tpm2-software / tpm2-tss Goto Github PK
View Code? Open in Web Editor NEWOSS implementation of the TCG TPM2 Software Stack (TSS2)
Home Page: https://tpm2-software.github.io
License: BSD 2-Clause "Simplified" License
OSS implementation of the TCG TPM2 Software Stack (TSS2)
Home Page: https://tpm2-software.github.io
License: BSD 2-Clause "Simplified" License
We currently compile the sockets TCTI directly into the resourcemgr on account of our use of the SAPI_CLIENT macro. We use some wrapper functions specific to the resourcemgr and use the macros to set up these function pointers. This is a bit messy and it may be better to pass these function pointers in to the TCTI through the initialization method.
Had a chat with @wcarthur1 today and it looks like my efforts to install the SAPI headers were a bit overly ambitious. Some of the headers we're now installing aren't intended for public consumption. This issue is to track identifying which headers shouldn't be installed and then backing them out of the build / install target.
Related to the point raised by @theopolis in #92: The include directives in some of the TSS code, namely the common test code, references headers in a way that requires that their location be on the gcc search path.
With the tpm2.0-tools referencing this code directly (not how they were intended to be used I imagine, but the code is useful so it's being used elsewhere) we run into a situation where the the tpm2.0-tools build must either use the headers in the TPM2.0-TSS repo (the current approach) or it will need to be told where to search for them on the build host. The later is preferable as it prevents us from referencing headers and compiled libraries that may be out of sync though it requires that the tpm2.0-tools know where to find the installed headers.
Neither of these two approaches are ideal though. The "right way to do it" is a bit more invasive and requires two things:
The most disruptive change will be the first as it will effect both the Linux build as well as the Windows build. I doubt the changes will be significant but they will need to be coordinated. I'll put together a PR in the next few days to make this more clear.
When running 'make' in a source tree that has already been built libtpm.a is linked even though none of its dependencies have changed. This is usually caused by a bad .PHONY. I think it's related to the DIRS target but haven't tested this theory.
This should be a very easy fix but I'm going to hold off and fix it as part of the autotools 'milestone' just for the sake of simplicity.
GNU conventions stipulate that build and install instructions be kept in a file called INSTALL. This file should contain all data required to build and install the software from source. Since we aren't yet distributing "releases" this file should have instructions from building the software as distributed on github.
The Readme.pdf file isn't available in source form so updating it is difficult. The content from this file needs to be migrated to plaintext for maintainability.
Build libtpm.a as a shared object. The benefits here are the same as for every other shared object: save space by sharing executable code. Hopefully this is just some more autotools magic.
file: https://github.com/01org/TPM2.0-TSS/blob/master/sysapi/sysapi/authorizations.c
commit: ca8e7f3)
1. TSS2_SYS_RC_BAD_VALUE should cause immediate return
this is "source null pointer" scenario
line 78 change break to return rval
First steps in autotools integration is:
This issue won't cover migrating the Makefiles over to automake, just generating them from templates and using some of the more important autoconf variables.
Time to get some GNU build religion to encourage adoption. This is something that should be broken down into multiple tasks so just a single "issue" isn't sufficient. Can I get an admin to create a milestone in the issue tracker for the autotoolification of the build plz? I'll create individual issues for the work items and tie them to pull requests as I hit good checkpoints.
Thanks!
I couldn't figure out how to get automake to enumerate all source files for the build like we were doing in our hand made Makefiles. I've found a few examples of projects that do this at configure time and it seems like a viable solution.
Current implementation of Tss2_Sys_Initialize() in https://github.com/01org/TPM2.0-TSS/blob/master/sysapi/sysapi/ContextManagement.c
according to:
http://www.trustedcomputinggroup.org/files/static_page_files/28CE28FA-1A4B-B294-D0A965038809FE9B/TSS%20system%20API%2001.pdf
TSS System Level API and TPM Command
Transmission Interface Specification
Family "2.0"
Level 00, Revision 01.00
26 January 2015
page 32
misses following RC values:
TSS2_SYS_RC_INSUFFICIENT_CONTEXT: if for any reason there’s not enough memory.
TSS2_SYS_RC_BAD_VALUE: if any parameter has a bad value.
TSS2_SYS_RC_BAD_REFERENCE: if any of sysContext is a NULL pointer.
TSS2_SYS_RC_BAD_TCTI_STRUCTURE: if the implementation checks the TCTI function pointers and
any of the essential ones (transmit and receive) are set to NULL.
Any TPM or TCTI errors that could result from GetCapability calls that are made to get TPM version info.
TSS2_SYS_RC_INCOMPATIBLE_TCTI: unknown or unusable TCTI version.
Any plans in this subject?
Moving from Makefile to Makefile.in templates (as described in #2) is a checkpoint on the road to full automake integration. This means using Makefile.am files and having the configure process generate our Makefile.ins for us. This will cover implementing the standard GNU build targets (install, clean, dist etc).
The GNU conventions for tracking major changes calls for a file called 'ChangeLog'. The format of this file is not well defined but examples are given in the GNU Coding Standard Change Logs. This is strikingly similar to the format used by @wcarthur1 in the release notes PDF.
Essentially this issue calls for moving this data over to the ChangeLog file in plain text.
I had to do some contortions to get automake to play nice with the recursive make stuff we were doing. After a bit of research it looks like the "right thing to do" is to just have a single Makefile.am in the root. I've found a pile of other projects that do the same thing and I'm pretty convinced this will simplify the build considerably. This issue will track a prototype of this approach. If the prototype proves my suspicions to be true (a more simple and maintainable build) then I'll throw together a PR. If not, I'll just scrap it and pretend like it never happened :)
This may be a bit controversial because it's something used to make developers lives easier. The autotools / GNU philosophy w/r to the build system however is that the audience is the user (person who downloads code and compiles it for their own system) and not the developer / maintainer. This means that specific 'debug' / 'production' targets are discouraged.
Despite removing these custom build targets we can still achieve the same goals / functionality for developers by using the builtin VPATH feature. For this issue to be resolved VPATH must work and documentation describing how to generate debug / production builds (really any build that requires custom compiler flags) needs to go into the README. Hopefully this will keep developers happy and productive wile making it easier for packagers to build this stuff for distros.
This is a pretty boring task but the PDF that has the Will's development history needs to be migrated over to the GNU ChangeLog format. It's pretty much already in the right format but it needs to be copy / pasted into plain text.
Some bashisms (shell script syntax specific to bash and thus incompatible with the bourne shell) snuck into the bootstrap script. These must be removed.
There's already a PR #44 in the queue that resolves this. I'm adding this issue so that anyone who may run across this can get data on a fix and keep from creating a duplicate issue. If you do pull down the fix from the PR be sure to clean out your source tree before running bootstrap as it seems that autoconf leaves some macros lying around that keep the fix from working properly.
On most distros this macro is in the autoconf-archive package. It's also a PITA because it depends on using automake so we can't implement this till #4 is resolved.
1>NMAKE : fatal error U1095: expanded command line 'C:"Program Files (x86)""Microsoft Visual Studio 12.0"\VC\BIN\lib /NOLOGO /OUT:.\lib\debug\tpm.lib .\lib\debug\authorizations.obj .\lib\debug\ContextManagement.obj .\lib\debug\DecryptParam.obj .\lib\debug\EncryptParam.obj .\lib\debug\execute.obj .\lib\debug\Finalize.obj .\lib\debug\GetCommandCode.obj .\lib\debug\GetCpBuffer.obj .\lib\debug\GetRpBuffer.obj .\lib\debug\GetTctiContext.obj .\lib\debug\Tss2_Sys_ActivateCredential.obj .\lib\debug\Tss2_Sys_Certify.obj .\lib\debug\Tss2_Sys_CertifyCreation.obj .\lib\debug\Tss2_Sys_ChangeEPS.obj .\lib\debug\Tss2_Sys_ChangePPS.obj .\lib\debug\Tss2_Sys_Clear.obj .\lib\debug\Tss2_Sys_ClearControl.obj .\lib\debug\Tss2_Sys_ClockRateAdjust.obj .\lib\debug\Tss2_Sys_ClockSet.obj .\lib\debug\Tss2_Sys_Commit.obj .\lib\debug\Tss2_Sys_ContextLoad.obj .\lib\debug\Tss2_Sys_ContextSave.obj .\lib\debug\Tss2_Sys_Create.obj .\lib\debug\Tss2_Sys_CreatePrimary.obj .\lib\debug\Tss2_Sys_DictionaryAttackLockReset.obj .\lib\debug\Tss2_Sys_DictionaryAttackParameters.obj .\lib\debug\Tss2_Sys_Duplicate.obj .\lib\debug\Tss2_Sys_ECC_Parameters.obj .\lib\debug\Tss2_Sys_ECDH_KeyGen.obj .\lib\debug\Tss2_Sys_ECDH_ZGen.obj .\lib\debug\Tss2_Sys_EC_Ephemeral.obj .\lib\debug\Tss2_Sys_EncryptDecrypt.obj .\lib\debug\Tss2_Sys_EventSequenceComplete.obj .\lib\debug\Tss2_Sys_EvictControl.obj .\lib\debug\Tss2_Sys_FieldUpgradeData.obj .\lib\debug\Tss2_Sys_FieldUpgradeStart.obj .\lib\debug\Tss2_Sys_FirmwareRead.obj .\lib\debug\Tss2_Sys_FlushContext.obj .\lib\debug\Tss2_Sys_GetCapability.obj .\lib\debug\Tss2_Sys_GetCommandAuditDigest.obj .\lib\debug\Tss2_Sys_GetRandom.obj .\lib\debug\Tss2_Sys_GetSessionAuditDigest.obj .\lib\debug\Tss2_Sys_GetTestResult.obj .\lib\debug\Tss2_Sys_GetTime.obj .\lib\debug\Tss2_Sys_Hash.obj .\lib\debug\Tss2_Sys_HashSequenceStart.obj .\lib\debug\Tss2_Sys_HierarchyChangeAuth.obj .\lib\debug\Tss2_Sys_HierarchyControl.obj .\lib\debug\Tss2_Sys_HMAC.obj .\lib\debug\Tss2_Sys_HMAC_Start.obj .\lib\debug\Tss2_Sys_Import.obj .\lib\debug\Tss2_Sys_IncrementalSelfTest.obj .\lib\debug\Tss2_Sys_Load.obj .\lib\debug\Tss2_Sys_LoadExternal.obj .\lib\debug\Tss2_Sys_MakeCredential.obj .\lib\debug\Tss2_Sys_NV_Certify.obj .\lib\debug\Tss2_Sys_NV_ChangeAuth.obj .\lib\debug\Tss2_Sys_NV_DefineSpace.obj .\lib\debug\Tss2_Sys_NV_Extend.obj .\lib\debug\Tss2_Sys_NV_GlobalWriteLock.obj .\lib\debug\Tss2_Sys_NV_Increment.obj .\lib\debug\Tss2_Sys_NV_Read.obj .\lib\debug\Tss2_Sys_NV_ReadLock.obj .\lib\debug\Tss2_Sys_NV_ReadPublic.obj .\lib\debug\Tss2_Sys_NV_SetBits.obj .\lib\debug\Tss2_Sys_NV_UndefineSpace.obj .\lib\debug\Tss2_Sys_NV_UndefineSpaceSpecial.obj .\lib\debug\Tss2_Sys_NV_Write.obj .\lib\debug\Tss2_Sys_NV_WriteLock.obj .\lib\debug\Tss2_Sys_ObjectChangeAuth.obj .\lib\debug\Tss2_Sys_PCR_Allocate.obj .\lib\debug\Tss2_Sys_PCR_Event.obj .\lib\debug\Tss2_Sys_PCR_Extend.obj .\lib\debug\Tss2_Sys_PCR_Read.obj .\lib\debug\Tss2_Sys_PCR_Reset.obj .\lib\debug\Tss2_Sys_PCR_SetAuthPolicy.obj .\lib\debug\Tss2_Sys_PCR_SetAuthValue.obj .\lib\debug\Tss2_Sys_PolicyAuthorize.obj .\lib\debug\Tss2_Sys_PolicyAuthValue.obj .\lib\debug\Tss2_Sys_PolicyCommandCode.obj .\lib\debug\Tss2_Sys_PolicyCounterTimer.obj .\lib\debug\Tss2_Sys_PolicyCpHash.obj .\lib\debug\Tss2_Sys_PolicyDuplicationSelect.obj .\lib\debug\Tss2_Sys_PolicyGetDigest.obj .\lib\debug\Tss2_Sys_PolicyLocality.obj .\lib\debug\Tss2_Sys_PolicyNameHash.obj .\lib\debug\Tss2_Sys_PolicyNV.obj .\lib\debug\Tss2_Sys_PolicyNVWritten.obj .\lib\debug\Tss2_Sys_PolicyOR.obj .\lib\debug\Tss2_Sys_PolicyPassword.obj .\lib\debug\Tss2_Sys_PolicyPCR.obj .\lib\debug\Tss2_Sys_PolicyPhysicalPresence.obj .\lib\debug\Tss2_Sys_PolicyRestart.obj .\lib\debug\Tss2_Sys_PolicySecret.obj .\lib\debug\Tss2_Sys_PolicySigned.obj .\lib\debug\Tss2_Sys_PolicyTicket.obj .\lib\debug\Tss2_Sys_PP_Commands.obj .\lib\debug\Tss2_Sys_Quote.obj .\lib\debug\Tss2_Sys_ReadClock.obj .\lib\debug\Tss2_Sys_ReadPublic.obj .\lib\debug\Tss2_Sys_Rewrap.obj .\lib\debug\Tss2_Sys_RSA_Decrypt.obj .\lib\debug\Tss2_Sys_RSA_Encrypt.obj .\lib\debug\Tss2_Sys_SelfTest.obj .\lib\debug\Tss2_Sys_SequenceComplete.obj .\lib\debug\Tss2_Sys_SequenceUpdate.obj .\lib\debug\Tss2_Sys_SetAlgorithmSet.obj .\lib\debug\Tss2_Sys_SetCommandCodeAuditStatus.obj .\lib\debug\Tss2_Sys_SetPrimaryPolicy.obj .\lib\debug\Tss2_Sys_Shutdown.obj .\lib\debug\Tss2_Sys_Sign.obj .\lib\debug\Tss2_Sys_StartAuthSession.obj .\lib\debug\Tss2_Sys_Startup.obj .\lib\debug\Tss2_Sys_StirRandom.obj .\lib\debug\Tss2_Sys_TestParms.obj .\lib\debug\Tss2_Sys_Unseal.obj .\lib\debug\Tss2_Sys_Vendor_TCG_Test.obj .\lib\debug\Tss2_Sys_VerifySignature.obj .\lib\debug\Tss2_Sys_ZGen_2Phase.obj .\lib\debug\changeEndian.obj .\lib\debug\checkoverflow.obj .\lib\debug\CommandUtil.obj .\lib\debug\CompareSizedByteBuffer.obj .\lib\debug\ConcatSizedByteBuffer.obj .\lib\debug\copymem.obj .\lib\debug\CopySessionData.obj .\lib\debug\debug.obj .\lib\debug\GetDigestSize.obj .\lib\debug\GetNumHandles.obj .\lib\debug\marshal_simple_tpm2b.obj .\lib\debug\Marshal_TPM2B_ECC_POINT.obj .\lib\debug\Marshal_TPM2B_NV_PUBLIC.obj .\lib\debug\Marshal_TPM2B_PUBLIC.obj .\lib\debug\Marshal_TPM2B_SENSITIVE.obj .\lib\debug\Marshal_TPM2B_SENSITIVE_CREATE.obj .\lib\debug\Marshal_TPMA_ALGORITHM.obj .\lib\debug\Marshal_TPMA_LOCALITY.obj .\lib\debug\Marshal_TPMA_NV.obj .\lib\debug\Marshal_TPMA_OBJECT.obj .\lib\debug\Marshal_TPMA_SESSION.obj .\lib\debug\Marshal_TPML_ALG.obj .\lib\debug\Marshal_TPML_CC.obj .\lib\debug\Marshal_TPML_DIGEST.obj .\lib\debug\Marshal_TPML_DIGEST_VALUES.obj .\lib\debug\Marshal_TPML_PCR_SELECTION.obj .\lib\debug\Marshal_TPMS_AUTH_COMMAND.obj .\lib\debug\Marshal_TPMS_CLOCK_INFO.obj .\lib\debug\Marshal_TPMS_CONTEXT.obj .\lib\debug\Marshal_TPMS_CONTEXT_DATA.obj .\lib\debug\Marshal_TPMS_ECC_PARMS.obj .\lib\debug\Marshal_TPMS_ECC_POINT.obj .\lib\debug\Marshal_TPMS_EMPTY.obj .\lib\debug\Marshal_TPMS_KEYEDHASH_PARMS.obj .\lib\debug\Marshal_TPMS_NV_PUBLIC.obj .\lib\debug\Marshal_TPMS_PCR_SELECT.obj .\lib\debug\Marshal_TPMS_PCR_SELECTION.obj .\lib\debug\Marshal_TPMS_RSA_PARMS.obj .\lib\debug\Marshal_TPMS_SCHEME_ECDAA.obj .\lib\debug\Marshal_TPMS_SCHEME_HASH.obj .\lib\debug\Marshal_TPMS_SCHEME_XOR.obj .\lib\debug\Marshal_TPMS_SENSITIVE_CREATE.obj .\lib\debug\Marshal_TPMS_SIGNATURE_ECC.obj .\lib\debug\Marshal_TPMS_SIGNATURE_RSA.obj .\lib\debug\Marshal_TPMS_SYMCIPHER_PARMS.obj .\lib\debug\Marshal_TPMS_TIME_INFO.obj .\lib\debug\Marshal_TPMT_ECC_SCHEME.obj .\lib\debug\Marshal_TPMT_HA.obj .\lib\debug\Marshal_TPMT_KDF_SCHEME.obj .\lib\debug\Marshal_TPMT_KEYEDHASH_SCHEME.obj .\lib\debug\Marshal_TPMT_PUBLIC.obj .\lib\debug\Marshal_TPMT_PUBLIC_PARMS.obj .\lib\debug\Marshal_TPMT_RSA_DECRYPT.obj .\lib\debug\Marshal_TPMT_RSA_SCHEME.obj .\lib\debug\Marshal_TPMT_SENSITIVE.obj .\lib\debug\Marshal_TPMT_SIGNATURE.obj .\lib\debug\Marshal_TPMT_SIG_SCHEME.obj .\lib\debug\Marshal_TPMT_SYM_DEF.obj .\lib\debug\Marshal_TPMT_SYM_DEF_OBJECT.obj .\lib\debug\Marshal_TPMT_TK_AUTH.obj .\lib\debug\Marshal_TPMT_TK_CREATION.obj .\lib\debug\Marshal_TPMT_TK_HASHCHECK.obj .\lib\debug\Marshal_TPMT_TK_VERIFIED.obj .\lib\debug\Marshal_TPMU_ASYM_SCHEME.obj .\lib\debug\Marshal_TPMU_HA.obj .\lib\debug\Marshal_TPMU_KDF_SCHEME.obj .\lib\debug\Marshal_TPMU_PUBLIC_ID.obj .\lib\debug\Marshal_TPMU_PUBLIC_PARMS.obj .\lib\debug\Marshal_TPMU_SCHEME_KEYEDHASH.obj .\lib\debug\Marshal_TPMU_SENSITIVE_COMPOSITE.obj .\lib\debug\Marshal_TPMU_SIGNATURE.obj .\lib\debug\Marshal_TPMU_SIG_SCHEME.obj .\lib\debug\Marshal_TPMU_SYM_KEY_BITS.obj .\lib\debug\Marshal_TPMU_SYM_MODE.obj .\lib\debug\marshal_uint16.obj .\lib\debug\marshal_uint32.obj .\lib\debug\marshal_uint64.obj .\lib\debug\marshal_uint8.obj .\lib\debug\unmarshal_simple_tpm2b.obj .\lib\debug\Unmarshal_TPM2B_ECC_POINT.obj .\lib\debug\Unmarshal_TPM2B_NV_PUBLIC.obj .\lib\debug\Unmarshal_TPM2B_PUBLIC.obj .\lib\debug\Unmarshal_TPM2B_SENSITIVE.obj .\lib\debug\Unmarshal_TPMA_ALGORITHM.obj .\lib\debug\Unmarshal_TPMA_CC.obj .\lib\debug\Unmarshal_TPMA_LOCALITY.obj .\lib\debug\Unmarshal_TPMA_NV.obj .\lib\debug\Unmarshal_TPMA_OBJECT.obj .\lib\debug\Unmarshal_TPMA_PERMANENT.obj .\lib\debug\Unmarshal_TPMA_SESSION.obj .\lib\debug\Unmarshal_TPMA_STARTUP_CLEAR.obj .\lib\debug\Unmarshal_TPML_ALG.obj .\lib\debug\Unmarshal_TPML_ALG_PROPERTY.obj .\lib\debug\Unmarshal_TPML_CC.obj .\lib\debug\Unmarshal_TPML_CCA.obj .\lib\debug\Unmarshal_TPML_DIGEST.obj .\lib\debug\Unmarshal_TPML_DIGEST_VALUES.obj .\lib\debug\Unmarshal_TPML_ECC_CURVE.obj .\lib\debug\Unmarshal_TPML_HANDLE.obj .\lib\debug\Unmarshal_TPML_PCR_SELECTION.obj .\lib\debug\Unmarshal_TPML_TAGGED_PCR_PROPERTY.obj .\lib\debug\Unmarshal_TPML_TAGGED_TPM_PROPERTY.obj .\lib\debug\Unmarshal_TPMS_ALGORITHM_DESCRIPTION.obj .\lib\debug\Unmarshal_TPMS_ALGORITHM_DETAIL_ECC.obj .\lib\debug\Unmarshal_TPMS_ALG_PROPERTY.obj .\lib\debug\Unmarshal_TPMS_ATTEST.obj .\lib\debug\Unmarshal_TPMS_AUTH_RESPONSE.obj .\lib\debug\Unmarshal_TPMS_CAPABILITY_DATA.obj .\lib\debug\Unmarshal_TPMS_CERTIFY_INFO.obj .\lib\debug\Unmarshal_TPMS_CLOCK_INFO.obj .\lib\debug\Unmarshal_TPMS_COMMAND_AUDIT_INFO.obj .\lib\debug\Unmarshal_TPMS_CONTEXT.obj .\lib\debug\Unmarshal_TPMS_CONTEXT_DATA.obj .\lib\debug\Unmarshal_TPMS_CREATION_DATA.obj .\lib\debug\Unmarshal_TPMS_CREATION_INFO.obj .\lib\debug\Unmarshal_TPMS_ECC_PARMS.obj .\lib\debug\Unmarshal_TPMS_ECC_POINT.obj .\lib\debug\Unmarshal_TPMS_EMPTY.obj .\lib\debug\Unmarshal_TPMS_KEYEDHASH_PARMS.obj .\lib\debug\Unmarshal_TPMS_NV_CERTIFY_INFO.obj .\lib\debug\Unmarshal_TPMS_NV_PUBLIC.obj .\lib\debug\Unmarshal_TPMS_PCR_SELECT.obj .\lib\debug\Unmarshal_TPMS_PCR_SELECTION.obj .\lib\debug\Unmarshal_TPMS_QUOTE_INFO.obj .\lib\debug\Unmarshal_TPMS_RSA_PARMS.obj .\lib\debug\Unmarshal_TPMS_SCHEME_ECDAA.obj .\lib\debug\Unmarshal_TPMS_SCHEME_HASH.obj .\lib\debug\Unmarshal_TPMS_SCHEME_XOR.obj .\lib\debug\Unmarshal_TPMS_SESSION_AUDIT_INFO.obj .\lib\debug\Unmarshal_TPMS_SIGNATURE_ECC.obj .\lib\debug\Unmarshal_TPMS_SIGNATURE_RSA.obj .\lib\debug\Unmarshal_TPMS_SYMCIPHER_PARMS.obj .\lib\debug\Unmarshal_TPMS_TAGGED_PCR_SELECT.obj .\lib\debug\Unmarshal_TPMS_TAGGED_PROPERTY.obj .\lib\debug\Unmarshal_TPMS_TIME_ATTEST_INFO.obj .\lib\debug\Unmarshal_TPMS_TIME_INFO.obj .\lib\debug\Unmarshal_TPMT_ECC_SCHEME.obj .\lib\debug\Unmarshal_TPMT_HA.obj .\lib\debug\Unmarshal_TPMT_KDF_SCHEME.obj .\lib\debug\Unmarshal_TPMT_KEYEDHASH_SCHEME.obj .\lib\debug\Unmarshal_TPMT_PUBLIC.obj .\lib\debug\Unmarshal_TPMT_PUBLIC_PARMS.obj .\lib\debug\Unmarshal_TPMT_RSA_DECRYPT.obj .\lib\debug\Unmarshal_TPMT_RSA_SCHEME.obj .\lib\debug\Unmarshal_TPMT_SENSITIVE.obj .\lib\debug\Unmarshal_TPMT_SIGNATURE.obj .\lib\debug\Unmarshal_TPMT_SIG_SCHEME.obj .\lib\debug\Unmarshal_TPMT_SYM_DEF.obj .\lib\debug\Unmarshal_TPMT_SYM_DEF_OBJECT.obj .\lib\debug\Unmarshal_TPMT_TK_AUTH.obj .\lib\debug\Unmarshal_TPMT_TK_CREATION.obj .\lib\debug\Unmarshal_TPMT_TK_HASHCHECK.obj .\lib\debug\Unmarshal_TPMT_TK_VERIFIED.obj .\lib\debug\Unmarshal_TPMU_ASYM_SCHEME.obj .\lib\debug\Unmarshal_TPMU_ATTEST.obj .\lib\debug\Unmarshal_TPMU_CAPABILITIES.obj .\lib\debug\Unmarshal_TPMU_HA.obj .\lib\debug\Unmarshal_TPMU_KDF_SCHEME.obj .\lib\debug\Unmarshal_TPMU_PUBLIC_ID.obj .\lib\debug\Unmarshal_TPMU_PUBLIC_PARMS.obj .\lib\debug\Unmarshal_TPMU_SCHEME_KEYEDHASH.obj .\lib\debug\Unmarshal_TPMU_SENSITIVE_COMPOSITE.obj .\lib\debug\Unmarshal_TPMU_SIGNATURE.obj .\lib\debug\Unmarshal_TPMU_SIG_SCHEME.obj .\lib\debug\Unmarshal_TPMU_SYM_KEY_BITS.obj .\lib\debug\Unmarshal_TPMU_SYM_MODE.obj .\lib\debug\unmarshal_uint16.obj .\lib\debug\unmarshal_uint32.obj .\lib\debug\unmarshal_uint64.obj .\lib\debug\unmarshal_uint8.obj ' too long
1> Stop.
1>NMAKE : fatal error U1077: '"C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\nmake.exe"' : return code '0x2'
1> Stop.
1>C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\V120\Microsoft.MakeFile.Targets(38,5): error MSB3073: The command "nmake /F windows.mak Debug" exited with code 2.
tpmtest can run on different TPM implementations (dTPM, simulator, Intel PTT, etc.). It should use GetCapability to get the list of supported commands and dynamically configure itself to run on the particular TPM its connected to.
file: https://github.com/01org/TPM2.0-TSS/blob/master/sysapi/sysapi/authorizations.c
commit: ca8e7f3)
1. missing oversize check TSS2_SYS_RC_INVALID_SESSIONS
for hmac at line 201
2. skip rspAuth extraction when destination pointer ==0
according to:
http://www.trustedcomputinggroup.org/files/static_page_files/28CE28FA-1A4B-B294-D0A965038809FE9B/TSS%20system%20API%2001.pdf
TSS System Level API and TPM Command
Transmission Interface Specification
Family "2.0"
Level 00, Revision 01.00
26 January 2015
page 41
8.7.4.2 Tss2_Sys_GetRspAuths
...
This function gets the response authorization data from the sysContext. If an element in the
rspAuthArray->rspAuths array is NULL, that authorization is skipped in the sysContext.
Scenario:
sysContext contains 3 rspAuths,
rspAuthArray->rspAuths[1] == 0 // element is NULL but others not
Tss2_Sys_GetRspAuths(sysContext, rspAuthArray)
result: rspAuthArray->rspAuths[2] is not populated with third rspAuth from sysContext
expected result:
rspAuthArray->rspAuths[0] is populated with first rspAuth from sysContext
rspAuthArray->rspAuths[1] extraction skipped
rspAuthArray->rspAuths[2] is populated with third rspAuth from sysContext
Let me know If I understand it correctly, then I can provide a fix.
3. TSS2_RC_SUCCESS when rspAuthsArray == NULL
according to doc it should be:
TSS2_SYS_RC_BAD_REFERENCE: if sysContext or rspAuthsArray are NULL
update for doc?
4. not implemented TSS2_SYS_RC_BAD_VALUE: if rspAuthsArray.authsCount is 0
its covered by either by
TSS2_RC_SUCCESS when SYS_CONTEXT->authsCount ==0
or
TSS2_SYS_RC_INVALID_SESSIONS when ( rspAuthsArray->rspAuthsCount != SYS_CONTEXT->authsCount )
update for doc?
Create the sapi library using libtool instead of the ar utility directly. This will get us a step closer to building shared objects as well as the static one. libtool also works on windows so this should work under cygwin too.
We've got a license header on the source files but there's no LICESE or COPYING file in the project root. This is a convention intended to make the license for the project obvious / easy to find.
In current resourcemgr, transient virtual object handle can only be accessed by the creation connection. This make things hard for the collaboration of standalone tools based upon SAPI.
We can add a command line option "-sharedhandle" to explicitly allow the sharing of transient handles across connections.
The requirements for this are the same as #57. Install headers, use in the resourcemgr and test applications.
Currently libtpm.a is a 'noinst' library so it's not installed when 'make install' is invoked. If we want distros to package this we'll need to sort out installing it in the right place along with the resource manager.
win7 cygwin; make
~/Documents/TPM/TPM2.0-TSS/sysapi
$ make
gcc -g -O2 -I./include -c sysapi/authorizations.c -o lib/authorizations.o
In file included from ./include/tpm20.h:51:0,
from sysapi/authorizations.c:28:
./include/tss2_tcti.h:65:2: error: #error Info: Platform not supported for TCTI_POLL_HANDLES
#error Info: Platform not supported for TCTI_POLL_HANDLES
^
In file included from ./include/tpm20.h:52:0,
from sysapi/authorizations.c:28:
./include/tss2_tcti_util.h:73:5: error: unknown type name ‘SOCKET’
SOCKET otherSock;
^
./include/tss2_tcti_util.h:74:5: error: unknown type name ‘SOCKET’
SOCKET tpmSock;
^
./include/tss2_tcti_util.h:75:5: error: unknown type name ‘SOCKET’
SOCKET currentConnectSock;
^
Makefile:54: recipe for target 'lib/authorizations.o' failed
make: *** [lib/authorizations.o] Error 1
was successful with following update:
$ git diff include/tss2_tcti.h include/tss2_tcti_util.h
diff --git a/sysapi/include/tss2_tcti.h b/sysapi/include/tss2_tcti.h
index aa7f977..7211cf6 100644
--- a/sysapi/include/tss2_tcti.h
+++ b/sysapi/include/tss2_tcti.h
@@ -57,7 +57,7 @@ extern "C" {
#include <winsock2.h>
#include <windows.h>
typedef HANDLE TSS2_TCTI_POLL_HANDLE;
-#elif defined linux
+#elif defined linux || defined unix
#include <poll.h>
typedef struct pollfd TSS2_TCTI_POLL_HANDLE;
#else
diff --git a/sysapi/include/tss2_tcti_util.h b/sysapi/include/tss2_tcti_util.h
index 6c91694..52a8e2c 100644
--- a/sysapi/include/tss2_tcti_util.h
+++ b/sysapi/include/tss2_tcti_util.h
@@ -43,7 +43,7 @@
#error Version mismatch among TSS2 header files !
#endif /* TSS2_API_VERSION_1_1_1_1 */
-#if defined linux
+#if defined linux || defined unix
#include <sys/socket.h>
#define SOCKET int
#endif
/* current Intel version */
typedef struct {
on cygwin gcc macros can be listed with:
~/Documents/TPM/TPM2.0-TSS/sysapi
$ gcc -dM -E -x c /dev/null |egrep -i "cygwin|unix|win|linux"
#define __WINT_MAX__ 4294967295U
#define __unix__ 1
#define __unix 1
#define __WINT_MIN__ 0U
#define __SIZEOF_WINT_T__ 4
#define unix 1
#define __CYGWIN__ 1
#define __WINT_TYPE__ unsigned int
~/Documents/TPM/TPM2.0-TSS/sysapi
$ g++ -dM -E -x c++ /dev/null |egrep -i "cygwin|unix|win|linux"
#define __WINT_MAX__ 4294967295U
#define __unix__ 1
#define __unix 1
#define __WINT_MIN__ 0U
#define __SIZEOF_WINT_T__ 4
#define unix 1
#define __CYGWIN__ 1
#define __WINT_TYPE__ unsigned int
~/Documents/TPM/TPM2.0-TSS/sysapi
$
the same issue with resourcemgr/resourcemgr.c
-#elif __linux
+#elif __linux || __unix
with above make on cygwin succeeds
In hacking up the VS build files for #93 I noticed that of the 3 projects in the solution, one is an nmake file while the other two are ... whatever VS calls its XML config format. Consistency here would be a good way to lower the barrier to entry and help keep both builds working.
Specifically this means converting the SAPI project in the VS solution from an nmake to the VS XML build config.
In going through the tpm2.0-tools build I'm trying to reverse engineer the dependencies it has on the TPM2.0-TSS code. One thing it's referencing directly is the resource manager header. AFAIK it's doing this to get at only a few status codes.
What's not entirely clear to me is whether or not this file is intended for public consumption. If it is we only need to decide where to install it so that's easy. But from my reading of the TAB/RM specification we reference in the README, it looks like this file may not be intended for public consumption. This would mean that the tpm2.0-tools shouldn't be touching it at all and that the code there needs to be fixed.
@wcarthur1 any thoughts on this?
The headers for the TCTIs we provide should be named consistently. The library they're built into, as well as the directory they're installed into need to be renamed as part of the overall cleanup effort.
This ticket covers the following reorg:
tpm2tcti/localtpm.h -> tcti/tpmdevice.h
tpm2tcti/tpmsocket.h -> tcti/tpmsocket.h
libtpm2tctidev.so -> libtctidev.so
libtpm2tctisock.so -> libtctisock.so
This was a hack to work around some weirdness in the build when migrating to automake. Once #25 is sorted libcommon.a shouldn't be necessary. Odds are it was only necessary in the first place due to my lack of automake skillz.
We need a set of instructions that describe setting up the TPM2 simulator on Linux and testing the TSS against it.
When TSS is used with the tboot 1.8.3(TPM 2.0), the resource manager of TSS returns an error code to the client. Because of this error code, the client doesn't operate properly.
# Error messages of the resource manager
Resource Manager Other CMD Server accepted client
Accept socket: 0x6
Resource Manager TPM CMD Server accepted client
|| Loaded transient object handles:
|| 0x80000000, TpmCmdServer died (TPM CMD), rval: 0x00000000, socket: 0x6.
OtherCmdServer died (Other CMD), socket: 0x7.
To keep the test cases in sync and minimize the maintanance effort, we need to let tpmtest & tpmclient share more common code.
Use libtool to build SAPI code as a library. This includes both shared and static libraries with headers. All of this must be installed in the proper locations using the autotools stuff. Additionally, link the resourcemgr and test applications appropriately.
Requirements are the same as #57. Install headers, use in the resourcemgr and test applications. In the end an application that's using the resourcemgr to synchronize access to the TPM should link against the sapi and socket tcti libraries. Alternatively an embedded application with exclusive access to the TPM can link statically against the local TPM TCTI and SAPI libraries.
Automake has support for running test scripts as part of the 'make check' target. Seems like the right place to test the TPM2.0-TSS code. This 'issue' covers the basic setup and maybe an initial test case. Each test migrated / created should have it's own issue for tracking.
Currently we have to include the resource manager and all of its dependencies into the libraries for the TCTIs. This is on account of several dependencies pulled in through the 'extern' keyword. Till this is cleaned up any consumer of one of our TCTIs will inherit all dependencies from the resourcemgr which includes pthread.
user@PC ~/Documents/TPM2.0-TSS
$ rm -rf *
user@PC ~/Documents/TPM2.0-TSS
$ git reset --hard
HEAD is now at 196508f Merge pull request #54 from wcarthur1/master
user@PC /Documents/TPM2.0-TSSobsolete.m4'
$ ./bootstrap ; echo $?
Generating file lists: src_vars.mk
Running libtoolize ...
libtoolize: putting auxiliary files in '.'.
libtoolize: linking file './config.guess'
libtoolize: linking file './config.sub'
libtoolize: linking file './install-sh'
libtoolize: linking file './ltmain.sh'
libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'm4'.
libtoolize: linking file 'm4/libtool.m4'
libtoolize: linking file 'm4/ltoptions.m4'
libtoolize: linking file 'm4/ltsugar.m4'
libtoolize: linking file 'm4/ltversion.m4'
libtoolize: linking file 'm4/lt
Running aclocal ...
Running autoconf ...
configure.ac:6: error: possibly undefined macro: AC_MSG_ERROR
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
1
user@PC ~/Documents/TPM2.0-TSS
$ ./configure ; echo $?
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.exe
checking for suffix of executables... .exe
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking whether gcc understands -c and -o together... yes
checking for g++... g++
checking whether we are using the GNU C++ compiler... yes
checking whether g++ accepts -g... yes
checking build system type... x86_64-unknown-cygwin
checking host system type... x86_64-unknown-cygwin
checking how to print strings... printf
checking for a sed that does not truncate output... /usr/bin/sed
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for fgrep... /usr/bin/grep -F
checking for ld used by gcc... /usr/x86_64-pc-cygwin/bin/ld.exe
checking if the linker (/usr/x86_64-pc-cygwin/bin/ld.exe) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 8192
checking how to convert x86_64-unknown-cygwin file names to x86_64-unknown-cygwin format... func_convert_file_noop
checking how to convert x86_64-unknown-cygwin file names to toolchain format... func_convert_file_noop
checking for /usr/x86_64-pc-cygwin/bin/ld.exe option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... file_magic ^x86 archive import|^x86 DLL
checking for dlltool... dlltool
checking how to associate runtime and link libraries... func_cygming_dll_for_implib
checking for ar... ar
checking for archiver @file support... @
checking for strip... strip
checking for ranlib... ranlib
checking for gawk... gawk
checking command to parse /usr/bin/nm -B output from gcc object... ok
checking for sysroot... no
checking for a working dd... /usr/bin/dd
checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1
checking for mt... no
checking if : is a manifest tool... no
checking how to run the C preprocessor... gcc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... no
checking for gcc option to produce PIC... -DDLL_EXPORT -DPIC
checking if gcc PIC flag -DDLL_EXPORT -DPIC works... yes
checking if gcc static flag -static works... yes
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/usr/x86_64-pc-cygwin/bin/ld.exe) supports shared libraries... yes
checking dynamic linker characteristics... Win32 ld.exe
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... no
checking whether to build static libraries... yes
checking how to run the C++ preprocessor... g++ -E
checking for ld used by g++... /usr/x86_64-pc-cygwin/bin/ld.exe
checking if the linker (/usr/x86_64-pc-cygwin/bin/ld.exe) is GNU ld... yes
checking whether the g++ linker (/usr/x86_64-pc-cygwin/bin/ld.exe) supports shared libraries... yes
checking for g++ option to produce PIC... -DDLL_EXPORT -DPIC
checking if g++ PIC flag -DDLL_EXPORT -DPIC works... yes
checking if g++ static flag -static works... yes
checking if g++ supports -c -o file.o... yes
checking if g++ supports -c -o file.o... (cached) yes
checking whether the g++ linker (/usr/x86_64-pc-cygwin/bin/ld.exe) supports shared libraries... yes
checking dynamic linker characteristics... Win32 ld.exe
checking how to hardcode library paths into programs... immediate
./configure: line 14816: syntax error near unexpected token ,' ./configure: line 14816:
AX_PTHREAD(, AC_MSG_ERROR([requires pthread]))'
2
user@PC ~/Documents/TPM2.0-TSS
$ make
make: *** No targets specified and no makefile found. Stop.
user@PC ~/Documents/TPM2.0-TSS
$
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.