Integrating swtpm(as a software TPM) with OpenBMC on Qemu

Sandeep Kumar sandeep.pkumar at tcs.com
Fri May 5 15:40:27 AEST 2023 

 TCS Confidential

Hi Stefan,

Stefan: Is the kernel configured in the same way? Are you using the same kernel version?
Ans:
        I am using the Kernel version coming with the latest openBMC without any changes.
        Kernel version used : Linux evb-ast2600 6.1.15-580639a #1 SMP Thu Apr 6 00:55:09 UTC 2023 armv71 GNU/Linux

Stefan:  What is the output of this?  find /sys/class/tpm | grep pcr
Ams:     find: /sys/class/tpm: No such file or directory.

Could you please point to the right version of kernel which has all these changes ?


Thanks,
Sandeep.

-----Original Message-----
From: Stefan Berger <stefanb at linux.ibm.com>
Sent: Thursday, May 4, 2023 7:30 PM
To: Sandeep Kumar <sandeep.pkumar at tcs.com>; Cédric Le Goater <clg at kaod.org>; openbmc at lists.ozlabs.org; Ninad Palsule <ninad at linux.ibm.com>; Joel Stanley <jms at jms.id.au>; Andrew Jeffery <andrew at aj.id.au>
Subject: Re: Integrating swtpm(as a software TPM) with OpenBMC on Qemu

"External email. Open with Caution"


On 5/4/23 05:12, Sandeep Kumar wrote:
> TCS Confidential Hi C, I was able to build and run the image(for
> evb-ast2600) with swtpm. Few issues observed, If I run with the flash. 
> img provided in your github link(https: //github. 
> com/legoater/qemu-aspeed-boot/tree/master/images) everything ZjQcmQRYFpfptBannerStart This Message Is From an External Sender This message came from outside your organization.
> ZjQcmQRYFpfptBannerEnd
> TCS Confidential
>
> Hi C,
> I was able to build and run the image(for evb-ast2600) with swtpm. Few
> issues observed,
>
>  1. If I run with the flash.img provided in your github link(_https://github.com/legoater/qemu-aspeed-boot/tree/master/images_ <https://github.com/legoater/qemu-aspeed-boot/tree/master/images>) everything works as expected, i.e I get the below output.
>
> *# echo tpm_tis_i2c 0x2e > /sys/bus/i2c/devices/i2c-12/new_device*
> *[  182.735902] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id
> 1)* *[  182.773885] i2c i2c-12: new_device: Instantiated device
> tpm_tis_i2c at 0x2e*
> *#*
> *#*
> *# cat /sys/class/tpm/tpm0/pcr-sha256/0*
> *B804724EA13F52A9072BA87FE8FDCC497DFC9DF9AA15B9088694639C431688E0*
> *#*
> *#*
>
>  2. If I run it with the locally built image, I get this error,

Is the kernel configured in the same way? Are you using the same kernel version?
>
> *root at evb-ast2600:~# echo tpm_tis_i2c 0x2e >
> /sys/bus/i2c/devices/i2c-12/new_device*
> *[  174.063597] i2c i2c-12: new_device: Instantiated device
> tpm_tis_i2c at 0x2e*

What is the output of this?

find /sys/class/tpm | grep pcr

   Stefan

> *root at evb-ast2600:~# cat /sys/class/tpm/tpm0/pcr-sha256/0*
> *cat: can't open '/sys/class/tpm/tpm0/pcr-sha256/0': No such file or
> directory*
> *root at evb-ast2600:~#*
> *root at evb-ast2600:~#*
> Please do let me know about what has been done to write the values
> into “*/sys/class/tpm/tpm0/pcr-sha256/0**” . * Thanks, Sandeep.
> _____________________________________________
> *From:* Sandeep Kumar
> *Sent:* Thursday, April 20, 2023 5:45 PM
> *To:* Cédric Le Goater <clg at kaod.org>; openbmc at lists.ozlabs.org; Ninad
> Palsule <ninad at linux.ibm.com>; Joel Stanley <jms at jms.id.au>; Andrew
> Jeffery <andrew at aj.id.au>
> *Subject:* RE: Integrating swtpm(as a software TPM) with OpenBMC on
> Qemu Hi C, How to build this image =>
> *obmc-phosphor-image.rootfs.wic.qcow2* ? In openBmc build directory we don’t get this image built.
> Also, remaining image formats used while running on qemu are available in the build directory. i.e fitImage-linux.bin, aspeed-bmc-ibm-rainier.dtb and obmc-phosphor-initramfs.rootfs.cpio.xz .
> Please advise if we have to build openbmc stack in a different way
> than the standard procedure. We follow the below steps for build, 1. .
> setup Romulus 2. bitbake obmc-phosphor-image Thanks, Sandeep.
> -----Original Message-----
> From: Sandeep Kumar
> Sent: Wednesday, April 19, 2023 3:00 PM
> To: Cédric Le Goater <_clg at kaod.org_ <mailto:clg at kaod.org>>;
> _openbmc at lists.ozlabs.org_ <mailto:openbmc at lists.ozlabs.org>; Ninad
> Palsule <_ninad at linux.ibm.com_ <mailto:ninad at linux.ibm.com>>; Joel
> Stanley <_jms at jms.id.au_ <mailto:jms at jms.id.au>>; Andrew Jeffery
> <_andrew at aj.id.au_ <mailto:andrew at aj.id.au>>
> Subject: RE: Integrating swtpm(as a software TPM) with OpenBMC on Qemu
> Hi C, Got it working. Looks like slirp is no longer supported on
> ubnutu 18.04. have upgraded to a newer version  and is working now.
> Thanks,
> Sandeep.
> -----Original Message-----
> From: Cédric Le Goater <clg at kaod.org <mailto:clg at kaod.org>>
> Sent: Wednesday, April 19, 2023 2:26 PM
> To: Sandeep Kumar <sandeep.pkumar at tcs.com
> <mailto:sandeep.pkumar at tcs.com>>; openbmc at lists.ozlabs.org
> <mailto:openbmc at lists.ozlabs.org>; Ninad Palsule <ninad at linux.ibm.com
> <mailto:ninad at linux.ibm.com>>; Joel Stanley <jms at jms.id.au
> <mailto:jms at jms.id.au>>; Andrew Jeffery <andrew at aj.id.au
> <mailto:andrew at aj.id.au>>
> Subject: Re: Integrating swtpm(as a software TPM) with OpenBMC on Qemu
> "External email. Open with Caution"
> Hello Sandeep
> On 4/18/23 09:45, Sandeep Kumar wrote:
>> TCS Confidential
>>
>> Hi C,
>> Built the qemu from your branch. Few issues, *$ ./qemu-system-arm -m
>> 256 -M romulus-bmc -nographic -drive
>> file=./obmc-phosphor-image-romulus.static.mtd,format=raw,if=mtd -net
>> nic -net
>> user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:4443-:443,hostfwd
>> =
>> tcp:127.0.0.1:8880-:80,hostfwd=tcp:127.0.0.1:2200-:2200,hostfwd=udp:1
>> 2
>> 7.0.0.1:6623-:623,hostfwd=udp:127.0.0.1:6664-:664,hostname=qemu*
>> *qemu-system-arm: -net
>> user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:4443-:443,hostfwd
>> =
>> tcp:127.0.0.1:8880-:80,hostfwd=tcp:127.0.0.1:2200-:2200,hostfwd=udp:1
>> 2
>> 7.0.0.1:6623-:623,hostfwd=udp:127.0.0.1:6664-:664,hostname=qemu:
>> network backend 'user' is not compiled into this binary* I didn’t
>> enable the slirp package I guess. So enabled it while running
>> configure, *$ ../configure --enable-slirp*
>> *........*
>> *Run-time dependency slirp found: NO (tried pkgconfig)*
>> *../meson.build:681:2: ERROR: Dependency "slirp" not found, tried
>> pkgconfig* *A full log can be found at
>> /home/tcs/work/sandeep/measured_boot/ibm_qemu/qemu/build/meson-logs/m
>> e
>> son-log.txt*
>> *NOTICE: You are using Python 3.6 which is EOL. Starting with
>> v0.62.0, Meson will require Python 3.7 or newer*
>> *ERROR: meson setup failed*
>> I have already installed slirp locally, but still getting the above error.
> Did you install the libslirp-dev or libslirp-devel package ?
> C.
>
> TCS Confidential
>
> =====-----=====-----=====
> Notice: The information contained in this e-mail message and/or
> attachments to it may contain confidential or privileged information.
> If you are not the intended recipient, any dissemination, use, review,
> distribution, printing or copying of the information contained in this
> e-mail message and/or attachments to it are strictly prohibited. If
> you have received this communication in error, please notify us by
> reply e-mail or telephone and immediately and permanently delete the
> message and any attachments. Thank you
>

 TCS Confidential

More information about the openbmc mailing list