Move the TPM passthrough specific command line options to the passthrough
backend implementation and attach them to the backend's interface structure.

Add code to tpm.c for validating the TPM command line options.
Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: NCorey Bryan <coreyb@linux.vnet.ibm.com>
Message-id: 1366641699-21420-1-git-send-email-stefanb@linux.vnet.ibm.com
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

The TPM subsystem does not have a full front-end/back-end separation.
The sole available backend, tpm_passthrough, depends on the data
structures of the sole available frontend, tpm_tis.

However, we can at least try to split the user interface (tpm.c) from the
implementation (hw/tpm).  The patches makes tpm.c not include tpm_int.h,
which is shared between tpm_tis.c and tpm_passthrough.c; instead it
moves more stuff to tpm_backend.h.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

QOM-ified the TPM support with much code borrowed from the rng implementation.

All other TPM related code moves will be provided in a subsequent patch.
Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
Message-id: 1364469981.24703.1.camel@d941e-10
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Signed-off-by: NCorey Bryant <coreyb@linux.vnet.ibm.com>
Reviewed-by: NEric Blake <eblake@redhat.com>
Reviewed-by: NMarkus Armbruster <armbru@redhat.com>
Signed-off-by: NLuiz Capitulino <lcapitulino@redhat.com>

This patch is based of off version 9 of Stefan Berger's patch series
  "QEMU Trusted Platform Module (TPM) integration"
and adds a new backend driver for it.

This patch adds a passthrough backend driver for passing commands sent to the
emulated TPM device directly to a TPM device opened on the host machine.
Thus it is possible to use a hardware TPM device in a system running on QEMU,
providing the ability to access a TPM in a special state (e.g. after a Trusted
Boot).

This functionality is being used in the acTvSM Trusted Virtualization Platform
which is available on [1].

Usage example:
  qemu-system-x86_64 -tpmdev passthrough,id=tpm0,path=/dev/tpm0 \
                     -device tpm-tis,tpmdev=tpm0 \
                     -cdrom test.iso -boot d

Some notes about the host TPM:
The TPM needs to be enabled and activated. If that's not the case one
has to go through the BIOS/UEFI and enable and activate that TPM for TPM
commands to work as expected.
It may be necessary to boot the kernel using tpm_tis.force=1 in the boot
command line or 'modprobe tpm_tis force=1' in case of using it as a module.

Regards,
Andreas Niederl, Stefan Berger

[1] http://trustedjava.sourceforge.net/Signed-off-by: NAndreas Niederl <andreas.niederl@iaik.tugraz.at>
Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: NCorey Bryant <coreyb@linux.vnet.ibm.com>
Reviewed-by: NJoel Schopp <jschopp@linux.vnet.ibm.com>
Message-id: 1361987275-26289-6-git-send-email-stefanb@linux.vnet.ibm.com
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

This patch adds support for TPM command line options.
The command line options supported here are

./qemu-... -tpmdev passthrough,path=<path to TPM device>,id=<id>
           -device tpm-tis,tpmdev=<id>,id=<other id>

and

./qemu-... -tpmdev help

where the latter works similar to -soundhw help and shows a list of
available TPM backends (for example 'passthrough').

Using the type parameter, the backend is chosen, i.e., 'passthrough' for the
passthrough driver. The interpretation of the other parameters along
with determining whether enough parameters were provided is pushed into
the backend driver, which needs to implement the interface function
'create' and return a TPMDriverOpts structure if the VM can be started or
'NULL' if not enough or bad parameters were provided.

Monitor support for 'info tpm' has been added. It for example prints the
following:

(qemu) info tpm
TPM devices:
 tpm0: model=tpm-tis
  \ tpm0: type=passthrough,path=/dev/tpm0,cancel-path=/sys/devices/pnp0/00:09/cancel
Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: NCorey Bryant <coreyb@linux.vnet.ibm.com>
Reviewed-by: NJoel Schopp <jschopp@linux.vnet.ibm.com>
Message-id: 1361987275-26289-2-git-send-email-stefanb@linux.vnet.ibm.com
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>