Ó¦ÓÃTPM×÷linux¿ÉÐÅÆ𶯵ijõ²½Êµ¼ù

Ê×ÏÈÒªÓÐһ̨´øÓÐTPM 1.2оƬ£¬×°ÓÐlinuxϵͳµÄ¼ÆËã»ú¡£
ʹÓÃÏÂÃæÕâÌõÃüÁî¿ÉÒԲ鿴ϵͳÄÚºËtpmÇý¶¯Çé¿ö£º
$ ls -la /lib/modules/`uname -r`/kernel/drivers/char/tpm
×Ü¼Æ 100
drwxr-xr-x 2 root root 4096 02-03 21:47 .
drwxr-xr-x 7 root root 4096 02-03 21:47 ..
-rwxr--r-- 1 root root 9812 01-21 15:27 tpm_atmel.ko
-rwxr--r-- 1 root root 11128 01-21 15:27 tpm_bios.ko
-rwxr--r-- 1 root root 15860 01-21 15:27 tpm_infineon.ko
-rwxr--r-- 1 root root 19184 01-21 15:27 tpm.ko
-rwxr--r-- 1 root root 10796 01-21 15:27 tpm_nsc.ko
-rwxr--r-- 1 root root 16516 01-21 15:27 tpm_tis.ko
tpm_tisÄ£¿é¿ÉÒÔÍêȫʹÓÃTPM1.2¡£ÐèÒªÕâ¸öÄ£¿é£¬Ã»µÄ»°¿ÉÄÜÐèÒªÖØбàÒëеÄÄںˡ£
½ÓÏÂÀ´¿ÉÒÔÕ⼸ÌõÃüÁî¼ÓÔØTPMÇý¶¯£º
$ sudo modprobe tpm_bios
$ sudo modprobe tpm
$ sudo modprobe tpm_tis force=1 interrupts=0
$ dmesg
...
[xxx.yyy] tpm_tis tpm_tis: 1.2 TPM (device-id 0x4A10, rev-id 78)
Èç¹ûÏÔʾÓÐÀàËÆÒÔÉÏÐÅÏ¢£¬ËµÃ÷ÉèÖóɹ¦¡£
ÐèÒª°²×°TrouSerstºÍtpm-toolsÀ´¹ÜÀíTPM¡£
$ sudo /etc/init.d/tcsd start
ÓÃÉÏÃæÕâÌõÃüÁîÀ´Æð¶¯Õâ¸ö¹ÜÀí¹¤¾ß
È»ºó¼ì²éÏÂtpmÊDz»ÊÇ¿ÉÓÃÁË¡£
$ sudo tpm_version
TPM Version: 01010000
Manufacturer Info: 53544d20
ºÃÁË¡£ÏÖÔÚÈÃÎÒÃÇÀ´³õʼ»¯TPMоƬ
$ sudo tpm_takeownership
Enter owner password: xxxxxx
Confirm password: xxxxxx
Enter SRK password: yyyyyyyy
Confirm password: yyyyyyyy
¼Çס£¡ ÕâÌõÃüÁîÖ»ÄÜÖ´ÐÐÒ»´Î£¡Ö®ºó²»ÄÜÔÙ³£Ê¶£¡
Èç¹û³öÏÖÏÂÃæÕâ¸ö´íÎó£º
Tspi_TPM_GetPubEndorsementKey failed: 0x00000023 - layer=tpm, code=0023 (35), No EK
Ôò˵Ã÷Endorsement Key²»´æÔÚ£¬ÐèÒªÏÂÃæÕâÌõÃüÁî´´½¨¡£
$ sudo tpm_createek
ok£¡ Ö®ºóÎÒÃǾͿÉÒԵõ½Public Endorsement Key
$sudo tpm_getpubek
ÆÚ¼äÐèÒªÊäÈëowner password¡£
½ÓÏÂÀ´ÐèÒª°²×°TrustedGRUB£¬È»ºó¶ÔÆäÖÐһЩÎļþ×öÐ޸ġ£
»¹ÓкÜÖØÒªµÄÒ»´¦£¡
ÔÚÄÚºËÔ´´úÂëÎļþÖÐµÄ drivers/char/tpm/tpm_tis.c
view plaincopy to clipboardprint?[...]  static struct pnp_device_id tpm_pnp_tbl __devinitdata = {      {"PNP0C31", 0},     /* TPM