Take Control of TCPA

Can you trust “Trusted Computing”? Learn how it works with free software that lets you store your own keys securely.
Enabling and Clearing the TPM

Before looking at these specific TPM commands, we should cover one of the more mystifying aspects of the TPM—how to get it started. Fortunately, the BIOS is responsible for starting up and clearing the TPM, so this really is not as complex as it looks to be in the TPM specification. At power-on, the TPM is activated but not started. The BIOS then must issue a TPM_Startup command. This command can do one of three things: deactivate the TPM, start up the TPM with a reset of the PCR registers or start up the TPM with a restore of PCR values from their saved states (as with a resume). If the BIOS deactivates the TPM, it remains deactivated until the next power cycle; no software command can reactivate it. A startup with clearing of the PCRs is done at boot time, so all PCR values are calculated correctly during boot. The TPM device driver is responsible for making a TPM_SaveState request at suspend time to ensure that valid PCR values are available at resume time.

The BIOS also is responsible for performing a TPM_ForceClear if desired. The clear command is a complete reset of the TPM, and it unloads all keys and handles and clears the SRK and owner authorization secret. TPM_ForceClear requires proof of physical presence, which normally is given by holding down the Fn key (blue key at the bottom left) when powering on the system.

The control of TPM deactivation and clearing by the BIOS is set in the BIOS setup mode. To get started with the TPM, then, hold down the Fn key and press the Power-On button. When the BIOS screen appears, release Fn, and press F1 to enter BIOS setup mode. Next, select Config→Security System, then select Enable and Clear entries. These steps enable operation of the TPM and clear the chip, so it is ready for us to take ownership.

Talking to the TPM

The TPM device driver, tpm.o, is a loadable kernel module that provides a character device interface to the TPM chip. It is registered officially as Linux major number 10, minor number 224. Applications normally access it through the special file /dev/tpm.

To send a command to the TPM, /dev/tpm is opened for read/write, a command packet is written and the response packet is read. The TPM can process only one command at a time, so the entire request must be sent and the entire response must be read before another request can be made.

All command packets have a common structure:

16-bit unsigned TAGtype of packet
32-bit unsigned Lengthlength of total packet
32-bit unsigned OrdinalTPM command number
variablecommand data

All response packets have a similar structure:

16-bit unsigned TAGtype of packet
32-bit unsigned Lengthlength of total packet
32-bit unsigned Returnreturn code
variablereturned data

All 16- and 32-bit values are in network byte order (big endian) and must be converted to and from host byte order. On writes to the TPM, write exactly the number of bytes in the packet, as indicated in the packet's total length field. When reading the response, you should attempt to read 4,096 bytes (the defined maximum TPM packet size), and the return value of the read indicates how many bytes are in the returned packet. This should match the returned packet's length field exactly. The return code is zero for a successful command, and a positive value is a specific error code.

A function for sending/receiving TPM packets can look something like the following (error handling omitted for clarity):


uint32_t TPM_Transmit(unsigned char *blob)
{
    int tpmfp, len;
    uint32_t size;

    tpmfp = open("/dev/tpm", O_RDWR);
    size = ntohl(*(uint32_t *)&blob[2]);
    len = write(tpmfp, blob, size);
    len = read(tpmfp, blob, 4096);
    return(ntohl(*(uint32_t *)&blob[6]));
}


Some Simple TPM Commands

Once the TPM is enabled and cleared through the BIOS setup and the TPM device driver is loaded, we can try some simple TPM commands. The TCPA main specification details some 73 TPM commands. Fortunately, we can demonstrate the desired signing and sealing functionality in this tutorial with only 14 of these commands.

The simplest command is TPM_Reset, a request to flush any existing authorization handles. TPM_Reset is a nice command to test a driver and library, as it is short, fixed and should always succeed, returning a result code of zero. Here is the example code for TPM_Reset:


uint32_t TPM_Reset()
{
    unsigned char blob[4096] = {
        0,193,     /*TPM_TAG_RQU_COMMAND*/
        0,0,0,10,  /* blob length, bytes */
        0,0,0,90}; /*TPM_ORD_Reset */
    return(TPM_Transmit(blob));
}


It is important to size blob[] to allow the returned TPM data to be up to the maximum allowed packet size of 4,096 bytes.

The TPM_GetCapability command is another simple function that can return several items of information about a given TPM. It can return the version of the current TPM, the total number of key slots in the TPM (typically ten), the number of loaded keys and their handles and the number of PCR registers (typically 16). Here is the example code for using TPM_GetCapability to read the TPM version:


uint32_t TPM_GetCapability_Version()
{
    unsigned char blob[4096] = {
        0,193,     /* TPM_TAG_RQU_COMMAND */
        0,0,0,18,  /* blob length, bytes */
        0,0,0,101, /* TPM_ORD_GetCapability */
        0,0,0,6,   /* TCPA_CAP_VERSION */
        0,0,0,0};  /* no sub capability */
    return(TPM_Transmit(blob));
}

TPM_PcrRead returns the 20 bytes (160 bits) of a specified PCR register. It is useful to check that any desired TPM measurements are being made by the modified GRUB loader.

TPM_ReadPubek is used to read the TPM's fixed public endorsement key (Pubek). Pubek initially must be read so it can be used by the owner to encrypt sensitive data in the TPM_TakeOwnership command. Once ownership is established, the owner typically disables reading of the Pubek for privacy reasons; after that, then this command fails.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

kernel >2.6.10

tpm user's picture

################################################################################

> actually i'm having some problems inserting
> the tpm-module i downloaded
> from the ibm-page
>

Yes, its a change in the return value of pci_register_driver() in the
kernel starting with 2.6.10. In the source

static int __init
init_tpm(void)
{
-----> if (!pci_register_driver(&tpm_pci_driver)) {
pci_unregister_driver(&tpm_pci_driver);
return -ENODEV;
}
.....

change the line to

if (pci_register_driver(&tpm_pci_driver) < 0) {

################################################################################

it's working for me, i hope this will help

working!

Musik's picture

it is working fine for me, too. Tried around a bit but it is working.

The last line of the two tabl

Anonymous's picture

The last line of the two tables not spanning both columns has me quite perplexed. Garrick?!

Garrick, please remember to f

Anonymous's picture

Garrick, please remember to follow the typesetting instrustions given in the text, and then to remove said instructions! :-)

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix