Integrating swtpm(as a software TPM) with OpenBMC on Qemu

Sandeep Kumar sandeep.pkumar at tcs.com
Thu May 4 19:12:24 AEST 2023 

TCS Confidential


Hi C,

I was able to build and run the image(for evb-ast2600) with swtpm. Few issues observed,

1.      If I run with the flash.img provided in your github link(https://github.com/legoater/qemu-aspeed-boot/tree/master/images) everything works as expected, i.e I get the below output.
      # echo tpm_tis_i2c 0x2e > /sys/bus/i2c/devices/i2c-12/new_device
      [  182.735902] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1)
      [  182.773885] i2c i2c-12: new_device: Instantiated device tpm_tis_i2c at 0x2e
      #
      #
      # cat /sys/class/tpm/tpm0/pcr-sha256/0
      B804724EA13F52A9072BA87FE8FDCC497DFC9DF9AA15B9088694639C431688E0
      #
      #

2.      If I run it with the locally built image, I get this error,
      root at evb-ast2600:~# echo tpm_tis_i2c 0x2e > /sys/bus/i2c/devices/i2c-12/new_device
      [  174.063597] i2c i2c-12: new_device: Instantiated device tpm_tis_i2c at 0x2e
      root at evb-ast2600:~# cat /sys/class/tpm/tpm0/pcr-sha256/0
      cat: can't open '/sys/class/tpm/tpm0/pcr-sha256/0': No such file or directory
      root at evb-ast2600:~#
      root at evb-ast2600:~#

      Please do let me know about what has been done to write the values into “/sys/class/tpm/tpm0/pcr-sha256/0” .
Thanks,
Sandeep.

_____________________________________________
From: Sandeep Kumar
Sent: Thursday, April 20, 2023 5:45 PM
To: Cédric Le Goater <clg at kaod.org>; openbmc at lists.ozlabs.org; Ninad Palsule <ninad at linux.ibm.com>; Joel Stanley <jms at jms.id.au>; Andrew Jeffery <andrew at aj.id.au>
Subject: RE: Integrating swtpm(as a software TPM) with OpenBMC on Qemu


Hi C,

How to build this image =>  obmc-phosphor-image.rootfs.wic.qcow2 ? In openBmc build directory we don’t get this image built.

Also, remaining image formats used while running on qemu are available in the build directory. i.e fitImage-linux.bin, aspeed-bmc-ibm-rainier.dtb and obmc-phosphor-initramfs.rootfs.cpio.xz .

Please advise if we have to build openbmc stack in a different way than the standard procedure. We follow the below steps for build,
1. . setup Romulus
2. bitbake obmc-phosphor-image

Thanks,
Sandeep.

-----Original Message-----
From: Sandeep Kumar
Sent: Wednesday, April 19, 2023 3:00 PM
To: Cédric Le Goater <clg at kaod.org<mailto:clg at kaod.org>>; openbmc at lists.ozlabs.org<mailto:openbmc at lists.ozlabs.org>; Ninad Palsule <ninad at linux.ibm.com<mailto:ninad at linux.ibm.com>>; Joel Stanley <jms at jms.id.au<mailto:jms at jms.id.au>>; Andrew Jeffery <andrew at aj.id.au<mailto:andrew at aj.id.au>>
Subject: RE: Integrating swtpm(as a software TPM) with OpenBMC on Qemu

Hi C,

Got it working. Looks like slirp is no longer supported on ubnutu 18.04. have upgraded to a newer version  and is working now.

Thanks,
Sandeep.

-----Original Message-----
From: Cédric Le Goater <clg at kaod.org<mailto:clg at kaod.org>>
Sent: Wednesday, April 19, 2023 2:26 PM
To: Sandeep Kumar <sandeep.pkumar at tcs.com<mailto:sandeep.pkumar at tcs.com>>; openbmc at lists.ozlabs.org<mailto:openbmc at lists.ozlabs.org>; Ninad Palsule <ninad at linux.ibm.com<mailto:ninad at linux.ibm.com>>; Joel Stanley <jms at jms.id.au<mailto:jms at jms.id.au>>; Andrew Jeffery <andrew at aj.id.au<mailto:andrew at aj.id.au>>
Subject: Re: Integrating swtpm(as a software TPM) with OpenBMC on Qemu

"External email. Open with Caution"

Hello Sandeep

On 4/18/23 09:45, Sandeep Kumar wrote:
> TCS Confidential
>
> Hi C,
> Built the qemu from your branch. Few issues, *$ ./qemu-system-arm -m
> 256 -M romulus-bmc -nographic -drive
> file=./obmc-phosphor-image-romulus.static.mtd,format=raw,if=mtd -net
> nic -net
> user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:4443-:443,hostfwd=
> tcp:127.0.0.1:8880-:80,hostfwd=tcp:127.0.0.1:2200-:2200,hostfwd=udp:12
> 7.0.0.1:6623-:623,hostfwd=udp:127.0.0.1:6664-:664,hostname=qemu*
> *qemu-system-arm: -net
> user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:4443-:443,hostfwd=
> tcp:127.0.0.1:8880-:80,hostfwd=tcp:127.0.0.1:2200-:2200,hostfwd=udp:12
> 7.0.0.1:6623-:623,hostfwd=udp:127.0.0.1:6664-:664,hostname=qemu:
> network backend 'user' is not compiled into this binary* I didn’t
> enable the slirp package I guess. So enabled it while running
> configure, *$ ../configure --enable-slirp*
> *........*
> *Run-time dependency slirp found: NO (tried pkgconfig)*
> *../meson.build:681:2: ERROR: Dependency "slirp" not found, tried
> pkgconfig* *A full log can be found at
> /home/tcs/work/sandeep/measured_boot/ibm_qemu/qemu/build/meson-logs/me
> son-log.txt*
> *NOTICE: You are using Python 3.6 which is EOL. Starting with v0.62.0,
> Meson will require Python 3.7 or newer*
> *ERROR: meson setup failed*
> I have already installed slirp locally, but still getting the above error.


Did you install the libslirp-dev or libslirp-devel package ?

C.




TCS Confidential
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20230504/26bf70a3/attachment-0001.htm>

More information about the openbmc mailing list