On 4/30/24 14:37, Jarkko Sakkinen wrote:
On Tue Apr 30, 2024 at 2:18 PM EEST, Stefan Berger wrote:
On 4/29/24 19:49, Jarkko Sakkinen wrote:
On Tue Apr 30, 2024 at 1:26 AM EEST, Jarkko Sakkinen wrote:
Right and obviously 3rd option is to send a PR to
https://gitlab.com/jarkkojs/linux-tpmdd-test.
I.e. patch file goes to patches/qemu (BR2_GLOBAL_PATCH_DIR
points there).
Stefan, can I do a "zero QEMU changes" negative test for
changing null seed by somehow reseting swtpm? That would
be best possible option (if it is possible).
You cannot easily reset swtpm without changing 'something' and resetting
the NULL seed only works when running TPM2_Startup. You could modify
some TPM2 command to do what HierarchyStartup does with the nullSeed to
simulate what you want.
Hmm... I'm not too eager to modify swtpm itself.
You would modify libtpms. You may just want to copy the few relevant
lines from HierarchyStartup function into another TPM 2 command that
then resets the null seed and whatever else you need reset as a side
effect. This sounds simpler to me than what you are proposing with
system(). Who or what would run system().
So one hacky option might be to run swtpm using system() in an
interposer program and that program would again create chardev
using cuse.
That program would again have to modify traffic "at some point".
Maybe +1 command after TPM2_StartAuthSession or later?
BR, Jarkko
