From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: Stefan Berger <stefanb@linux.ibm.com>
Cc: Stefan Berger <stefanb@linux.vnet.ibm.com>,
linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-acpi@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH v9 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table
Date: Wed, 8 Jul 2020 17:07:53 +0300 [thread overview]
Message-ID: <20200708140753.GC538949@linux.intel.com> (raw)
In-Reply-To: <85c27199-df55-eecc-855c-dedcea64f89e@linux.ibm.com>
On Tue, Jul 07, 2020 at 12:09:11AM -0400, Stefan Berger wrote:
> On 7/7/20 12:03 AM, Jarkko Sakkinen wrote:
> > On Mon, Jul 06, 2020 at 11:08:12PM -0400, Stefan Berger wrote:
> > > On 7/6/20 10:24 PM, Jarkko Sakkinen wrote:
> > > > On Mon, Jul 06, 2020 at 07:55:26PM -0400, Stefan Berger wrote:
> > > > > On 7/6/20 7:09 PM, Jarkko Sakkinen wrote:
> > > > > > On Mon, Jul 06, 2020 at 02:19:53PM -0400, Stefan Berger wrote:
> > > > > > > From: Stefan Berger <stefanb@linux.ibm.com>
> > > > > > >
> > > > > > > In case a TPM2 is attached, search for a TPM2 ACPI table when trying
> > > > > > > to get the event log from ACPI. If one is found, use it to get the
> > > > > > > start and length of the log area. This allows non-UEFI systems, such
> > > > > > > as SeaBIOS, to pass an event log when using a TPM2.
> > > > > > >
> > > > > > > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> > > > > > Do you think that QEMU with TPM 1.2 emulator turned on would be a viable
> > > > > > way to test this?
> > > > > Yes.
> > > > Is the emulator bundled with QEMU or does it have to be installed
> > > > separately?
> > > It has to be installed separately. On Fedora 31 it would just be a `sudo dnf
> > > -y install swtpm-tools` and you should be good to go with libvirt /
> > > virt-manager.
> > Is there some packaging for Debian/Ubuntu available?
>
>
> So far may not be available yet. I had *experimented* with a PPA once:
> https://launchpad.net/~stefanberger/+archive/ubuntu/swtpm-focal
There is a snap available:
name: swtpm-mvo
summary: Libtpms-based TPM emulator
publisher: Michael Vogt (mvo)
store-url: https://snapcraft.io/swtpm-mvo
license: unset
description: |
Libtpms-based TPM emulator with socket, character device, and Linux
CUSE interface.
commands:
- swtpm-mvo.swtpm
services:
swtpm-mvo.swtpm-sock: simple, enabled, active
snap-id: HNl1TwHRBk3OtXQ8OriRB93FDZ6vman7
tracking: latest/edge
refresh-date: today at 02:05 EEST
channels:
latest/stable: –
latest/candidate: –
latest/beta: 0.1.0 2019-07-26 (11) 3MB -
latest/edge: 0.1.0 2020-07-08 (75) 3MB -
installed: 0.1.0 (74) 3MB -
This is the version information:
❯ swtpm-mvo.swtpm --version
TPM emulator version 0.4.0, Copyright (c) 2014 IBM Corp.
However, if I try to run the first example from [*], I get:
❯ swtpm-mvo.swtpm socket --tpmstate dir=/tmp/mytpm1 \
--ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
--log level=20
swtpm: Could not open UnixIO socket: No such file or directory
[*] https://www.qemu.org/docs/master/specs/tpm.html
/Jarkko
next prev parent reply other threads:[~2020-07-08 14:08 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-06 18:19 [PATCH v9 0/2] tpm2: Make TPM2 logs accessible for non-UEFI firmware Stefan Berger
2020-07-06 18:19 ` [PATCH v9 1/2] acpi: Extend TPM2 ACPI table with missing log fields Stefan Berger
2020-07-06 22:02 ` Jerry Snitselaar
2020-07-06 18:19 ` [PATCH v9 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table Stefan Berger
2020-07-06 22:04 ` Jerry Snitselaar
2020-07-06 23:09 ` Jarkko Sakkinen
2020-07-06 23:12 ` Jarkko Sakkinen
2020-07-06 23:55 ` Stefan Berger
2020-07-07 2:24 ` Jarkko Sakkinen
2020-07-07 3:08 ` Stefan Berger
2020-07-07 4:03 ` Jarkko Sakkinen
2020-07-07 4:09 ` Stefan Berger
2020-07-08 14:07 ` Jarkko Sakkinen [this message]
2020-07-08 14:17 ` Stefan Berger
2020-07-14 11:20 ` Jarkko Sakkinen
2020-07-14 12:09 ` Stefan Berger
2020-07-16 17:26 ` Jarkko Sakkinen
2020-07-06 23:57 ` Jerry Snitselaar
2020-07-07 2:24 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200708140753.GC538949@linux.intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=stefanb@linux.ibm.com \
--cc=stefanb@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.