[PATCH v2 1/1] Enable TPMv2 emulation

[PATCH v2 1/1] Enable TPMv2 emulation

[Heinrich Schuchardt]

Provide a QEMU helper script to launch swtpm and add extra parameters to
conf.qemu_arm64_na and conf.qemu_arm_na to provide an emulated TPMv2.

Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
---
v2:
	daemonize swtpm
---
 bin/qemu.swtpm                   | 23 +++++++++++++++++++++++
 bin/travis-ci/conf.qemu_arm64_na |  3 ++-
 bin/travis-ci/conf.qemu_arm_na   |  3 ++-
 3 files changed, 27 insertions(+), 2 deletions(-)
 create mode 100755 bin/qemu.swtpm

diff --git a/bin/qemu.swtpm b/bin/qemu.swtpm
new file mode 100755
index 0000000..c40c537
--- /dev/null
+++ b/bin/qemu.swtpm
@@ -0,0 +1,23 @@
+#!/bin/sh
+# SPDX-License-Identifier: BSD-2
+#
+# This script launches swtpm to emulate a TPMv2.
+#
+# The parameter -t makes it unload when the connection to QEMU is
+# terminated.
+#
+# To make use of it add
+#
+#     qemu_helper_script="swtpm"
+#
+# to the board script and the following arguments to qemu_extra_args
+#
+#     -chardev socket,id=chrtpm,path=/tmp/tpm/swtpm-sock \
+#     -tpmdev emulator,id=tpm0,chardev=chrtpm \
+#     -device tpm-tis-device,tpmdev=tpm0
+#
+# U-Boot must be built with CONFIG_TPM2_MMIO=y.
+
+mkdir -p /tmp/tpm
+swtpm socket -d -t --tpmstate dir=/tmp/tpm --tpm2 \
+--ctrl type=unixio,path=/tmp/tpm/swtpm-sock
diff --git a/bin/travis-ci/conf.qemu_arm64_na b/bin/travis-ci/conf.qemu_arm64_na
index e7c9426..14577d8 100644
--- a/bin/travis-ci/conf.qemu_arm64_na
+++ b/bin/travis-ci/conf.qemu_arm64_na
@@ -22,8 +22,9 @@
 
 console_impl=qemu
 qemu_machine="virt"
+qemu_helper_script="swtpm"
 qemu_binary="qemu-system-aarch64"
-qemu_extra_args="-cpu cortex-a57 -nographic -netdev user,id=net0,tftp=${UBOOT_TRAVIS_BUILD_DIR} -device e1000,netdev=net0 -device virtio-rng-pci"
+qemu_extra_args="-cpu cortex-a57 -nographic -netdev user,id=net0,tftp=${UBOOT_TRAVIS_BUILD_DIR} -device e1000,netdev=net0 -device virtio-rng-pci -chardev socket,id=chrtpm,path=/tmp/tpm/swtpm-sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis-device,tpmdev=tpm0"
 qemu_kernel_args="-bios ${U_BOOT_BUILD_DIR}/u-boot.bin"
 reset_impl=none
 flash_impl=none
diff --git a/bin/travis-ci/conf.qemu_arm_na b/bin/travis-ci/conf.qemu_arm_na
index 0f07c80..de0694d 100644
--- a/bin/travis-ci/conf.qemu_arm_na
+++ b/bin/travis-ci/conf.qemu_arm_na
@@ -22,8 +22,9 @@
 
 console_impl=qemu
 qemu_machine="virt"
+qemu_helper_script="swtpm"
 qemu_binary="qemu-system-arm"
-qemu_extra_args="-nographic -netdev user,id=net0,tftp=${UBOOT_TRAVIS_BUILD_DIR} -device e1000,netdev=net0 -device virtio-rng-pci"
+qemu_extra_args="-nographic -netdev user,id=net0,tftp=${UBOOT_TRAVIS_BUILD_DIR} -device e1000,netdev=net0 -device virtio-rng-pci -chardev socket,id=chrtpm,path=/tmp/tpm/swtpm-sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis-device,tpmdev=tpm0"
 qemu_kernel_args="-bios ${U_BOOT_BUILD_DIR}/u-boot.bin"
 reset_impl=none
 flash_impl=none
-- 
2.32.0

Re: [PATCH v2 1/1] Enable TPMv2 emulation

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 422 bytes --]

On Wed, Nov 24, 2021 at 09:12:51AM +0100, Heinrich Schuchardt wrote:

> Provide a QEMU helper script to launch swtpm and add extra parameters to
> conf.qemu_arm64_na and conf.qemu_arm_na to provide an emulated TPMv2.
> 
> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>

Applied to u-boot-test-hooks/master, thanks!

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]