Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2025-08-22 19:04:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
swtpm/man/man8/swtpm.pod
Stefan Berger 9578dc45f2 swtpm: Display error for backup option on linear storage backend 
Display an error if the user set the backup option when using the
linear storage backend. Update the documentation about the rejection.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-05-28 07:29:44 -04:00

807 lines
32 KiB
Plaintext
Raw Permalink Blame History

=head1 NAME
swtpm - TPM Emulator for TPM 1.2 and 2.0
=head1 SYNOPSIS
B<swtpm socket [OPTIONS]>
B<swtpm chardev [OPTIONS]>
B<swtpm cuse [OPTIONS]>
=head1 DESCRIPTION
B<swtpm> implements a TPM software emulator built on libtpms.
It provides access to TPM functionality over a TCP/IP socket interface
or it can listen for commands on a character device, or create a CUSE
(character device in userspace) interface for receiving of TPM commands.
Unless corresponding command line parameters are used, the
B<swtpm> socket version requires that the environment variable I<TPM_PORT>
be set to the TCP/IP port the process is supposed to listen on for TPM
request messages.
Similarly, the environment variable I<TPM_PATH> can be set and
contain the name of a directory where the TPM can store its persistent
state into.
The B<swtpm> process can be gracefully terminated by sending a
I<SIGTERM> signal to it.
The B<swtpm> cuse version requires root rights to start the TPM.
=head1 Options for socket interface
The following options are supported if the I<socket> interface is chosen:
=over 4
=item B<-p|--port <port>>
Use the given port rather than using the environment variable TPM_PORT.
=item B<-t|--terminate>
Terminate the TPM after the client has closed the data channel connection
(TCP only).
=item B<--server [type=tcp][,port=E<lt>portE<gt>[,bindaddr=E<lt>addressE<gt> [,ifname=E<lt>ifnameE<gt>]]][,fd=E<lt>fdE<gt>][,disconnect]>
Expect TCP connections on the given port; if a port is not provided a file descriptor
must be passed with the fd parameter and the commands are read from this file
descriptor then.
If a port is provided the I<bind address> on which to listen for TCP connections
can be provided as well; the default bind address is 127.0.0.1. If a link
local IPv6 address is provided, the name of the interface to bind to must be
provided with I<ifname>.
This parameter enables a persistent connection by default unless the disconnect option
is given. This parameter should be used rather than the -p and --fd options.
=item B<--server type=unixio[,path=E<lt>pathE<gt>][,fd=E<lt>fdE<gt>] [,mode=E<lt>0...E<gt>][,uid=E<lt>uidE<gt>][,gid=E<lt>gidE<gt>]>
Expect UnixIO connections on the given path. If no path is provided, a file descriptor
must be passed instead. The mode parameter allows a user to set the file mode bits of the
UnixIO path. The mode bits value must be given as an octal number starting with a '0'.
The default value is 0770. uid and gid set the ownership of the UnixIO socket's path.
This operation requires root privileges.
=back
=head1 Options for character device interface
The following options are supported if the I<chardev> interface is chosen:
=over 4
=item B<-c|--chardev <device path>>
Use the given device to listen for TPM commands and send response on.
=item B<--vtpm-proxy>
Create a Linux vTPM proxy device instance and read TPM commands from its
backend device.
=back
=head1 Options for the CUSE interface
The following options are supported if the I<cuse> interface is chosen:
=over 4
=item B<-n|--name <NAME>>
The TPM will use a device with the given name. A device with the given name
will be created in /dev. This is a mandatory option.
=item B<-M|--maj <MAJOR>>
Create the device with the given major number.
=item B<-m|--min <MINOR>>
Create the device with the given minor number.
=back
=head1 Options for socket and character device interfaces:
The following options are supported by the socket and character device interfaces:
=over 4
=item B<-f|--fd <fd>>
Use the given socket file descriptor or character device file descriptor
for receiving TPM commands and sending responses.
For the socket interface, this option automatically assumes -t.
=item B<-d|--daemon>
Daemonize the process.
=item B<--ctrl type=[unixio|tcp][,path=E<lt>pathE<gt>] [,port=E<lt>portE<gt>[,bindaddr=E<lt>addressE<gt>[,ifname=E<lt>ifnameE<gt>]]] [,fd=E<lt>filedescriptorE<gt>|clientfd=E<lt>filedescriptorE<gt>] [,mode=E<lt>0...E<gt>][,uid=E<lt>uidE<gt>][,gid=E<lt>gidE<gt>][,terminate] >
This option adds a control channel to the TPM. The control channel can either use a UnixIO socket with
a given I<path> or I<filedescriptor> or it can use a TCP socket on the given I<port> or I<filedescriptor>.
If a port is provided the I<bind address> on which to listen for TCP connections
can be provided as well; the default bind address is 127.0.0.1. If a link
local IPv6 address is provided, the name of the interface to bind to must be
provided with I<ifname>.
The I<mode> parameter allows a user to set the file mode bits of the UnixIO path.
The mode bits value must be given as an octal number starting with a '0'.
The default value is 0770. I<uid> and I<gid> set the ownership of the UnixIO socket's path.
This operation requires root privileges.
The I<terminate> parameter enables the automatic termination of swtpm when the
control channel connection has been lost. This is useful in scenarios where
the control channel connection is held permanently, such as by QEMU, and
swtpm should terminate upon abnormal termination of the client that could
not send a CMD_SHUTDOWN via the control channel anymore.
The control channel enables out-of-band control of the TPM, such as resetting the TPM.
=back
=head1 Options for all interfaces
The following options are support by all interfaces:
=over 4
=item B<--tpmstate dir=E<lt>dirE<gt>|backend-uri=E<lt>uriE<gt>[,mode=E<lt>0...E<gt>][,lock][,backup][,fsync]>
Use the given path rather than using the environment variable TPM_PATH.
If I<dir> is specified, the TPM state files will be written to the I<dir> with
the given file I<mode> bits. This value must be given as an octal number starting with a '0'.
The default value is 0640.
If I<backend-uri> is specified, the TPM state data will be stored to the URI.
Currently I<backend-uri=dir://<path_to_dir>> and I<backend-uri=file://<path_to_dir>>
are available. For 'dir://', the URI should specify the path to the directory where
files are stored. If I<path_to_dir> starts with a '/' then the path is interpreted
as an absolute path, otherwise it is a path relative to the current directory.
For 'file://', the URI should specify a single file or block device where TPM state
will be stored. A blockdevice must exist already and be big enough to store all
state. (since v0.7)
If I<lock> is specified then the TPM storage backend will lock the TPM state
file to avoid concurrent access to it by another swtpm instance. The default
value, if this option parameter is missing, depends on the storage backend.
For the directory-backend the default is that locking is always enabled, and
therefore this option parameter does not need to be given. For the file backend
it is required since the default is that locking is not automatically
enabled. To avoid locking, I<lock=false> can be used.
If I<backup> is specified then the TPM storage backend will make a backup of the
permanent state file every time the state is rewritten. The backup file can be
used to replace a corrupted permanent state file.
When swtpm is started with this option and the permanent state file is missing
but the backup file exists, then swtpm will rename the backup file to the
permanent state file and try to start with it. In this case the file-renaming is
permanent even if swtpm cannot read the file contents (corrupted, wrong
decryption key). Otherwise, it will try to start with the permanent state file
first and if this fails, it will try to start with the backup file. If both
attempts fail, the original state of the files will be restored.
The I<backup> option is only supported by the directory-backend and is
rejected by other storage backends.
If I<fsync> is specified then the directory storage backend will call fsync
on the file and the directory of the file whenever state is written to disk.
This option ensures that all data have been successfully written to physical
storage before the TPM processes the next command. Using this option lowers
the probability of TPM state file corruption in case of a power loss. Please
also see the man page for fsync.
Note that this option may have an impact on the performance of the TPM for
any command that requires that the TPM's state be written.
The I<fsync> option can be combined with the I<backup> option or can be used
as an alternative to the I<backup> option.
=item B<--tpm2>
Choose TPM 2 functionality; by default a TPM 1.2 is chosen.
=item B<--log [fd=E<lt>fdE<gt>|file=E<lt>pathE<gt>][,level=E<lt>nE<gt>] [,prefix=E<lt>prefixE<gt>][,truncate]>
Enable logging to a file given its file descriptor or its path. Use '-' for path to
suppress the logging.
The level parameter allows a user to choose the level of logging. Starting at log
level 5, libtpms debug logging is activated.
All logged lines will be prefixed with prefix. By default no prefix is prepended.
If I<truncate> is passed, the log file will be truncated.
=item B<--locality reject-locality-4[,allow-set-locality]>
The I<reject-locality-4> parameter will cause TPM error messages to be
returned for requests to set the TPM into locality 4.
The I<allow-set-locality> parameter allows the swtpm to receive
TPM/TPM2_SetLocality commands. This is parameter is useful if the Linux
VTPM proxy driver access is enabled by file descriptor passing.
This option is implied by the I<--vtpm-proxy> option and therefore need not
be explicitly set if this option is passed. In all other cases care should be
taken as to who can send the TPM/TPM2_SetLocality command.
=item B<--key file=E<lt>keyfileE<gt>|fd=E<lt>fdE<gt> [,format=E<lt>hex|binaryE<gt>][,mode=aes-cbc|aes-256-cbc], [remove[=true|false]]>
Enable encryption of the state files of the TPM. The keyfile must contain
an AES key of supported size; 128 bit (16 bytes) and 256 bit (32 bytes) keys are
supported.
The key may be in binary format, in which case the file size must be 16 or
32 bytes. If the key is in hex format (default), the key may consist of 32
or 64 hex digits starting with an optional '0x'.
The I<mode> parameter indicates which block chaining mode is to be used.
Currently aes-cbc (aes-128-cbc) and aes-256-cbc are supported.
The encrypted data is integrity protected using encrypt-then-mac.
The I<remove> parameter will attempt to remove the given keyfile once the key
has been read.
=item B<--key pwdfile=E<lt>passphrase fileE<gt>|pwdfd=E<lt>fdE<gt> [,mode=aes-cbc|aes-256-cbc][remove[=true|false]][,kdf=sha512|pbkdf2]>
This variant of the key parameter allows a user to provide a passphrase in a file.
The file is read and a key is derived from it using either a SHA512 hash
or PBKDF2. By default PBKDF2 is used.
=item B<--migration-key file=E<lt>keyfileE<gt>|fd=E<lt>fdE<gt> [,format=E<lt>hex|binaryE<gt>][,mode=aes-cbc|aes-256-cbc] [,remove[=true|false]]>
The availability of a migration key ensures that the state of the TPM
will not be revealed in unencrypted form when
the TPM state blobs are retrieved through the ioctl interface.
The migration key is not used for encrypting TPM state written to files,
this is what the I<--key> parameter is used for.
The migration key and the key used for encrypting the TPM state files may be the same.
While the key for the TPM state files needs to stay with those files it encrypts, the
migration key needs to stay with the TPM state blobs. If for example the state of the
TPM is migrated between hosts in a data center, then the TPM migration key must be
available at all the destinations, so in effect it may have to be a key shared across
all machines in the datacenter. In contrast to that, the key used for encrypting the
TPM state B<files> can be different for each TPM and need only be available
on the host where the TPM state resides.
The migration key enables the encryption of the TPM state blobs.
The keyfile must contain an AES key of supported size; 128 bit (16 bytes)
and 256 bit (32 bytes) keys are supported.
The key may be in binary format, in which case the file size must be 16 or
32 bytes. If the key is in hex format (default), the key may consist of 32
or 64 hex digits starting with an optional '0x'.
The I<mode> parameter indicates which block chaining mode is to be used.
Currently aes-cbc (aes-128-cbc) and aes-256-cbc are supported.
The encrypted data is integrity protected using encrypt-then-mac.
The I<remove> parameter will attempt to remove the given keyfile once the key
has been read.
=item B<--migration-key pwdfile=E<lt>passphrase fileE<gt>|pwdfd=E<lt>fdE<gt> [,mode=aes-cbc|aes-256-cbc][,remove[=true|false]][,pdf=sha512|pbkdf2]>
This variant of the key parameter allows a user to provide a passphrase in a file.
The file is read and a key is derived from it using either a SHA512 hash
or PBKDF2. By default PBKDF2 is used.
=item B<--pid file=E<lt>pidfileE<gt>|fd=E<lt>filedescriptorE<gt>>
This options allows a user to set the name of file where the process ID (pid) of the TPM
will be written into. It is also possible to pass a file descriptor to a file that
has been opened for writing.
=item B<-r|--runas E<lt>ownerE<gt>>
Switch to the given user. This option can only be used when swtpm is started as root.
=item B<-R|--chroot E<lt>path<gt>>
Chroot to the given directory at startup. This option can only be used when swtpm is
started as root.
=item B<--seccomp action=none|log|kill> (since v0.2)
This option allows a user to select the action to take by the seccomp profile when
a syscall is executed that is not allowed. The default is I<kill>. To disable
the seccomp profile, choose I<none>. The I<log> action logs offending syscalls.
The I<log> action is only available if libseccomp supports logging.
This option is only available on Linux and only if swtpm was compiled with
libseccomp support.
=item B<--flags [not-need-init][,startup-clear|startup-state|startup-deactivated|startup-none][,disable-auto-shutdown]>
The I<not-need-init> flag enables the TPM to accept TPM commands right after
start without requiring an INIT to be sent to it through the command channel
(see the '-i' option of swtpm_ioctl).
The I<startup> options cause a TPM_Startup or TPM2_Startup command to
automatically be sent. The I<startup-deactivated> option is only valid for
a TPM 1.2. These options imply I<not-need-init>, except for the
I<startup-none> option, which results in no command being sent.
If I<--vtpm-proxy> is used, I<startup-clear> is automatically chosen but
this can be changed with this option.
The I<disable-auto-shutdown> flag prevents swtpm from automatically sending a
TPM2_Shutdown() before the reset of a TPM 2 or before the swtpm process
is terminated. When this flag is not provide swtpm will send this command to
avoid increasing the dictionary attack (DA) lockout counter and ultimately
a DA lockout by the TPM 2 due to omission of sending a required TPM2_Shutdown()
before TPM 2 reset or swtpm process termination.
=item B<--print-capabilities> (since v0.2)
Print capabilities that were added to swtpm after version 0.1. The output
may contain the following:
{
"type": "swtpm",
"features": [
"tpm-1.2",
"tpm-2.0",
"tpm-send-command-header",
"flags-opt-startup",
"flags-opt-disable-auto-shutdown",
"cmdarg-seccomp",
"cmdarg-key-fd",
"cmdarg-pwd-fd",
"cmdarg-print-states",
"cmdarg-chroot",
"cmdarg-migration",
"nvram-backend-dir",
"nvram-backend-file",
"rsa-keysize-1024",
"rsa-keysize-2048",
"rsa-keysize-3072",
"rsa-keysize-4096",
"cmdarg-profile",
"cmdarg-print-profiles",
"profile-opt-remove-disabled",
"cmdarg-print-info",
"tpmstate-opt-lock",
"tpmstate-dir-backend-opt-backup",
"tpmstate-dir-backend-opt-fsync"
],
"version": "0.7.0"
}
The version field is available since v0.7.
The meaning of the feature verbs is as follows:
=over 4
=item B<tpm-1.2> (since v0.7)
TPM 1.2 emulation is supported (libtpms is compiled with 1.2 support).
=item B<tpm-2.0> (since v0.7)
TPM 2 emulation is supported (libtpms is compiled with 2.0 support).
(the I<--tpm2> option is supported)
=item B<cmdarg-seccomp> (since v0.2)
The I<--seccomp> option is supported.
=item B<cmdarg-key-fd> (since v0.2)
The I<--key> option supports the I<fd=> parameter.
=item B<cmdarg-pwd-fd> (since v0.2)
The I<--key> option supports the I<pwdfd=> parameter.
=item B<cmdarg-print-states> (since v0.7)
The I<--print-states> option is supported.
=item B<cmdarg-chroot> (since v0.8)
The I<--chroot> option is supported.
=item B<cmdarg-migration> (since v0.8)
The I<--migration> option is supported.
=item B<nvram-backend-dir> (since v0.7)
The I<--tpmstate> option supports the I<backend-uri=dir://...>
parameter.
=item B<nvram-backend-file> (since v0.7)
The I<--tpmstate> option supports the I<backend-uri=file://...>
parameter.
=item B<tpm-send-command-header> (since v0.2)
The TPM 2 commands may be prefixed by a header that carries a 4-byte
command, 1 byte for locality, and 4-byte TPM 2 command length indicator.
The TPM 2 will respond by prepending a 4-byte response indicator and a
4-byte trailer. All data is sent in big endian format.
=item B<flags-opt-startup> (since v0.3)
The I<--flags> option supports the I<startup-...> options.
=item B<flags-opt-disable-auto-shutdown> (since v0.8)
The I<--flags> option supports the I<disable-auto-shutdown> flag.
=item B<rsa-keysize-2048> (since v0.4)
The TPM 2 supports the shown RSA key sizes. If none of the
rsa-keysize verbs is shown then only RSA 2048 bit keys are supported.
=item B<cmdarg-profile> (since v0.10)
The option I<--profile> is supported to set a profile for a TPM 2 with either
one of the option parameters I<name=>, I<profile=>, I<fd=>, or I<file=>.
=item B<cmdarg-print-profiles> (since v0.10)
The option I<--print-profiles> is supported.
=item B<profile-opt-remove-disabled> (since v0.10)
The I<--profile> option supports the I<remove-disabled> option
parameter.
=item B<cmdard-print-info> (since v0.10)
The option I<--print-info> is supported.
=item B<tpmstate-opt-lock> (since v0.10)
The option parameter I<lock> for the I<--tpmstate> option is supported.
=item B<tpmstate-dir-backend-opt-backup> (since v0.11)
The option parameter I<backup> for the I<--tpmstate> option is supported
for the directory storage backend.
=item B<tpmstate-dir-backend-opt-fsync> (since v0.11)
The option parameter I<fsync> for the I<--tpmstate> option is supported
for the directory storage backend.
=back
=item B<--print-states> (since v0.7)
This option allows to print out the TPM 1.2 or TPM 2 state blobs
that are currently stored in a storage backend. This option requires
that the storage backend be specified using the I<--tpmstate> option
and if TPM 2 state blobs are supposed to be shown, the I<--tpm2>
option must be passed.
The following shows the JSON output of this option. It indicates that
the 'permall' and 'volatile' states are available.
{
"type": "swtpm",
"states": [
{
"name": "permall",
"size": 6013
}, {
"name": "volatile",
"size": 1087
}
]
}
=item B<--migration [incoming][,release-lock-outgoing]>
This option allows to control the locking of the NVRAM storage
for the purpose of supporting migration between hosts that have
shared storage setup for the swtpm's state directory and if
locking is supported by the storage backend. The directory storage
backend for example supports locking and therefore requires usage
of this option in case of shared storage.
When providing the I<incoming> option parameter swtpm defers the
locking of the NVRAM until the state blobs are received or until the
first TPM command is processed if no state blobs were received.
The I<release-lock-outgoing> option parameter causes swtpm to
release any NVRAM lock once the TPM's 'savestate' blob is received
from swtpm. To avoid releasing the lock too early the 'permanent'
and 'volatile' state blobs must be received before the 'savestate'
blob.
=item B<--profile
name=E<lt>profile-nameE<gt>|profile=E<lt>json-profileE<gt>|file=E<lt>filenameE<gt>|fd=E<lt>fdE<gt>[,remove-disabled=check|fips-host]> (since v0.10)
This option allows to set a profile for a TPM 2. A built-in profile can be
selected by its name using the option parameter I<name=>. With the I<profile=>
option parameter a JSON-formatted profile can be passed directly. With
the I<file=> option parameter a JSON-formatted profile will be read from a file.
The I<fd=> option parameter allows to read it from a file descriptor.
Profiles must reference the name of a built-in profile. Note that only the
'custom' profile, or profiles whose name starts with 'custom:', may be modified
and provide a list of algorithms, commands, or attributes that control which
crypto algorithms a TPM 2 enables. If either one of these lists is not given
then the corresponding list from the built-in 'custom' profile is used.
The following command line option selects the 'custom' profile under the new
name 'custom:test' with the 'fips-host' attribute set:
=over 2
[...] --profile '{"Name":"custom:test", "Attributes":"fips-host"}'
=back
The profile can only be set the very first time that a TPM 2 instance is
started and for as long as no state file exists. The profile cannot be changed
anymore afterwards and, if passed again using this option, an error will
occur.
The I<remove-disabled> option parameter tells swtpm to remove those
algorithms from the profile that are disabled when FIPS is enabled on a host
(I<fips-host> parameter; reference is RHEL 9.4+ FIPS mode) and OpenSSL's access
to crypto algorithms is restricted. The I<check> parameter can be used to
check that an algorithm is in fact disabled before removing it. This option
is only supported if the I<custom> profile is chosen. In this case it will
(currently) do the following:
=over 2
=item * remove camellia, tdes, and rsaes (RSA encryption with PKCS#1 v1.5
padding)
=item * disable signature support (RSA and EC) over SHA1
=item * disable unpadded RSA encryption
=item * set the minimum size for RSA keys to 2048 bits
=item * set the minimum size for EC keys to 224 bits
=back
All other algorithms remain enabled, including those that FIPS may normally not
allow, such as ecdaa and ecschnorr and others. The list of disabled algorithms
will be extended in the future when FIPS mode on the host disables more
algorithms. Since in this case swtpm may add Attributes to the profile that
require a certain StateFormatLevel, it is recommended to omit the
StateFormatLevel field from the profile.
To see the list of algorithms that are supported and can be disabled, one
may use I<swtpm> as follows.
$ swtpm socket --tpmstate dir=./ --tpm2 --print-info 0x08 | jq
{
"RuntimeAlgorithms": {
"Implemented": "rsa,rsa-min-size=1024,tdes,tdes-min-size=128,sha1,\
hmac,aes,aes-min-size=128,mgf1,keyedhash,xor,sha256,\
sha384,sha512,null,rsassa,rsaes,rsapss,oaep,ecdsa,\
ecdh,ecdaa,sm2,ecschnorr,ecmqv,kdf1-sp800-56a,kdf2,\
kdf1-sp800-108,ecc,ecc-min-size=192,ecc-nist,ecc-bn,\
ecc-nist-p192,ecc-nist-p224,ecc-nist-p256,\
ecc-nist-p384,ecc-nist-p521,ecc-bn-p256,ecc-bn-p638,\
ecc-sm2-p256,symcipher,camellia,camellia-min-size=128,\
cmac,ctr,ofb,cbc,cfb,ecb",
"CanBeDisabled": "tdes,sha1,sha512,rsassa,rsaes,rsapss,ecmqv,\
ecc-nist-p192,ecc-nist-p224,ecc-nist-p521,\
ecc-bn-p256,ecc-bn-p638,ecc-sm2-p256,camellia,cmac,\
ctr,ofb,cbc,ecb",
"Enabled": "rsa,rsa-min-size=1024,tdes,tdes-min-size=128,sha1,hmac,\
aes,aes-min-size=128,mgf1,keyedhash,xor,sha256,sha384,\
sha512,null,rsassa,rsaes,rsapss,oaep,ecdsa,ecdh,ecdaa,sm2,\
ecschnorr,ecmqv,kdf1-sp800-56a,kdf2,kdf1-sp800-108,ecc,\
ecc-min-size=192,ecc-nist,ecc-bn,symcipher,camellia,\
camellia-min-size=128,cmac,ctr,ofb,cbc,cfb,ecb",
"Disabled": ""
}
}
To see the list of supported commands:
$ swtpm socket --tpmstate dir=./ --tpm2 --print-info 0x10 | jq
{
"RuntimeCommands": {
"Implemented": "0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,\
0x15b-0x15e,0x160-0x165,0x167-0x174,0x176-0x178,\
0x17a-0x193,0x197,0x199-0x19c",
"CanBeDisabled": "0x11f,0x121-0x122,0x124-0x128,0x12a,0x12c-0x12e,\
0x130,0x132-0x13b,0x13d-0x140,0x142,0x146-0x147,\
0x149-0x14d,0x14f-0x152,0x154-0x155,0x159,0x15b,\
0x15d-0x15e,0x160-0x164,0x167-0x168,0x16a-0x172,\
0x174,0x177-0x178,0x17b,0x17f-0x181,0x183-0x184,\
0x187-0x193,0x197,0x199-0x19c",
"Enabled": "0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,\
0x15b-0x15e,0x160-0x165,0x167-0x174,0x176-0x178,\
0x17a-0x193,0x197,0x199-0x19c",
"Disabled": ""
}
}
To see the list of supported attributes:
$ swtpm socket --tpmstate dir=./ --tpm2 --print-info 0x80 | jq
{
"RuntimeAttributes": {
"Implemented": "no-unpadded-encryption,no-sha1-signing,\
no-sha1-verification,no-sha1-hmac-creation,\
no-sha1-hmac-verification,no-sha1-hmac,fips-host",
"CanBeDisabled": "no-unpadded-encryption,no-sha1-signing,\
no-sha1-verification,no-sha1-hmac-creation,\
no-sha1-hmac-verification,no-sha1-hmac,fips-host",
"Enabled": "no-unpadded-encryption,no-sha1-signing,\
no-sha1-verification,no-sha1-hmac",
"Disabled": "no-sha1-hmac-creation,no-sha1-hmac-verification,fips-host"
}
}
The above attributes may be added to a profile under an "Attributes" map
entry, which is similar to the "Algorithms" and "Commands" entries.
To see the list of available profiles:
$ swtpm socket --tpm2 --print-info 0x40 | jq
{
"AvailableProfiles": [
{
"Name": "default-v1",
"StateFormatLevel": 4,
"Commands": "0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,\
0x15b-0x15e,0x160-0x165,0x167-0x174,0x176-0x178,\
0x17a-0x193,0x197,0x199-0x19a",
"Algorithms": "rsa,rsa-min-size=1024,tdes,tdes-min-size=128,sha1,\
hmac,aes,aes-min-size=128,mgf1,keyedhash,xor,sha256,\
sha384,sha512,null,rsassa,rsaes,rsapss,oaep,ecdsa,\
ecdh,ecdaa,sm2,ecschnorr,ecmqv,kdf1-sp800-56a,kdf2,\
kdf1-sp800-108,ecc,ecc-min-size=192,ecc-nist,ecc-bn,\
symcipher,camellia,camellia-min-size=128,cmac,ctr,\
ofb,cbc,cfb,ecb",
"Description": "This profile enables all currently supported \
commands and algorithms. It is applied when the \
user chooses no profile."
},
{
"Name": "null",
"StateFormatLevel": 1,
"Commands": "0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,\
0x15b-0x15e,0x160-0x165,0x167-0x174,0x176-0x178,\
0x17a-0x193,0x197",
"Algorithms": "rsa,rsa-min-size=1024,tdes,tdes-min-size=128,sha1,\
hmac,aes,aes-min-size=128,mgf1,keyedhash,xor,sha256,\
sha384,sha512,null,rsassa,rsaes,rsapss,oaep,ecdsa,\
ecdh,ecdaa,sm2,ecschnorr,ecmqv,kdf1-sp800-56a,kdf2,\
kdf1-sp800-108,ecc,ecc-min-size=192,ecc-nist,ecc-bn,\
symcipher,camellia,camellia-min-size=128,cmac,ctr,\
ofb,cbc,cfb,ecb",
"Description": "The profile enables the commands and algorithms \
that were enabled in libtpms v0.9. This profile is \
automatically used when the state does not have a \
profile, for example when it was created by \
libtpms v0.9 or before."
},
{
"Name": "custom",
"StateFormatLevel": 2,
"Commands": "0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,\
0x15b-0x15e,0x160-0x165,0x167-0x174,0x176-0x178,\
0x17a-0x193,0x197",
"Algorithms": "rsa,rsa-min-size=1024,tdes,tdes-min-size=128,sha1,\
hmac,aes,aes-min-size=128,mgf1,keyedhash,xor,sha256,\
sha384,sha512,null,rsassa,rsaes,rsapss,oaep,ecdsa,\
ecdh,ecdaa,sm2,ecschnorr,ecmqv,kdf1-sp800-56a,kdf2,\
kdf1-sp800-108,ecc,ecc-min-size=192,ecc-nist,ecc-bn,\
ecc-sm2-p256,symcipher,camellia,\
camellia-min-size=128,cmac,ctr,ofb,cbc,cfb,ecb",
"Description": "This profile allows customization of enabled \
algorithms and commands. This profile requires at \
least libtpms v0.10."
}
]
}
To see the current active profile querying swtpm listening for control
message on port 2322:
$ swtpm_ioctl --tcp :2322 --info 0x20 | jq
{
"ActiveProfile": {
"Name": "default-v1",
"StateFormatLevel": 4,
"Commands": "0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,\
0x15b-0x15e,0x160-0x165,0x167-0x174,0x176-0x178,\
0x17a-0x193,0x197,0x199-0x19a",
"Algorithms": "rsa,rsa-min-size=1024,tdes,tdes-min-size=128,sha1,\
hmac,aes,aes-min-size=128,mgf1,keyedhash,xor,sha256,\
sha384,sha512,null,rsassa,rsaes,rsapss,oaep,ecdsa,\
ecdh,ecdaa,sm2,ecschnorr,ecmqv,kdf1-sp800-56a,kdf2,\
kdf1-sp800-108,ecc,ecc-min-size=192,ecc-nist,ecc-bn,\
symcipher,camellia,camellia-min-size=128,cmac,ctr,\
ofb,cbc,cfb,ecb",
"Description": "This profile enables all currently supported \
commands and algorithms. It is applied when the \
user chooses no profile."
}
}
The only profile that a user may modify is the 'custom' profile. Here a user
may choose to disable algorithms, commands, and attributes that are allowed
to be disabled. To avoid failing TPM 2 applications, care must be taken that
none of them relies on disabled commands or algorithms.
=item B<--print-profiles> (since v0.10)
Display the profiles supported by libtpms. Use with I<--tpm2> option.
=item B<--print-info> (since v0.10)
Display information about the TPM from libtpms TPMLIB_GetInfo call and exit.
Use the I<--tpm2> option for information about TPM 2. If the I<--tpmstate>
option is also provided then the output will show information about the profile
as well. Note that with this option a TPM state may be created if none existed
before.
The following values can be provided. All of the values can be
or'ed (or added) together to get information about all of them in one query.
=over 2
=item * 0x1: information about the specification the TPM implementation followed
=item * 0x2: information about the manufacturer, model and version of the TPM
=item * 0x4: lists supported RSA and Camellia key sizes
=item * 0x8: describes supported and enabled algorithms
=item * 0x10: describes supported and enabled commands
=item * 0x20: describes the active profile
=item * 0x40: lists all built-in profiles
=item * 0x80: describes supported attributes
=back
=item B<-h|--help>
Display usage info.
=back
=head1 NOTES
If a TPM 2 is used, the user is typically required to send a TPM2_Shutdown()
command to a TPM 2 to avoid possibly increasing the TPM_PT_LOCKOUT_COUNTER
that may lead to a dictionary attack (DA) lockout upon next startup
(TPM2_Startup()) of the TPM 2. Whether the TPM_PT_LOCKOUT_COUNTER is
increased depends on previous commands sent to the TPM 2 as well as
internal state of the TPM 2. One example that will trigger the counter to
increase is the omission of a password when trying to access a
password-protected object or NVRAM location that has the DA attribute set,
followed by termination of swtpm without sending TPM2_Shutdown(). To avoid
a DA lockout swtpm will make a best-effort and send a TPM2_Shutdown(SU_STATE)
or TPM2_Shutdown(SU_CLEAR) if found necessary.
=head1 SEE ALSO
B<swtpm_bios>, B<swtpm_cuse>
Reference in New Issue View Git Blame Copy Permalink