bboozzoo · November 21, 2024 18:26
diff --git a/run-with-tpm b/run-with-tpm
 #!/bin/sh -ex
 img=${1:-image-home/pc.img}
 TPM=/var/snap/test-snapd-swtpm/current
 #OVMFDIR=${OVMFDIR-./ovmf/OVMF}
 OVMFDIR=${OVMFDIR-./snapd-ovmf}
 OVMFIMG=${OVMFIMG-OVMF_CODE.secboot.fd}
 OVMFVARS=${OVMFVARS-OVMF_VARS.snakeoil.fd}
 #OVMFDIR=/usr/share/edk2-ovmf/x64
 cp -v $OVMFDIR/$OVMFVARS .

 sudo rm -f "$TPM/tpm2-00.permall"
 sudo snap restart test-snapd-swtpm

 until [ -S "$TPM/swtpm-sock" ]; do
    echo "-- waiting for swtpm socket"
    sleep 1
 done
 sudo chmod a+rw "$TPM/swtpm-sock"

 # SSH_PORT=59467 GUI=virtio \
 #         ../run-qemu "$img" \
 #         -machine pc-q35-2.5 -smp 4 \
 #         -drive if=pflash,format=raw,readonly,file=$OVMFDIR/OVMF_CODE.secboot.fd \
 #         -drive if=pflash,format=raw,file=./OVMF_VARS.fd.rw \
 #         -chardev socket,id=chrtpm,path="$TPM"/swtpm-sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0

 qemu-system-x86_64 \
    -enable-kvm \
    -snapshot \
    -smp 4 \
    -m 2048 \
    -cpu host \
    -machine q35 \
    -global ICH9-LPC.disable_s3=1 \
    -device virtio-net-pci,netdev=mynet0 \
    -netdev user,id=mynet0,hostfwd=tcp:127.0.0.1:59467-:22 \
    -serial telnet:127.0.0.1:59468,server,nowait \
    -monitor telnet:127.0.0.1:59469,server,nowait \
    -vga virtio -display gtk,gl=on \
    -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0 \
    -drive file=./OVMF_CODE.secboot.fd,if=pflash,format=raw,unit=0,readonly=on \
    -drive file=./OVMF_VARS.test.fd,if=pflash,format=raw \
    -chardev socket,id=chrtpm,path=/var/snap/test-snapd-swtpm/current/swtpm-sock \
    -tpmdev emulator,id=tpm0,chardev=chrtpm \
    -drive file=image-home/pc.img,if=none,id=disk1,snapshot=on \
    -device virtio-blk-pci,drive=disk1,bootindex=1 \
    -device tpm-tis,tpmdev=tpm0

 # SSH_PORT=59467 GUI=virtio \
 #         ../run-qemu "$img" \
 #         -machine q35 -smp 4 -global ICH9-LPC.disable_s3=1 \
 #         -drive file=$OVMFDIR/$OVMFIMG,if=pflash,format=raw,unit=0,readonly=on \
 #         -drive file=./$OVMFVARS,if=pflash,format=raw \
 #         -chardev socket,id=chrtpm,path="$TPM/swtpm-sock" \
 #         -tpmdev emulator,id=tpm0,chardev=chrtpm \
 #         -device tpm-tis,tpmdev=tpm0
	#!/bin/sh -ex
	img=${1:-image-home/pc.img}
	TPM=/var/snap/test-snapd-swtpm/current
	#OVMFDIR=${OVMFDIR-./ovmf/OVMF}
	OVMFDIR=${OVMFDIR-./snapd-ovmf}
	OVMFIMG=${OVMFIMG-OVMF_CODE.secboot.fd}
	OVMFVARS=${OVMFVARS-OVMF_VARS.snakeoil.fd}
	#OVMFDIR=/usr/share/edk2-ovmf/x64
	cp -v $OVMFDIR/$OVMFVARS .

	sudo rm -f "$TPM/tpm2-00.permall"
	sudo snap restart test-snapd-swtpm

	until [ -S "$TPM/swtpm-sock" ]; do
	echo "-- waiting for swtpm socket"
	sleep 1
	done
	sudo chmod a+rw "$TPM/swtpm-sock"

	# SSH_PORT=59467 GUI=virtio \
	# ../run-qemu "$img" \
	# -machine pc-q35-2.5 -smp 4 \
	# -drive if=pflash,format=raw,readonly,file=$OVMFDIR/OVMF_CODE.secboot.fd \
	# -drive if=pflash,format=raw,file=./OVMF_VARS.fd.rw \
	# -chardev socket,id=chrtpm,path="$TPM"/swtpm-sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0

	qemu-system-x86_64 \
	-enable-kvm \
	-snapshot \
	-smp 4 \
	-m 2048 \
	-cpu host \
	-machine q35 \
	-global ICH9-LPC.disable_s3=1 \
	-device virtio-net-pci,netdev=mynet0 \
	-netdev user,id=mynet0,hostfwd=tcp:127.0.0.1:59467-:22 \
	-serial telnet:127.0.0.1:59468,server,nowait \
	-monitor telnet:127.0.0.1:59469,server,nowait \
	-vga virtio -display gtk,gl=on \
	-object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0 \
	-drive file=./OVMF_CODE.secboot.fd,if=pflash,format=raw,unit=0,readonly=on \
	-drive file=./OVMF_VARS.test.fd,if=pflash,format=raw \
	-chardev socket,id=chrtpm,path=/var/snap/test-snapd-swtpm/current/swtpm-sock \
	-tpmdev emulator,id=tpm0,chardev=chrtpm \
	-drive file=image-home/pc.img,if=none,id=disk1,snapshot=on \
	-device virtio-blk-pci,drive=disk1,bootindex=1 \
	-device tpm-tis,tpmdev=tpm0

	# SSH_PORT=59467 GUI=virtio \
	# ../run-qemu "$img" \
	# -machine q35 -smp 4 -global ICH9-LPC.disable_s3=1 \
	# -drive file=$OVMFDIR/$OVMFIMG,if=pflash,format=raw,unit=0,readonly=on \
	# -drive file=./$OVMFVARS,if=pflash,format=raw \
	# -chardev socket,id=chrtpm,path="$TPM/swtpm-sock" \
	# -tpmdev emulator,id=tpm0,chardev=chrtpm \
	# -device tpm-tis,tpmdev=tpm0