OEM Priority Project

[FFE] [needs-packaging] tpm2-tss and tpm2-tools

Bug #1561834 reported by Mathieu Trudel-Lapierre on 2016-03-25

This bug affects 4 people

	Status	Importance	Assigned to
OEM Priority Project	Invalid	High	Unassigned
Xenial	Invalid	Undecided	Unassigned
Ubuntu	Fix Released	Wishlist	Mathieu Trudel-Lapierre

Bug Description

We should ship tpm2-tools, which also requires parts of a library (tpm2-tss), to build.

tpm2-tools is a collection of userland tools to use to interface with TPM 2.0 chips. One can do attestation, signing, encryption, etc. using these tools. More and more hardware should start shipping with TPM 2.0 chips during the lifetime of the coming Ubuntu releases.

Both packages build successfully in a de-virt PPA:
https://launchpadlibrarian.net/249863564/buildlog_ubuntu-xenial-amd64.tpm2-tss_0.98+20160226.d4f23cc-0ubuntu1_BUILDING.txt.gz
https://launchpadlibrarian.net/249866551/buildlog_ubuntu-xenial-amd64.tpm2-tools_1.0.0+20160226.64b3334-0ubuntu2~mtrudel1_BUILDING.txt.gz
(disregard the weird naming there, it's because I had not initially built correctly due to an error on my part, and the version had to be bumped).

This package is not intended to be seeded at this time.

Tags:

Mathieu Trudel-Lapierre (cyphermox) on 2016-03-25

tags:	added: needs-packaging
Changed in ubuntu:
assignee:	nobody → Mathieu Trudel-Lapierre (mathieu-tl)

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-03-25:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in ubuntu:
status:	New → Confirmed

Revision history for this message

Brian Murray (brian-murray) wrote on 2016-03-25:

*** This is an automated message ***

This bug is tagged needs-packaging which identifies it as a request for a new package in Ubuntu. As a part of the managing needs-packaging bug reports specification, https://wiki.ubuntu.com/QATeam/Specs/NeedsPackagingBugs, all needs-packaging bug reports have Wishlist importance. Subsequently, I'm setting this bug's status to Wishlist.

Changed in ubuntu:
importance:	Undecided → Wishlist

Revision history for this message

Sylvain Pineau (sylvain-pineau) wrote on 2016-03-29:

Hello Mathieu,

I tested the first releases of both packages available in the github repos:
- https://github.com/01org/TPM2.0-TSS/releases/tag/1.0-alpha_0
- https://github.com/01org/tpm2.0-tools/releases/tag/v1.0.1

From the tests I did, you need to create an init file for the TSS resourcemgr, similar to trousers tcsd daemon (see https://sources.debian.net/src/trousers/0.3.13-4/debian/trousers.init/)

Otherwise all the tpm2 tools will fail to run with:

Resource Mgr, resMgr, failed initialization: 0x1. Exiting...

Speaking about TSS, there's a tool called tpmtest (https://github.com/01org/TPM2.0-TSS/tree/master/test/tpmtest). And it seems that's the only way to get access to tests like TPM SELFTEST. We used to have a dedicated command to run selftests with tpm-tools (1.2) called just tpm_selftest (see http://packages.ubuntu.com/xenial/amd64/tpm-tools/filelist). I don't see it part of the new binaries. May be a new package for just this file or an addition to the -dev one (not sure of the best practice tbh) could help future TPM2 developers.

Revision history for this message

Jerry Kao (jerry.kao) wrote on 2016-10-20:

The latest packages in git hub
https://github.com/01org/TPM2.0-TSS/releases/tag/1.0-beta_1
https://github.com/01org/tpm2.0-tools/releases/tag/v1.1-beta_1

Kent Lin (kent-jclin) on 2016-11-14

Changed in oem-priority:
importance:	Undecided → Critical

Revision history for this message

Jerry Kao (jerry.kao) wrote on 2016-11-14:

test_all.sh test result with tpm2.0-tools in xenial/universe

test_tpm2_getrandom.sh pass
test_tpm2_hash.sh pass
test_tpm2_akparse.sh pass
test_tpm2_getpubek.sh pass
test_tpm2_makecredential.sh pass

test_tpm2_takeownership_all.sh fail
test_tpm2_nv.sh fail
test_tpm2_listpcrs.sh fail
test_tpm2_load.sh fail
test_tpm2_loadexternal.sh fail
test_tpm2_evictcontrol.sh fail
test_tpm2_hmac.sh fail
test_tpm2_quote.sh fail
test_tpm2_unseal.sh fail
test_tpm2_certify.sh fail
test_tpm2_evictcontrol.sh fail
test_tpm2_getpubak.sh fail
test_tpm2_activecredential.sh fail
test_tpm2_readpublic.sh fail
test_tpm2_rsaencrypt.sh fail
test_tpm2_rsadecrypt.sh fail
test_tpm2_encryptdecrypt.sh fail
test_tpm2_sign.sh fail
test_tpm2_verifysignature.sh fail

Revision history for this message

Jerry Kao (jerry.kao) wrote on 2016-11-14:

Download source coded from github
TPM2.0-TSS https://github.com/01org/TPM2.0-TSS
tpm2.0-tools https://github.com/01org/tpm2.0-tools

Follow the install instructions (https://github.com/01org/TPM2.0-TSS/blob/master/INSTALL, https://github.com/01org/tpm2.0-tools/blob/master/INSTALL) to install following required packages

install build-essential autoconf automake libtool autoconf-archive pkg-config openssl curl libssl-dev libcurl4-gnutls-dev

compile TTS and insatall
$ ./bootstrap
$ ./configure
$ make
$ sudo make install

compile tpm2.0-tools
$ ./bootstrap
$ ./configure
$ make
$ sudo make install

run resource manager daemon
$ sudo resourcemgr

run tests
$ ./test/test_all.sh

got test result as following

test_tpm2_takeownership_all.sh pass
test_tpm2_nv.sh pass
test_tpm2_listpcrs.sh pass
test_tpm2_getrandom.sh pass
test_tpm2_load.sh pass
test_tpm2_loadexternal.sh pass
test_tpm2_evictcontrol.sh pass
test_tpm2_hash.sh pass
test_tpm2_hmac.sh pass
test_tpm2_akparse.sh pass
test_tpm2_certify.sh pass
test_tpm2_evictcontrol.sh pass
test_tpm2_getpubek.sh pass
test_tpm2_getpubak.sh pass
test_tpm2_makecredential.sh pass
test_tpm2_activecredential.sh pass
test_tpm2_readpublic.sh pass
test_tpm2_rsaencrypt.sh pass
test_tpm2_rsadecrypt.sh pass
test_tpm2_sign.sh pass
test_tpm2_verifysignature.sh pass

test_tpm2_quote.sh fail
test_tpm2_unseal.sh fail
test_tpm2_encryptdecrypt.sh fail

Kent Lin (kent-jclin) on 2016-11-14

Changed in oem-priority:
importance:	Critical → High

Revision history for this message

Anthony Wong (anthonywong) wrote on 2016-11-15:

$ rmadison tpm2-tools
tpm2-tools | 1.0.0+20160226.64b3334-0ubuntu2 | xenial/universe | source, amd64, arm64, armhf, i386, powerpc, ppc64el, s390x

Can we close this bug?

Revision history for this message

Anthony Wong (anthonywong) wrote on 2016-11-15:

We should need a new bug opened for the issue in comment #5.

Revision history for this message

Jerry Kao (jerry.kao) wrote on 2016-11-16:

Another bug filed against test fail in comment#5
https://bugs.launchpad.net/ubuntu/+source/tpm2-tools/+bug/1642118

Revision history for this message

Anthony Wong (anthonywong) wrote on 2016-11-17:

#10

Mathieu, I am closing this bug because these packages are already in Universe.

Changed in ubuntu:
status:	Confirmed → Fix Released
Changed in oem-priority:
status:	New → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.