Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2026-02-05 05:59:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Libtpms-based TPM emulator with socket, character device, and Linux CUSE interface.
1,375 Commits 24 Branches 39 Tags 5.3 MiB
C 62.5%
Shell 34.8%
Makefile 1.1%
M4 1.1%
Python 0.4%
Other 0.1%
487892f2fc
Go to file
Stefan Berger 487892f2fc tests: Add test case to check that swtpm sends a TPM2_Shutdown 
Add a test case that checks that swtpm sends a TPM2_Shutdown() to the
TPM 2 upon abrupt re-initialization (CMD_INIT) or graceful shutdown
(control channel, CMD_SHUTDOWN) of the TPM 2 and avoids a potential
dictionary attack (DA) lock-out. A previously sent command failing
authorization with DA implications would otherwise trigger the
TPM_PT_LOCKOUT_COUNTER to increase by '1' if the TPM 2 was not properly
shut down by the client (guest OS) with a TPM2_Shutdown() command.

The test case tests whether a TPM2_Shutdown() is now sent before a reset.
The defined password-protected NVRAM area has the DA flag set and the test
case tries to read from it without providing a password. If we didn't send
the TPM2_Shutdown() before the test cases sends the reset (CMD_INIT), then
the dictionary attack lockout counter would be increased by one. With the
instrumentation in the previous patch the automatically sent
TPM2_Shutdown() keeps the counter at 0.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2022-08-18 09:50:16 -04:00
.github/ISSUE_TEMPLATE Update bug_report.md 2021-10-02 11:18:02 -04:00
debian debian: Add swtpm apparmor profile 2022-05-05 20:58:30 -04:00
include build-sys: Define __USE_LINUX_IOCTL_DEFS in header file (Cygwin) 2022-04-04 11:45:36 -04:00
man swtpm: Introduce disable-auto-shutdown flag for --flags option 2022-08-18 09:50:16 -04:00
samples swtpm_setup: Write active_pcr_banks into swtpm_setup.conf 2021-10-29 15:36:35 -04:00
src swtpm: Introduce disable-auto-shutdown flag for --flags option 2022-08-18 09:50:16 -04:00
tests tests: Add test case to check that swtpm sends a TPM2_Shutdown 2022-08-18 09:50:16 -04:00
.gitignore gitignore: Ignore created files in man/man5/ 2022-06-28 07:55:20 -04:00
.travis.yml Travis: Remove python3-twisted package from being installed 2021-09-20 07:25:53 -04:00
autogen.sh build-sys: Create m4 directory on older systems 2018-12-15 10:06:03 -05:00
CHANGES CHANGES: Add more documentation for changes in 0.7.0 2021-11-09 10:49:45 -05:00
configure.ac configure: check for bash 2022-07-12 13:47:36 -04:00
COPYING initial check-in 2014-12-05 11:16:03 -05:00
DCO1.1.txt Replace the CLA with the DCO, simply requiring a Signed-off-by: 2016-12-21 11:11:48 -05:00
INSTALL docs: Update INSTALL document 2021-07-21 09:04:24 -04:00
LICENSE swtpm: Replace the CUSE TPM with the new implementation 2015-12-07 15:01:57 -05:00
Makefile.am build-sys: Move regex to test PCR banks into configure script 2021-11-08 09:03:44 -05:00
README docu: Cut down the README to its minimum 2018-09-24 17:48:41 -04:00
run_tests tests: Run all tests again in run_test 2020-04-07 17:14:10 -04:00
swtpm.spec Move *.conf and *.options to man5 2021-11-22 18:30:17 -05:00
swtpm.spec.in Move *.conf and *.options to man5 2021-11-22 18:30:17 -05:00
TODO Adding RHEL/Centos status info 2016-06-26 20:03:43 -04:00

README 

SWTPM - Software TPM Emulator
      David Safford safford@us.ibm.com
      Stefan Berger stefanb@us.ibm.com

The SWTPM package provides TPM emulators with different front-end interfaces
to libtpms. TPM emulators provide socket interfaces (TCP/IP and Unix) and
the Linux CUSE interface for the creation of multiple native /dev/vtpm* devices.

The SWTPM package also provides several tools for using the TPM emulator,
creating certificates for a TPM, and simulating the manufacturing of
a TPM by creating a TPM's EK and platform certificates etc. Please read 
the READMEs in the individual tool's directory under src/.

Please consult the Wiki for information about swtpm:

   https://github.com/stefanberger/swtpm/wiki