qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v7 0/3] Add support for TPM devices over I2C bus

From: Joel Stanley
Subject: Re: [PATCH v7 0/3] Add support for TPM devices over I2C bus
Date: Mon, 27 Mar 2023 10:49:06 +0000 
On Mon, 27 Mar 2023 at 08:21, Cédric Le Goater <clg@kaod.org> wrote:
>
> >>> However on a clean boot into the TPM, the u-boot tpm commands fail:
> >>>
> >>> ast# tpm info
> >>> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed]
> >>> ast# tpINTERRUPT>
> >>> ast# tpm init
> >>> ast# tpm info
> >>> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open]
> >>> ast# tpm pcr_read 0 0x81000000
> >>> Error: 256
> >>> ast# md.l 0x81000000 16
> >>> 81000000: 00000000 00000000 00000000 00000000    ................
> >>> 81000010: 00000000 00000000 00000000 00000000    ................
> >>> 81000020: 00000000 00000000 00000000 00000000    ................
> >>> 81000030: 00000000 00000000 00000000 00000000    ................
> >>> 81000040: 00000000 00000000 00000000 00000000    ................
> >>> 81000050: 00000000 00000000                      ........
> >>>
> >>> This doesn't need to block merging into qemu, as the model works fine
> >>> for pcr measurement and accessing under Linux. However it would be
> >>> good to work though these issues in case there's a modelling
> >>> discrepancy.
> >>
> >>
> >> Yes, Please provide me details on how to reproduce it. I will take a look.
> >
> > This is the buildroot tree I've been using for testing:
> >
> > https://github.com/shenki/buildroot/commits/ast2600-tpm
> >
> > git clone https://github.com/shenki/buildroot -b ast2600-tpm
> > cd buildroot
> > make O=ast2600evb aspeed_ast2600evb_defconfig
>
> I have pushed binaries here also :
>
>    
> https://github.com/legoater/qemu-aspeed-boot/tree/master/images/ast2600-evb/buildroot-2023.02-tpm

Thank you!

The non-zero PCRs I see with this are:

#  grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t /
/sys/class/tpm/tpm0/pcr-sha256/0:B804724EA13F52A9072BA87FE8FDCC497DFC9DF9AA15B9088694639C431688E0
/sys/class/tpm/tpm0/pcr-sha256/1:37F0F710A5502FAE6DB7433B36001FEE1CBF15BA2A7D6923207FF56888584714
/sys/class/tpm/tpm0/pcr-sha256/2:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93
/sys/class/tpm/tpm0/pcr-sha256/3:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93
/sys/class/tpm/tpm0/pcr-sha256/4:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93
/sys/class/tpm/tpm0/pcr-sha256/5:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93
/sys/class/tpm/tpm0/pcr-sha256/6:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93
/sys/class/tpm/tpm0/pcr-sha256/7:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93
/sys/class/tpm/tpm0/pcr-sha256/8:C840364040A0F98631A48A4C401C567226BFE5A2A30B958F1800E4849A140F69
/sys/class/tpm/tpm0/pcr-sha256/9:9D00428C528120A3F2D0D8CB0EB5D036D87C0D0F8D2990B8C1F12DEFAE3890C7

They seem to be stable across boots, which is good! We could use these
images and that pcr0 value for an avocado test.

Perhaps we could add an init script that binds the driver and prints
the value to the console to save having to log in.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]