How to differentiate real tpm & tpm simulator.

[srinivas]

Hi,
I was running tpm s/w on linux was in assumption tool is responding to commands but it wasnt a case. I was getting same response from tpm command even after closing tpm_server/abrmd.

I tried to find related topic but not able to find any. Is there any document where I can:
1) if s/w will run if the laptop doesnt have tpm. (I tried this option, /dev/tpm were not created.
2) In linux if tpm2 present, tpm2 is giving response instead of simulator.

Thanks,
Srinivas.

[Ken Goldman]

Several comments:

1. I believe that abrmd is an Intel user space resource manager for a HW TPM . I recommend using the built-in Linux HW TPM resource manager at /dev/tpmrm0. abrmd can connect to a SW TPM, but you'll have to go to Intel for support.
2. To connect to a SW TPM, you can use the direct socket interface, supported by the IBM TSS. (and maybe Intel). On Linux, https://github.com/stefanberger/swtpm adds a /dev/tpm0 layer to the SW TPM.

As for your questions:

1. What software [will run]?
2. There is no /dev/tpm. The Linux device driver will create /dev/tpm0 and /dev/tpmrm0, but only if there is a HW TPM.
3. If you connect to /dev/..., it will connect to the HW TPM unless you use Stefan's simulation layer.
4. To connect to the SW TPM (recommended for development), the socket interface is the easiest.

[srinivas]

Hi Ken,
Following things I tried:1) Installed tpm software[ubuntu without TPM], I was getting error and couldn't run abrmd itself.
sudo tpm2-abrmd --tcti=device --allow-root
ERROR:tcti:src/tss2-tcti/tcti-device.c:399:Tss2_Tcti_Device_Init() Failed to open device file /dev/tpm0: No such file or directory

• (tpm2-abrmd:15401): WARNING *: 22:33:47.028: failed to initialize device TCTI context: 0xa000a

• (tpm2-abrmd:15401): CRITICAL *: 22:33:47.028: init_thread_func: failed to create TCTI with name "device" and conf "(null)"

(tpm2-abrmd:15401): GLib-GIO-CRITICAL **: 22:33:47.028: g_bus_unown_name: assertion 'owner_id > 0' failed
2) Installed tpm software[ubuntu with tpm2.0 chip], Could able to run abrmd/server but  responses to commands were from tpm h/w.
3)  Disable tpm in bios[case 2] and   abrmd/server run fine but I couldn't able to get any commands o/p. It seems to be same case as 1 but to my surprise, I didn't get any error, when I start abrmd.

Thanks,
On Monday, 17 June 2019, 19:52:28 GMT+5:30, Ken Goldman kagoldman@users.sourceforge.net wrote:

Several comments:

• I believe that abrmd is an Intel user space resource manager for a HW TPM . I recommend using the built-in Linux HW TPM resource manager at /dev/tpmrm0. abrmd can connect to a SW TPM, but you'll have to go to Intel for support.
• To connect to a SW TPM, you can use the direct socket interface, supported by the IBM TSS. (and maybe Intel). On Linux, https://github.com/stefanberger/swtpm adds a /dev/tpm0 layer to the SW TPM.

As for your questions:

• What software [will run]?
• There is no /dev/tpm. The Linux device driver will create /dev/tpm0 and /dev/tpmrm0, but only if there is a HW TPM.
• If you connect to /dev/..., it will connect to the HW TPM unless you use Stefan's simulation layer.
• To connect to the SW TPM (recommended for development), the socket interface is the easiest.

How to differentiate real tpm & tpm simulator.

Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/ibmswtpm2/discussion/general/

To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/

[Ken Goldman]

1. I could not determine what your question is from the above. It would be better to break down the post into only one precise: You tried this, This is what failed, How I can help.
2. I absolutely do not support the Intel resource manager. Please try Intel support. I recommend the built-in Linux kernel resource manager.

[srinivas]

Thanks Ken, Currently I m using built-in linux kernel RM & raspberry + TPM chip. Both are working fine.

But It took me a couple of weeks, during that time I was exploring  TPM-software  & what are working cases[simple steps].Wanted to document working cases, so that It can useful for other users.

On Tuesday, 18 June 2019, 20:14:19 GMT+5:30, Ken Goldman <kagoldman@users.sourceforge.net> wrote:

• I could not determine what your question is from the above. It would be better to break down the post into only one precise: You tried this, This is what failed, How I can help.
• I absolutely do not support the Intel resource manager. Please try Intel support. I recommend the built-in Linux kernel resource manager.

How to differentiate real tpm & tpm simulator.

Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/ibmswtpm2/discussion/general/

To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/

[Ken Goldman]

If you're looking for use cases, the IBM TSS at https://sourceforge.net/projects/ibmtpm20tss/ has command line utilities for each TPM command. They are designed to be scripted. Then it includes sample scripts for many TPM use cases, and more are added at each release.

This permits you to write complex use cases without writing any C code.

[srinivas]

Thanks Ken.  It's very helpful.. I installed it and tried couple of commands & its very handy.

On Wednesday, 19 June 2019, 18:37:10 GMT+5:30, Ken Goldman <kagoldman@users.sourceforge.net> wrote:

If you're looking for use cases, the IBM TSS at https://sourceforge.net/projects/ibmtpm20tss/ has command line utilities for each TPM command. They are designed to be scripted. Then it includes sample scripts for many TPM use cases, and more are added at each release.

This permits you to write complex use cases without writing any C code.

How to differentiate real tpm & tpm simulator.

Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/ibmswtpm2/discussion/general/

To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/