Add support to use TSS with Zephyr

Signed-off-by: Christian Plappert <[email protected]>
cplappert · Jan 17, 2025 · 10c134b · 10c134b
1 parent 5bcdeb7
commit 10c134b
Show file tree

Hide file tree

Showing 4 changed files with 200 additions and 3 deletions.
diff --git a/doc/tss-for-zephyr.md b/doc/tss-for-zephyr.md
@@ -0,0 +1,187 @@
+# TSS for Zephyr
+
+*Disclaimer: Project builds but TCTI functionality not yet tested*
+
+
+## Prerequisites
+
+Install MbedTls according to https://github.com/zephyrproject-rtos/mbedtls
+
+1. Add mbedtls to west.yml
+
+```yml
+manifest:
+    projects:
+        [...]
+        - name: mbedtls
+        remote: zephyrproject-rtos
+        revision: v3.0.0
+        path: modules/crypto/mbedtls
+```
+
+2. Build mbedTLS (cf. https://github.com/zephyrproject-rtos/mbedtls?tab=readme-ov-file#cmake)
+
+```yml
+mkdir /path/to/build_dir && cd /path/to/build_dir
+cmake /path/to/mbedtls_source
+cmake --build .
+```
+
+3. Consume mbedTLS (cf. https://github.com/zephyrproject-rtos/mbedtls?tab=readme-ov-file#consuming-mbed-tls
+
+```yml
+set(MbedTLS_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../modules/crypto/mbedtls_build/cmake")
+find_package(MbedTLS)
+```
+
+
+## Adding TSS to the Zephyr project
+
+To integrate the TSS for Zephyr, the following files needs to be adjusted.
+
+## west.yml
+
+```yml
+manifest:
+    remotes:
+        [...]
+        - name: tpm2-software
+            url-base: https://github.com/tpm2-software
+
+    projects:
+        [...]
+        - name: tpm2-tss
+            remote: tpm2-software
+            revision: d0632dabe8557754705f8d38ffffdafc9f4865d1
+            path: my_zephyr_app/lib/tpm2-tss
+```
+
+
+
+## prj.conf
+
+```yaml
+[...]
+# Enable Basic POSIX and socket support
+CONFIG_STATIC_INIT_GNU=y # TSS requires GNU-style constructors
+CONFIG_POSIX_API=y # Needed by TSS for "open, read, write, lseek, close"
+CONFIG_FILE_SYSTEM=y # Needed by TSS for "open, read, write, lseek, close"
+CONFIG_NET_SOCKETS=y
+CONFIG_NETWORKING=y
+
+# Enable Crypto Libraries
+CONFIG_MBEDTLS=y
+CONFIG_MBEDTLS_BUILTIN=y
+[...]
+```
+
+
+## CMakeLists.txt
+
+Follow Zephyr instruction steps for including an external library:
+https://docs.zephyrproject.org/latest/samples/application_development/external_lib/README.html
+
+```yaml
+[...]
+# The external static library that we are linking with does not know
+# how to build for this platform so we export all the flags used in
+# this zephyr build to the external build system.
+#
+# Other external build systems may be self-contained enough that they
+# do not need any build information from zephyr. Or they may be
+# incompatible with certain zephyr options and need them to be
+# filtered out.
+zephyr_get_include_directories_for_lang_as_string(       C includes)
+zephyr_get_system_include_directories_for_lang_as_string(C system_includes)
+zephyr_get_compile_definitions_for_lang_as_string(       C definitions)
+zephyr_get_compile_options_for_lang_as_string(           C options)
+
+if(DEFINED CMAKE_C_COMPILER_TARGET)
+  set(target_flag "--target=${CMAKE_C_COMPILER_TARGET}")
+endif()
+
+set(external_project_cflags
+  "${target_flag} ${includes} ${definitions} ${options} ${system_includes}"
+  )
+
+
+include(ExternalProject)
+
+### 1. External Project: TSS
+
+# Add an external project to be able download and build the third
+# party library. In this case downloading is not necessary as it has
+# been committed to the repository.
+set(mylib_src_dir_tss   ${CMAKE_CURRENT_SOURCE_DIR}/lib/tpm2-tss-plappert-ssh)
+set(mylib_build_dir_tss ${CMAKE_CURRENT_BINARY_DIR}/lib/tpm2-tss-plappert-ssh)
+
+set(MYLIB_LIB_DIR_TSS     ${mylib_build_dir_tss}/lib)
+set(MYLIB_INCLUDE_DIR_TSS ${mylib_src_dir_tss}/include)
+
+if(CMAKE_GENERATOR STREQUAL "Unix Makefiles")
+# https://www.gnu.org/software/make/manual/html_node/MAKE-Variable.html
+set(submake "$(MAKE)")
+else() # Obviously no MAKEFLAGS. Let's hope a "make" can be found somewhere.
+set(submake "make")
+endif()
+
+set(mylib_cflags "-I${CMAKE_CURRENT_SOURCE_DIR}/../modules/crypto/mbedtls/include")
+
+set(mylib_config_str 
+"./bootstrap" && "./configure" "--host=arm-none-eabi"
+"--with-crypto=mbed" "--enable-nodl" "--disable-tcti-cmd" "--disable-tcti-device" "--disable-tcti-spidev"  "--disable-tcti-swtpm" "--disable-tcti-pcap" "--disable-tcti-spi-ftdi" "--disable-tcti-spi-ltt2go" "--disable-tcti-i2c-ftdi" "--disable-tcti-libtpms" "--disable-fapi" "--disable-policy"
+)
+
+# "--disable-util-io"
+# "--disable-tcti-mssim"
+
+set(mylib_cflags "${external_project_cflags} ${mylib_cflags}")
+
+ExternalProject_Add(
+  libtss2       # Name for custom target
+  PREFIX     ${mylib_build_dir_tss} # Root dir for entire project
+  SOURCE_DIR ${mylib_src_dir_tss}
+  BINARY_DIR ${mylib_src_dir_tss} # This particular build system is invoked from the root
+  CONFIGURE_COMMAND ${mylib_config_str}
+  BUILD_COMMAND
+  ${submake}
+  PREFIX=${mylib_build_dir_tss}
+  CC=${CMAKE_C_COMPILER}
+  AR=${CMAKE_AR}
+  CFLAGS=${mylib_cflags}
+  INSTALL_COMMAND ""      # This particular build system has no install command
+  BUILD_BYPRODUCTS ${mylib_src_dir_tss}/src/tss2-mu/.libs/libtss2-mu.a ${mylib_src_dir_tss}/src/tss2-sys/.libs/libtss2-sys.a ${mylib_src_dir_tss}/src/tss2-esys/.libs/libtss2-esys.a ${mylib_src_dir_tss}/src/tss2-tcti/.libs/libtss2-tcti-mssim.a ${mylib_src_dir_tss}/src/tss2-tcti/.libs/libtss2-tctildr.a 
+)
+
+# Create wrapper CMake libraries that our app can link with
+add_library(libtss2-mu STATIC IMPORTED GLOBAL)
+set_target_properties(libtss2-mu PROPERTIES IMPORTED_LOCATION             ${mylib_src_dir_tss}/src/tss2-mu/.libs/libtss2-mu.a)
+set_target_properties(libtss2-mu PROPERTIES INTERFACE_INCLUDE_DIRECTORIES ${MYLIB_INCLUDE_DIR_TSS})
+
+add_library(libtss2-sys STATIC IMPORTED GLOBAL)
+set_target_properties(libtss2-sys PROPERTIES IMPORTED_LOCATION             ${mylib_src_dir_tss}/src/tss2-sys/.libs/libtss2-sys.a)
+set_target_properties(libtss2-sys PROPERTIES INTERFACE_INCLUDE_DIRECTORIES ${MYLIB_INCLUDE_DIR_TSS})
+
+add_library(libtss2-esys STATIC IMPORTED GLOBAL)
+set_target_properties(libtss2-esys PROPERTIES IMPORTED_LOCATION             ${mylib_src_dir_tss}/src/tss2-esys/.libs/libtss2-esys.a)
+set_target_properties(libtss2-esys PROPERTIES INTERFACE_INCLUDE_DIRECTORIES ${MYLIB_INCLUDE_DIR_TSS})
+
+add_library(libtss2-tcti-mssim STATIC IMPORTED GLOBAL)
+set_target_properties(libtss2-tcti-mssim PROPERTIES IMPORTED_LOCATION             ${mylib_src_dir_tss}/src/tss2-tcti/.libs/libtss2-tcti-mssim.a)
+set_target_properties(libtss2-tcti-mssim PROPERTIES INTERFACE_INCLUDE_DIRECTORIES ${MYLIB_INCLUDE_DIR_TSS})
+
+add_library(libtss2-tctildr STATIC IMPORTED GLOBAL)
+set_target_properties(libtss2-tctildr PROPERTIES IMPORTED_LOCATION             ${mylib_src_dir_tss}/src/tss2-tcti/.libs/libtss2-tctildr.a)
+set_target_properties(libtss2-tctildr PROPERTIES INTERFACE_INCLUDE_DIRECTORIES ${MYLIB_INCLUDE_DIR_TSS})
+
+add_dependencies(
+  libtss2-mu
+  libtss2-sys
+  libtss2-esys
+  libtss2-tcti-mssim
+  libtss2-tctildr
+  libtss2
+)
+target_link_libraries(app PUBLIC libtss2-esys libtss2-sys libtss2-tcti-mssim libtss2-tctildr libtss2-mu)
+[...]
+```
diff --git a/include/tss2/tss2_tcti.h b/include/tss2/tss2_tcti.h
@@ -43,18 +43,20 @@
 #error Version mismatch among TSS2 header files.
 #endif  /* TSS2_API_VERSION_1_2_1_108 */
 
-#if defined(__linux__) || defined(__unix__) || defined(__APPLE__) || defined (__QNXNTO__) || defined (__VXWORKS__)
+#if defined(__linux__) || defined(__unix__) || defined(__APPLE__) || defined (__QNXNTO__) || defined (__VXWORKS__) || defined(__ZEPHYR__)
 #if defined (__VXWORKS__)
 #include <sys/poll.h>
+#elif defined(__ZEPHYR__)
+#include <zephyr/posix/poll.h>
 #else
 #include <poll.h>
 #endif
 typedef struct pollfd TSS2_TCTI_POLL_HANDLE;
 #elif defined(_WIN32)
 #include <windows.h>
 typedef HANDLE TSS2_TCTI_POLL_HANDLE;
-#elif defined(__ZEPHYR__)
-typedef void* TSS2_TCTI_POLL_HANDLE;
+// #elif defined(__ZEPHYR__)
+// typedef void* TSS2_TCTI_POLL_HANDLE;
 #else
 typedef void TSS2_TCTI_POLL_HANDLE;
 #ifndef TSS2_TCTI_SUPPRESS_POLL_WARNINGS

diff --git a/src/tss2-tcti/tctildr-nodl.c b/src/tss2-tcti/tctildr-nodl.c
@@ -50,7 +50,9 @@
 #define LOGMODULE tcti
 #include "util/log.h"          // for LOG_ERROR, LOG_DEBUG
 
+#ifndef ARRAY_SIZE
 #define ARRAY_SIZE(X) (sizeof(X)/sizeof((X)[0]))
+#endif
 #define NAME_ARRAY_SIZE 3
 
 struct {

diff --git a/src/util-io/io.c b/src/util-io/io.c
@@ -15,10 +15,16 @@
 
 #ifndef _WIN32
 #include <arpa/inet.h>   // for inet_ntop
+#ifdef __ZEPHYR__
+#include <zephyr/posix/netdb.h>   // for addrinfo, freeaddrinfo, gai_strerror, getadd...
+#else
 #include <netdb.h>       // for addrinfo, freeaddrinfo, gai_strerror, getadd...
+#endif
 #include <netinet/in.h>  // for IPPROTO_TCP, sockaddr_in, sockaddr_in6
 #include <poll.h>        // for pollfd, poll, POLLIN
+#ifndef __ZEPHYR__
 #include <sys/un.h>      // for sockaddr_un
+#endif
 #include <unistd.h>      // for close, read, write
 #endif