Emulator fails when interacting with qemu tpm passthrough

[sdconsta]

Hi,

I'm trying to use the TPM emulator with qemu, via the TPM passthrough. I use

$ sudo tpmd deactivated
$ sudo killall tpmd
$ sudo tpmd -df clear

to start the emulator daemon. Then I invoke

$ sudo qemu -m 512 -drive file=ubuntu,format=raw -tpmdev passthrough,id=tpm0,path=/dev/tpm

and the emulator daemon spits out the following error:

tpmd.c:485: Debug: received 1 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:4147: Error: tpm_unmarshal_TPM_REQUEST() failed
tpmd.c:489: Error: tpm_handle_command() failed

I'm on Ubuntu 16.04, and I've tried this on qemu 2.6 and 2.8 with the same result. This might be related to the thread here but I'm not sure.

Any help on this would be much appreciated.

[theopolis]

Seeing the same thing, only 1 byte sent from the driver to tpmd.

[janhieber]

I experience a different error with qemu 2.8.0.

I start qemu with:

qemu-system-i386 -m 128M -nographic -bios u-boot.rom -tpmdev passthrough,id=tpm0,path=/dev/tpm

and get this:

qemu-system-i386: -tpmdev passthrough,id=tpm0,path=/dev/tpm: tpm_passthrough: Could not open TPM cancel path /sys/class/misc/tpm/device/cancel : No such file or directory

I have no /sys/class/misc/tpm/device folder. Is this because it's not a physical device? I wonder because you don't seem to have this error. Either you have the device folder or you have a different qemu version.

[PeterHuewe]

@janhieber can you retry with latest master please?

[weiqi-chen]

Hey, I am trying to install a Windows 10 in a qemu. ( Why I doing this is because I try to install windows 10 with bitlocker encryption with TPM. I want to test first in a virtual machine before doing it in my Surface Pro 4 )

Here is my run.bat file content

qemu-system-x86_64      -m 2048 -enable-kvm -cpu host -smp 2 \
            -bios /usr/share/qemu/OVMF.fd \
            -drive file=disk.img \
            -tpmdev passthrough,id=tmp0,path=/dev/tpm \
            -device tpm-tis,tpmdev=tpm0 \
            -cdrom ../../迅雷下载/en_windows_10_multiple_editions_version_1703_updated_march_2017_x64_dvd_10189288.iso \

Here is my tpmd commands output:

weiqi@B85I-PC:/media/weiqi/Files/git_repos/tpm-emulator/build$ sudo tpmd deactivated
tpmd.c:523: Info: starting TPM Emulator daemon (1.2.0.7-475)
tpmd.c:102: Info: parsing options
tpmd.c:228: Info: installing signal handlers
tpmd.c:250: Info: daemonizing process
weiqi@B85I-PC:/media/weiqi/Files/git_repos/tpm-emulator/build$ sudo killall tpmd
weiqi@B85I-PC:/media/weiqi/Files/git_repos/tpm-emulator/build$ sudo tpmd -df clear
tpmd.c:523: Info: starting TPM Emulator daemon (1.2.0.7-475)
tpmd.c:102: Info: parsing options
tpmd.c:109: Debug: debug mode enabled
tpmd.c:104: Debug: handling option '-f'
tpmd.c:112: Debug: application is forced to run in foreground
tpmd.c:175: Debug: startup mode = 'clear'
tpmd.c:228: Info: installing signal handlers
tpmd.c:387: Info: staring main loop
tpmd.c:302: Info: initializing socket /var/run/tpm/tpmd_socket:0
tpmd.c:401: Debug: initializing TPM emulator
tpm_emulator_extern.c:101: Info: _tpm_extern_init()
tpm_emulator_extern.c:104: Debug: openening random device /dev/urandom
tpm_cmd_handler.c:4113: Debug: tpm_emulator_init(1, 0x00000000)
tpm_startup.c:29: Info: TPM_Init()
tpm_testing.c:243: Info: TPM_SelfTestFull()
tpm_testing.c:39: Debug: tpm_test_prng()
tpm_testing.c:69: Debug: Monobit: 9869
tpm_testing.c:70: Debug: Poker:   15.8
tpm_testing.c:71: Debug: run_1:   2512, 2483
tpm_testing.c:72: Debug: run_2:   1199, 1303
tpm_testing.c:73: Debug: run_3:   631, 618
tpm_testing.c:74: Debug: run_4:   299, 291
tpm_testing.c:75: Debug: run_5:   176, 158
tpm_testing.c:76: Debug: run_6+:  176, 140
tpm_testing.c:77: Debug: run_34:  0
tpm_testing.c:111: Debug: tpm_test_sha1()
tpm_testing.c:157: Debug: tpm_test_hmac()
tpm_testing.c:184: Debug: tpm_test_rsa_EK()
tpm_testing.c:186: Debug: tpm_rsa_generate_key()
tpm_testing.c:191: Debug: testing endorsement key
tpm_testing.c:197: Debug: tpm_rsa_sign(RSA_SSA_PKCS1_SHA1)
tpm_testing.c:200: Debug: tpm_rsa_verify(RSA_SSA_PKCS1_SHA1)
tpm_testing.c:203: Debug: tpm_rsa_sign(RSA_SSA_PKCS1_DER)
tpm_testing.c:206: Debug: tpm_rsa_verify(RSA_SSA_PKCS1_DER)
tpm_testing.c:210: Debug: tpm_rsa_encrypt(RSA_ES_PKCSV15)
tpm_testing.c:214: Debug: tpm_rsa_decrypt(RSA_ES_PKCSV15)
tpm_testing.c:218: Debug: verify plain text
tpm_testing.c:221: Debug: tpm_rsa_encrypt(RSA_ES_OAEP_SHA1)
tpm_testing.c:225: Debug: tpm_rsa_decrypt(RSA_ES_OAEP_SHA1)
tpm_testing.c:229: Debug: verify plain text
tpm_testing.c:261: Info: Self-Test succeeded
tpm_startup.c:43: Info: TPM_Startup(1)
tpmd.c:412: Debug: waiting for connections...
tpmd.c:452: Debug: waiting for commands...
tpmd.c:485: Debug: received 10 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:3456: Info: The tag value sent to for a command (0x8001) is invalid
tpmd.c:491: Debug: sending 10 bytes
tpmd.c:452: Debug: waiting for commands...
tpmd.c:485: Debug: received 10 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:3450: Debug: [TPM_TAG_RQU_COMMAND]
tpm_cmd_handler.c:3946: Debug: [TPM_ORD_GetTicks]
tpm_ticks.c:32: Info: TPM_GetTicks()
tpm_cmd_handler.c:4084: Info: TPM command succeeded
tpmd.c:491: Debug: sending 42 bytes
tpmd.c:452: Debug: waiting for commands...
tpmd.c:412: Debug: waiting for connections...
tpmd.c:452: Debug: waiting for commands...
tpmd.c:485: Debug: received 10 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:3456: Info: The tag value sent to for a command (0x8001) is invalid
tpmd.c:491: Debug: sending 10 bytes
tpmd.c:452: Debug: waiting for commands...
tpmd.c:485: Debug: received 10 bytes
tpm_cmd_handler.c:4143: Debug: tpm_handle_command()
tpm_cmd_handler.c:3450: Debug: [TPM_TAG_RQU_COMMAND]
tpm_cmd_handler.c:3946: Debug: [TPM_ORD_GetTicks]
tpm_ticks.c:32: Info: TPM_GetTicks()
tpm_cmd_handler.c:4084: Info: TPM command succeeded
tpmd.c:491: Debug: sending 42 bytes
tpmd.c:452: Debug: waiting for commands...
tpmd.c:412: Debug: waiting for connections...

Here is how i ran the qemu-system

sudo ./run.bat 
qemu-system-x86_64: -tpmdev passthrough,id=tmp0: tpm_passthrough: Could not open TPM cancel path /sys/class/misc/tpm0/device/cancel : No such file or directory

TPM is new for me. But it seem I experience the same problems .

[janhieber]

Please use /dev/null as cancel path when your driver does not supply one. AFAIk this should work.

[PeterHuewe]

Any updates? does this work on recent master? can we close this?