tpm2_simulator doesn't work |
||||||||
Issue descriptionSince this change https://chromium-review.googlesource.com/#/c/407538/, tpm2_simulator doesn't work anymore. Trunksd exits on start due to status check failure: 2016-11-28T10:11:08.095025-08:00 ERR trunksd[1689]: GetCapability: TPM_RC_INITIALIZE 2016-11-28T10:11:08.095040-08:00 ERR trunksd[1689]: Failed to query TPM properties: TPM_RC_INITIALIZE 2016-11-28T10:11:08.095043-08:00 ERR trunksd[1689]: TpmBasicInit: TPM_RC_INITIALIZE 2016-11-28T10:11:08.095046-08:00 ERR trunksd[1689]: CheckState: TPM_RC_INITIALIZE and eventually: 2016-11-28T10:11:08.099317-08:00 CRIT trunksd[1689]: Check failed: tpm_utility->CheckState() == TPM_RC_SUCCESS (256 vs. 0) ... There's no firmware to call TPM2_Startup, thus GetCapability returns TPM_RC_INITIALIZE, and CheckState() fails.
,
Nov 28 2016
I think the proper initialization should be called by the simulator startup code. It could also be tuned to do different things for normal and recovery mode boot, to make simulation environment even closer to a real chromes os device.
,
Nov 28 2016
We can also update the CheckState() routine to print a warning but still return success if TPM is not initialized. This would allow calling something like 'trunks_client --init_tpm' to initialize the TPM as firmware would. Otherwise, since trunksd is not running, trunks_client can't send any commands through it.
,
Nov 29 2016
,
Nov 30 2016
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/tpm/+/b5f6248c030f2653d79ae3dec8f27aa8234d2216 commit b5f6248c030f2653d79ae3dec8f27aa8234d2216 Author: Andrey Pronin <apronin@chromium.org> Date: Mon Nov 28 18:00:09 2016 trunks: add 'open' to seccomp filters When an error is detected in TpmUtility::CheckState(), trunksd crashes when minijail blocks 'open' syscall. Can be seen on the simulator, where there is no firmware to initialize the TPM. BUG= chromium:669109 TEST=Start on the simulator, no "blocked syscall: open" in logs. Change-Id: I0de70ec798b8da77da1d53b0297fe217ee935155 Reviewed-on: https://chromium-review.googlesource.com/414952 Commit-Ready: Andrey Pronin <apronin@chromium.org> Tested-by: Andrey Pronin <apronin@chromium.org> Reviewed-by: Darren Krahn <dkrahn@chromium.org> [modify] https://crrev.com/b5f6248c030f2653d79ae3dec8f27aa8234d2216/trunks/trunksd-seccomp-mips.policy [modify] https://crrev.com/b5f6248c030f2653d79ae3dec8f27aa8234d2216/trunks/trunksd-seccomp-arm64.policy [modify] https://crrev.com/b5f6248c030f2653d79ae3dec8f27aa8234d2216/trunks/trunksd-seccomp-amd64.policy [modify] https://crrev.com/b5f6248c030f2653d79ae3dec8f27aa8234d2216/trunks/trunksd-seccomp-x86.policy [modify] https://crrev.com/b5f6248c030f2653d79ae3dec8f27aa8234d2216/trunks/trunksd-seccomp-arm.policy [modify] https://crrev.com/b5f6248c030f2653d79ae3dec8f27aa8234d2216/trunks/trunksd-seccomp-x86_64.policy
,
Dec 9 2016
Actually, the CL below also belongs to this issue: https://chromium-review.googlesource.com/#/c/415597/
,
Mar 4 2017
,
Apr 17 2017
,
May 30 2017
,
Aug 1 2017
,
Oct 14 2017
|
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by apronin@chromium.org
, Nov 28 2016