Message ID | 20230326224426.3918167-1-ninad@linux.ibm.com |
---|---|
Headers | show |
Series | Add support for TPM devices over I2C bus | expand |
Hi Ninad, On Sun, 26 Mar 2023 at 22:44, Ninad Palsule <ninad@linux.ibm.com> wrote: > > Hello, > > I have incorporated review comments from Stefan. Please review. > > This drop adds support for the TPM devices attached to the I2C bus. It > only supports the TPM2 protocol. You need to run it with the external > TPM emulator like swtpm. I have tested it with swtpm. Nice work. I tested these stop cedric's aspeed-8.0 qemu tree, using the rainier machine and the openbmc dev-6.1 kernel. We get this message when booting from a kernel: [ 0.582699] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) [ 0.586361] tpm tpm0: A TPM error (256) occurred attempting the self test [ 0.586623] tpm tpm0: starting up the TPM manually Do we understand why the error appears? # grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t / /sys/class/tpm/tpm0/pcr-sha256/0:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/1:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/2:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/3:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/4:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/5:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/6:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/7:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/8:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/9:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/10:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/11:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/12:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/13:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/14:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/15:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/16:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/17:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/18:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/19:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/20:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/21:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/22:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/23:0000000000000000000000000000000000000000000000000000000000000000 If I boot through the openbmc u-boot for the p10bmc machine, which measures things into the PCRs: [ 0.556713] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) / # grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t / /sys/class/tpm/tpm0/pcr-sha256/0:AFA13691EFC7BC6E189E92347F20676FB4523302CB957DA9A65C3430C45E8BCC /sys/class/tpm/tpm0/pcr-sha256/1:37F0F710A5502FAE6DB7433B36001FEE1CBF15BA2A7D6923207FF56888584714 /sys/class/tpm/tpm0/pcr-sha256/2:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/3:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/4:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/5:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/6:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/7:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/8:AE67485BD01E8D6FE0208C46C473940173F66E9C6F43C75ABB404375787E9705 /sys/class/tpm/tpm0/pcr-sha256/9:DB99D92EADBB446894CB0C062AEB673F60DDAFBC62BC2A9CA561A13B31E5357C /sys/class/tpm/tpm0/pcr-sha256/10:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/11:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/12:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/13:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/14:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/15:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/16:0000000000000000000000000000000000000000000000000000000000000000 /sys/class/tpm/tpm0/pcr-sha256/17:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/18:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/19:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/20:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/21:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/22:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF /sys/class/tpm/tpm0/pcr-sha256/23:0000000000000000000000000000000000000000000000000000000000000000 However on a clean boot into the TPM, the u-boot tpm commands fail: ast# tpm info tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed] ast# tpINTERRUPT> ast# tpm init ast# tpm info tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open] ast# tpm pcr_read 0 0x81000000 Error: 256 ast# md.l 0x81000000 16 81000000: 00000000 00000000 00000000 00000000 ................ 81000010: 00000000 00000000 00000000 00000000 ................ 81000020: 00000000 00000000 00000000 00000000 ................ 81000030: 00000000 00000000 00000000 00000000 ................ 81000040: 00000000 00000000 00000000 00000000 ................ 81000050: 00000000 00000000 ........ This doesn't need to block merging into qemu, as the model works fine for pcr measurement and accessing under Linux. However it would be good to work though these issues in case there's a modelling discrepancy. > > I have refered to the work done by zhdaniel@meta.com but at the core > level out implementation is different. > https://github.com/theopolis/qemu/commit/2e2e57cde9e419c36af8071bb85392ad1ed70966 > > Based-on: $MESSAGE_ID > > > Ninad Palsule (3): > docs: Add support for TPM devices over I2C bus > tpm: Extend common APIs to support TPM TIS I2C > tpm: Add support for TPM device over I2C bus > > docs/specs/tpm.rst | 32 +++ > hw/arm/Kconfig | 1 + > hw/tpm/Kconfig | 7 + > hw/tpm/meson.build | 1 + > hw/tpm/tpm_tis.h | 3 + > hw/tpm/tpm_tis_common.c | 36 ++- > hw/tpm/tpm_tis_i2c.c | 540 ++++++++++++++++++++++++++++++++++++++++ > hw/tpm/trace-events | 6 + > include/hw/acpi/tpm.h | 31 +++ > include/sysemu/tpm.h | 3 + > 10 files changed, 652 insertions(+), 8 deletions(-) > create mode 100644 hw/tpm/tpm_tis_i2c.c > > -- > 2.37.2 >
Hi Joel, On 3/26/23 8:05 PM, Joel Stanley wrote: > Hi Ninad, > > On Sun, 26 Mar 2023 at 22:44, Ninad Palsule <ninad@linux.ibm.com> wrote: >> Hello, >> >> I have incorporated review comments from Stefan. Please review. >> >> This drop adds support for the TPM devices attached to the I2C bus. It >> only supports the TPM2 protocol. You need to run it with the external >> TPM emulator like swtpm. I have tested it with swtpm. > Nice work. I tested these stop cedric's aspeed-8.0 qemu tree, using > the rainier machine and the openbmc dev-6.1 kernel. > > We get this message when booting from a kernel: > > [ 0.582699] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) > [ 0.586361] tpm tpm0: A TPM error (256) occurred attempting the self test > [ 0.586623] tpm tpm0: starting up the TPM manually > > Do we understand why the error appears? Yes, As per kernel code this is an expected error for some emulators. On swtpm emulator, It returns TPM2_RC_INITIALIZE if emulator is not initialized. I searched it in swtpm and it indicated that selftest requested before it is initialized. I meant to ask Stefan but busy with the review comments. This function comment in the driver mentioned below indicate that this case possible with emulators. /** * tpm2_startup - turn on the TPM * @chip: TPM chip to use * * Normally the firmware should start the TPM. This function is provided as a * workaround if this does not happen. A legal case for this could be for * example when a TPM emulator is used. * * Return: same as tpm_transmit_cmd() */ static int tpm2_startup(struct tpm_chip *chip) > > # grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t / > /sys/class/tpm/tpm0/pcr-sha256/0:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/1:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/2:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/3:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/4:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/5:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/6:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/7:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/8:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/9:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/10:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/11:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/12:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/13:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/14:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/15:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/16:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/17:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/18:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/19:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/20:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/21:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/22:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/23:0000000000000000000000000000000000000000000000000000000000000000 > > If I boot through the openbmc u-boot for the p10bmc machine, which > measures things into the PCRs: > > [ 0.556713] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) > > / # grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t / > /sys/class/tpm/tpm0/pcr-sha256/0:AFA13691EFC7BC6E189E92347F20676FB4523302CB957DA9A65C3430C45E8BCC > /sys/class/tpm/tpm0/pcr-sha256/1:37F0F710A5502FAE6DB7433B36001FEE1CBF15BA2A7D6923207FF56888584714 > /sys/class/tpm/tpm0/pcr-sha256/2:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/3:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/4:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/5:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/6:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/7:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/8:AE67485BD01E8D6FE0208C46C473940173F66E9C6F43C75ABB404375787E9705 > /sys/class/tpm/tpm0/pcr-sha256/9:DB99D92EADBB446894CB0C062AEB673F60DDAFBC62BC2A9CA561A13B31E5357C > /sys/class/tpm/tpm0/pcr-sha256/10:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/11:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/12:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/13:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/14:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/15:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/16:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/17:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/18:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/19:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/20:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/21:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/22:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/23:0000000000000000000000000000000000000000000000000000000000000000 Great thanks. I could not try it. > > However on a clean boot into the TPM, the u-boot tpm commands fail: > > ast# tpm info > tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed] > ast# tpINTERRUPT> > ast# tpm init > ast# tpm info > tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open] > ast# tpm pcr_read 0 0x81000000 > Error: 256 > ast# md.l 0x81000000 16 > 81000000: 00000000 00000000 00000000 00000000 ................ > 81000010: 00000000 00000000 00000000 00000000 ................ > 81000020: 00000000 00000000 00000000 00000000 ................ > 81000030: 00000000 00000000 00000000 00000000 ................ > 81000040: 00000000 00000000 00000000 00000000 ................ > 81000050: 00000000 00000000 ........ > > This doesn't need to block merging into qemu, as the model works fine > for pcr measurement and accessing under Linux. However it would be > good to work though these issues in case there's a modelling > discrepancy. Yes, Please provide me details on how to reproduce it. I will take a look. Thanks for the review. Ninad > > > >> I have refered to the work done by zhdaniel@meta.com but at the core >> level out implementation is different. >> https://github.com/theopolis/qemu/commit/2e2e57cde9e419c36af8071bb85392ad1ed70966 >> >> Based-on: $MESSAGE_ID >> >> >> Ninad Palsule (3): >> docs: Add support for TPM devices over I2C bus >> tpm: Extend common APIs to support TPM TIS I2C >> tpm: Add support for TPM device over I2C bus >> >> docs/specs/tpm.rst | 32 +++ >> hw/arm/Kconfig | 1 + >> hw/tpm/Kconfig | 7 + >> hw/tpm/meson.build | 1 + >> hw/tpm/tpm_tis.h | 3 + >> hw/tpm/tpm_tis_common.c | 36 ++- >> hw/tpm/tpm_tis_i2c.c | 540 ++++++++++++++++++++++++++++++++++++++++ >> hw/tpm/trace-events | 6 + >> include/hw/acpi/tpm.h | 31 +++ >> include/sysemu/tpm.h | 3 + >> 10 files changed, 652 insertions(+), 8 deletions(-) >> create mode 100644 hw/tpm/tpm_tis_i2c.c >> >> -- >> 2.37.2 >>
On Mon, 27 Mar 2023 at 03:52, Ninad Palsule <ninad@linux.vnet.ibm.com> wrote: > > Hi Joel, > > On 3/26/23 8:05 PM, Joel Stanley wrote: > > Hi Ninad, > > > > On Sun, 26 Mar 2023 at 22:44, Ninad Palsule <ninad@linux.ibm.com> wrote: > >> Hello, > >> > >> I have incorporated review comments from Stefan. Please review. > >> > >> This drop adds support for the TPM devices attached to the I2C bus. It > >> only supports the TPM2 protocol. You need to run it with the external > >> TPM emulator like swtpm. I have tested it with swtpm. > > Nice work. I tested these stop cedric's aspeed-8.0 qemu tree, using > > the rainier machine and the openbmc dev-6.1 kernel. > > > > We get this message when booting from a kernel: > > > > [ 0.582699] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) > > [ 0.586361] tpm tpm0: A TPM error (256) occurred attempting the self test > > [ 0.586623] tpm tpm0: starting up the TPM manually > > > > Do we understand why the error appears? > > > Yes, As per kernel code this is an expected error for some emulators. > > On swtpm emulator, It returns TPM2_RC_INITIALIZE if emulator is not > initialized. I searched it in swtpm and it indicated that selftest > requested before it is initialized. I meant to ask Stefan but busy with > the review comments. The swtpm man page mentions some flags we can set. Perhaps they would help? --flags [not-need-init] [,startup-clear|startup-state|startup-deactivated|startup-none] > > This function comment in the driver mentioned below indicate that this > case possible with emulators. > > /** > * tpm2_startup - turn on the TPM > * @chip: TPM chip to use > * > * Normally the firmware should start the TPM. This function is > provided as a > * workaround if this does not happen. A legal case for this could be for > * example when a TPM emulator is used. > * > * Return: same as tpm_transmit_cmd() > */ > > static int tpm2_startup(struct tpm_chip *chip) > > > However on a clean boot into the TPM, the u-boot tpm commands fail: > > > > ast# tpm info > > tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed] > > ast# tpINTERRUPT> > > ast# tpm init > > ast# tpm info > > tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open] > > ast# tpm pcr_read 0 0x81000000 > > Error: 256 > > ast# md.l 0x81000000 16 > > 81000000: 00000000 00000000 00000000 00000000 ................ > > 81000010: 00000000 00000000 00000000 00000000 ................ > > 81000020: 00000000 00000000 00000000 00000000 ................ > > 81000030: 00000000 00000000 00000000 00000000 ................ > > 81000040: 00000000 00000000 00000000 00000000 ................ > > 81000050: 00000000 00000000 ........ > > > > This doesn't need to block merging into qemu, as the model works fine > > for pcr measurement and accessing under Linux. However it would be > > good to work though these issues in case there's a modelling > > discrepancy. > > > Yes, Please provide me details on how to reproduce it. I will take a look. This is the buildroot tree I've been using for testing: https://github.com/shenki/buildroot/commits/ast2600-tpm git clone https://github.com/shenki/buildroot -b ast2600-tpm cd buildroot make O=ast2600evb aspeed_ast2600evb_defconfig I launch it with this qemu commandline: swtpm socket --tpmstate dir=$XDG_RUNTIME_DIR --ctrl type=unixio,path=$XDG_RUNTIME_DIR/swtpm-socket --tpm2 qemu-system-arm -M ast2600-evb -nographic -drive file=ast2600evb/images/flash.img,if=mtd,format=raw -chardev socket,id=chrtpm,path=$XDG_RUNTIME_DIR/swtpm-socket -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e If you want to reproduce the u-boot behaviour, press any key to interrupt the boot. Booting this way, you can also test the u-boot behaviour. Once you're in userspace: # echo tpm_tis_i2c 0x2e > /sys/bus/i2c/devices/i2c-12/new_device [ 13.637081] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) [ 13.665239] i2c i2c-12: new_device: Instantiated device tpm_tis_i2c at 0x2e # cat /sys/class/tpm/tpm0/pcr-sha256/0 FE9A732EAA7842D77DEECFC1DC610EBEA9414BFC39BEEBC8D2F071CF030FA592
>>> However on a clean boot into the TPM, the u-boot tpm commands fail: >>> >>> ast# tpm info >>> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed] >>> ast# tpINTERRUPT> >>> ast# tpm init >>> ast# tpm info >>> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open] >>> ast# tpm pcr_read 0 0x81000000 >>> Error: 256 >>> ast# md.l 0x81000000 16 >>> 81000000: 00000000 00000000 00000000 00000000 ................ >>> 81000010: 00000000 00000000 00000000 00000000 ................ >>> 81000020: 00000000 00000000 00000000 00000000 ................ >>> 81000030: 00000000 00000000 00000000 00000000 ................ >>> 81000040: 00000000 00000000 00000000 00000000 ................ >>> 81000050: 00000000 00000000 ........ >>> >>> This doesn't need to block merging into qemu, as the model works fine >>> for pcr measurement and accessing under Linux. However it would be >>> good to work though these issues in case there's a modelling >>> discrepancy. >> >> >> Yes, Please provide me details on how to reproduce it. I will take a look. > > This is the buildroot tree I've been using for testing: > > https://github.com/shenki/buildroot/commits/ast2600-tpm > > git clone https://github.com/shenki/buildroot -b ast2600-tpm > cd buildroot > make O=ast2600evb aspeed_ast2600evb_defconfig I have pushed binaries here also : https://github.com/legoater/qemu-aspeed-boot/tree/master/images/ast2600-evb/buildroot-2023.02-tpm Cheers, C.
On Mon, 27 Mar 2023 at 08:21, Cédric Le Goater <clg@kaod.org> wrote: > > >>> However on a clean boot into the TPM, the u-boot tpm commands fail: > >>> > >>> ast# tpm info > >>> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed] > >>> ast# tpINTERRUPT> > >>> ast# tpm init > >>> ast# tpm info > >>> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open] > >>> ast# tpm pcr_read 0 0x81000000 > >>> Error: 256 > >>> ast# md.l 0x81000000 16 > >>> 81000000: 00000000 00000000 00000000 00000000 ................ > >>> 81000010: 00000000 00000000 00000000 00000000 ................ > >>> 81000020: 00000000 00000000 00000000 00000000 ................ > >>> 81000030: 00000000 00000000 00000000 00000000 ................ > >>> 81000040: 00000000 00000000 00000000 00000000 ................ > >>> 81000050: 00000000 00000000 ........ > >>> > >>> This doesn't need to block merging into qemu, as the model works fine > >>> for pcr measurement and accessing under Linux. However it would be > >>> good to work though these issues in case there's a modelling > >>> discrepancy. > >> > >> > >> Yes, Please provide me details on how to reproduce it. I will take a look. > > > > This is the buildroot tree I've been using for testing: > > > > https://github.com/shenki/buildroot/commits/ast2600-tpm > > > > git clone https://github.com/shenki/buildroot -b ast2600-tpm > > cd buildroot > > make O=ast2600evb aspeed_ast2600evb_defconfig > > I have pushed binaries here also : > > https://github.com/legoater/qemu-aspeed-boot/tree/master/images/ast2600-evb/buildroot-2023.02-tpm Thank you! The non-zero PCRs I see with this are: # grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t / /sys/class/tpm/tpm0/pcr-sha256/0:B804724EA13F52A9072BA87FE8FDCC497DFC9DF9AA15B9088694639C431688E0 /sys/class/tpm/tpm0/pcr-sha256/1:37F0F710A5502FAE6DB7433B36001FEE1CBF15BA2A7D6923207FF56888584714 /sys/class/tpm/tpm0/pcr-sha256/2:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/3:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/4:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/5:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/6:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/7:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 /sys/class/tpm/tpm0/pcr-sha256/8:C840364040A0F98631A48A4C401C567226BFE5A2A30B958F1800E4849A140F69 /sys/class/tpm/tpm0/pcr-sha256/9:9D00428C528120A3F2D0D8CB0EB5D036D87C0D0F8D2990B8C1F12DEFAE3890C7 They seem to be stable across boots, which is good! We could use these images and that pcr0 value for an avocado test. Perhaps we could add an init script that binds the driver and prints the value to the console to save having to log in.
On 3/26/23 21:05, Joel Stanley wrote: > Hi Ninad, > > On Sun, 26 Mar 2023 at 22:44, Ninad Palsule <ninad@linux.ibm.com> wrote: >> >> Hello, >> >> I have incorporated review comments from Stefan. Please review. >> >> This drop adds support for the TPM devices attached to the I2C bus. It >> only supports the TPM2 protocol. You need to run it with the external >> TPM emulator like swtpm. I have tested it with swtpm. > > Nice work. I tested these stop cedric's aspeed-8.0 qemu tree, using > the rainier machine and the openbmc dev-6.1 kernel. > > We get this message when booting from a kernel: > > [ 0.582699] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) > [ 0.586361] tpm tpm0: A TPM error (256) occurred attempting the self test > [ 0.586623] tpm tpm0: starting up the TPM manually > > Do we understand why the error appears? The firmware did not initialize the TPM 2. > > # grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t / > /sys/class/tpm/tpm0/pcr-sha256/0:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/1:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/2:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/3:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/4:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/5:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/6:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/7:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/8:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/9:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/10:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/11:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/12:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/13:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/14:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/15:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/16:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/17:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/18:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/19:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/20:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/21:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/22:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/23:0000000000000000000000000000000000000000000000000000000000000000 > > If I boot through the openbmc u-boot for the p10bmc machine, which > measures things into the PCRs: > > [ 0.556713] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) In this case the firmware started up the TPM 2. Also the PCRs have been touched by the firmware in this case. > > / # grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t / > /sys/class/tpm/tpm0/pcr-sha256/0:AFA13691EFC7BC6E189E92347F20676FB4523302CB957DA9A65C3430C45E8BCC > /sys/class/tpm/tpm0/pcr-sha256/1:37F0F710A5502FAE6DB7433B36001FEE1CBF15BA2A7D6923207FF56888584714 > /sys/class/tpm/tpm0/pcr-sha256/2:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/3:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/4:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/5:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/6:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/7:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > /sys/class/tpm/tpm0/pcr-sha256/8:AE67485BD01E8D6FE0208C46C473940173F66E9C6F43C75ABB404375787E9705 > /sys/class/tpm/tpm0/pcr-sha256/9:DB99D92EADBB446894CB0C062AEB673F60DDAFBC62BC2A9CA561A13B31E5357C > /sys/class/tpm/tpm0/pcr-sha256/10:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/11:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/12:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/13:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/14:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/15:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/16:0000000000000000000000000000000000000000000000000000000000000000 > /sys/class/tpm/tpm0/pcr-sha256/17:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/18:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/19:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/20:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/21:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/22:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > /sys/class/tpm/tpm0/pcr-sha256/23:0000000000000000000000000000000000000000000000000000000000000000 > > However on a clean boot into the TPM, the u-boot tpm commands fail: > > ast# tpm info > tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed] > ast# tpINTERRUPT> Is this normal output? Is it an indication of some sort of IRQ? > ast# tpm init > ast# tpm info > tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open] > ast# tpm pcr_read 0 0x81000000 > Error: 256 > ast# md.l 0x81000000 16 > 81000000: 00000000 00000000 00000000 00000000 ................ > 81000010: 00000000 00000000 00000000 00000000 ................ > 81000020: 00000000 00000000 00000000 00000000 ................ > 81000030: 00000000 00000000 00000000 00000000 ................ > 81000040: 00000000 00000000 00000000 00000000 ................ > 81000050: 00000000 00000000 ........ > > This doesn't need to block merging into qemu, as the model works fine > for pcr measurement and accessing under Linux. However it would be > good to work though these issues in case there's a modelling > discrepancy. It reads the didvid and rid registers just fine and per the touched PCRs it knows how to talk to the TPM 2 to extend the PCRs. So this is strange. What is the 0x81000000 parameter in this command? Is it some memory location? Stefan > > > >> >> I have refered to the work done by zhdaniel@meta.com but at the core >> level out implementation is different. >> https://github.com/theopolis/qemu/commit/2e2e57cde9e419c36af8071bb85392ad1ed70966 >> >> Based-on: $MESSAGE_ID >> >> >> Ninad Palsule (3): >> docs: Add support for TPM devices over I2C bus >> tpm: Extend common APIs to support TPM TIS I2C >> tpm: Add support for TPM device over I2C bus >> >> docs/specs/tpm.rst | 32 +++ >> hw/arm/Kconfig | 1 + >> hw/tpm/Kconfig | 7 + >> hw/tpm/meson.build | 1 + >> hw/tpm/tpm_tis.h | 3 + >> hw/tpm/tpm_tis_common.c | 36 ++- >> hw/tpm/tpm_tis_i2c.c | 540 ++++++++++++++++++++++++++++++++++++++++ >> hw/tpm/trace-events | 6 + >> include/hw/acpi/tpm.h | 31 +++ >> include/sysemu/tpm.h | 3 + >> 10 files changed, 652 insertions(+), 8 deletions(-) >> create mode 100644 hw/tpm/tpm_tis_i2c.c >> >> -- >> 2.37.2 >>
On 3/27/23 04:04, Joel Stanley wrote: > On Mon, 27 Mar 2023 at 03:52, Ninad Palsule <ninad@linux.vnet.ibm.com> wrote: >> >> Hi Joel, >> >> On 3/26/23 8:05 PM, Joel Stanley wrote: >>> Hi Ninad, >>> >>> On Sun, 26 Mar 2023 at 22:44, Ninad Palsule <ninad@linux.ibm.com> wrote: >>>> Hello, >>>> >>>> I have incorporated review comments from Stefan. Please review. >>>> >>>> This drop adds support for the TPM devices attached to the I2C bus. It >>>> only supports the TPM2 protocol. You need to run it with the external >>>> TPM emulator like swtpm. I have tested it with swtpm. >>> Nice work. I tested these stop cedric's aspeed-8.0 qemu tree, using >>> the rainier machine and the openbmc dev-6.1 kernel. >>> >>> We get this message when booting from a kernel: >>> >>> [ 0.582699] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) >>> [ 0.586361] tpm tpm0: A TPM error (256) occurred attempting the self test >>> [ 0.586623] tpm tpm0: starting up the TPM manually >>> >>> Do we understand why the error appears? >> >> >> Yes, As per kernel code this is an expected error for some emulators. >> >> On swtpm emulator, It returns TPM2_RC_INITIALIZE if emulator is not >> initialized. I searched it in swtpm and it indicated that selftest >> requested before it is initialized. I meant to ask Stefan but busy with >> the review comments. > > The swtpm man page mentions some flags we can set. Perhaps they would help? > > --flags [not-need-init] > [,startup-clear|startup-state|startup-deactivated|startup-none] With firmware initializing the TPM 2 neither of these options is necessary. If firmware doesn't initialize the TPM 2 then Linux will show that error message and initialize it. Stefan
On Mon, 27 Mar 2023 at 11:11, Stefan Berger <stefanb@linux.ibm.com> wrote: > > > > On 3/26/23 21:05, Joel Stanley wrote: > > Hi Ninad, > > > > On Sun, 26 Mar 2023 at 22:44, Ninad Palsule <ninad@linux.ibm.com> wrote: > >> > >> Hello, > >> > >> I have incorporated review comments from Stefan. Please review. > >> > >> This drop adds support for the TPM devices attached to the I2C bus. It > >> only supports the TPM2 protocol. You need to run it with the external > >> TPM emulator like swtpm. I have tested it with swtpm. > > > > Nice work. I tested these stop cedric's aspeed-8.0 qemu tree, using > > the rainier machine and the openbmc dev-6.1 kernel. > > > > We get this message when booting from a kernel: > > > > [ 0.582699] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) > > [ 0.586361] tpm tpm0: A TPM error (256) occurred attempting the self test > > [ 0.586623] tpm tpm0: starting up the TPM manually > > > > Do we understand why the error appears? > > The firmware did not initialize the TPM 2. Which firmware are we talking about here? In the case of these systems, we (u-boot+linux) are what would traditionally be referred to as firmware. > > # grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t / > > /sys/class/tpm/tpm0/pcr-sha256/0:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/1:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/2:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/3:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/4:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/5:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/6:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/7:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/8:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/9:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/10:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/11:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/12:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/13:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/14:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/15:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/16:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/17:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/18:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/19:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/20:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/21:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/22:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/23:0000000000000000000000000000000000000000000000000000000000000000 > > > > If I boot through the openbmc u-boot for the p10bmc machine, which > > measures things into the PCRs: > > > > [ 0.556713] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) > > In this case the firmware started up the TPM 2. Also the PCRs have been touched by the firmware in this case. > > > > > / # grep -r . /sys/class/tpm/tpm0/pcr-sha256/ | sort -n -k 7 -t / > > /sys/class/tpm/tpm0/pcr-sha256/0:AFA13691EFC7BC6E189E92347F20676FB4523302CB957DA9A65C3430C45E8BCC > > /sys/class/tpm/tpm0/pcr-sha256/1:37F0F710A5502FAE6DB7433B36001FEE1CBF15BA2A7D6923207FF56888584714 > > /sys/class/tpm/tpm0/pcr-sha256/2:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > > /sys/class/tpm/tpm0/pcr-sha256/3:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > > /sys/class/tpm/tpm0/pcr-sha256/4:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > > /sys/class/tpm/tpm0/pcr-sha256/5:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > > /sys/class/tpm/tpm0/pcr-sha256/6:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > > /sys/class/tpm/tpm0/pcr-sha256/7:E21B703EE69C77476BCCB43EC0336A9A1B2914B378944F7B00A10214CA8FEA93 > > /sys/class/tpm/tpm0/pcr-sha256/8:AE67485BD01E8D6FE0208C46C473940173F66E9C6F43C75ABB404375787E9705 > > /sys/class/tpm/tpm0/pcr-sha256/9:DB99D92EADBB446894CB0C062AEB673F60DDAFBC62BC2A9CA561A13B31E5357C > > /sys/class/tpm/tpm0/pcr-sha256/10:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/11:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/12:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/13:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/14:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/15:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/16:0000000000000000000000000000000000000000000000000000000000000000 > > /sys/class/tpm/tpm0/pcr-sha256/17:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/18:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/19:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/20:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/21:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/22:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > /sys/class/tpm/tpm0/pcr-sha256/23:0000000000000000000000000000000000000000000000000000000000000000 > > However on a clean boot into the TPM, the u-boot tpm commands fail: > > > > ast# tpm info > > tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed] > > ast# tpINTERRUPT> > > Is this normal output? Is it an indication of some sort of IRQ? Ignore that line, that was me using ctrl+c to cancel the input. I should have trimmed it from the email before sending. > > > ast# tpm init > > ast# tpm info > > tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open] > > ast# tpm pcr_read 0 0x81000000 > > Error: 256 > > ast# md.l 0x81000000 16 > > 81000000: 00000000 00000000 00000000 00000000 ................ > > 81000010: 00000000 00000000 00000000 00000000 ................ > > 81000020: 00000000 00000000 00000000 00000000 ................ > > 81000030: 00000000 00000000 00000000 00000000 ................ > > 81000040: 00000000 00000000 00000000 00000000 ................ > > 81000050: 00000000 00000000 ........ > > > > This doesn't need to block merging into qemu, as the model works fine > > for pcr measurement and accessing under Linux. However it would be > > good to work though these issues in case there's a modelling > > discrepancy. > > > It reads the didvid and rid registers just fine and per the touched PCRs it knows how to talk to the TPM 2 to extend the PCRs. It hasn't done so in this case; the boot step that extends the PCRs hasn't been executed. > So this is strange. What is the 0x81000000 parameter in this command? Is it some memory location? Yes, it's an arbitrary DRAM location that we've asked u-boot to place the contents of the PCR. Cheers, Joel
On 3/27/23 07:18, Joel Stanley wrote: > On Mon, 27 Mar 2023 at 11:11, Stefan Berger <stefanb@linux.ibm.com> wrote: >> >> >> >> On 3/26/23 21:05, Joel Stanley wrote: >>> Hi Ninad, >>> >>> On Sun, 26 Mar 2023 at 22:44, Ninad Palsule <ninad@linux.ibm.com> wrote: >>>> >>>> Hello, >>>> >>>> I have incorporated review comments from Stefan. Please review. >>>> >>>> This drop adds support for the TPM devices attached to the I2C bus. It >>>> only supports the TPM2 protocol. You need to run it with the external >>>> TPM emulator like swtpm. I have tested it with swtpm. >>> >>> Nice work. I tested these stop cedric's aspeed-8.0 qemu tree, using >>> the rainier machine and the openbmc dev-6.1 kernel. >>> >>> We get this message when booting from a kernel: >>> >>> [ 0.582699] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) >>> [ 0.586361] tpm tpm0: A TPM error (256) occurred attempting the self test >>> [ 0.586623] tpm tpm0: starting up the TPM manually >>> >>> Do we understand why the error appears? >> >> The firmware did not initialize the TPM 2. > > Which firmware are we talking about here? This happens if either no firmware is used or the firmware doesn't know how to talk to the TPM 2. Linux detects that the TPM 2 wasn't initialized (TPM2_Startup was not sent). Stefan
On 3/27/23 07:11, Stefan Berger wrote: > > >> We get this message when booting from a kernel: >> >> [ 0.582699] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) >> [ 0.586361] tpm tpm0: A TPM error (256) occurred attempting the self test >> [ 0.586623] tpm tpm0: starting up the TPM manually >> >> Do we understand why the error appears? > > The firmware did not initialize the TPM 2. > >> However on a clean boot into the TPM, the u-boot tpm commands fail: >> >> ast# tpm info >> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed] >> ast# tpINTERRUPT> > > Is this normal output? Is it an indication of some sort of IRQ? > >> ast# tpm init >> ast# tpm info >> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open] >> ast# tpm pcr_read 0 0x81000000 >> Error: 256 If this is an error from the TPM 2 , then the 256 error code is the same as reported by Linux above: $ tssreturncode 0x100 TPM_RC_INITIALIZE - TPM not initialized by TPM2_Startup or already initialized I will try to reproduce this today. u-boot should have a sent TPM2_Startup as part of 'tpm init' command above or even before on its own. Stefan
On 3/27/23 08:31, Stefan Berger wrote: > > > On 3/27/23 07:11, Stefan Berger wrote: >> >> > >>> We get this message when booting from a kernel: >>> >>> [ 0.582699] tpm_tis_i2c 12-002e: 2.0 TPM (device-id 0x1, rev-id 1) >>> [ 0.586361] tpm tpm0: A TPM error (256) occurred attempting the self test >>> [ 0.586623] tpm tpm0: starting up the TPM manually >>> >>> Do we understand why the error appears? >> >> The firmware did not initialize the TPM 2. >> > >>> However on a clean boot into the TPM, the u-boot tpm commands fail: >>> >>> ast# tpm info >>> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [closed] >>> ast# tpINTERRUPT> >> >> Is this normal output? Is it an indication of some sort of IRQ? >> >>> ast# tpm init >>> ast# tpm info >>> tpm@2e v2.0: VendorID 0x1014, DeviceID 0x0001, RevisionID 0x01 [open] >>> ast# tpm pcr_read 0 0x81000000 >>> Error: 256 > > If this is an error from the TPM 2 , then the 256 error code is the same as reported by Linux above: > > $ tssreturncode 0x100 > TPM_RC_INITIALIZE - TPM not initialized by TPM2_Startup or already initialized > > > I will try to reproduce this today. u-boot should have a sent TPM2_Startup as part of 'tpm init' command above or even before on its own. One needs to do this here: ast# tpm2 startup TPM2_SU_CLEAR ast# tpm2 pcr_read 0 0x81000000 PCR #0 content (332 known updates): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Stefan