Introduce VTPM for guests #4780
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
For now the {open,close}_handle and a with_mapping are added to the
module, this allows users to map and unmap memory from domains to dom0
memory with correct permissions.
The map and unmap functions are not exposed to ensure the use of the
same handle for both.
Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
This binary is not installed when building the package Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
This is restricted to local access only, through the UNIX socket. This allows the software TPM daemon to retrieve and push the contents of the TPM from and to the xapi database. Any remote accesses to the contents are forbidden, Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
Signed-off-by: Edwin Török <edvin.torok@citrix.com>
Bring vtpm branch up-to-date with master
This will be used for creating sandboxes for swtpm While we're at it, create an interface file for sandboxes to hide implementation details, add useful methods for Path and tweak methods Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
Xenopsd manages several services that sustain the lifecycle of each domain. To launch a service, xenopsd usually starts up a daemon and it waits for this daemon to write its pid on xenstore to signal the service is ready to attend requests. While this method is convenient in order to be able to cancel the wait using xenstore watches, it's unfortunate as it makes the daemons depend on xenstore even if it isn't needed to supply the service. This change implements an alternative way to set up a cancellable wait on the service readiness using inotify and epoll by setting up filesystem watches instead of xenstore ones. The polling loop wakes up every second to have a direct method to deal with timeouts as well as unrelated events that happened in the filesystem. Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
For every domain now xenopsd creates a chroot (which starts up a guard daemon instance), launches an SWTPM instance, then waits on its pidfile to be created. On domain destruction is shuts down both instances: first SWTPM, then the guard. Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
This fits the documentation of chroots better Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
…managed CP-38554: Start up and stop SWTPM and guard for every domain
Now swtpm is only started for domains that have vtpm=true added to their platform's metada. This can be done using xe e.g. xe vm-param-add uuid=VM-XXX param-name=platform vtpm=true Shutting down domains without the swtpm and the xapi-guard services running works as normal and without any errors Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
This was missed when parametrizing the code, varstored was hardcoded Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
Now VTPM objects are created and attached to a VM when it is started for the first and they are destroyed when the VM they are attached to are destroyed. These objects are empty and do not reflect the state of the actual vTPM attached to the domains. Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
…aram CP-39414: start swtpm depending on the VM's platform metadata
Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
Needs to be moved to a separate module to avoid cycles in the build system, about to use this type from another module. Signed-off-by: Edwin Török <edvin.torok@citrix.com>
Signed-off-by: Edwin Török <edvin.torok@citrix.com>
Xenopsd needs to know not just whether a VM has a vTPM or not, but also its UUID (in case a XAPI DB storage backend is used). For now only 1 vTPM/VM is supported, as before. Signed-off-by: Edwin Török <edvin.torok@citrix.com>
Signed-off-by: Edwin Török <edvin.torok@citrix.com>
Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
The current persistence backend needs to add copying to secrets, this should be removed as soon as the backend is removed, we want to avoid other code to depend on it. The is_unique flag prevents copying the vtpm contents when cloning, instead a new vtpm is recreated, this breaks Guest features like bitlocker on the newly created VM. Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
This fails because xapi's DB may not have the contents of the VTPM at the time the snapshot is taken. This means that taking a snapshot could lead to data loss, instead block it. Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
This also blocks creation of VMs from templates with vtpm in the platform data. Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
The state of VTPMs and xapi's database are usually out-of-sync. Using them while HA is enabled can lead to data loss. Block the two features from being used at the same time. Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
Relevant messages from its changelog: CP-35104: Add swtpm-wrapper for proper logging CP-35054: Start SWTPM daemon deprivilideged CP-40195: Only call swtpm_setup for manufacture swtpm_setup is run as root and handles guest data on subsequent boots after TPM manufacture. Avoid running it completely after the initial manufacture to avoid any possible security issues. The '.lock' will only be present after running swtpm_setup so run chown conditionally. At the same time, handle errors from chown rather than silently ignoring them. CA-369317: Don't ignore errors from swtpm_setup Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
lindig
approved these changes
Aug 26, 2022
|
A lot of code that has been reviewed previously. I mostly glanced over it and looked more closely at some error handling. |
robhoes
reviewed
Aug 30, 2022
| @@ -12,9 +12,7 @@ | |||
| * GNU Lesser General Public License for more details. | |||
| *) | |||
|
|
|||
| module D = Debug.Make (struct | |||
| let name = "xapi" (* this is set to 'xapi' deliberately! :) *) | |||
There was a problem hiding this comment.
And now it has been changed away from 'xapi' deliberately? :)
There was a problem hiding this comment.
I spelunked and found no justification for it in the commit that introduced the module. It's more helpful to have the actual module that prints the loglines, same reasoning I used to change all the unjustified ones 3 years back, it just helps whith triaging
robhoes
reviewed
Aug 30, 2022
Although the module has existed since the Rio release, it doesn't make sense to state so. This is because until now it was impossible to create vtpm objects in the database, trying to create one of them resulted in an exception. This has the added benefit to mark all the parts of the class to be prototypes and this will make them easier to change before the feature becomes stable. Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
robhoes
approved these changes
Aug 30, 2022
psafont
force-pushed
the
private/paus/vtpm
branch
from
a9087cb
to
d6f0ba8
Compare
psafont
force-pushed
the
private/paus/vtpm
branch
2 times, most recently
from
f648126
to
cc3fc4c
Compare
This allows hvmloader to load the correct acpi table for guests using tpm, while retaining the previous acpi table for existing guests Signed-off-by: Pau Ruiz Safont <pau.safont@citrix.com>
psafont
force-pushed
the
private/paus/vtpm
branch
from
cc3fc4c
to
7b8e0f2
Compare
robhoes
approved these changes
Sep 8, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The feature is experimental. Currently the contents of the TPMs are stored in xapi's database, this means they are not always up-to-date which makes the feature unable to work with HA and with VM snapshots. Cloning and checkpoints work, this means that migrations work as well.
vtpms are always associated with a VM and it's not possible to change the VM once set. The VTPM can only be associated to a VM if the VM is halted.
vtpms have the fields
uniqueandsecure. Unique can be set at creation time, is false by default, and will avoid creating copies of the contents of the vTPMs. secure is not configurable and defaults to falseTo enable the experimental feature
xe-enable-experimental-feature vtpmhas to be run on the pool coordinator. In case the coordinator changes it's better if this is run on all hosts.The last commit introduces
swtpm-wrapperinto the repo, this has been moved from the .spec repo, and the former will need a change to remove its own copy when including these changes.