Ubuntu
tpm2-tss package

[FFe] Sync tpm2-tss 1.0-1 from Debian unstable

Bug #1667498 reported by Mathieu Trudel-Lapierre
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tpm2-tss (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

We should sync the new tpm2-tss package from Debian unstable (it has now landed in Debian).

TPM2-tss is the source package for a libsapi library (previously called libtss) which is used to handle TPM2 devices -- the new format / specification for TPM chips. These TPM chips are only available in newer hardware.

TPM2 software is not currently integrated in any flavor/ any release. Given that they are leaf packages, I foresee no issues with syncing the packages.

tpm2-tss builds correctly for all architectures:
https://launchpad.net/~cyphermox/+archive/ubuntu/ppa/+sourcepub/7507731/+listing-archive-extra
https://launchpad.net/~cyphermox/+archive/ubuntu/ppa/+build/12049057
https://launchpadlibrarian.net/307609742/buildlog_ubuntu-zesty-amd64.tpm2-tss_1.0-1_BUILDING.txt.gz

A diff of the upstream changelog is included.

Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :
Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

Installation works without issues:

$ sudo apt install libsapi0 libsapi-utils

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
  libsapi-utils libsapi0
0 upgraded, 2 newly installed, 0 to remove and 10 not upgraded.
Need to get 132 kB of archives.
After this operation, 550 kB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/cyphermox/ppa/ubuntu zesty/main amd64 libsapi0 amd64 1.0-1 [42.6 kB]
Get:2 http://ppa.launchpad.net/cyphermox/ppa/ubuntu zesty/main amd64 libsapi-utils amd64 1.0-1 [88.9 kB]
Fetched 132 kB in 0s (143 kB/s)
Selecting previously unselected package libsapi0.
(Reading database ... 286282 files and directories currently installed.)
Preparing to unpack .../libsapi0_1.0-1_amd64.deb ...
Unpacking libsapi0 (1.0-1) ...
Selecting previously unselected package libsapi-utils.
Preparing to unpack .../libsapi-utils_1.0-1_amd64.deb ...
Unpacking libsapi-utils (1.0-1) ...
Setting up libsapi0 (1.0-1) ...
Setting up libsapi-utils (1.0-1) ...
tpm2-resourcemgr.service is a disabled or a static unit, not starting it.
Processing triggers for libc-bin (2.24-7ubuntu2) ...
Processing triggers for man-db (2.7.6.1-1) ...

$ sudo systemctl start tpm2-resourcemgr.service

$ sudo systemctl status tpm2-resourcemgr.service

● tpm2-resourcemgr.service - TPM resource manager daemon
   Loaded: loaded (/lib/systemd/system/tpm2-resourcemgr.service; disabled; vendor preset: enabled)
   Active: active (running) since Thu 2017-02-23 17:24:55 EST; 7s ago
 Main PID: 14646 (resourcemgr)
    Tasks: 2 (limit: 4915)
   Memory: 348.0K
      CPU: 4ms
   CGroup: /system.slice/tpm2-resourcemgr.service
           └─14646 /usr/sbin/resourcemgr

Feb 23 17:24:56 demeter resourcemgr[14646]: maxActiveSessions = 64
Feb 23 17:24:56 demeter resourcemgr[14646]: gapMaxValue = 65535
Feb 23 17:24:56 demeter resourcemgr[14646]: socket created: 0x4
Feb 23 17:24:56 demeter resourcemgr[14646]: bind to IP address:port: 127.0.0.1:2324
Feb 23 17:24:56 demeter resourcemgr[14646]: Other CMD server listening to socket: 0x4
Feb 23 17:24:56 demeter resourcemgr[14646]: socket created: 0x5
Feb 23 17:24:56 demeter resourcemgr[14646]: bind to IP address:port: 127.0.0.1:2323
Feb 23 17:24:56 demeter resourcemgr[14646]: TPM CMD server listening to socket: 0x5
Feb 23 17:24:56 demeter resourcemgr[14646]: Starting SockServer (TPM CMD), socket: 0x5.
Feb 23 17:24:56 demeter resourcemgr[14646]: Starting SockServer (Other CMD), socket: 0x4.

Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :
Download full text (4.6 KiB)

TPM testing is done via tpmtest; many test cases work, the remaining failure is a hardware issue due to my particular TPM2 device:

$ tpmtest
Initializing Resource Manager Interface
socket created: 0x3
socket created: 0x4
Client connected to server on port: 2324
Client connected to server on port: 2323

GET/SET DECRYPT PARAM TESTS:
 failing case: PASSED!
 failing case: PASSED!
 passing case: PASSED!
 failing case: PASSED!
 failing case: PASSED!
 failing case: PASSED!
 failing case: PASSED!
 failing case: PASSED!
 failing case: PASSED!
 failing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 failing case: PASSED!
 failing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 failing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 failing case: PASSED!
 passing case: PASSED!

Check TPM type: discrete TPM (IFX)

NV INDEX LIST CLEAR:
 passing case: PASSED!
 The count of defined NV Index: 0

Q - QUIT THE PROGRAM
D - PRINT DESCRIPTION ON ALL CASES
0 - RUN ALL TEST CASES
1 - GET/SET DECRYPT PARAM TESTS
2 - STARTUP TESTS
3 - CREATE, CREATE PRIMARY, and LOAD TESTS
4 - NV INDEX TESTS
5 - UNSEAL TEST
6 - TPM Version TESTS
7 - SELFTEST TESTS
8 - GET TEST RESULT TESTS
9 - DICTIONARY ATTACK LOCK RESET TEST
10 - START_AUTH_SESSION TESTS
11 - HIERARCHY CONTROL TESTS
12 - GET/SET ENCRYPT PARAM TESTS
13 - GET_CAPABILITY TESTS
14 - PCR_EXTEND, PCR_EVENT, PCR_ALLOCATE, and PCR_READ TESTS
15 - HASH TESTS
16 - POLICY TESTS
17 - CLEAR and CLEAR CONTROL TESTS
18 - CHANGE_EPS TESTS
19 - HIERARCHY_CHANGE_AUTH TESTS
20 - GET_RANDOM TESTS
21 - SHUTDOWN TESTS
22 - PASSWORD TESTS
23 - HMAC SESSION TESTS
24 - QUOTE CONTROL TESTS
25 - PCR ALLOCATE TEST
26 - RM TESTS
27 - NV INDEX PROTOTYPE TESTS
28 - DECRYPT/ENCRYPT SESSION TESTS
29 - SIMPLE HMAC SESSION TEST
30 - SIMPLE POLICY SESSION TEST
31 - CHANGE_PPS TESTS
32 - EC Ephemeral TESTS
33 - SYMMETRIC ENCRYPT/DECRYPT TESTS
34 - ASYMMETRIC ENCRYPT/DECRYPT TESTS
35 - VERIFY SIGNATURE WITH EXTERNAL KEY TEST
36 - VERIFY SIGNATURE WITH CREATED KEY TEST
37 - NV EXTENSION TEST
38 - PCR EXTENDED TEST
39 - CLOCK/TIME TEST
Please select an action:0

STARTUP TESTS:
 passing case: PASSED!
 failing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 failing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 failing case: PASSED!
 passing case: PASSED!

SELFTEST TESTS:
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!

GET TEST RESULT TESTS:
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!
 passing case: PASSED!

DICTIONARY ATTACK LOCK RESET TEST:
 passing case: PASSED!

CREATE, CREATE PRIMARY, and LOAD TESTS:
 failing case: PASSED!
 passing case: PASSED!

New key successfully created in NULL hierarchy (RSA 2048). Handle: 0x80000001
 passing case: PASSED!
 passing case: PASSED!
 pas...

Read more...

summary: - Sync tpm2-tss from Debian unstable
+ Sync tpm2-tss 1.0-1 from Debian unstable
Mathieu Trudel-Lapierre (cyphermox)
summary: - Sync tpm2-tss 1.0-1 from Debian unstable
+ [FFe] Sync tpm2-tss 1.0-1 from Debian unstable
Revision history for this message
Iain Lane (laney) wrote :

Sounds good - I'll sync for you to save time.

Revision history for this message
Iain Lane (laney) wrote :

done, chillaxing in NEW

Changed in tpm2-tss (Ubuntu):
status: New → Fix Released
Revision history for this message
Iain Lane (laney) wrote :

This bug was fixed in the package tpm2-tss - 1.0-1
Sponsored for Mathieu Trudel-Lapierre (cyphermox)

---------------
tpm2-tss (1.0-1) unstable; urgency=low

  [ Ivan Hu ]
  * Update to upstream version 1.0
    - Change soname to libsapi0
    - Add debian/clean to remove unclean files
  * Add binary executables from test to usr/bin

  [ Ying-Chun Liu (PaulLiu) ]
  * Initial upload to Debian (Closes: #815846)
  * Add manpages.

 -- Ying-Chun Liu (PaulLiu) <email address hidden> Tue, 17 Jan 2017 15:36:51 +0800

tpm2-tss (0.98+20160226.d4f23cc-1) unstable; urgency=medium

  * Initial upload.

 -- Mathieu Trudel-Lapierre <email address hidden> Mon, 20 Jun 2016 11:28:06 -0400

tpm2-tss (0.98+20160226.d4f23cc-0ubuntu2) xenial; urgency=medium

  * debian/libtss2-utils.tpm2-resourcemgr.service: ship a systemd unit to be
    able to use TPM 2.0 tools as soon as libtss2-utils is installed.
    (LP: #1566027)
  * debian/libtss2-utils.tpm2-resourcemgr.default: ship a simple defaults file
    to customize start options for the systemd unit.
  * debian/rules, debian/control: enable dh-system for the new init script.

 -- Mathieu Trudel-Lapierre <email address hidden> Mon, 04 Apr 2016 17:14:13 -0400

tpm2-tss (0.98+20160226.d4f23cc-0ubuntu1) xenial; urgency=medium

  * Initial release. (LP: #1561834)

 -- Mathieu Trudel-Lapierre <email address hidden> Thu, 24 Mar 2016 16:25:53 -0400

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.