mirror of https://github.com/wolfSSL/wolfTPM.git
README: Add use of devtpm and QEMU
Add description on how to use swtpm with qemu to build and run and test with wolfTPM within QEMU.pull/146/head
Elms
parent
ab2ee19ff1
commit
230e21bbcc
51
README.md
51
README.md
|
|
@ -218,6 +218,57 @@ Note: When using a TPM device through the Linux kernel driver make sure sufficie
|
|||
sudo adduser yourusername tss
|
||||
```
|
||||
|
||||
#### With QEMU and swtpm
|
||||
|
||||
This demonstrates using wolfTPM in QEMU to communicate using the linux
|
||||
kernel device "/dev/tpmX". You will need to install or build
|
||||
[swtpm](https://github.com/stefanberger/swtpm).
|
||||
|
||||
You can setup a basic linux installation. Other installation bases can
|
||||
be used. This step will take some time to install the base linux
|
||||
system.
|
||||
|
||||
```
|
||||
# download mini install image
|
||||
curl -O http://archive.ubuntu.com/ubuntu/dists/bionic-updates/main/installer-amd64/current/images/netboot/mini.iso
|
||||
# create qemu image file
|
||||
qemu-img create -f qcow2 lubuntu.qcow2 5G
|
||||
# start swtpm and start qemu with install media
|
||||
swtpm socket --tpm2 --tpmstate dir=/tmp/mytpm1 --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock --log level=20 &
|
||||
qemu-system-x86_64 -m 1024 -boot d -bios bios-256k.bin -boot menu=on \
|
||||
-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
|
||||
-tpmdev emulator,id=tpm0,chardev=chrtpm \
|
||||
-device tpm-tis,tpmdev=tpm0 -hda lubuntu.qcow2 -cdrom mini.iso
|
||||
```
|
||||
|
||||
Once a base system is installed you will need to build wolfSSL and wolfTPM.
|
||||
|
||||
```
|
||||
swtpm socket --tpm2 --tpmstate dir=/tmp/mytpm1 --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock --log level=20 &
|
||||
qemu-system-x86_64 -m 1024 -boot d -bios bios-256k.bin -boot menu=on \
|
||||
-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
|
||||
-tpmdev emulator,id=tpm0,chardev=chrtpm \
|
||||
-device tpm-tis,tpmdev=tpm0 -hda lubuntu.qcow2 -nographic
|
||||
```
|
||||
In the QEMU terminal
|
||||
|
||||
```
|
||||
sudo apt install automake libtool gcc git make
|
||||
|
||||
# get and build wolfSSL
|
||||
git clone https://github.com/wolfssl/wolfssl.git
|
||||
pushd wolfssl
|
||||
./autogen.sh && ./configure --enable-wolftpm --disable-examples --prefix=$PWD/../inst && make install
|
||||
popd
|
||||
|
||||
# get and build wolfTPM
|
||||
git clone https://github.com/wolfssl/wolftpm.git
|
||||
pushd wolftpm
|
||||
./autogen.sh && ./configure --enable-devtpm --prefix=$PWD/../inst --enable-debug && make install
|
||||
popd
|
||||
```
|
||||
You can now run the examples such as `./examples/wrap/wrap` within QEMU
|
||||
|
||||
### Building for SWTPM
|
||||
|
||||
See `docs/SWTPM.md`
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ ps $swtpm_pid > /dev/null
|
|||
if [ 0 -eq $? ]; then
|
||||
echo "Started $SWTPM_EXEC (pid:$swtpm_pid)";
|
||||
else
|
||||
echo "WARNING: $SWTPM_EXEC unable to start. Trying tests in case other instnace is running" >&2
|
||||
echo "WARNING: $SWTPM_EXEC unable to start. Trying tests in case other instance is running" >&2
|
||||
fi
|
||||
|
||||
# execute unit test
|
||||
|
|
|
|||
Loading…
Reference in New Issue