我在 WSL2 中设置了 Ubuntu。然后我尝试了以下说明https://wiki.ubuntu.com/TPM/Testing并尝试在 Ubuntu 上设置 TPM 模拟器。但出于某种原因,我似乎最终陷入了由于 DBus 错误而无法启动模拟器的情况,而真正的问题可能有所不同。我也可以尝试使用在 GitHub 操作中设置 TPM 模拟器来复制同样的问题ubuntu-latest。所以,我想也许 Ubuntu 论坛上有人更了解,看来 TPM GitHub 线程上的人们也遇到了同样的问题。:)
我当前的序列如下:
sudo apt-get update
sudo apt-get install tpm2-abrmd
sudo apt-get install libtss2-tcti-tabrmd-dev
sudo tpm2-abrmd --tcti=mssim --allow-root
或者在 GitHub Actions 上,第二部分是
sudo service tpm2-abrmd start
sudo tpm2-abrmd --allow-root --tcti=mssim --logger=stdout
这似乎是由于访问权限的设置方式而起作用的。
> sudo tpm2-abrmd --tcti=mssim --allow-root
** (process:741): WARNING **: 16:36:40.585: tcti_conf before: "device:/dev/tpm0"
** (tpm2-abrmd:741): WARNING **: 16:36:40.585: tcti_conf after: "mssim"
** (tpm2-abrmd:741): WARNING **: 16:36:40.586: Failed to get proxy for DBus daemon (org.freedesktop.DBus): Could not connect: No such file or directory
** (tpm2-abrmd:741): CRITICAL **: 16:36:40.586: Failed to acquire DBus name com.intel.tss2.Tabrmd. UID 0 must be allowed to "own" this name. Check DBus config and check that this is running as user tss or root.
WARNING:tcti:src/util/io.c:251:socket_connect() Failed to connect to host 127.0.0.1, port 2321: errno 111: Connection refused
WARNING:tcti:src/tss2-tcti/tctildr.c:62:tcti_from_init() TCTI init for function 0x7f0f40e733d0 failed with a000a
WARNING:tcti:src/tss2-tcti/tctildr.c:92:tcti_from_info() Could not initialize TCTI named: tcti-socket
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:150:tcti_from_file() Could not initialize TCTI file: mssim
ERROR:tcti:src/tss2-tcti/tctildr.c:418:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI
** (tpm2-abrmd:741): CRITICAL **: 16:36:40.586: init_thread_func: failed to create TCTI with conf "mssim", got RC: 0xa000a
查看 DBus 配置,有/etc/dbus-1/system.d/tpm2-abrmd.conf:
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- ../system.conf have denied everything, so we just punch some holes -->
<policy user="tss">
<allow own="com.intel.tss2.Tabrmd"/>
</policy>
<policy user="root">
<allow own="com.intel.tss2.Tabrmd"/>
</policy>
<policy user="XYZ">
<allow own="com.intel.tss2.Tabrmd"/>
</policy>
<policy context="default">
<allow send_destination="com.intel.tss2.Tabrmd"/>
<allow receive_sender="com.intel.tss2.Tabrmd"/>
</policy>
</busconfig>
还/etc/dbus-1/system.d/tpm2-abrmd.service:
[Unit]
Description=TPM2 Access Broker and Resource Management Daemon
After=systemd-udev-settle.service
Requires=systemd-udev-settle.service
# This condition is needed when using the device TCTI. If the
# TCP mssim is used then the condition should be commented out.
# ConditionPathExistsGlob=/dev/tpm*
[Service]
Type=dbus
BusName=com.intel.tss2.Tabrmd
StandardOutput=syslog
ExecStart=/usr/sbin/tpm2-abrmd --tcti=mssim
User=tss
[Install]
WantedBy=multi-user.target
我要补充的是
sudo -u tss /usr/local/sbin/tpm2-abrmd --tcti=mssim --logger=stdout &
似乎没什么区别。结果是
> [2] 163
XYZ@ABC:/$ sudo: /usr/local/sbin/tpm2-abrmd: command not found
[2]- Exit 1 sudo -u tss /usr/local/sbin/tpm2-abrmd --tcti=mssim --logger=stdout
也可能是,甚至很有可能,我不知道自己在做什么。我对 Linux 和 Ubuntu 还很陌生。