000..652eb76a5
--- /dev/null
+++ b/backends/trace-events
@@ -0,0 +1,7 @@
+# See docs/devel/tracing.rst for syntax documentation.
+
+# dbus-vmstate.c
+dbus_vmstate_pre_save(void)
+dbus_vmstate_post_load(int version_id) "version_id: %d"
+dbus_vmstate_loading(const char *id) "id: %s"
+dbus_vmstate_saving(const char *id) "id: %s"
diff --git a/backends/trace.h b/backends/trace.h
new file mode 100644
index 000000000..77fe57f36
--- /dev/null
+++ b/backends/trace.h
@@ -0,0 +1 @@
+#include "trace/trace-backends.h"
diff --git a/backends/vhost-user.c b/backends/vhost-user.c
new file mode 100644
index 000000000..10b39992d
--- /dev/null
+++ b/backends/vhost-user.c
@@ -0,0 +1,207 @@
+/*
+ * QEMU vhost-user backend
+ *
+ * Copyright (C) 2018 Red Hat Inc
+ *
+ * Authors:
+ * Marc-André Lureau <marcandre.lureau@redhat.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
+#include "qom/object_interfaces.h"
+#include "sysemu/vhost-user-backend.h"
+#include "sysemu/kvm.h"
+#include "io/channel-command.h"
+#include "hw/virtio/virtio-bus.h"
+
+static bool
+ioeventfd_enabled(void)
+{
+ return kvm_enabled() && kvm_eventfds_enabled();
+}
+
+int
+vhost_user_backend_dev_init(VhostUserBackend *b, VirtIODevice *vdev,
+ unsigned nvqs, Error **errp)
+{
+ int ret;
+
+ assert(!b->vdev && vdev);
+
+ if (!ioeventfd_enabled()) {
+ error_setg(errp, "vhost initialization failed: requires kvm");
+ return -1;
+ }
+
+ if (!vhost_user_init(&b->vhost_user, &b->chr, errp)) {
+ return -1;
+ }
+
+ b->vdev = vdev;
+ b->dev.nvqs = nvqs;
+ b->dev.vqs = g_new0(struct vhost_virtqueue, nvqs);
+
+ ret = vhost_dev_init(&b->dev, &b->vhost_user, VHOST_BACKEND_TYPE_USER, 0,
+ errp);
+ if (ret < 0) {
+ return -1;
+ }
+
+ return 0;
+}
+
+void
+vhost_user_backend_start(VhostUserBackend *b)
+{
+ BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(b->vdev)));
+ VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(qbus);
+ int ret, i ;
+
+ if (b->started) {
+ return;
+ }
+
+ if (!k->set_guest_notifiers) {
+ error_report("binding does not support guest notifiers");
+ return;
+ }
+
+ ret = vhost_dev_enable_notifiers(&b->dev, b->vdev);
+ if (ret < 0) {
+ return;
+ }
+
+ ret = k->set_guest_notifiers(qbus->parent, b->dev.nvqs, true);
+ if (ret < 0) {
+ error_report("Error binding guest notifier");
+ goto err_host_notifiers;
+ }
+
+ b->dev.acked_features = b->vdev->guest_features;
+ ret = vhost_dev_start(&b->dev, b->vdev);
+ if (ret < 0) {
+ error_report("Error start vhost dev");
+ goto err_guest_notifiers;
+ }
+
+ /* guest_notifier_mask/pending not used yet, so just unmask
+ * everything here. virtio-pci will do the right thing by
+ * enabling/disabling irqfd.
+ */
+ for (i = 0; i < b->dev.nvqs; i++) {
+ vhost_virtqueue_mask(&b->dev, b->vdev,
+ b->dev.vq_index + i, false);
+ }
+
+ b->started = true;
+ return;
+
+err_guest_notifiers:
+ k->set_guest_notifiers(qbus->parent, b->dev.nvqs, false);
+err_host_notifiers:
+ vhost_dev_disable_notifiers(&b->dev, b->vdev);
+}
+
+void
+vhost_user_backend_stop(VhostUserBackend *b)
+{
+ BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(b->vdev)));
+ VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(qbus);
+ int ret = 0;
+
+ if (!b->started) {
+ return;
+ }
+
+ vhost_dev_stop(&b->dev, b->vdev);
+
+ if (k->set_guest_notifiers) {
+ ret = k->set_guest_notifiers(qbus->parent,
+ b->dev.nvqs, false);
+ if (ret < 0) {
+ error_report("vhost guest notifier cleanup failed: %d", ret);
+ }
+ }
+ assert(ret >= 0);
+
+ vhost_dev_disable_notifiers(&b->dev, b->vdev);
+ b->started = false;
+}
+
+static void set_chardev(Object *obj, const char *value, Error **errp)
+{
+ VhostUserBackend *b = VHOST_USER_BACKEND(obj);
+ Chardev *chr;
+
+ if (b->completed) {
+ error_setg(errp, QERR_PERMISSION_DENIED);
+ return;
+ }
+
+ g_free(b->chr_name);
+ b->chr_name = g_strdup(value);
+
+ chr = qemu_chr_find(b->chr_name);
+ if (chr == NULL) {
+ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
+ "Chardev '%s' not found", b->chr_name);
+ return;
+ }
+
+ if (!qemu_chr_fe_init(&b->chr, chr, errp)) {
+ return;
+ }
+
+ b->completed = true;
+ /* could call vhost_dev_init() so early message can be exchanged */
+}
+
+static char *get_chardev(Object *obj, Error **errp)
+{
+ VhostUserBackend *b = VHOST_USER_BACKEND(obj);
+ Chardev *chr = qemu_chr_fe_get_driver(&b->chr);
+
+ if (chr && chr->label) {
+ return g_strdup(chr->label);
+ }
+
+ return NULL;
+}
+
+static void vhost_user_backend_class_init(ObjectClass *oc, void *data)
+{
+ object_class_property_add_str(oc, "chardev", get_chardev, set_chardev);
+}
+
+static void vhost_user_backend_finalize(Object *obj)
+{
+ VhostUserBackend *b = VHOST_USER_BACKEND(obj);
+
+ g_free(b->dev.vqs);
+ g_free(b->chr_name);
+
+ vhost_user_cleanup(&b->vhost_user);
+ qemu_chr_fe_deinit(&b->chr, true);
+}
+
+static const TypeInfo vhost_user_backend_info = {
+ .name = TYPE_VHOST_USER_BACKEND,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(VhostUserBackend),
+ .class_init = vhost_user_backend_class_init,
+ .instance_finalize = vhost_user_backend_finalize,
+};
+
+static void register_types(void)
+{
+ type_register_static(&vhost_user_backend_info);
+}
+
+type_init(register_types);