On Wed, Nov 24, 2021 at 08:33:42AM +0100, Heinrich Schuchardt wrote: > On 11/24/21 08:23, Ilias Apalodimas wrote: > > Hi Heinrich, > > > > On Mon, 15 Nov 2021 at 12:11, Heinrich Schuchardt > > <heinrich.schucha...@canonical.com> wrote: > > > > > > Provide a QEMU helper script to launch swtpm and add extra parameters to > > > conf.qemu_arm64_na and conf.qemu_arm_na to provide an emulated TPMv2. > > > > > > Signed-off-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com> > > > --- > > > bin/qemu.swtpm | 19 +++++++++++++++++++ > > > bin/travis-ci/conf.qemu_arm64_na | 3 ++- > > > bin/travis-ci/conf.qemu_arm_na | 3 ++- > > > 3 files changed, 23 insertions(+), 2 deletions(-) > > > create mode 100755 bin/qemu.swtpm > > > > > > diff --git a/bin/qemu.swtpm b/bin/qemu.swtpm > > > new file mode 100755 > > > index 0000000..089feba > > > --- /dev/null > > > +++ b/bin/qemu.swtpm > > > @@ -0,0 +1,19 @@ > > > +#!/bin/sh > > > +# SPDX-License-Identifier: BSD-2 > > > +# > > > +# This script launches swtpm to emulate a TPMv2. The parameter -t makes > > > it > > > +# unload when the connection to QEMU is terminated. To make use of it add > > > +# > > > +# qemu_helper_script="swtpm" > > > +# > > > +# to the board script and the following arguments to qemu_extra_args > > > +# > > > +# -chardev socket,id=chrtpm,path=/tmp/tpm/swtpm-sock \ > > > +# -tpmdev emulator,id=tpm0,chardev=chrtpm \ > > > +# -device tpm-tis-device,tpmdev=tpm0 > > > +# > > > +# U-Boot must be built with CONFIG_TPM2_MMIO=y. > > > + > > > +mkdir -p /tmp/tpm > > > +swtpm socket -t --tpmstate dir=/tmp/tpm --tpm2 \ > > > +--ctrl type=unixio,path=/tmp/tpm/swtpm-sock & > > > > Nit pick the & can be '-d' > > Daemonizing will ensure that we don't get console output. I will change > this. > > > > > > diff --git a/bin/travis-ci/conf.qemu_arm64_na > > > b/bin/travis-ci/conf.qemu_arm64_na > > > index e7c9426..14577d8 100644 > > > --- a/bin/travis-ci/conf.qemu_arm64_na > > > +++ b/bin/travis-ci/conf.qemu_arm64_na > > > @@ -22,8 +22,9 @@ > > > > > > console_impl=qemu > > > qemu_machine="virt" > > > +qemu_helper_script="swtpm" > > > qemu_binary="qemu-system-aarch64" > > > -qemu_extra_args="-cpu cortex-a57 -nographic -netdev > > > user,id=net0,tftp=${UBOOT_TRAVIS_BUILD_DIR} -device e1000,netdev=net0 > > > -device virtio-rng-pci" > > > +qemu_extra_args="-cpu cortex-a57 -nographic -netdev > > > user,id=net0,tftp=${UBOOT_TRAVIS_BUILD_DIR} -device e1000,netdev=net0 > > > -device virtio-rng-pci -chardev socket,id=chrtpm,path=/tmp/tpm/swtpm-sock > > > -tpmdev emulator,id=tpm0,chardev=chrtpm -device > > > tpm-tis-device,tpmdev=tpm0" > > > qemu_kernel_args="-bios ${U_BOOT_BUILD_DIR}/u-boot.bin" > > > reset_impl=none > > > flash_impl=none > > > diff --git a/bin/travis-ci/conf.qemu_arm_na > > > b/bin/travis-ci/conf.qemu_arm_na > > > index 0f07c80..de0694d 100644 > > > --- a/bin/travis-ci/conf.qemu_arm_na > > > +++ b/bin/travis-ci/conf.qemu_arm_na > > > @@ -22,8 +22,9 @@ > > > > > > console_impl=qemu > > > qemu_machine="virt" > > > +qemu_helper_script="swtpm" > > > qemu_binary="qemu-system-arm" > > > -qemu_extra_args="-nographic -netdev > > > user,id=net0,tftp=${UBOOT_TRAVIS_BUILD_DIR} -device e1000,netdev=net0 > > > -device virtio-rng-pci" > > > +qemu_extra_args="-nographic -netdev > > > user,id=net0,tftp=${UBOOT_TRAVIS_BUILD_DIR} -device e1000,netdev=net0 > > > -device virtio-rng-pci -chardev socket,id=chrtpm,path=/tmp/tpm/swtpm-sock > > > -tpmdev emulator,id=tpm0,chardev=chrtpm -device > > > tpm-tis-device,tpmdev=tpm0" > > > > Just a note here 'tpm-tis-device' works for arm. If we evenr need > > this on x86 it's 'tpm-tis' .... > > This file is ARM specific.
Sure, but it's worth noting since if we can also use these features and tests on qemu-x86_64 we should. Doesn't need to be to start with tho. And I will apply this shortly. -- Tom
signature.asc
Description: PGP signature