sandbox TPM
Peter Robinson
pbrobinson at gmail.com
Sun Aug 29 12:53:02 CEST 2021
On Sat, Aug 28, 2021 at 10:19 PM Simon Glass <sjg at chromium.org> wrote:
>
> Hi Heinrich,
>
> On Sat, 28 Aug 2021 at 06:18, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
> >
> > The current TPM emulation in drivers/tpm/tpm(2)_tis_sandbox.c is not
> > spec compliant.
>
> Do you mean it is incomplete or that it has bugs? If it is incomplete,
> what is needed by U-Boot?
>
> >
> > A TPM emulation as UNIX socket exists with
> > https://github.com/stefanberger/swtpm.git. QEMU already uses this emulator.
> >
> > Couldn't the sandbox do the same? I think this is the fastest way to get
> > a compliant sandbox TPM.
>
> Well we could if we need it. Are you sure it is a good idea? There is
> a lot of code there. Are you thinking it would be copied into the
> U-Boot tree and kept in sync with a script, perhaps? Presumably the
> project would accept changes we need?
qemu doesn't copy it in, why can't it just run independently as part
of the CI process? The rust TPM2 bindings do that here:
https://github.com/parallaxsecond/rust-tss-esapi/blob/main/tss-esapi/tests/all-fedora.sh#L13
More information about the U-Boot
mailing list