167 lines
4.7 KiB
Plaintext
167 lines
4.7 KiB
Plaintext
Linux Specific build notes
|
|
--------------------------
|
|
Written by Ken Goldman
|
|
IBM Thomas J. Watson Research Center
|
|
|
|
|
|
Prior to the autotools support, most users began by untarring the
|
|
tarball or cloning the git repo, and then executing 'make' or 'make -f
|
|
<makefile>' in the utils and utils12 directories. For autotools and the
|
|
existing makefiles to co-exist, the existing "makefile" was renamed to
|
|
"makefiletpmc".
|
|
|
|
$ cd utils
|
|
$ make -f makefiletpmc
|
|
$ cd utils12
|
|
$ make -f makefiletpmc
|
|
|
|
This builds a TSS
|
|
- with TPM 2.0 and TPM 1.2 support,
|
|
- connecting to a TPM 2.0 SW TPM,
|
|
- with TSS state files in cwd,
|
|
- with tracing support,
|
|
- and with elliptic curve support.
|
|
|
|
Refer to the "Advanced options", below, for additional compiler options.
|
|
|
|
|
|
Autotools
|
|
---------
|
|
|
|
On Linux (and probably other Unix systems), open source projects expect
|
|
the normal shell command 'autoreconf -i && ./configure && make && make install'
|
|
should configure and build the package.
|
|
|
|
Example 1: To configure the TSS library to use the software TPM, build and
|
|
install the package in ${HOME}/local/bin and ${HOME}/local/lib directories
|
|
execute the following shell commands:
|
|
|
|
$ autoreconf -i
|
|
$ ./configure --prefix=${HOME}/local --disable-hwtpm
|
|
$ make clean
|
|
$ make
|
|
$ make install
|
|
|
|
An initial set of the most common TSS "./configure" options are defined
|
|
to enable/disable different features.
|
|
|
|
--disable-tpm-2.0 - include only TPM 1.2 support
|
|
--disable-tpm-1.2 - include only TPM 2.0 support
|
|
--disable-hwtpm - don't use the hardware TPM, use a software one instead
|
|
--disable-rmtpm - when using a hardware TPM, don't use the resource manager
|
|
--enable-noprint - build a TSS library without tracing or prints
|
|
--enable-nofile - build a TSS library that does not use files to preserve state
|
|
--enable-nocrypto - build a TSS library that does not require a crypto library
|
|
(dependency on "--enable-nofile")
|
|
--enable-noecc - build a TSS library that does not require OpenSSL elliptic curve support
|
|
--enable-debug - build a TSS library used for debugging.
|
|
|
|
Example 2: To configure the TSS library to use the hardware TPM, build and
|
|
install the package in the default /usr/local directories requires root
|
|
privileges. Executing the following shell commands will make and install the
|
|
package in the default directories.
|
|
|
|
$ autoreconf -i
|
|
$ ./configure
|
|
$ make clean
|
|
$ make
|
|
$ sudo make install
|
|
|
|
Other TSS features can be modified by specifying them directly as CFLAGS
|
|
"./configure" options.
|
|
|
|
CFLAGS='<options>'
|
|
options:
|
|
-O0 - change compiler optimization (default: 02)
|
|
-DTPM_DEVICE_DEFAULT="\"/dev/tpmrm0\"" - change hardware TPM (default: /dev/tpm0)
|
|
-DTPM_DATA_DIR_DEFAULT="\"<pathname>\"" - specify directory for TSS state files
|
|
-DTPM_TRACE_LEVEL_DEFAULT="\"<level>"" - change level of tracing (default: 0)
|
|
0 - no tracing
|
|
1 - trace errors
|
|
2 - trace errors and execution flow
|
|
|
|
Example 3: To install the package in ${HOME}/local/bin and ${HOME}/local/lib
|
|
directories, compile for the gdb debugger, and connect by default to a socket
|
|
simulator TPM at command port 3333, execute the following shell commands:
|
|
|
|
$ autoreconf -i
|
|
$ ./configure --prefix=${HOME}/local --enable-debug --disable-hwtpm \
|
|
CFLAGS='-DTPM_INTERFACE_TYPE_DEFAULT="\"socsim\"" -DTPM_COMMAND_PORT_DEFAULT="\"3333\""'
|
|
$ make clean
|
|
$ make
|
|
$ make install
|
|
|
|
The TPM utility binaries are stored in utils/.lib and utils12/.lib directories
|
|
of the source directory.[1] To debug using these binaries in the source tree,
|
|
use either the binary stored in .lib or the libtool command.
|
|
|
|
$ libtool --mode=execute gdb <.lib/utility>
|
|
|
|
[1] For an explanation, refer to the GNU documentation
|
|
https://www.gnu.org/software/libtool/manual/libtool.html#Debugging-executables.
|
|
|
|
|
|
Advanced options
|
|
----------------
|
|
|
|
For all options and details, see the documentation in ibmtss.doc or
|
|
ibmtss.html.
|
|
|
|
Some of the more common options are below.
|
|
|
|
1-3 can also be specified in an environment variable or at run time.
|
|
|
|
4-8, which are used to reduce the size of the library, must be
|
|
specified at compile time.
|
|
|
|
1) To default to a hardware TPM (rather than the SW TPM)
|
|
|
|
Add to CCLFLAGS:
|
|
|
|
-DTPM_INTERFACE_TYPE_DEFAULT="\"dev\""
|
|
|
|
2) To default to /dev/tpmrm0 (rather than /dev/tpm0)
|
|
|
|
Add to CCLFLAGS:
|
|
|
|
-DTPM_DEVICE_DEFAULT="\"/dev/tpm0\""
|
|
|
|
3) To default to a different directory for TSS state files (rather
|
|
than cwd)
|
|
|
|
Add to CCLFLAGS:
|
|
|
|
-DTPM_DATA_DIR_DEFAULT="\"directory\""
|
|
|
|
4) To remove TPM 1.2 support
|
|
|
|
Delete from CCLFLAGS and CCAFLAGS
|
|
|
|
-DTPM_TPM12
|
|
|
|
5) To remove the requirement for a filesystem (see documentation for
|
|
limitations)
|
|
|
|
Add to CCFLAGS
|
|
|
|
-DTPM_TSS_NOFILE
|
|
|
|
6) To remove the requirement for crypto (see documentation for
|
|
limitations)
|
|
|
|
Add to CCFLAGS
|
|
|
|
-DTPM_TSS_NOCRYPTO
|
|
|
|
7) To remove print tracing support
|
|
|
|
Add to CCFLAGS
|
|
|
|
-DTPM_TSS_NO_PRINT
|
|
|
|
8) To remove elliptic curve dependencies
|
|
|
|
Add to CCFLAGS
|
|
|
|
-DTPM_TSS_NOECC
|