test post

osteffenrh · Apr 10, 2024 · 928c9e4 · 928c9e4
1 parent 6bdf073
commit 928c9e4
Show file tree

Hide file tree

Showing 3 changed files with 84 additions and 38 deletions.
diff --git a/_config.yml b/_config.yml
@@ -18,16 +18,15 @@
 # You can create any custom variable you would like, and they will be accessible
 # in the templates via {{ site.myvariable }}.
 
-title: Your awesome title
-email: [email protected]
+title: Oli's Random Stuff
+email: ...
 description: >- # this means to ignore newlines until "baseurl:"
-  Write an awesome description for your new site here. You can edit this
-  line in _config.yml. It will appear in your document head meta (for
-  Google search results) and in your feed.xml site description.
+  Random bits and things from my journey through tech and Open Source.
+  Currently mostly about Linux booting, Grub, and Confidential Computing things.
 baseurl: "" # the subpath of your site, e.g. /blog
 url: "" # the base hostname & protocol for your site, e.g. http://example.com
 twitter_username: jekyllrb
-github_username:  jekyll
+github_username:  osteffenrh
 
 # Build settings
 theme: minima

diff --git a/_posts/2024-02-15-Playing-With-TPM2-Emulators.md b/_posts/2024-02-15-Playing-With-TPM2-Emulators.md
@@ -3,9 +3,85 @@ layout: post
 title: "Playing with TPM2 Emulators"
 ---
 
-# Bla
-sad asd jfhasdf SADF SADF SADF
-SADF SADF
+# 1
+## 2
+### 3
 
+# Adding a software TPM to Qemu
 
+# Talking to it directly
 
+```bash
+#!/bin/sh
+
+RUNDIR="$PWD"
+
+SIM_PORT=${1:-9989}
+
+# control port is always SIM_PORT+1
+CTRL_PORT=$((SIM_PORT + 1))
+
+mkdir -p "$RUNDIR/tpm"
+
+echo "Starting swtpm, SIM_PORT=${SIM_PORT}"
+echo "Use"
+echo "  export TPM2TOOLS_TCTI=\"swtpm:host=127.0.0.1,port=${SIM_PORT}\""
+echo "to connect with tpm2-tools."
+
+swtpm socket \
+  --tpm2 \
+  --tpmstate dir="$RUNDIR/tpm/" \
+  --ctrl type=tcp,port="$CTRL_PORT" \
+  --server port="$SIM_PORT" \
+  --log level=20,file="$RUNDIR/tpm/log" \
+  --flags startup-clear
+```
+
+## Without a Resource Manager
+
+```
+swtpm <-- TCP --> tpm2-tools 
+```
+
+
+```
+$ export TPM2TOOLS_TCTI="swtpm:host=127.0.0.1,port=${SIM_PORT}"
+```
+
+Then use tpm2-tools commands as usual, for example:
+```
+# tpm2_pcrread
+…
+```
+
+## With a Resource Manager
+
+```
+  swtpm <-- TCP --> tpm2-abrmd <-- dbus --> tpm2-tools
+```
+
+`tpm2-abrmd` is a tpm resource manager.
+
+Launch swtpm as described above.
+
+Then launch `tpm2-abrmd`:
+```
+$ SIM_PORT=9989
+$ tpm2-abrmd \
+        --tcti=swtpm:host=127.0.0.1,port="$SIM_PORT" \
+        --session \
+        --dbus-name="com.intel.tss2.Tabrmd${SIM_PORT}"
+```
+
+tpm2-tools then can communicate with it via dbus:
+```
+$ export TPM2TOOLS_TCTI="tabrmd:bus_type=session,bus_name=com.intel.tss2.Tabrmd${SIM_PORT}"
+$ tpm2_pcrread
+```
+
+# References and Other Resources
+- Helpful example script from the [swtpm test suite](https://github.com/tpm2-software/tpm2-tools/blob/master/test/integration/helpers.sh#L359)
+- tpm2-tools man page
+- tpm2-abrmd man page
+- swtpm man page
+- Qemu Manpage
diff --git a/_posts/2024-02-15-welcome-to-jekyll.markdown b/_posts/2024-02-15-welcome-to-jekyll.markdown