www.openbsd.org

BSSSD: Trusted Computing for FreeBSD and OpenBSD

Navigation

Installation

OpenBSD

Device driver

The patch openbsd-bsssd-1.2.diff is for OpenBSD 4.7.

It provides:

  • tpm(4) driver
  • modified acpidump(8) for dumping the TCPA table
  • MAKEDEV(8) to generate /dev/tpm
  • modified ichpcib(4) which enables tpm chip
  • comments to aps(4) which shares registers with tpm(4)

Applying the patch and building the kernel:

# cd /usr/src
# patch < /tmp/openbsd-bsssd-1.2.diff
# cd /usr/src/usr.sbin/acpidump/
# make obj && make depend && make && make install
# cd /usr/src/etc/etc.i386/
# make
# cp MAKEDEV /dev/MAKEDEV
# cd /dev
# sh MAKEDEV tpm
# cd /usr/src/sys/arch/i386/conf/
# config GENERIC
# cd ../compile/GENERIC/
# make depend && make && make install
# reboot

Note: IRQ 7 was arbitrarily chosen for use with tpm(4). If there are conflicts with other devices you can either chose another free IRQ, disable use of IRQs by not specifying a value in GENERIC, or use config(8) to set the value to -1.

Userland tools

Follow these instructions to build the ports:

# export ftp_proxy=http://myproxy:8080/
# export http_proxy=http://myproxy:8080/

# cd /usr/ports
# tar -xzf /tmp/openbsd-ports-alpha.tgz
# cd /usr/ports/mystuff/security/
# make && make install
# cd /usr/ports/mystuff/sysutils/
# make && make install
# cd /usr/ports/mystuff/emulators/
# make && make install

# cat >> /etc/rc.conf.local
tcsd="YES"
^D
# pkg_info -D trousers
<follow instructions>

# reboot

See ports(7) for general information on ports and how to use them.

FreeBSD

Device driver

The patch freebsd-bsssd-1.2.diff is for FreeBSD 8.0. FreeBSD current does not need any patches.

It provides:

  • tpm(4) driver
  • modified acpidump(8) for dumping the TCPA table

Applying the patch and configuring the kernel:

# cd /usr/src
# patch -p1 < /tmp/freebsd-bsssd-1.2.diff
# cd /usr/src/usr.sbin/acpi/acpidump/
# make obj && make depend && make && make install
# cd /usr/src/sys/i386/conf/
# config GENERIC
# cd ../compile/GENERIC
# make cleandepend ; make depend && make && make install
# cat >> /boot/device.hints
hint.tpm.0.at="isa"
hint.tpm.0.irq="7"
hint.tpm.0.maddr="0xfed40000"
hint.tpm.0.msize="0x5000"
hint.tpm.1.at="isa"
hint.tpm.1.irq="7"
hint.tpm.1.maddr="0xfed40000"
hint.tpm.1.msize="0x1000"
^D
# reboot

Note: IRQ 7 was arbitrarily chosen for use with tpm(4). If your machine does not have a free ISA IRQ, you can use the driver without an IRQ by not providing any hints (i.e. delete the hint.tpm.?.irq from /boot/device.hints)

Userland tools

Follow these instructions to build the ports:

# export ftp_proxy=http://myproxy:8080/
# export http_proxy=http://myproxy:8080/

# cd /usr/ports
# tar -xzf /tmp/freebsd-ports-alpha.tgz
# cd /usr/ports/mystuff/trousers
# make && make install
# cd /usr/ports/mystuff/tpm-tools/
# make && make install
# cd /usr/ports/mystuff/TrustedGrub/
# make && make install
# cd /usr/ports/mystuff/testsuite/
# make && make install
# cd /usr/ports/mystuff/tpm-emulator/
# make && make install
# cd /usr/ports/mystuff/openssl_tpm_engine/
# make && make install

# cat >> /etc/rc.conf
local_startup="/usr/local/etc/rc.d"
tcsd_enable="YES"
^D

# reboot

See ports(7) for general information on ports and how to use them.

bsssd

Page Content

Previous topic

Download

Next topic

News

Navigation

© Copyright 2010, Ralf Meister. Last updated on Nov 12, 2010. Created using Sphinx 0.6.5.