On Mon, 2017-01-09 at 14:37 -0500, Stefan Berger wrote:
> On 01/09/2017 02:18 PM, James Bottomley wrote:
> > On Mon, 2017-01-09 at 13:52 -0500, Stefan Berger wrote:
> > > On 01/09/2017 01:51 PM, James Bottomley wrote:
> > > > On Mon, 2017-01-09 at 13:41 -0500, Stefan Berger wrote:
> > > > > On 01/09/2017 01:24 PM, James Bottomley wrote:
> > > > > > On Mon, 2017-01-09 at 13:03 -0500, Stefan Berger wrote:
> > > > > > > Examples:
> > > > > > > ./src/vtpmctrl --tpm2 \
> > > > > > > --spawn /bin/swtpm chardev --tpm2 --fd %fd -
> > > > > > > -tpmstate
> > > > > > > dir=/tmp
> > > > > > git head for swtpm is giving
> > > > > >
> > > > > > Created TPM device /dev/tpm1; vTPM device has fd 4,
> > > > > > major/minor
> > > > > > =
> > > > > > 247/1.
> > > > > > chardev: unrecognized option '--tpm2'
> > > > > You need the tpm2-preview branches of libtpms and swtpm. Why
> > > > > you need them is related to the format in which the
> > > > > persistent data are written by the TPM 2 implementation. For
> > > > > QEMU it should probably big endian, but so far it's not.
> > > > >
> > > > > Here's a short wiki of libtpms pointing out the issues.
> > > > >
> > > > > https://github.com/stefanberger/libtpms/wiki
> > > > >
> > > > > https://github.com/stefanberger/libtpms/tree/tpm2-previewa.re
> > > > > v138
> > > > > https://github.com/stefanberger/swtpm/tree/tpm2-preview
> > > > Basically the synopsis is that it's not yet working well enough
> > > > to run the resource manager smoke tests and I need to continue
> > > > using the ibmswtpm2 as the emulator or run against the real
> > > > thing for the time being.
> > > Have you tried it ?
> > Git head of the tpm2-preview branch of libtpms isn't building for
> > me:
> >
> > tpm2/ExecCommand.c: In function 'ExecuteCommand':
> > tpm2/ExecCommand.c:434:37: error: 'commandIndex' may be used
> > uninitialized in this function [-Werror=maybe-uninitialized]
> > buffer = MemoryGetResponseBuffer(commandIndex);
> > ^
> > cc1: all warnings being treated as errors
> >
> > I also think you probably need this patch
> >
> > James
> >
> > ---
> >
> > diff --git a/configure.ac b/configure.ac
> > index e84bc0f..4ab149d 100644
> > --- a/configure.ac
> > +++ b/configure.ac
> > @@ -125,7 +125,7 @@ openssl)
> > esac
> >
> > AC_ARG_WITH([tpm2],
> > - AC_HELP_STRING([--wih-tpm2],
> > + AC_HELP_STRING([--with-tpm2],
> > [build libtpms with TPM2 support
> > (experimental)]),
> > AC_MSG_RESULT([Building with TPM2 support])
> > #if test "x$cryptolib" = "xfreebl"; then
>
>
> Thanks. I fixed this now to make it at least compilable. The more
> recent branch is the tpm2-preview.rev138, which makes that other
> branch more or less obsolete.
OK, with this branch, I can get a mostly successful run of the smoke
tests. The failure looks to be a dispute over who handles TPM_RC_RETRY
James
---
jejb@jarvis:~/git/tpm2-scripts> python tpm2_smoke.py
E.....
======================================================================
ERROR: test_seal_with_auth (__main__.SmokeTest)
----------------------------------------------------------------------
Traceback (most recent call last):
File "tpm2_smoke.py", line 24, in test_seal_with_auth
blob = self.client.seal(self.root_key, data, auth, None)
File "/home/jejb/git/tpm2-scripts/tpm2.py", line 665, in seal
rsp = self.send_cmd(cmd)
File "/home/jejb/git/tpm2-scripts/tpm2.py", line 443, in send_cmd
raise ProtocolError(cc, rc)
ProtocolError: TPM_RC_RETRY: cc=0x00000153, rc=0x00000922
----------------------------------------------------------------------
Ran 6 tests in 1.341s
FAILED (errors=1)
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
tpmdd-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
