[TrouSerS-users] Doing it without tcsd

Discussion:

Raja Sivagaminathan

2015-06-19 19:20:49 UTC

Folks,

To use Trousers code in our modern Windows based application I need to port it to Visual Studio 2013 (or 2015 RC) - because the existing libraries (and other open source libraries) simply don't compile with VS 2013 projects. While doing so I am planning on short-circuiting the code in an attempt to remove the socket based communication business and the need to install tcsd service. Anyone disagree with that approach? Are there any gotchas that I should be aware of before I spend too much time on it? I don't see a need for the service so I would like to remove it.

Thanks
Raja

Luigi Semenzato

2015-06-19 20:33:46 UTC

Permalink

If you just need to talk to the TPM, I co-authored some software to do
that. It's called "trunks" (as in "small trousers") and I recently
put it here:

https://github.com/semenzato

That's for the 1.2 standard. The Chromium project is also working on
a similar library for the 2.0 standard:

git clone https://chromium.googlesource.com/chromiumos/platform2

in the directory "trunks".

The 1.2 version, written by myself and Mario (really), has something
like 0 users, so if you use it you'll probably get some attention.
Cheers :)

On Fri, Jun 19, 2015 at 12:20 PM, Raja Sivagaminathan
<***@hotmail.com> wrote:
> Folks,
>
> To use Trousers code in our modern Windows based application I need to port
> it to Visual Studio 2013 (or 2015 RC) - because the existing libraries (and
> other open source libraries) simply don't compile with VS 2013 projects.
> While doing so I am planning on short-circuiting the code in an attempt to
> remove the socket based communication business and the need to install tcsd
> service. Anyone disagree with that approach? Are there any gotchas that I
> should be aware of before I spend too much time on it? I don't see a need
> for the service so I would like to remove it.
>
> Thanks
> Raja
>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>

------------------------------------------------------------------------------

Ken Goldman

2015-06-19 21:09:18 UTC

Permalink

Not a trousers acronym expert, but I thought tcsd did the scheduling and
swapping for processes using the TPM. Is your application guaranteed to
be the only one using the TPM?

------------------------------------------------------------------------------

Luigi Semenzato

2015-06-19 21:26:07 UTC

Permalink

On Fri, Jun 19, 2015 at 2:09 PM, Ken Goldman <***@us.ibm.com> wrote:
> Not a trousers acronym expert, but I thought tcsd did the scheduling and
> swapping for processes using the TPM. Is your application guaranteed to
> be the only one using the TPM?

No, you're on your own for that. Trunks only does the
marshalling/unmarshalling of TPM commands.

At least on Linux, request/response atomicity is guaranteed by the
driver, which makes /dev/tpm0 an exclusive-open device (only one
process at a time can hold it open).

>
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users

------------------------------------------------------------------------------

Luigi Semenzato

2015-06-19 21:53:05 UTC

Permalink

I forgot to mention that the main advantage of trunks vs. trousers is
3,000 lines of code vs. 250,000.

On Fri, Jun 19, 2015 at 2:26 PM, Luigi Semenzato <***@google.com> wrote:
> On Fri, Jun 19, 2015 at 2:09 PM, Ken Goldman <***@us.ibm.com> wrote:
>> Not a trousers acronym expert, but I thought tcsd did the scheduling and
>> swapping for processes using the TPM. Is your application guaranteed to
>> be the only one using the TPM?
>
> No, you're on your own for that. Trunks only does the
> marshalling/unmarshalling of TPM commands.
>
> At least on Linux, request/response atomicity is guaranteed by the
> driver, which makes /dev/tpm0 an exclusive-open device (only one
> process at a time can hold it open).
>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> TrouSerS-users mailing list
>> TrouSerS-***@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/trousers-users

------------------------------------------------------------------------------

Ken Goldman

2015-06-22 13:35:00 UTC

Permalink

3 kloc for marshaling and unmarshaling seems about right, but trousers
does far more. HMAC, parameter encryption, PCR handling, scheduling,
resource management, and (I think) key management.

On 6/19/2015 5:53 PM, Luigi Semenzato wrote:
> I forgot to mention that the main advantage of trunks vs. trousers is
> 3,000 lines of code vs. 250,000.
>

Ken Goldman

2015-06-22 13:30:35 UTC

Permalink

On 6/19/2015 5:26 PM, Luigi Semenzato wrote:
>
> No, you're on your own for that. Trunks only does the
> marshalling/unmarshalling of TPM commands.
>
> At least on Linux, request/response atomicity is guaranteed by the
> driver, which makes /dev/tpm0 an exclusive-open device (only one
> process at a time can hold it open).

That is my understanding, which means that if /dev/tpm0 grants user
level permissions, one application can open the TPM and block all other
applications.

Even if applications cooperate, doing open/close pairs, they will
interfere with each other. Another purpose of tcsd is resource
management, swapping items in and out of the TPMas needed for each
application.

If that limitation is satisfactory, you don't need a privileged
scheduler like tcsd.

Raja Sivagaminathan

2015-06-19 21:52:45 UTC

Permalink

tcsd is a Win32 service that listens to sockets and the higher level APIs communicate with the service through the sockets (at least that is my understanding).

I think tcsd and the socket communication are unwanted pieces from a application point of view. I am not saying it is useless or more useful, the "library" part of Trousers should not require me to pre-install a service when such need has no technical basis.

I was initially under the impression that Microsoft's TBS service imposed restrictions on applications that directly called Tbsip_Submit_Command API had to do so under SYSTEM account context and that's probably why Trousers used a service. That does not seem to be the case.

My purpose is to configure TPM at the time of installing my application. Once I configure TPM I don't even use it from the OS, a different piece of code will use it as part of boot loading process. So the only application that will configure TPM is my installer and that's about it. My perspective is I have no business installing tcsd service and leave it out there for some future application to come make use of it. If I installed tcsd service then I also have to worry about cleaning it up when I am done. When doing so I have to wonder if some other application might be depending on tcsd service or if the tcsd service was already installed before me etc...

> To: trousers-***@lists.sourceforge.net
> From: ***@us.ibm.com
> Date: Fri, 19 Jun 2015 17:09:18 -0400
> Subject: Re: [TrouSerS-users] Doing it without tcsd
>
> Not a trousers acronym expert, but I thought tcsd did the scheduling and
> swapping for processes using the TPM. Is your application guaranteed to
> be the only one using the TPM?
>
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users

Ken Goldman

2015-06-22 13:43:50 UTC

Permalink

On 6/19/2015 5:52 PM, Raja Sivagaminathan wrote:
>
> I think tcsd and the socket communication are unwanted pieces from a
> application point of view. [snip]
> My purpose is to configure TPM at the time of installing my
> application.

If you can guarantee that there are no other users of the TPM at the
time you are installing your application, you can talk directly to the
TPM. If you cannot, you need a scheduler and resource manager.

A trivial example: What happens if your install needs to load a key,
but another application has used all the key slots?

Thomas, Ronnie L.

2015-06-22 14:23:11 UTC

Permalink

Is there documentation that describes in detail how all the layers interact (i.e. TCSD, the kernel TPM driver, etc.)? I was under the impression that TCSD had to be started in order to run Trousers.

Ronnie Thomas
Senior Software Development Engineer-TPM/Atmel Corporation
1150 E. Cheyenne Mountain Blvd, Colorado Springs, CO 80906
Tel:(+1)(719)-540-1604/Fax:(+1)(719)-540-1759
***@atmel.com/ http://www.atmel.com/

-----Original Message-----
From: Ken Goldman [mailto:***@us.ibm.com]
Sent: Monday, June 22, 2015 7:44 AM
To: trousers-***@lists.sourceforge.net
Subject: Re: [TrouSerS-users] Doing it without tcsd

On 6/19/2015 5:52 PM, Raja Sivagaminathan wrote:
>
> I think tcsd and the socket communication are unwanted pieces from a
> application point of view. [snip] My purpose is to configure TPM at
> the time of installing my application.

If you can guarantee that there are no other users of the TPM at the time you are installing your application, you can talk directly to the TPM. If you cannot, you need a scheduler and resource manager.

A trivial example: What happens if your install needs to load a key, but another application has used all the key slots?

------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors
network devices and physical & virtual servers, alerts via email & sms
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
TrouSerS-users mailing list
TrouSerS-***@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/trousers-users

Hon Ching Lo

2015-06-22 19:09:59 UTC

Permalink

> Is there documentation that describes in detail how all the layers
interact (i.e. TCSD, the kernel TPM driver, etc.)? I was under the
impression that TCSD had to be started in order to run Trousers.

The book 'A Practical Guide to Trusted Computing' is a reference.
For the TCSD related:
https://sourceforge.net/p/trousers/trousers/ci/master/tree/README

Vicky

On Mon, Jun 22, 2015 at 10:23 AM, Thomas, Ronnie L. <***@atmel.com
> wrote:

> Is there documentation that describes in detail how all the layers
> interact (i.e. TCSD, the kernel TPM driver, etc.)? I was under the
> impression that TCSD had to be started in order to run Trousers.
>
> Ronnie Thomas
> Senior Software Development Engineer-TPM/Atmel Corporation
> 1150 E. Cheyenne Mountain Blvd, Colorado Springs, CO 80906
> Tel:(+1)(719)-540-1604/Fax:(+1)(719)-540-1759
> ***@atmel.com/ http://www.atmel.com/
>
> -----Original Message-----
> From: Ken Goldman [mailto:***@us.ibm.com]
> Sent: Monday, June 22, 2015 7:44 AM
> To: trousers-***@lists.sourceforge.net
> Subject: Re: [TrouSerS-users] Doing it without tcsd
>
> On 6/19/2015 5:52 PM, Raja Sivagaminathan wrote:
> >
> > I think tcsd and the socket communication are unwanted pieces from a
> > application point of view. [snip] My purpose is to configure TPM at
> > the time of installing my application.
>
> If you can guarantee that there are no other users of the TPM at the time
> you are installing your application, you can talk directly to the TPM. If
> you cannot, you need a scheduler and resource manager.
>
> A trivial example: What happens if your install needs to load a key, but
> another application has used all the key slots?
>
>
>
>
>
> ------------------------------------------------------------------------------
> Monitor 25 network devices or servers for free with OpManager!
> OpManager is web-based network management software that monitors
> network devices and physical & virtual servers, alerts via email & sms
> for fault. Monitor 25 devices for free with no restriction. Download now
> http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
>
> ------------------------------------------------------------------------------
> Monitor 25 network devices or servers for free with OpManager!
> OpManager is web-based network management software that monitors
> network devices and physical & virtual servers, alerts via email & sms
> for fault. Monitor 25 devices for free with no restriction. Download now
> http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>

Dmitri Toubelis

2015-06-22 21:10:52 UTC

Permalink

Ronnie,

My understanding of the architecture as follows:

1. libtspi is implementation of TSS interface;

2. libtss communicates with tcsd via TCS interface and if tcsd is not running (some of) libtspi calls will return errors (not 100% sure about this).

3. tcsd comminicates with TPM driver (OS/kernel piece) via TDDL interface (/dev/tpm device on Linux)

4. TPM driver communicates with TPM using TDD interlace which is somewhat vendor specific.

So if you want to deal with TPM from boot loader you should be probably looking at TDD spec. All these interfaces are part of TSS specification and the officila documentation is on TCG web site. They constantly reorganizing the content, so my old bookmark did not work but I was using TSS_Version_1.2_Level_1_FINAL.pdf document as a reference.

Hope this helps.

----- Original Message -----
> From: "Ronnie L. Thomas" <***@atmel.com>
> To: "Ken Goldman" <***@us.ibm.com>, trousers-***@lists.sourceforge.net
> Sent: Monday, June 22, 2015 10:23:11 AM
> Subject: Re: [TrouSerS-users] Doing it without tcsd
>
> Is there documentation that describes in detail how all the layers
> interact (i.e. TCSD, the kernel TPM driver, etc.)? I was under the
> impression that TCSD had to be started in order to run Trousers.
>
> Ronnie Thomas
> Senior Software Development Engineer-TPM/Atmel Corporation
> 1150 E. Cheyenne Mountain Blvd, Colorado Springs, CO 80906
> Tel:(+1)(719)-540-1604/Fax:(+1)(719)-540-1759
> ***@atmel.com/ http://www.atmel.com/
>
> -----Original Message-----
> From: Ken Goldman [mailto:***@us.ibm.com]
> Sent: Monday, June 22, 2015 7:44 AM
> To: trousers-***@lists.sourceforge.net
> Subject: Re: [TrouSerS-users] Doing it without tcsd
>
> On 6/19/2015 5:52 PM, Raja Sivagaminathan wrote:
> >
> > I think tcsd and the socket communication are unwanted pieces from
> > a
> > application point of view. [snip] My purpose is to configure TPM at
> > the time of installing my application.
>
> If you can guarantee that there are no other users of the TPM at the
> time you are installing your application, you can talk directly to
> the TPM. If you cannot, you need a scheduler and resource manager.
>
> A trivial example: What happens if your install needs to load a key,
> but another application has used all the key slots?
>
>
>
>
> ------------------------------------------------------------------------------
> Monitor 25 network devices or servers for free with OpManager!
> OpManager is web-based network management software that monitors
> network devices and physical & virtual servers, alerts via email &
> sms
> for fault. Monitor 25 devices for free with no restriction. Download
> now
> http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
> ------------------------------------------------------------------------------
> Monitor 25 network devices or servers for free with OpManager!
> OpManager is web-based network management software that monitors
> network devices and physical & virtual servers, alerts via email &
> sms
> for fault. Monitor 25 devices for free with no restriction. Download
> now
> http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>