All of lore.kernel.org
 help / color / mirror / Atom feed
* Re: [tpm2] TPM questions
@ 2018-10-17 17:26 Philip Tricca
  0 siblings, 0 replies; 3+ messages in thread
From: Philip Tricca @ 2018-10-17 17:26 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 3327 bytes --]

With regard to the UEFI TCTI this may be useful:
https://github.com/flihp/tpm2-uefi

Also see the last slide from our LSS talk:
https://events.linuxfoundation.org/wp-content/uploads/2017/11/Getting-Started-with-the-TPM2-Software-Stack-TSS2-Philip-Tricca-Intel-1.pdf

Finding a way to work this back into the tpm2-software GH org is in my
work queue. Feedback would be appreciated.

Philip

On Thu, Oct 11, 2018 at 07:56:11AM +0000, Fuchs, Andreas wrote:
> Some quick answers to parts of your questions:
> 
> a) you don't require the simulator. It's just for development
> c) export TSS2_LOG=tcti+debug
> d) use cgdb to step through the code: libtool --mode=execute cgdb --args tpm2_xxx ... or something like this
> e) you can use libtss2-sys.a directly. Thing you need is to implement a new tcti that corresponds to your environment.
> 
> Cheers,
> Andreas
> 
> ________________________________
> From: tpm2 [tpm2-bounces(a)lists.01.org] on behalf of Alok Pant [alokpant(a)hotmail.com]
> Sent: Wednesday, October 10, 2018 21:39
> To: tpm2(a)lists.01.org; Alok Pant
> Subject: [tpm2] TPM questions
> 
> 
> Hi TPM Experts,
> 
>   I come from computer firmware (UEF aka BIOSI) background and have basis understanding of TPM. My goal is to implement the advance TPM capabilities (ex-policy based operation) in PreOS space in firmware/BIOS. With various reverse engineering method I now have  basic understanding of Auth/Handle and basic commands such as seal/unseal etc. I am still lost while reading  various spec/books and was searching for reference code and sandbox area to better understand the spec/implementation. I came across this wiki - https://github.com/tpm2-software/tpm2-tools/blob/master/INSTALL.md and tried to play with tpm2-tss and tpm2-tools under Ubuntu. This seems helpful but still lot to digest for new-bee like meI need some help as below
> 
> 
> 
> a) I can compile tpm2_tss and tpm2_tools but I get build errors on TPM simulator similar to reported here (https://sourceforge.net/p/ibmswtpm2/discussion/general/thread/8a4aac81/?limit=25) I tried various OpenSSL revision and no luck. Do I need TPM simulator to work and if so how do I fix it
> 
> 
> b) I can now run various tpm_tools as root (i.e. sudo tpm2_getrandom, sudo get_capabilities -c algorithms) etc so at least I have a good baseline for tpmtools
> 
> c) I am interested to print the low level packet that is sent to TPM (request/response buffer). How can I do this? Is there verbose/build time options to print the actual request/response packet send to/from TPM
> 
> d) Is there a way to debug (i.e. step through the code) so I can follow the code path and look various variable to better understand the code flow
> 
> e) What afford is needed to port this stack in UEFI EDKII and where should I look to start some investigation
> 
> 
> It seems there are subset of people (you) who understand it very well but there are insufficient books/document for new-comers(me)  to get up to speed.  I apologize if this is too basic/broad question . Any help/pointers will be greatly appreciated
> 
> 
> Thanks again for offering help
> 
> -Alok
> 
> 

> _______________________________________________
> tpm2 mailing list
> tpm2(a)lists.01.org
> https://lists.01.org/mailman/listinfo/tpm2


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [tpm2] TPM questions
@ 2018-10-11  7:56 Fuchs, Andreas
  0 siblings, 0 replies; 3+ messages in thread
From: Fuchs, Andreas @ 2018-10-11  7:56 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 2630 bytes --]

Some quick answers to parts of your questions:

a) you don't require the simulator. It's just for development
c) export TSS2_LOG=tcti+debug
d) use cgdb to step through the code: libtool --mode=execute cgdb --args tpm2_xxx ... or something like this
e) you can use libtss2-sys.a directly. Thing you need is to implement a new tcti that corresponds to your environment.

Cheers,
Andreas

________________________________
From: tpm2 [tpm2-bounces(a)lists.01.org] on behalf of Alok Pant [alokpant(a)hotmail.com]
Sent: Wednesday, October 10, 2018 21:39
To: tpm2(a)lists.01.org; Alok Pant
Subject: [tpm2] TPM questions


Hi TPM Experts,

  I come from computer firmware (UEF aka BIOSI) background and have basis understanding of TPM. My goal is to implement the advance TPM capabilities (ex-policy based operation) in PreOS space in firmware/BIOS. With various reverse engineering method I now have  basic understanding of Auth/Handle and basic commands such as seal/unseal etc. I am still lost while reading  various spec/books and was searching for reference code and sandbox area to better understand the spec/implementation. I came across this wiki - https://github.com/tpm2-software/tpm2-tools/blob/master/INSTALL.md and tried to play with tpm2-tss and tpm2-tools under Ubuntu. This seems helpful but still lot to digest for new-bee like meI need some help as below



a) I can compile tpm2_tss and tpm2_tools but I get build errors on TPM simulator similar to reported here (https://sourceforge.net/p/ibmswtpm2/discussion/general/thread/8a4aac81/?limit=25) I tried various OpenSSL revision and no luck. Do I need TPM simulator to work and if so how do I fix it


b) I can now run various tpm_tools as root (i.e. sudo tpm2_getrandom, sudo get_capabilities -c algorithms) etc so at least I have a good baseline for tpmtools

c) I am interested to print the low level packet that is sent to TPM (request/response buffer). How can I do this? Is there verbose/build time options to print the actual request/response packet send to/from TPM

d) Is there a way to debug (i.e. step through the code) so I can follow the code path and look various variable to better understand the code flow

e) What afford is needed to port this stack in UEFI EDKII and where should I look to start some investigation


It seems there are subset of people (you) who understand it very well but there are insufficient books/document for new-comers(me)  to get up to speed.  I apologize if this is too basic/broad question . Any help/pointers will be greatly appreciated


Thanks again for offering help

-Alok



[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 4836 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [tpm2] TPM questions
@ 2018-10-10 19:39 Alok Pant
  0 siblings, 0 replies; 3+ messages in thread
From: Alok Pant @ 2018-10-10 19:39 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 1998 bytes --]

Hi TPM Experts,

  I come from computer firmware (UEF aka BIOSI) background and have basis understanding of TPM. My goal is to implement the advance TPM capabilities (ex-policy based operation) in PreOS space in firmware/BIOS. With various reverse engineering method I now have  basic understanding of Auth/Handle and basic commands such as seal/unseal etc. I am still lost while reading  various spec/books and was searching for reference code and sandbox area to better understand the spec/implementation. I came across this wiki - https://github.com/tpm2-software/tpm2-tools/blob/master/INSTALL.md and tried to play with tpm2-tss and tpm2-tools under Ubuntu. This seems helpful but still lot to digest for new-bee like meI need some help as below



a) I can compile tpm2_tss and tpm2_tools but I get build errors on TPM simulator similar to reported here (https://sourceforge.net/p/ibmswtpm2/discussion/general/thread/8a4aac81/?limit=25) I tried various OpenSSL revision and no luck. Do I need TPM simulator to work and if so how do I fix it


b) I can now run various tpm_tools as root (i.e. sudo tpm2_getrandom, sudo get_capabilities -c algorithms) etc so at least I have a good baseline for tpmtools

c) I am interested to print the low level packet that is sent to TPM (request/response buffer). How can I do this? Is there verbose/build time options to print the actual request/response packet send to/from TPM

d) Is there a way to debug (i.e. step through the code) so I can follow the code path and look various variable to better understand the code flow

e) What afford is needed to port this stack in UEFI EDKII and where should I look to start some investigation


It seems there are subset of people (you) who understand it very well but there are insufficient books/document for new-comers(me)  to get up to speed.  I apologize if this is too basic/broad question . Any help/pointers will be greatly appreciated


Thanks again for offering help

-Alok



[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 3608 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-10-17 17:26 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-17 17:26 [tpm2] TPM questions Philip Tricca
  -- strict thread matches above, loose matches on Subject: below --
2018-10-11  7:56 Fuchs, Andreas
2018-10-10 19:39 Alok Pant

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.