[tpm2] Re: Virtualbox ubuntu 22.04 guest with tpm_server

[Petr Gotthard <petr.gotthard at centrum.cz>]

[-- Attachment #1: Type: text/plain, Size: 4644 bytes --]

Hello.
 
You made a very nice and detailed problem description. I wish all problem reports were like yours :)
You are on a good track. You may keep using the ibmswtpm2.
 
The errors you are getting mean that the tpm2-tools are trying to access the hardware TPM, which isn't there. You successfully connected the abrmd to the TPM simulator (the --tcti argument of abrmd), now you should connect the tpm2-tools to the abrmd by setting the TPM2TOOLS_TCTI variable or using the --tcti argument of the tpm2_pcrread. The TCTI should point to the abrmd (see https://github.com/tpm2-software/tpm2-tools/blob/master/man/common/tcti.md for some details.) The following might do the job:
export TPM2TOOLS_TCTI="tabrmd:bus_name=com.intel.tss2.Tabrmd"
 
 
Regards,
Petr
 
______________________________________________________________
> Od: dawn.howe(a)alten.com
> Komu: tpm2(a)lists.01.org
> Datum: 23.05.2022 17:44
> Předmět: [tpm2] Virtualbox ubuntu 22.04 guest with tpm_server
>
I am developing a c++ application for a dell server running ubuntu 22.04. The application needs to store private keys and use them to decrypt files.
 
 Before working on target hardware, I'm trying to get a virtualbox environment set up to use a simulated TPM2.  Before writing the C++ application I'd like to get some command line tools working. I have struggled for a week following instructions I've found (for example: https://tpm2-tools.readthedocs.io/en/latest/INSTALL/ <https://tpm2-tools.readthedocs.io/en/latest/INSTALL/>, https://francislampayan.medium.com/how-to-setup-tpm-simulator-in-ubuntu-20-04-25ec673b88dc <https://francislampayan.medium.com/how-to-setup-tpm-simulator-in-ubuntu-20-04-25ec673b88dc>, etc). I am trying to use IBM's SWTPM2, but have not had any luck.
 
 Virtualbox 6.1.30
 Windows 10 host
 Ubuntu 22.04 server guest
 
 TPM SERVER SIMULATOR
 First, I'm installing tpm_server. Since ubuntu 22.04 uses openssl3.0, I cannot use v1661, but instead am getting the latest version from the "next" branch:
 $ git clone https://git.code.sf.net/p/ibmswtpm2/tpm2 <https://git.code.sf.net/p/ibmswtpm2/tpm2> ibmswtpm2-tpm2
 $ cd ibmswtpm2-tpm/src
 $ make
 
 TPM2 - ABRMD
 $ git clone https://github.com/tpm2-software/tpm2-abrmd.git <https://github.com/tpm2-software/tpm2-abrmd.git>
 $ cd tpm2-abrmd
 $ ./bootstrap
 $ ./configure \
 --with-dbuspolicydir=/etc/dbus-1/system.d \
 --with-systemdsystemunitdir=/usr/lib/systemd/system \
 --libdir=/usr/lib64 --prefix=/usr 
 $ make -j5
 $ sudo make install
 
 TPM2 - tss
 $ git clone https://github.com/tpm2-software/tpm2-tss.git <https://github.com/tpm2-software/tpm2-tss.git>
 $ cd tpm2-tss
 $ ./bootstrap
 $ ./configure
 $ make
 $ sudo make install
 $ sudo ldconfig
 
 TPM2 - tools
 $ git clone https://github.com/tpm2-software/tpm2-tools.git <https://github.com/tpm2-software/tpm2-tools.git>
 $ cd tpm2-tools
 $ ./bootstrap
 $ ./configure --prefix=/usr
 $ make -j5
 $ sudo make install
 
 I'm just starting things on the command line, before makin them services. In one window I start the TPM simulator:
 $ tpm2_server
 
 In another window I start the ABRMD:
 sudo -u tss tpm2-abrmd --tcti="libtss2-tcti-mssim.so.0:host=127.0.0.1,port=2321"
 
 I see this in the window that started the TPM server:
 LIBRARY_COMPATIBILITY_CHECK is ON
 Starting ACT thread...
 TPM command server listening on port 2321
 Platform server listening on port 2322
 Command IPv4 client accepted
 Platform IPv4 client accepted
 
 Then I try to run a command line tool:
 tpm2_pcrread
 ERROR:tcti:src/tss2-tcti/tcti-device.c:452:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory
 ERROR:tcti:src/tss2-tcti/tctildr-dl.c:170:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0
 ERROR:tcti:src/tss2-tcti/tcti-device.c:452:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: No such file or directory
 ERROR:tcti:src/tss2-tcti/tctildr-dl.c:170:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0
 
 And I get no output.  I feel like I'm not configuring the TSS correctly. Can anyone give me insight on how to run this?  Should I be using a different simulator? I haven't found any good instructions for how to run https://github.com/stefanberger/swtpm <https://github.com/stefanberger/swtpm> in a virtualbox guest.
 _______________________________________________
 tpm2 mailing list -- tpm2(a)lists.01.org
 To unsubscribe send an email to tpm2-leave(a)lists.01.org
 %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s


[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 5809 bytes --]