1 2/* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004 8 * 9 */ 10 11 12#ifndef _TCSD_H_ 13#define _TCSD_H_ 14 15#include <signal.h> 16 17#include "rpc_tcstp.h" 18 19/* Platform Class structures */ 20struct platform_class 21{ 22 unsigned int simpleID; /* Platform specific spec identifier */ 23 unsigned int classURISize; /* Size of the classURI */ 24 char *classURI; /* Specific spec. Can be NULL */ 25 struct platform_class *next; 26}; 27 28/* config structures */ 29struct tcsd_config 30{ 31 int port; /* port the TCSD will listen on */ 32 unsigned int num_threads; /* max number of threads the TCSD allows simultaneously */ 33 char *system_ps_dir; /* the directory the system PS file sits in */ 34 char *system_ps_file; /* the name of the system PS file */ 35 char *firmware_log_file;/* the name of the firmware PCR event file */ 36 char *kernel_log_file; /* the name of the kernel PCR event file */ 37 unsigned int kernel_pcrs; /* bitmask of PCRs the kernel controls */ 38 unsigned int firmware_pcrs; /* bitmask of PCRs the firmware controls */ 39 char *platform_cred; /* location of the platform credential */ 40 char *conformance_cred; /* location of the conformance credential */ 41 char *endorsement_cred; /* location of the endorsement credential */ 42 int remote_ops[TCSD_MAX_NUM_ORDS]; /* array of ordinals executable by remote hosts */ 43 unsigned int unset; /* bitmask of options which are still unset */ 44 int exclusive_transport; /* allow applications to open exclusive transport sessions with 45 the TPM and enforce their exclusivity (possible DOS issue) */ 46 struct platform_class *host_platform_class; /* Host platform class of this TCS System */ 47 struct platform_class *all_platform_classes; /* List of platform classes 48 of this TCS System */ 49 int disable_ipv4; 50 int disable_ipv6; 51}; 52 53#define TCSD_DEFAULT_CONFIG_FILE ETC_PREFIX "/tcsd.conf" 54extern char *tcsd_config_file; 55 56#ifdef __NetBSD__ 57#define TSS_USER_NAME "_tss" 58#define TSS_GROUP_NAME "_tss" 59#else 60#define TSS_USER_NAME "tss" 61#define TSS_GROUP_NAME "tss" 62#endif 63 64#define TCSD_DEFAULT_MAX_THREADS 10 65#define TCSD_DEFAULT_SYSTEM_PS_FILE VAR_PREFIX "/lib/tpm/system.data" 66#define TCSD_DEFAULT_SYSTEM_PS_DIR VAR_PREFIX "/lib/tpm" 67#define TCSD_DEFAULT_FIRMWARE_LOG_FILE "/sys/kernel/security/tpm0/binary_bios_measurements" 68#define TCSD_DEFAULT_KERNEL_LOG_FILE "/sys/kernel/security/ima/binary_runtime_measurements" 69#define TCSD_DEFAULT_FIRMWARE_PCRS 0x00000000 70#define TCSD_DEFAULT_KERNEL_PCRS 0x00000000 71#define TCSD_DEFAULT_DISABLE_IPV4 0 72#define TCSD_DEFAULT_DISABLE_IPV6 0 73 74/* This will change when a system with more than 32 PCR's exists */ 75#define TCSD_MAX_PCRS 32 76 77/* this is the 2nd param passed to the listen() system call */ 78#define TCSD_MAX_SOCKETS_QUEUED 50 79#define TCSD_TXBUF_SIZE 1024 80 81/* The Available Tcs Platform Classes */ 82struct tcg_platform_spec { 83 char *name; 84 TPM_PLATFORM_SPECIFIC specNo; 85 char *specURI; 86}; 87 88/* The Specific URI's for the platforms specs on TCG website */ 89#define TPM_PS_PC_11_URI "https://www.trustedcomputinggroup.org/groups/pc_client/TCG_PCSpecificSpecification_v1_1.pdf" 90#define TPM_PS_PC_12_URI "https://www.trustedcomputinggroup.org/specs/PCClient/TCG_PCClientImplementationforBIOS_1-20_1-00.pdf" 91#define TPM_PS_PDA_12_URI "https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-reference-architecture-1.0.pdf" 92#define TPM_PS_Server_12_URI "https://www.trustedcomputinggroup.org/specs/Server/TCG_Generic_Server_Specification_v1_0_rev0_8.pdf" 93#define TPM_PS_Mobile_12_URI "https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-reference-architecture-1.0.pdf" 94 95/* for detecting whether an option has been set */ 96#define TCSD_OPTION_PORT 0x0001 97#define TCSD_OPTION_MAX_THREADS 0x0002 98#define TCSD_OPTION_FIRMWARE_PCRS 0x0004 99#define TCSD_OPTION_KERNEL_PCRS 0x0008 100#define TCSD_OPTION_SYSTEM_PSFILE 0x0010 101#define TCSD_OPTION_KERNEL_LOGFILE 0x0020 102#define TCSD_OPTION_FIRMWARE_LOGFILE 0x0040 103#define TCSD_OPTION_PLATFORM_CRED 0x0080 104#define TCSD_OPTION_CONFORMANCE_CRED 0x0100 105#define TCSD_OPTION_ENDORSEMENT_CRED 0x0200 106#define TCSD_OPTION_REMOTE_OPS 0x0400 107#define TCSD_OPTION_EXCLUSIVE_TRANSPORT 0x0800 108#define TCSD_OPTION_HOST_PLATFORM_CLASS 0x1000 109#define TCSD_OPTION_DISABLE_IPV4 0x2000 110#define TCSD_OPTION_DISABLE_IPV6 0x4000 111 112#define TSS_TCP_RPC_MAX_DATA_LEN 1048576 113#define TSS_TCP_RPC_BAD_PACKET_TYPE 0x10000000 114 115enum tcsd_config_option_code { 116 opt_port = 1, 117 opt_max_threads, 118 opt_system_ps_file, 119 opt_firmware_log, 120 opt_kernel_log, 121 opt_firmware_pcrs, 122 opt_kernel_pcrs, 123 opt_platform_cred, 124 opt_conformance_cred, 125 opt_endorsement_cred, 126 opt_remote_ops, 127 opt_exclusive_transport, 128 opt_host_platform_class, 129 opt_all_platform_classes, 130 opt_disable_ipv4, 131 opt_disable_ipv6 132}; 133 134struct tcsd_config_options { 135 char *name; 136 enum tcsd_config_option_code option; 137}; 138 139extern struct tcsd_config tcsd_options; 140 141TSS_RESULT conf_file_init(struct tcsd_config *); 142void conf_file_final(struct tcsd_config *); 143TSS_RESULT ps_dirs_init(); 144void tcsd_signal_handler(int); 145 146/* threading structures */ 147struct tcsd_thread_data 148{ 149 int sock; 150 UINT32 context; 151 THREAD_TYPE *thread_id; 152 char *hostname; 153 struct tcsd_comm_data comm; 154}; 155 156struct tcsd_thread_mgr 157{ 158 MUTEX_DECLARE(lock); 159 struct tcsd_thread_data *thread_data; 160 161 int shutdown; 162 UINT32 num_active_threads; 163 UINT32 max_threads; 164}; 165 166TSS_RESULT tcsd_threads_init(); 167TSS_RESULT tcsd_threads_final(); 168TSS_RESULT tcsd_thread_create(int, char *); 169void *tcsd_thread_run(void *); 170void thread_signal_init(); 171 172/* signal handling */ 173#if !defined(__APPLE__) && !defined(__NetBSD__) 174struct sigaction tcsd_sa_int; 175struct sigaction tcsd_sa_chld; 176#endif 177 178#endif 179