peterhuewe / tpm-emulator Goto Github PK

View Code? Open in Web Editor NEW

173.0 173.0 75.0 310 KB

The famous tpm-emulator by Mario Strasser, previously hosted on BerliOs. It supports TPM1.2 only!

License: GNU General Public License v2.0

CMake 0.74% Shell 0.02% C 98.19% Makefile 0.19% Batchfile 0.12% C++ 0.74%

tpm-emulator's People

Contributors

Stargazers

Watchers

tpm-emulator's Issues

expected declaration specifiers or ‘...’ before string constant

error: expected declaration specifiers or ‘...’ before string constant
33 | #define TPM_DEVICE_ID "tpm"
| ^~~~~
I hope someone can answer for me, thanks!

tpm-emulator was corrupted since commit 88393fa

tpm-emulator was corrupted since commit `88393fa` so that tpmtoken_setpassd reports "C_SetPIN failed: 0x00000006 (6)" when trying to change user or security officer password. Please see the detailed output:

tpmtoken_setpasswd
Enter your TPM user password:
A new TPM user password is needed. The password must be between 4 and 8 characters in length.
Enter new password:
Confirm password:
C_SetPIN failed: 0x00000006 (6)

tpmtoken_setpasswd --security-officer
Enter the TPM security officer password:
A new TPM security officer password is needed. The password must be between 4 and 8 characters in length.
Enter new password:
Confirm password:
C_SetPIN failed: 0x00000006 (6)

make fails on latest kernel

Seems that sock_recvmsg has changed in the latest kernel and has removed space for a argument, I tried just appending tpm_response.size instead of tpm_response.size, 0 and the build succeeded.

But this probably is not the proper fix as tcsd throws a tpmd_dev.c:146: Error sock_recvmsg failed.

See the attached photo

ubuntu compiler problem

When I compile it on Ubuntu 14.04 Machine, It met a problem:

Makefile:592: /usr/src/linux-headers-3.13.0-24-generic/arch//Makefile: No such file or directory
make[4]: *** No rule to make target `/usr/src/linux-headers-3.13.0-24-generic/arch//Makefile'.  Stop.
make[3]: *** [all] Error 2
make[2]: *** [tpmd_dev/linux/tpmd_dev.ko] Error 2
make[1]: *** [tpmd_dev/CMakeFiles/tpmd_dev.dir/all] Error 2
make: *** [all] Error 2

I do the following Jobs:

export ARCH=x86

and it work well.

/usr/include/tddl.h /usr/lib/libtddl conflict with trousers package

Hello,

Both packages tpm-emulator and trousers cannot be installed on the same system because of file collision[1]. Can you please consider renaming the tddl to tpm-emulator-tddl or anything unique so that no collision will exist?

I can do this if you agree and specify desired name.

Thanks,
Alon

[1] https://bugs.gentoo.org/show_bug.cgi?id=537544

Windows does not recognize the emulated TPM

I installed it using MinGW and all the stuff. When I ran the tpmd_start command, it all looked good. Same with the status command. However, Windows says that there is no TPM in the PC! I tried in Windows 10 and Windows 7, however, none of these operating systems worked. Could anyone help me?

Build fails with gcc7

No problem with gcc6 instead. See attached log snippet.
tpm_emulator_gcc7.txt

tranpannt emulator on a board based on ARMv7

I want to tranpannt it on a board based on ARMv7. But i face some diffculty in compiling the module tpmd_dev . It require linux-headers ，but i can't install is on my board.
Did anyone ever meet problems like this before?

tpm_setup_rsp_auth needs fall-thru not break

I wrote this as a comment here 88393fa#r40001028, but figured I should open an actual issue.

88393fa added a break to quiet an implicit-fallthrough warning. I think this is actually a desired fall though since auth1 is expected to be set when auth2 is set.

Xen changed to to mark the fall-thru, but I'm not sure if it has been tested: https://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=stubdom/vtpm-implicit-fallthrough.patch;h=db97be552f035871381d2b97b4101a946c8915d0;hb=HEAD ?

https://trustedcomputinggroup.org/wp-content/uploads/TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf shows that auth2 is always set when auth1 is set, except for TPM_Ord_ChangeAuth.

Cannot set presence

I've got it to create the data and I've taken ownership of it, but now tpm_setpresence doesn't work. Trying any of the options related to modifying the presence returns Tspi_TPM_SetStatus failed: 0x00002006 - layer=tcs, code=0006 (6), Not enabled.

tpm-emulator make on ubuntu14.04

Hello,everyone!
When I make tpm emulator on Ubuntu 14.04， it return with some errors:

`[ 98%] Generating linux/tpmd_dev.ko
/home/ketty/TPM/tpm-emulator/build/tpmd_dev/linux/tpmd_dev.c: In function ‘tpmd_handle_command’:
/home/ketty/TPM/tpm-emulator/build/tpmd_dev/linux/tpmd_dev.c:111:6: error: ‘struct msghdr’ has no member named ‘msg_iov’
   msg.msg_iov = &iov;
      ^
/home/ketty/TPM/tpm-emulator/build/tpmd_dev/linux/tpmd_dev.c:112:6: error: ‘struct msghdr’ has no member named ‘msg_iovlen’
   msg.msg_iovlen = 1;
      ^
/home/ketty/TPM/tpm-emulator/build/tpmd_dev/linux/tpmd_dev.c:125:6: error: ‘struct msghdr’ has no member named ‘msg_iov’
   msg.msg_iov = &iov;
      ^
/home/ketty/TPM/tpm-emulator/build/tpmd_dev/linux/tpmd_dev.c:126:6: error: ‘struct msghdr’ has no member named ‘msg_iovlen’
   msg.msg_iovlen = 1;
      ^
make[5]: *** [/home/ketty/TPM/tpm-emulator/build/tpmd_dev/linux/tpmd_dev.o] Error 1
make[4]: *** [_module_/home/ketty/TPM/tpm-emulator/build/tpmd_dev/linux] Error 2
make[3]: *** [all] Error 2
make[2]: *** [tpmd_dev/linux/tpmd_dev.ko] Error 2
make[1]: *** [tpmd_dev/CMakeFiles/tpmd_dev.dir/all] Error 2
make: *** [all] Error 2
`

I had follow https://github.com/PeterHuewe/tpm-emulator/issues/7#issuecomment-227621114, insert

`#if LINUX_VERSION_CODE < KERNEL_VERSION(3,19,0)
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
#else
iov_iter_init(&msg.msg_iter, WRITE, &iov, 1, 1);
#endif`

But when I make it again, what I had inserted was missing, all back to the original.

[PeterHuewe: edited your post to have proper formatting]

Is NV define/create/write supported ?

Hello,

From the code, I can see that there is tpm_nv_storage.c, and the TPM_NV_* operations seem to be defined. When I tried to run tpm_nvinfo (from the tpm-tools package), I do not see any output - is this expected, or am I missing something ?
I see that the following on the tpmd log (when run in foreground mode [-f])

tpmd.c:352: Debug: received 18 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:3450: Debug: [TPM_TAG_RQU_COMMAND]
tpm_cmd_handler.c:3566: Debug: [TPM_ORD_GetCapability]
tpm_capability.c:697: Info: TPM_GetCapability()
tpm_capability.c:746: Debug: [TPM_CAP_NV_LIST]
tpm_cmd_handler.c:4084: Info: TPM command succeeded
tpmd.c:358: Debug: sending 14 bytes
tpmd.c:331: Debug: waiting for commands...

So, the command seems to be accepted, but there is an error:

$ tpm_nvdefine -l debug -i 2 -s 32  -p "AUTHREAD|AUTHWRITE"
permissions = 0x00040004
Tspi_Context_Create success
Tspi_Context_Connect success
Tspi_Context_GetTpmObject success
Tspi_Context_CreateObject success
Tspi_NV_DefineSpace failed: 0x00000003 - layer=tpm, code=0003 (3), Bad Parameter
Tspi_Context_FreeMemory success
Tspi_Context_Close success

How do I use the NVRAM read/write functionality with the emulator ?

Thanks

Ani

Emulator fails when interacting with qemu tpm passthrough

Hi,

I'm trying to use the TPM emulator with qemu, via the TPM passthrough. I use

$ sudo tpmd deactivated
$ sudo killall tpmd
$ sudo tpmd -df clear

to start the emulator daemon. Then I invoke

$ sudo qemu -m 512 -drive file=ubuntu,format=raw -tpmdev passthrough,id=tpm0,path=/dev/tpm

and the emulator daemon spits out the following error:

tpmd.c:485: Debug: received 1 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:4147: Error: tpm_unmarshal_TPM_REQUEST() failed
tpmd.c:489: Error: tpm_handle_command() failed

I'm on Ubuntu 16.04, and I've tried this on qemu 2.6 and 2.8 with the same result. This might be related to the thread here but I'm not sure.

Any help on this would be much appreciated.

TPM deactivated on recent kernels > 4.2 tested

Hi, I tested the TPM emulator on three different machines with kernel version.
Machine 1:
4.9.0-3-amd64 #1 SMP Debian 4.9.30-2+deb9u1 (2017-06-18) x86_64 GNU/Linux

Here the proposed patch from #21 was used to successfully compile the code.
Here, the TPM gets deactivated during the startup of a virtual machine. Using:

qemu-system-x86_64 -smp 2 -m 1024 -hda image.qcow2 -net user,hostfwd=tcp::2223-:22 -net nic -enable-kvm -tpmdev passthrough,id=tpm,path=/dev/tpm,cancel-path=/dev/null -device tpm-tis,tpmdev=tpm

Version: QEMU emulator version 2.8.1(Debian 1:2.8+dfsg-6)

Here the debug log.

pmd.c:523: Info: starting TPM Emulator daemon (1.2.0.7-475)
tpmd.c:102: Info: parsing options
tpmd.c:109: Debug: debug mode enabled
tpmd.c:175: Debug: startup mode = 'clear'
tpmd.c:228: Info: installing signal handlers
tpmd.c:387: Info: staring main loop
tpmd.c:302: Info: initializing socket /var/run/tpm/tpmd_socket:0
tpmd.c:401: Debug: initializing TPM emulator
tpm_emulator_extern.c:101: Info: _tpm_extern_init()
tpm_emulator_extern.c:104: Debug: openening random device /dev/urandom
tpm_cmd_handler.c:4113: Debug: tpm_emulator_init(1, 0x00000000)
tpm_startup.c:29: Info: TPM_Init()
tpm_testing.c:243: Info: TPM_SelfTestFull()
tpm_testing.c:39: Debug: tpm_test_prng()
tpm_testing.c:69: Debug: Monobit: 10016
tpm_testing.c:70: Debug: Poker:   9.6
tpm_testing.c:71: Debug: run_1:   2483, 2426
tpm_testing.c:72: Debug: run_2:   1212, 1250
tpm_testing.c:73: Debug: run_3:   611, 622
tpm_testing.c:74: Debug: run_4:   305, 327
tpm_testing.c:75: Debug: run_5:   168, 163
tpm_testing.c:76: Debug: run_6+:  166, 157
tpm_testing.c:77: Debug: run_34:  0
tpm_testing.c:111: Debug: tpm_test_sha1()
tpm_testing.c:157: Debug: tpm_test_hmac()
tpm_testing.c:184: Debug: tpm_test_rsa_EK()
tpm_testing.c:186: Debug: tpm_rsa_generate_key()
tpm_testing.c:191: Debug: testing endorsement key
tpm_testing.c:197: Debug: tpm_rsa_sign(RSA_SSA_PKCS1_SHA1)
tpm_testing.c:200: Debug: tpm_rsa_verify(RSA_SSA_PKCS1_SHA1)
tpm_testing.c:203: Debug: tpm_rsa_sign(RSA_SSA_PKCS1_DER)
tpm_testing.c:206: Debug: tpm_rsa_verify(RSA_SSA_PKCS1_DER)
tpm_testing.c:210: Debug: tpm_rsa_encrypt(RSA_ES_PKCSV15)
tpm_testing.c:214: Debug: tpm_rsa_decrypt(RSA_ES_PKCSV15)
tpm_testing.c:218: Debug: verify plain text
tpm_testing.c:221: Debug: tpm_rsa_encrypt(RSA_ES_OAEP_SHA1)
tpm_testing.c:225: Debug: tpm_rsa_decrypt(RSA_ES_OAEP_SHA1)
tpm_testing.c:229: Debug: verify plain text
tpm_testing.c:261: Info: Self-Test succeeded
tpm_startup.c:43: Info: TPM_Startup(1)
tpmd.c:412: Debug: waiting for connections...
tpmd.c:452: Debug: waiting for commands...
tpmd.c:485: Debug: received 10 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:3456: Info: The tag value sent to for a command (0x8001) is invalid
tpmd.c:491: Debug: sending 10 bytes
tpmd.c:452: Debug: waiting for commands...
tpmd.c:485: Debug: received 10 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:3450: Debug: [TPM_TAG_RQU_COMMAND]
tpm_cmd_handler.c:3946: Debug: [TPM_ORD_GetTicks]
tpm_ticks.c:32: Info: TPM_GetTicks()
tpm_cmd_handler.c:4084: Info: TPM command succeeded
tpmd.c:491: Debug: sending 42 bytes
tpmd.c:452: Debug: waiting for commands...
tpmd.c:452: Debug: waiting for commands...
tpmd.c:485: Debug: received 12 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:3450: Debug: [TPM_TAG_RQU_COMMAND]
tpm_cmd_handler.c:3473: Debug: [TPM_ORD_Startup]
tpm_startup.c:43: Info: TPM_Startup(1)
tpm_cmd_handler.c:4077: Info: TPM command failed: (0x26) The command was received in the wrong sequence relative to TPM_Init and a subsequent TPM_Startup.
tpmd.c:491: Debug: sending 10 bytes
tpmd.c:452: Debug: waiting for commands...
tpmd.c:485: Debug: received 10 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:3450: Debug: [TPM_TAG_RQU_COMMAND]
tpm_cmd_handler.c:3523: Debug: [TPM_ORD_SetTempDeactivated]
tpm_owner.c:74: Info: TPM_SetTempDeactivated()

Machine 2:
The current code, was also tested on kernel 4.2.0-16-generic (build directly from master version https://github.com/PeterHuewe/tpm-emulator):
Version: QEMU emulator version 2.3.0 (Debian 1:2.3+dfsg-5ubuntu9.2)

tpmd.c:523: Info: starting TPM Emulator daemon (1.2.0.7-475)
tpmd.c:102: Info: parsing options
tpmd.c:228: Info: installing signal handlers
tpmd.c:387: Info: staring main loop
tpmd.c:302: Info: initializing socket /var/run/tpm/tpmd_socket:0
tpm_emulator_extern.c:101: Info: _tpm_extern_init()
tpm_startup.c:29: Info: TPM_Init()
tpm_testing.c:243: Info: TPM_SelfTestFull()
tpm_testing.c:261: Info: Self-Test succeeded
tpm_startup.c:43: Info: TPM_Startup(1)
tpm_cmd_handler.c:4147: Error: tpm_unmarshal_TPM_REQUEST() failed
tpmd.c:489: Error: tpm_handle_command() failed
tpm_cmd_handler.c:4147: Error: tpm_unmarshal_TPM_REQUEST() failed
tpmd.c:489: Error: tpm_handle_command() failed

Machine 3:
Same code base (current master) runs perfectly fine on QEMU emulator version 2.4.94 with kernel 3.13.0-76-generic #120-Ubuntu SMP

If more info is needed, let me know.

Ecryptfs on TPM emulator

Hello, dear sir.
I'm struggling on the tpm and ecryptfs for a long time. I can emulate the tpm device successfully with the follow command:

modprobe tpmd_dev
ecryptfsd
tpmd -d
/usr/local/sbin/tcsd
tpm_version
---------------------------------------------output---------------------------------------------------
tpmd.c:529: Info: starting TPM Emulator daemon (1.2.0.7-475)
tpmd.c:102: Info: parsing options
tpmd.c:109: Debug: debug mode enabled
tpmd.c:194: Info: no startup mode was specified; asuming 'clear'
tpmd.c:228: Info: installing signal handlers
tpmd.c:250: Info: daemonizing process
  TPM 1.2 Version Info:
  Chip Version:        1.2.0.7
  Spec Level:          2
  Errata Revision:     1
  TPM Vendor ID:       ETHZ
  TPM Version:         01010000
  Manufacturer Info:   4554485a

then, I generate my srk with the following command:

tpm_takeownership -u -y -z

After that, I can create my TPM key

ecryptfs-generate-tpm-key -p 0 -p 2 -p 3
---------------------------------------------output---------------------------------------------------
Success: Key created bound to:
PCR 0: 0000000000000000000000000000000000000000
PCR 2: 0000000000000000000000000000000000000000
PCR 3: 0000000000000000000000000000000000000000
And registered in persistent storage with UUID (tspi_uuid parameter): 913bdea9a6306838774ea3d961a27f9f

Then I mount encrypt file with the following command:

mkdir encrypt
mount -t ecryptfs -o key=tspi:tspi_uuid=913bdea9a6306838774ea3d961a27f9f,ecryptfs_cipher=aes,no_sig_cache,ecryptfs_key_bytes=16,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=n encrypt/ encrypt/
---------------------------------------------output---------------------------------------------------
Attempting to mount with the following options:
  ecryptfs_unlink_sigs
  ecryptfs_key_bytes=16
  ecryptfs_cipher=aes
  ecryptfs_sig=94defdb44a6aab52
Mounted eCryptfs

Everything is fine here, I can normally echo content into encrypt/file like this

echo "Hello World" > ./encrypt/hello
cat ./encrypt/hello
---------------------------------------------output---------------------------------------------------
Hello World

And I umount the fs, remount then, things become weird:

umount ./encrypt
mount -t ecryptfs -o key=tspi:tspi_uuid=913bdea9a6306838774ea3d961a27f9f,ecryptfs_cipher=aes,no_sig_cache,ecryptfs_key_bytes=16,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=n encrypt/ encrypt/
cat ./encrypt/hello
---------------------------------------------output---------------------------------------------------
Attempting to mount with the following options:
  ecryptfs_unlink_sigs
  ecryptfs_key_bytes=16
  ecryptfs_cipher=aes
  ecryptfs_sig=94defdb44a6aab52
Mounted eCryptfs
cat ./encrypt/hello: Input/output error

Here is the log message:

[116125.323576] Failed to parse tag 65 packet; rc = [-5]
[116125.323576] ecryptfs_parse_packet_set: Error decrypting the session key for authentication token with sig [94defdb44a6aab52]; rc = [-5]. Removing auth tok candidate from the list and searching for the next match.
[116125.323576] ecryptfs_parse_packet_set: Could not find a usable authentication token
[116125.323576] Valid eCryptfs headers not found in file header region or xattr region, inode 3182408

Here is the version:

kernel: Linux version 4.12.14-120-default (geeko@buildhost) (gcc version 4.8.5 (SUSE Linux) ) #1 SMP Thu Nov 7 16:39:09 UTC 2019 (fd9dc36)
tcsd: TrouSerS trousers 0.3.9
tpmd: starting TPM Emulator daemon (1.2.0.7-475)
ecryptfsd: ecryptfsd (ecryptfs-utils) 104
tpm-tools: version: 1.3.8

Could anybody tell me how to solve this, thank you very much 💐

TPM make install on Ubuntu 16.04 Server (VBClient)

Have what appears to be an almost perfect build, minus the install errors
which I cant seem to find any reference or pointers to within the build
itself. Please see attached file. Apologies for not including the text here as its
running in a VM and ... and ....

TPM Emulator cmake fails

Hi ,

I want to Cross Compile and setup TPM emulator for Clearfog A388, Could some one please help me in this.
When I run cmake ../ -- Detecting C compiler ABI info - failed

................................................................................................................................................................
Workstation:~/tpm-emulator-master/build$ cmake ../
-- The C compiler identification is unknown
-- Check for working C compiler: /home/tpm-emulator-master/gcc-arm-linux-gnueabi/bin/arm-linux-gnueabi-gcc
-- Check for working C compiler: /home/tpm-emulator-master/gcc-arm-linux-gnueabi/bin/arm-linux-gnueabi-gcc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - failed
-- Configuring done
-- Generating done
-- Build files have been written to: /home/tpm-emulator-master/build
................................................................................................................................................................

Thanks,
Varsha

Make fails on MacOS

Hi,

I try to install the tpm-emulator (v 0.7.4) on MacOS Sierra

After installing the dependencies the make process fails at 75% ... as shown bellow:

[ 75%] Building C object crypto/CMakeFiles/tpm_crypto.dir/rsa.o
/tpm_emulator-0.7.4/crypto/rsa.c:56:13: error: address of
array 'key->p' will always evaluate to 'true'
[-Werror,-Wpointer-bool-conversion]
if (!key->p || !key->q || !key->u) {
~~~~~^
/tpm_emulator-0.7.4/crypto/rsa.c:56:24: error: address of
array 'key->q' will always evaluate to 'true'
[-Werror,-Wpointer-bool-conversion]
if (!key->p || !key->q || !key->u) {
~~~~~~^
/tpm_emulator-0.7.4/crypto/rsa.c:56:35: error: address of
array 'key->u' will always evaluate to 'true'
[-Werror,-Wpointer-bool-conversion]
if (!key->p || !key->q || !key->u) {
~~~~~~^
3 errors generated.
make[2]: *** [crypto/CMakeFiles/tpm_crypto.dir/rsa.o] Error 1
make[1]: *** [crypto/CMakeFiles/tpm_crypto.dir/all] Error 2
make: *** [all] Error 2

Any idea ?

Thx for your help

Please provide a video guide

TPM-emulator,

Hello,

Im trying to install the TPM emulator on my Raspberry Pi 3 from github using the 'clone or download' option, and i followed the commands:

mkdir build
cd build
cmake ../
make

when in the 'make' command it gives the following error:

"Scanning dependencies of target tpmd_dev
[ 96%] Generating linux/tpmd_dev.ko
make[4]: *** /lib/modules/4.4.38-v7+/build: No such file or directory. Stop.
Makefile:22: recipe for target 'all' failed
make[3]: *** [all] Error 2
tpmd_dev/CMakeFiles/tpmd_dev.dir/build.make:62: recipe for target 'tpmd_dev/linux/tpmd_dev.ko' failed
make[2]: *** [tpmd_dev/linux/tpmd_dev.ko] Error 2
CMakeFiles/Makefile2:383: recipe for target 'tpmd_dev/CMakeFiles/tpmd_dev.dir/all' failed
make[1]: *** [tpmd_dev/CMakeFiles/tpmd_dev.dir/all] Error 2
Makefile:149: recipe for target 'all' failed
make: *** [all] Error 2"

can anyone help me please?
ps: im installing it in my raspberry pi 3

Patch to build with LINUX_VERSION_CODE >= KERNEL_VERSION(3, 19, 0)

Original patch from PLD is here
https://www.mail-archive.com/[email protected]/msg362857.html)

diff --git a/tpmd_dev/linux/tpmd_dev.c b/tpmd_dev/linux/tpmd_dev.c
index 1ab71e6..8a27ad5 100644
--- a/tpmd_dev/linux/tpmd_dev.c
+++ b/tpmd_dev/linux/tpmd_dev.c
@@ -25,6 +25,8 @@
 #include <linux/net.h>
 #include <linux/un.h>

+#include <linux/version.h>
+
 #include "config.h"

 #define TPM_DEVICE_MINOR  224
@@ -108,8 +110,12 @@ static int tpmd_handle_command(const uint8_t *in, uint32_t in_size)
   memset(&msg, 0, sizeof(msg));
   iov.iov_base = (void*)in;
   iov.iov_len = in_size;
+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 19, 0)
   msg.msg_iov = &iov;
   msg.msg_iovlen = 1;
+#else
+  iov_iter_init(&msg.msg_iter, WRITE, &iov, 1, 1);
+#endif
   res = sock_sendmsg(tpmd_sock, &msg, in_size);
   if (res < 0) {
     error("sock_sendmsg() failed: %d\n", res);
@@ -122,8 +128,12 @@ static int tpmd_handle_command(const uint8_t *in, uint32_t in_size)
   memset(&msg, 0, sizeof(msg));
   iov.iov_base = (void*)tpm_response.data;
   iov.iov_len = tpm_response.size;
+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 19, 0)
   msg.msg_iov = &iov;
   msg.msg_iovlen = 1;
+#else
+  iov_iter_init(&msg.msg_iter, READ, &iov, 1, 1);
+#endif
   oldmm = get_fs();
   set_fs(KERNEL_DS);
   res = sock_recvmsg(tpmd_sock, &msg, tpm_response.size, 0);

Make fails on Debian [sid]

: ; LANG=C sh build.sh 
-- The C compiler identification is GNU 6.2.0
-- Check for working C compiler: /usr/bin/cc
-- Check for working C compiler: /usr/bin/cc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Configuring done
-- Generating done
-- Build files have been written to: /home/levitte/gitwrk/github.com/PeterHuewe/tpm-emulator/build
Scanning dependencies of target tpm
[  1%] Building C object tpm/CMakeFiles/tpm.dir/tpm_audit.o
[  3%] Building C object tpm/CMakeFiles/tpm.dir/tpm_authorization.o
[  5%] Building C object tpm/CMakeFiles/tpm.dir/tpm_capability.o
[  7%] Building C object tpm/CMakeFiles/tpm.dir/tpm_cmd_handler.o
[  8%] Building C object tpm/CMakeFiles/tpm.dir/tpm_context.o
[ 10%] Building C object tpm/CMakeFiles/tpm.dir/tpm_counter.o
[ 12%] Building C object tpm/CMakeFiles/tpm.dir/tpm_credentials.o
[ 14%] Building C object tpm/CMakeFiles/tpm.dir/tpm_crypto.o
[ 15%] Building C object tpm/CMakeFiles/tpm.dir/tpm_daa.o
[ 17%] Building C object tpm/CMakeFiles/tpm.dir/tpm_data.o
[ 19%] Building C object tpm/CMakeFiles/tpm.dir/tpm_delegation.o
[ 21%] Building C object tpm/CMakeFiles/tpm.dir/tpm_deprecated.o
[ 22%] Building C object tpm/CMakeFiles/tpm.dir/tpm_emulator_extern.o
[ 24%] Building C object tpm/CMakeFiles/tpm.dir/tpm_error.o
[ 26%] Building C object tpm/CMakeFiles/tpm.dir/tpm_eviction.o
[ 28%] Building C object tpm/CMakeFiles/tpm.dir/tpm_handles.o
[ 29%] Building C object tpm/CMakeFiles/tpm.dir/tpm_identity.o
[ 31%] Building C object tpm/CMakeFiles/tpm.dir/tpm_integrity.o
[ 33%] Building C object tpm/CMakeFiles/tpm.dir/tpm_maintenance.o
[ 35%] Building C object tpm/CMakeFiles/tpm.dir/tpm_management.o
[ 36%] Building C object tpm/CMakeFiles/tpm.dir/tpm_marshalling.o
[ 38%] Building C object tpm/CMakeFiles/tpm.dir/tpm_migration.o
[ 40%] Building C object tpm/CMakeFiles/tpm.dir/tpm_nv_storage.o
[ 42%] Building C object tpm/CMakeFiles/tpm.dir/tpm_owner.o
[ 43%] Building C object tpm/CMakeFiles/tpm.dir/tpm_startup.o
[ 45%] Building C object tpm/CMakeFiles/tpm.dir/tpm_storage.o
[ 47%] Building C object tpm/CMakeFiles/tpm.dir/tpm_testing.o
[ 49%] Building C object tpm/CMakeFiles/tpm.dir/tpm_ticks.o
[ 50%] Building C object tpm/CMakeFiles/tpm.dir/tpm_transport.o
[ 52%] Linking C static library libtpm.a
[ 52%] Built target tpm
Scanning dependencies of target mtm
[ 54%] Building C object mtm/CMakeFiles/mtm.dir/mtm_capability.o
[ 56%] Building C object mtm/CMakeFiles/mtm.dir/mtm_cmd_handler.o
[ 57%] Building C object mtm/CMakeFiles/mtm.dir/mtm_counter.o
[ 59%] Building C object mtm/CMakeFiles/mtm.dir/mtm_data.o
[ 61%] Building C object mtm/CMakeFiles/mtm.dir/mtm_eviction.o
[ 63%] Building C object mtm/CMakeFiles/mtm.dir/mtm_handles.o
[ 64%] Building C object mtm/CMakeFiles/mtm.dir/mtm_integrity.o
[ 66%] Building C object mtm/CMakeFiles/mtm.dir/mtm_marshalling.o
[ 68%] Building C object mtm/CMakeFiles/mtm.dir/mtm_verification.o
[ 70%] Building C object mtm/CMakeFiles/mtm.dir/__/tpm/tpm_cmd_handler.o
[ 71%] Building C object mtm/CMakeFiles/mtm.dir/__/tpm/tpm_data.o
[ 73%] Linking C static library libmtm.a
[ 73%] Built target mtm
Scanning dependencies of target tpm_crypto
[ 75%] Building C object crypto/CMakeFiles/tpm_crypto.dir/hmac.o
[ 77%] Building C object crypto/CMakeFiles/tpm_crypto.dir/rc4.o
[ 78%] Building C object crypto/CMakeFiles/tpm_crypto.dir/rsa.o
[ 80%] Building C object crypto/CMakeFiles/tpm_crypto.dir/sha1.o
[ 82%] Building C object crypto/CMakeFiles/tpm_crypto.dir/bn_gmp.o
[ 84%] Linking C static library libtpm_crypto.a
[ 84%] Built target tpm_crypto
Scanning dependencies of target tddl_static
[ 85%] Building C object tddl/CMakeFiles/tddl_static.dir/tddl.o
[ 87%] Linking C static library libtddl.a
[ 87%] Built target tddl_static
Scanning dependencies of target tddl
[ 89%] Building C object tddl/CMakeFiles/tddl.dir/tddl.o
[ 91%] Linking C shared library libtddl.so
[ 91%] Built target tddl
Scanning dependencies of target test_tddl
[ 92%] Building C object tddl/CMakeFiles/test_tddl.dir/test_tddl.o
[ 94%] Linking C executable test_tddl
[ 94%] Built target test_tddl
Scanning dependencies of target tpmd_dev
[ 96%] Generating linux/tpmd_dev.ko
/home/levitte/gitwrk/github.com/PeterHuewe/tpm-emulator/build/tpmd_dev/linux/tpmd_dev.c:1:0: error: code model kernel does not support PIC mode
 /* Software-based Trusted Platform Module (TPM) Emulator
 
/usr/src/linux-headers-4.8.0-1-common/scripts/Makefile.build:300: recipe for target '/home/levitte/gitwrk/github.com/PeterHuewe/tpm-emulator/build/tpmd_dev/linux/tpmd_dev.o' failed
make[7]: *** [/home/levitte/gitwrk/github.com/PeterHuewe/tpm-emulator/build/tpmd_dev/linux/tpmd_dev.o] Error 1
/usr/src/linux-headers-4.8.0-1-common/Makefile:1488: recipe for target '_module_/home/levitte/gitwrk/github.com/PeterHuewe/tpm-emulator/build/tpmd_dev/linux' failed
make[6]: *** [_module_/home/levitte/gitwrk/github.com/PeterHuewe/tpm-emulator/build/tpmd_dev/linux] Error 2
Makefile:150: recipe for target 'sub-make' failed
make[5]: *** [sub-make] Error 2
Makefile:8: recipe for target 'all' failed
make[4]: *** [all] Error 2
Makefile:22: recipe for target 'all' failed
make[3]: *** [all] Error 2
tpmd_dev/CMakeFiles/tpmd_dev.dir/build.make:62: recipe for target 'tpmd_dev/linux/tpmd_dev.ko' failed
make[2]: *** [tpmd_dev/linux/tpmd_dev.ko] Error 2
CMakeFiles/Makefile2:383: recipe for target 'tpmd_dev/CMakeFiles/tpmd_dev.dir/all' failed
make[1]: *** [tpmd_dev/CMakeFiles/tpmd_dev.dir/all] Error 2
Makefile:149: recipe for target 'all' failed
make: *** [all] Error 2

Error compiling on Windows10

Hi,

I'm trying to compile it on windows 10 (under a Parallels instance in macOS Sierra), and I getting this error:

[ 93%] Building C object tddl/CMakeFiles/tddl.dir/tddl.obj
In file included from C:\Users\menezeed\Downloads\tpm-emulator\tddl\tddl.c:34:0:
C:\Users\menezeed\Downloads\tpm-emulator\tddl\tddl_windows.h:30:15: error: conflicting types for 'DllMain'
BOOL APIENTRY DllMain(HANDLE hModule, DWORD reason, LPVOID lpReserved)
^
In file included from c:\mingw\include\windows.h:62:0,
from C:\Users\menezeed\Downloads\tpm-emulator\tddl\tddl_windows.h:20,
from C:\Users\menezeed\Downloads\tpm-emulator\tddl\tddl.c:34:
c:\mingw\include\winbase.h:1051:13: note: previous declaration of 'DllMain' was here
BOOL WINAPI DllMain(HINSTANCE, DWORD, LPVOID);
^
tddl\CMakeFiles\tddl.dir\build.make:57: recipe for target 'tddl/CMakeFiles/tddl.dir/tddl.obj' failed
mingw32-make[2]: *** [tddl/CMakeFiles/tddl.dir/tddl.obj] Error 1
CMakeFiles\Makefile2:231: recipe for target 'tddl/CMakeFiles/tddl.dir/all' failed
mingw32-make[1]: *** [tddl/CMakeFiles/tddl.dir/all] Error 2
Makefile:125: recipe for target 'all' failed
mingw32-make: *** [all] Error 2

Have anyone faced this before?

Regards,

Ed Wilson

Does the emulator follows TPM 2.0 specification

Hello,

Does this TPM emulator follow TPM 2.0 specification?

Big Endian machines should define __BIG_ENDIAN__ or the sha1 code will fail

By default, there is no code or compile options to put -D__BIG_ENDIAN__=1 into the build environment. As a result, the selftest for sha1 will fail. One way to do this would be via the following patch (tested under BSD):
`diff --git a/crypto/sha1.h b/crypto/sha1.h
index c94ed39..f7c6a7b 100644
--- a/crypto/sha1.h
+++ b/crypto/sha1.h
@@ -36,4 +36,21 @@ void tpm_sha1_update_be32(tpm_sha1_ctx_t *ctx, uint32_t data);

void tpm_sha1_final(tpm_sha1_ctx_t *ctx, uint8_t digest[SHA1_DIGEST_LENGTH]);

+#if (defined(i386) || defined(x86_64)) && !defined(LITTLE_ENDIAN)
+#define LITTLE_ENDIAN 1
+#endif
+
+#if defined(FreeBSD) || defined(NetBSD) || defined(OpenBSD)
+#include <sys/endian.h>
+#if _BYTE_ORDER == _LITTLE_ENDIAN
+#define LITTLE_ENDIAN 1
+#elif _BYTE_ORDER == _BIG_ENDIAN
+#define BIG_ENDIAN 1
+#endif
+#endif
+
+#if !defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
+#error "Neither BIG_ENDIAN nor LITTLE_ENDIAN are defined"
+#endif
+
#endif /* SHA1_H */
`

For those using a clang compiler, you may also want a local patch to disable the pointer-bool-conversion error:

add_definitions(-Wall -Werror -Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings -Wno-error=pointer-bool-conversion)

There are, of course, other ways to address the endian issue. The above is just a suggestion.

make install fails

Hi,

I try to install the tpm-emulator (v 0.7.4) on Ubuntu 16.04 32 bit, kernel 4.4.0 - 31.

After installing the dependencies the make process works fine. But when I try to "make install" I get the following error:

/Downloads/tpm-emulator-master/build$ sudo make install
[ 52%] Built target tpm
[ 73%] Built target mtm
[ 84%] Built target tpm_crypto
[ 87%] Built target tddl_static
[ 91%] Built target test_tddl
[ 94%] Built target tddl
[ 96%] Built target tpmd_dev
[100%] Built target tpmd
Install the project...
-- Install configuration: ""
-- Up-to-date: /usr/local/lib/libtddl.so.1.2.0.7
-- Up-to-date: /usr/local/lib/libtddl.so.1.2
-- Up-to-date: /usr/local/lib/libtddl.so
-- Up-to-date: /usr/local/lib/libtddl.a
-- Up-to-date: /usr/local/include/tddl.h
**At main.c:222:

SSL error:02001002:system library:fopen:No such file or directory: bss_file.c:175
SSL error:2006D080:BIO routines:BIO_new_file:no such file: bss_file.c:178
sign-file: certs/signing_key.pem: No such file or directory**
-- Up-to-date: /usr/local/bin/tpmd
andreas@andreas-VirtualBox:~/Downloads/tpm-emulator-master/build$ uname -a
Linux andreas-VirtualBox 4.4.0-31-generic #50-Ubuntu SMP Wed Jul 13 00:06:14 UTC 2016 i686 i686 i686 GNU/Linux

It looks that the signing_key.pem is not available. I tried to generate it with: ssh-keygen -t rsa, but nothing changes. Any idea whats wrong?

Kind regards an thanks,

Andreas

make fails tddl.h no such file or directory

C:\Users\A431825\Downloads\tpm-emulator-0.7.5>build.bat
-- Configuring done
-- Generating done
-- Build files have been written to: C:/Users/A431825/Downloads/tpm-emulator-0.7.5/build
[ 68%] Built target tpm
[ 81%] Built target tpm_crypto
[ 84%] Building C object tddl/CMakeFiles/tddl-tpm-emulator.dir/tddl.obj
In file included from C:\Users\A431825\Downloads\tpm-emulator-0.7.5\tddl\tddl.c:34:
C:\Users\A431825\Downloads\tpm-emulator-0.7.5\tddl\tddl_windows.h:22:10: fatal error: tddl.h: No such file or directory
 #include "tddl.h"
          ^~~~~~~~
compilation terminated.
tddl\CMakeFiles\tddl-tpm-emulator.dir\build.make:62: recipe for target 'tddl/CMakeFiles/tddl-tpm-emulator.dir/tddl.obj' failed
mingw32-make[2]: *** [tddl/CMakeFiles/tddl-tpm-emulator.dir/tddl.obj] Error 1
CMakeFiles\Makefile2:252: recipe for target 'tddl/CMakeFiles/tddl-tpm-emulator.dir/all' failed
mingw32-make[1]: *** [tddl/CMakeFiles/tddl-tpm-emulator.dir/all] Error 2
Makefile:150: recipe for target 'all' failed
mingw32-make: *** [all] Error 2
C:\Users\A431825\Downloads\tpm-emulator-0.7.5>

TPM 2.0 Support?

Any way you can add TPM 2.0 support to the emulator?

strncpy bounds warning with GCC8

See here.

Missing call to setgroups before setuid

Another warning from rpmlint I thought of sharing:

tpmd.x86_64: W: missing-call-to-setgroups-before-setuid /usr/sbin/tpmd
This executable is calling setuid and setgid without setgroups or initgroups.
There is a high probability this means it didn't relinquish all groups, and
this would be a potential security issue to be fixed. Seek POS36-C on the web
for details about the problem.

When I execute "make install" in Ubuntu 16.04, I am prompted with an "SSL error"

At main.c:160:

SSL error:02001002:system library:fopen:No such file or directory: bss_file.c:175
SSL error:2006D080:BIO routines:BIO_new_file:no such file: bss_file.c:178
sign-file: certs/signing_key.pem: No such file or directory
-- Up-to-date: /usr/local/bin/tpmd

TPM emulator won't create data

In the /var/log/syslog file, I keep on getting tpm_startup.c:87: Error: restoring permanent data failed and no /var/lib/tpm/tpm_emulator-1_2_0_7 file gets created.

Permission Denied using examples for TPM/J

I am trying your Usage Examples for TPM/J
and when i run java edu.mit.csail.tpmj.tools.TPMInfo
i get this:
gmitaros@ubuntu:~/tpm/tpmj/lib$ java edu.mit.csail.tpmj.tools.TPMInfo BasicTPMDriver: TPMIOException encountered. (edu.mit.csail.tpmj.TPMIOException: java.io.FileNotFoundException: /dev/tpm0 (Permission denied)) Waiting 2.0 s, then retrying ... ^Cgmitaros@ubuntu:~/tpm/tpmj/lib$

i runned also ls -l /dev/tpm*
and i get:
gmitaros@ubuntu:~/tpm/tpmj/lib$ ls -l /dev/tpm* crw-rw---- 1 root root 10, 224 Mar 20 22:41 /dev/tpm lrwxrwxrwx 1 root root 3 Mar 20 22:41 /dev/tpm0 -> tpm
Also check here: where i change the group i get an another error
gmitaros@ubuntu:~/tpm/tpmj/libls -l /dev/tpm* crw-rw---- 1 root gmitaros 10, 224 Mar 20 22:41 /dev/tpm lrwxrwxrwx 1 root root 3 Mar 20 22:41 /dev/tpm0 -> tpm gmitaros@ubuntu:~/tpm/tpmj/lib$ java edu.mit.csail.tpmj.tools.TPMInfo BasicTPMDriver: TPMIOException encountered. (edu.mit.csail.tpmj.TPMIOException: java.io.FileNotFoundException: /dev/tpm0 (Input/output error)) Waiting 2.0 s, then retrying ... ^Cgmitaros@ubuntu:~/tpm/tpmj/lib$

I am using Ubuntu 16.04 in a Virtual machine(VMWare 14).

/lib/modules/4.2.3-300.fc23.i686/build: No such file or directory.

Hello everyone!
I tried to install tpm emulator on Fedora 23.
When I do "make", it returns with the error:"/lib/modules/4.2.3-300.fc23.i686/build: No such file or directory."
How to solve the problem?
Thank you!

trigger oops

Reported by @theopolis in #21

On a Ubuntu 4.8.0 kernel:

[  654.477142]  fjes [last unloaded: tpmd_dev]
[  654.477150] CPU: 0 PID: 6404 Comm: qemu-system-arm Tainted: G           OE   4.8.0-34-generic #36-Ubuntu
[  654.477169] Hardware name: System manufacturer System Product Name/Z170, BIOS 12
[  654.477187] task: ffff983775060f00 task.stack: ffff983761d28000
[  654.477201] RIP: 0010:[<ffffffffaac3f516>]  [<ffffffffaac3f516>] memcpy_erms+0x6/0x10
[  654.477218] RSP: 0018:ffff983761d2bc30  EFLAGS: 00010206
[  654.477230] RAX: ffff98384da51600 RBX: 000000000000000a RCX: 000000000000000a
[  654.477245] RDX: 000000000000000a RSI: 00007fffdb078370 RDI: ffff98384da51600
[  654.477259] RBP: ffff983761d2bc88 R08: 00000000000000c0 R09: ffff983865c7db80
[  654.477275] R10: ffff98384da3bf00 R11: ffff98384da51600 R12: ffff983761d2be08
[  654.477289] R13: ffff98384da5160a R14: 000000000000000a R15: ffff983761d2bde8
[  654.477305] FS:  00007f9af1f45c40(0000) GS:ffff98388bc00000(0000) knlGS:0000000000000000
[  654.477328] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  654.477341] CR2: 00007fffdb078370 CR3: 0000000721ce8000 CR4: 00000000003406f0
[  654.477356] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  654.477370] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  654.477385] Stack:
[  654.477391]  ffffffffaac462cd ffff983775060f00 ffff983775060f00 ffff983761d2bca8
[  654.477409]  ffff983775060f00 000000000000000a 000000000000000a 000000000000000a
[  654.477428]  000000000000000a 0000000000000000 000000000000000a ffff983761d2bce8
[  654.477445] Call Trace:
[  654.477455]  [<ffffffffaac462cd>] ? copy_from_iter+0x12d/0x340
[  654.477470]  [<ffffffffaaf71a38>] skb_copy_datagram_from_iter+0x58/0x200
[  654.477495]  [<ffffffffab02aed8>] unix_stream_sendmsg+0x188/0x400
[  654.477509]  [<ffffffffaaf61a88>] sock_sendmsg+0x38/0x50
[  654.477522]  [<ffffffffaaf61bbb>] kernel_sendmsg+0x2b/0x30
[  654.477535]  [<ffffffffc0a190cc>] tpmd_handle_command+0x5c/0x170 [tpmd_dev]
[  654.477550]  [<ffffffffc0a19231>] tpm_write+0x51/0x80 [tpmd_dev]
[  654.477571]  [<ffffffffaaa333d8>] __vfs_write+0x18/0x40
[  654.477583]  [<ffffffffaaa33b15>] vfs_write+0xb5/0x1a0
[  654.477595]  [<ffffffffaaa34f65>] SyS_write+0x55/0xc0
[  654.477607]  [<ffffffffaa803b9e>] do_syscall_64+0x5e/0xc0
[  654.477620]  [<ffffffffab09c365>] entry_SYSCALL64_slow_path+0x25/0x25
[  654.477634] Code: 90 90 90 90 90 eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 <f3> a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 
[  654.477725] RIP  [<ffffffffaac3f516>] memcpy_erms+0x6/0x10
[  654.477741]  RSP <ffff983761d2bc30>
[  654.477750] CR2: 00007fffdb078370
[  654.482914] ---[ end trace 7a3f6ec6d2ad018a ]---

Seems I can trigger with:

$ sudo ./build/tpmd/unix/tpmd -f

And 0x80 0x01 0x00 0x00 0x00 0x0a 0x00 0x00 0x01 0x81

peterhuewe / tpm-emulator Goto Github PK

tpm-emulator's People

Contributors

Stargazers

Watchers

Forkers

tpm-emulator's Issues

tpm-emulator was corrupted since commit 88393fa so that tpmtoken_setpassd reports "C_SetPIN failed: 0x00000006 (6)" when trying to change user or security officer password. Please see the detailed output:

Thanks

Recommend Projects

Recommend Topics

Recommend Org

Jobs

tpm-emulator was corrupted since commit `88393fa` so that tpmtoken_setpassd reports "C_SetPIN failed: 0x00000006 (6)" when trying to change user or security officer password. Please see the detailed output: