On 10/23/23 21:15, Jarkko Sakkinen wrote:
For TPM1 I tried: keyctl add trusted kmk "new 32" @u This caused TPM error 18, which AFAIK means that there is not SRK (?), which is probably an issue in my swtpm configuration, which is visible in board/qemu/start-qemu.sh.in.
FYI: This would create a TPM 1.2 with an SRK with password 'sss':swtpm_setup --tpmstate=./ --create-ek-cert --take-ownership --overwrite --srkpass sss --ownerpass ooo
