by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • 18:09
    maugustosilva closed #359
  • 18:09
    maugustosilva commented #359
  • 17:47
    maugustosilva opened #369
  • 15:04
    lukehinds commented #101
  • 15:04
    lukehinds closed #100
  • 14:55
    lukehinds review_requested #101
  • 14:55
    lukehinds review_requested #101
  • 14:55
    lukehinds review_requested #101
  • 14:55
    lukehinds review_requested #101
  • 14:54
    lukehinds opened #101
  • 14:40
    ashcrow assigned #91
  • Sep 28 18:51

    lukehinds on master

    Delete MAINTAINERS.md (#368) T… (compare)

  • Sep 28 18:51
    lukehinds closed #368
  • Sep 28 18:46
    lukehinds opened #368
  • Sep 28 18:46

    lukehinds on lukehinds-patch-1

    Delete MAINTAINERS.md This sho… (compare)

  • Sep 28 14:01
    lukehinds commented #324
  • Sep 28 13:47
    mpeters commented #324
  • Sep 28 13:47
    mpeters commented #324
  • Sep 28 13:46
    mpeters commented #324
  • Sep 28 13:41
    mpeters assigned #324
Santiago Torres
@SantiagoTorres
I'm still fiddling with it (as I started over), but I haven't given up yet! :)
Luke Hinds
@lukehinds
if you want to jump on a hangouts this week for a debug / set up session, happy to do that.
Santiago Torres
@SantiagoTorres
thank you! let me see how the week progresses and I may take you up on that :)
Luke Hinds
@lukehinds
no worries @SantiagoTorres I am in here a fair amount as well.
@SantiagoTorres first time setting up can be a little tricky as we use the emulator, its a bit more plug and play with a hardware TPM
Santiago Torres
@SantiagoTorres
yeah, I wish I had access to my hw back in the lab but covid19 has made things a little complicated
I've been pondering whether emulating it on the FPGA that I have right here :/
SantiagoTorres @SantiagoTorres wonders if it qualifies as emulating if it's on an fpga
Luke Hinds
@lukehinds
can't confess to know much about fpga
would likely be faster than a real tpm
the TPMs are quite slow, this is why we use asyncio - non blocking I/O towards the agent, so we don't back up a load of quote requests
Santiago Torres
@SantiagoTorres
nice, so fully using py3/rust niceties I see :)
Luke Hinds
@lukehinds
@SantiagoTorres hand in there though, once you go through it once is easy to get set up again
@SantiagoTorres yep, although I am yet to look at the tokio stuff in rust, I think I would need a few weeks swearing at the compiler to work with that :P
Santiago Torres
@SantiagoTorres
lukehinds: so these are the tpm blues I'm having https://paste.xinu.at/TdmQar/
think the sw tpm is not started. Is it living in there as a systemd service or so?
Luke Hinds
@lukehinds
try this @SantiagoTorres
pkill tpm_server
systemctl stop tpm2-abrmd
export TPM2TOOLS_TCTI="tabrmd:bus_name=com.intel.tss2.Tabrmd"
tpm_serverd
systemctl start tpm2-abrmd
tpm2_pcrread
sorry about all this by the way, happy to fix anything that has been causing greif
actually looking at the log, I think I see the problem
Failed to open device file /dev/tpm0: No such file or directory
Its trying to find the hardware TPM still
Luke Hinds
@lukehinds
can you check /usr/lib/systemd/system/tpm2-abrmd.service
Make sure this line is commented out
ConditionPathExistsGlob=/dev/tpm*
if you do make a change to the systemd file above, you will need to reload it:
systemctl daemon-reload
and then restart the service systemctl restart tpm2-abrmd
hopefully then, bobs your uncle.
btw tpm_serverd is a wrapper script around tpm_server which is the executable to start the emulator. Its a script we drop into /usr/local/bin
Santiago Torres
@SantiagoTorres
let me give this a try right now. I wa sin a meeting soz
Santiago Torres
@SantiagoTorres
yeah I think it's trying to use the device node on /dev/tpm*, I didn't get a chance to make it work unfortunately (after changing the unit, reloading and re-starting)
this is the effective unit https://paste.xinu.at/3rZXY/ and this is the journalctl logs https://paste.xinu.at/Ig4eOq/
Luke Hinds
@lukehinds
did you manage to run tpm_serverd?
Santiago Torres
@SantiagoTorres
oh, that precludes the unit? my bad
oh, things seem to be working
Luke Hinds
@lukehinds
awesome!
Santiago Torres
@SantiagoTorres
great! let me re-provision from 0 and see if I can set things up and send a PR to the repo? :)
Luke Hinds
@lukehinds
sounds great , appreciate that.. !
Santiago Torres
@SantiagoTorres
np! My pleasure to play around with it :)
Luke Hinds
@lukehinds
its a good fun when you get to mess with the revocation events and payloads. We can get you running with those next.
Santiago Torres
@SantiagoTorres
woop, seems to work, and i think now in master the disable line is also being commented out. I was about to send a pr :)
I also noticed there's a typo in the PR I sent yesterday. Idk when I added an s to present, and it seems the ansible provisioner caches the playbooks so it was still working on my side...
should I send a PR or will you guys fix it on your side?
Luke Hinds
@lukehinds
I got the typo from yesterday "defaults", that;s fixed up now , did you spot something else? You can go ahead and make a PR if you like.