Integrating swtpm(as a software TPM) with OpenBMC on Qemu

[Sandeep Kumar]

 TCS Confidential

Hi C,

Thanks for sharing the info.  We have started working on it. Could you please point to the exact patches that needs to be applied on openBMC Qemu ? There are too many patches to choose from.

Thanks,
Sandeep.

-----Original Message-----
From: Cédric Le Goater <clg at kaod.org>
Sent: Wednesday, April 5, 2023 7:25 PM
To: Sandeep Kumar <sandeep.pkumar at tcs.com>; openbmc at lists.ozlabs.org; Ninad Palsule <ninad at linux.ibm.com>; Joel Stanley <jms at jms.id.au>; Andrew Jeffery <andrew at aj.id.au>
Subject: Re: Integrating swtpm(as a software TPM) with OpenBMC on Qemu

"External email. Open with Caution"

Hello,

On 4/5/23 14:48, Sandeep Kumar wrote:
> TCS Confidential
>
>
> Hi,
>
> Trying to see how to get swtpm working as a virtual TPM and connect to openBMC on QEMU. How do we achieve this? Main idea is to get this working and make secure boot through the virtual TPM(swtpm).

Ninad did a nice how to :

   https://lore.kernel.org/qemu-devel/20230331161319.2250334-4-ninadpalsule@us.ibm.com/

If you want to try, the patches are on this branch :

   https://github.com/legoater/qemu/commits/aspeed-8.0

and they should reach the QEMU OpenBMC repo at some point in time.


Joel also provided a simple test case :

   https://lore.kernel.org/qemu-devel/20230328120844.190914-1-joel@jms.id.au/

using the ast2600-evb machine.

Cheers,

C.

 TCS Confidential
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you