tpm_resources/
lib.rs

1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4//! Resources for the TPM device.
5
6#![forbid(unsafe_code)]
7
8use inspect::Inspect;
9use mesh::MeshPayload;
10use vm_resource::Resource;
11use vm_resource::ResourceId;
12use vm_resource::ResourceKind;
13use vm_resource::kind::ChipsetDeviceHandleKind;
14use vm_resource::kind::NonVolatileStoreKind;
15
16/// A handle to a TPM device.
17#[derive(MeshPayload)]
18pub struct TpmDeviceHandle {
19    /// Non-volatile store for PPI (physical presence interface) data
20    pub ppi_store: Resource<NonVolatileStoreKind>,
21    /// Non-volatile store for TPM NVRAM data
22    pub nvram_store: Resource<NonVolatileStoreKind>,
23    /// Whether to refresh TPM seeds on init
24    pub refresh_tpm_seeds: bool,
25    /// Type of AK cert
26    pub ak_cert_type: TpmAkCertTypeResource,
27    /// vTPM register layout (IO port or MMIO)
28    pub register_layout: TpmRegisterLayout,
29    /// Optional guest secret TPM key to be imported
30    pub guest_secret_key: Option<Vec<u8>>,
31    /// Optional logger to send event to the host
32    pub logger: Option<Resource<TpmLoggerKind>>,
33}
34
35impl ResourceId<ChipsetDeviceHandleKind> for TpmDeviceHandle {
36    const ID: &'static str = "tpm";
37}
38
39/// A resource kind for AK cert renewal helpers.
40pub enum RequestAkCertKind {}
41
42impl ResourceKind for RequestAkCertKind {
43    const NAME: &'static str = "tpm_request_ak_cert";
44}
45
46/// `TpmAkCertType`-equivalent enum for resource
47#[derive(MeshPayload)]
48pub enum TpmAkCertTypeResource {
49    /// No Ak cert.
50    None,
51    /// Authorized AK cert that is not hardware-attested.
52    /// Used by TVM
53    Trusted(Resource<RequestAkCertKind>),
54    /// Authorized and hardware-attested AK cert (backed by
55    /// a TEE attestation report).
56    /// Used by CVM
57    HwAttested(Resource<RequestAkCertKind>),
58}
59
60/// The vTPM control area register layout
61#[derive(Inspect, MeshPayload, PartialEq)]
62pub enum TpmRegisterLayout {
63    /// Using IO port
64    IoPort,
65    /// MMIO
66    Mmio,
67}
68
69/// A resource kind for TPM logger.
70pub enum TpmLoggerKind {}
71
72impl ResourceKind for TpmLoggerKind {
73    const NAME: &'static str = "tpm_logger";
74}
tpm_resources/lib.rs

tpm_resources/
lib.rs
