feat: Add TPM emulator (#344)

2024-01-18 10:05:08 +01:00 · 2024-01-18 10:05:08 +01:00 · 9f565e1407
commit 9f565e1407
parent 02238af1d5
2 changed files with 13 additions and 2 deletions
--- a/5
+++ b/5
@ -11,6 +11,7 @@ RUN apt-get update \
        ovmf \
 	socat \
 	nginx \
+        swtpm \
 	procps \
 	iptables \
 	iproute2 \
@ -21,13 +22,13 @@ RUN apt-get update \
 	ca-certificates \
 	netcat-openbsd \
 	qemu-system-x86 \
+    && apt-get clean \
    && novnc="1.4.0" \
+    && mkdir -p /usr/share/novnc \
    && wget https://github.com/novnc/noVNC/archive/refs/tags/v"$novnc".tar.gz -O /tmp/novnc.tar.gz -q \
    && tar -xf /tmp/novnc.tar.gz -C /tmp/ \
    && cd /tmp/noVNC-"$novnc" \
-    && mkdir -p /usr/share/novnc \    
    && mv app core vendor package.json *.html /usr/share/novnc \
-    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

 COPY ./src /run/
--- a/src/boot.sh
+++ b/src/boot.sh
@ -54,6 +54,16 @@ if [[ "${BOOT_MODE,,}" != "legacy" ]]; then
  BOOT_OPTS="$BOOT_OPTS -drive file=$DEST.rom,if=pflash,unit=0,format=raw,readonly=on"
  BOOT_OPTS="$BOOT_OPTS -drive file=$DEST.vars,if=pflash,unit=1,format=raw"

+  if [[ "${BOOT_MODE,,}" == "windows" ]]; then
+
+    BOOT_OPTS="$BOOT_OPTS -chardev socket,id=chrtpm,path=/dev/shm/tpm/swtpm-sock"
+    BOOT_OPTS="$BOOT_OPTS -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0"
+
+    mkdir -p /dev/shm/tpm
+    swtpm socket -t -d --tpmstate dir=/dev/shm/tpm --ctrl type=unixio,path=/dev/shm/tpm/swtpm-sock --log level=1 --tpm2
+
+  fi
+
 fi

 return 0