diff --git a/_config.yml b/_config.yml index ef7ba7c..fd9744f 100644 --- a/_config.yml +++ b/_config.yml @@ -18,16 +18,15 @@ # You can create any custom variable you would like, and they will be accessible # in the templates via {{ site.myvariable }}. -title: Your awesome title -email: your-email@example.com +title: Oli's Random Stuff +email: ... description: >- # this means to ignore newlines until "baseurl:" - Write an awesome description for your new site here. You can edit this - line in _config.yml. It will appear in your document head meta (for - Google search results) and in your feed.xml site description. + Random bits and things from my journey through tech and Open Source. + Currently mostly about Linux booting, Grub, and Confidential Computing things. baseurl: "" # the subpath of your site, e.g. /blog url: "" # the base hostname & protocol for your site, e.g. http://example.com twitter_username: jekyllrb -github_username: jekyll +github_username: osteffenrh # Build settings theme: minima diff --git a/_posts/2024-02-15-Playing-With-TPM2-Emulators.md b/_posts/2024-02-15-Playing-With-TPM2-Emulators.md index 31a119b..1a0119a 100644 --- a/_posts/2024-02-15-Playing-With-TPM2-Emulators.md +++ b/_posts/2024-02-15-Playing-With-TPM2-Emulators.md @@ -3,9 +3,85 @@ layout: post title: "Playing with TPM2 Emulators" --- -# Bla -sad asd jfhasdf SADF SADF SADF -SADF SADF +# 1 +## 2 +### 3 +# Adding a software TPM to Qemu +# Talking to it directly +```bash +#!/bin/sh + +RUNDIR="$PWD" + +SIM_PORT=${1:-9989} + +# control port is always SIM_PORT+1 +CTRL_PORT=$((SIM_PORT + 1)) + +mkdir -p "$RUNDIR/tpm" + +echo "Starting swtpm, SIM_PORT=${SIM_PORT}" +echo "Use" +echo " export TPM2TOOLS_TCTI=\"swtpm:host=127.0.0.1,port=${SIM_PORT}\"" +echo "to connect with tpm2-tools." + +swtpm socket \ + --tpm2 \ + --tpmstate dir="$RUNDIR/tpm/" \ + --ctrl type=tcp,port="$CTRL_PORT" \ + --server port="$SIM_PORT" \ + --log level=20,file="$RUNDIR/tpm/log" \ + --flags startup-clear +``` + +## Without a Resource Manager + +``` +swtpm <-- TCP --> tpm2-tools +``` + + +``` +$ export TPM2TOOLS_TCTI="swtpm:host=127.0.0.1,port=${SIM_PORT}" +``` + +Then use tpm2-tools commands as usual, for example: +``` +# tpm2_pcrread +… +``` + +## With a Resource Manager + +``` + swtpm <-- TCP --> tpm2-abrmd <-- dbus --> tpm2-tools +``` + +`tpm2-abrmd` is a tpm resource manager. + +Launch swtpm as described above. + +Then launch `tpm2-abrmd`: +``` +$ SIM_PORT=9989 +$ tpm2-abrmd \ + --tcti=swtpm:host=127.0.0.1,port="$SIM_PORT" \ + --session \ + --dbus-name="com.intel.tss2.Tabrmd${SIM_PORT}" +``` + +tpm2-tools then can communicate with it via dbus: +``` +$ export TPM2TOOLS_TCTI="tabrmd:bus_type=session,bus_name=com.intel.tss2.Tabrmd${SIM_PORT}" +$ tpm2_pcrread +``` + +# References and Other Resources +- Helpful example script from the [swtpm test suite](https://github.com/tpm2-software/tpm2-tools/blob/master/test/integration/helpers.sh#L359) +- tpm2-tools man page +- tpm2-abrmd man page +- swtpm man page +- Qemu Manpage diff --git a/_posts/2024-02-15-welcome-to-jekyll.markdown b/_posts/2024-02-15-welcome-to-jekyll.markdown deleted file mode 100644 index c3b078d..0000000 --- a/_posts/2024-02-15-welcome-to-jekyll.markdown +++ /dev/null @@ -1,29 +0,0 @@ ---- -layout: post -title: "Welcome to Jekyll!" -date: 2024-02-15 10:32:42 +0100 -categories: jekyll update ---- -You’ll find this post in your `_posts` directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run `jekyll serve`, which launches a web server and auto-regenerates your site when a file is updated. - -Jekyll requires blog post files to be named according to the following format: - -`YEAR-MONTH-DAY-title.MARKUP` - -Where `YEAR` is a four-digit number, `MONTH` and `DAY` are both two-digit numbers, and `MARKUP` is the file extension representing the format used in the file. After that, include the necessary front matter. Take a look at the source for this post to get an idea about how it works. - -Jekyll also offers powerful support for code snippets: - -{% highlight ruby %} -def print_hi(name) - puts "Hi, #{name}" -end -print_hi('Tom') -#=> prints 'Hi, Tom' to STDOUT. -{% endhighlight %} - -Check out the [Jekyll docs][jekyll-docs] for more info on how to get the most out of Jekyll. File all bugs/feature requests at [Jekyll’s GitHub repo][jekyll-gh]. If you have questions, you can ask them on [Jekyll Talk][jekyll-talk]. - -[jekyll-docs]: https://jekyllrb.com/docs/home -[jekyll-gh]: https://github.com/jekyll/jekyll -[jekyll-talk]: https://talk.jekyllrb.com/