tss2/README.md

Linux Specific build notes
--------------------------
Written by Ken Goldman
IBM Thomas J. Watson Research Center


Prior to the autotools support, most users began by untarring the
tarball or cloning the git repo, and then executing 'make' or 'make -f
<makefile>' in the utils and utils12 directories.  For autotools and the
existing makefiles to co-exist, the existing "makefile" was renamed to
"makefiletpmc".

$ cd utils
$ make -f makefiletpmc
$ cd utils12
$ make -f makefiletpmc

This builds a TSS
- with TPM 2.0 and TPM 1.2 support,
- connecting to a TPM 2.0 SW TPM,
- with TSS state files in cwd,
- with tracing support,
- and with elliptic curve support.

Refer to the "Advanced options", below, for additional compiler options.


Autotools
---------

On Linux (and probably other Unix systems), open source projects expect
the normal shell command 'autoreconf -i && ./configure && make && make install'
should configure and build the package.

Example 1: To configure the TSS library to use the software TPM, build and
install the package in ${HOME}/local/bin and ${HOME}/local/lib directories
execute the following shell commands:

$ autoreconf -i
$ ./configure --prefix=${HOME}/local --disable-hwtpm
$ make clean
$ make
$ make install

An initial set of the most common TSS "./configure" options are defined
to enable/disable different features.

--disable-tpm-2.0 - include only TPM 1.2 support
--disable-tpm-1.2 - include only TPM 2.0 support
--disable-hwtpm   - don't use the hardware TPM, use a software one instead
--disable-rmtpm   - when using a hardware TPM, don't use the resource manager
--enable-noprint  - build a TSS library without tracing or prints
--enable-nofile   - build a TSS library that does not use files to preserve state
--enable-nocrypto - build a TSS library that does not require a crypto library
		    (dependency on "--enable-nofile")
--enable-noecc    - build a TSS library that does not require OpenSSL elliptic curve support
--enable-debug    - build a TSS library used for debugging.

Example 2: To configure the TSS library to use the hardware TPM, build and
install the package in the default /usr/local directories requires root
privileges.  Executing the following shell commands will make and install the
package in the default directories.

$ autoreconf -i
$ ./configure
$ make clean
$ make
$ sudo make install

Other TSS features can be modified by specifying them directly as CFLAGS
"./configure" options.

CFLAGS='<options>'
options:
-O0					- change compiler optimization (default: 02)
-DTPM_DEVICE_DEFAULT="\"/dev/tpmrm0\""	- change hardware TPM (default: /dev/tpm0)
-DTPM_DATA_DIR_DEFAULT="\"<pathname>\""	- specify directory for TSS state files
-DTPM_TRACE_LEVEL_DEFAULT="\"<level>""	- change level of tracing (default: 0)
	0 - no tracing
	1 - trace errors
	2 - trace errors and execution flow

Example 3: To install the package in ${HOME}/local/bin and ${HOME}/local/lib
directories, compile for the gdb debugger, and connect by default to a socket
simulator TPM at command port 3333, execute the following shell commands:

$ autoreconf -i
$ ./configure --prefix=${HOME}/local --enable-debug --disable-hwtpm \
CFLAGS='-DTPM_INTERFACE_TYPE_DEFAULT="\"socsim\"" -DTPM_COMMAND_PORT_DEFAULT="\"3333\""'
$ make clean
$ make
$ make install

The TPM utility binaries are stored in utils/.lib and utils12/.lib directories
of the source directory.[1]  To debug using these binaries in the source tree,
use either the binary stored in .lib or the libtool command.

$ libtool --mode=execute gdb <.lib/utility>

[1] For an explanation, refer to the GNU documentation
https://www.gnu.org/software/libtool/manual/libtool.html#Debugging-executables.


Advanced options
----------------

For all options and details, see the documentation in ibmtss.doc or
ibmtss.html.

Some of the more common options are below.

1-3 can also be specified in an environment variable or at run time.

4-8, which are used to reduce the size of the library, must be
specified at compile time.

1) To default to a hardware TPM (rather than the SW TPM)

Add to CCLFLAGS:

	-DTPM_INTERFACE_TYPE_DEFAULT="\"dev\""

2) To default to /dev/tpmrm0 (rather than /dev/tpm0)

Add to CCLFLAGS:

	-DTPM_DEVICE_DEFAULT="\"/dev/tpm0\""

3) To default to a different directory for TSS state files (rather
than cwd)

Add to CCLFLAGS:

	-DTPM_DATA_DIR_DEFAULT="\"directory\""

4) To remove TPM 1.2 support

Delete from CCLFLAGS and CCAFLAGS

	-DTPM_TPM12

5) To remove the requirement for a filesystem (see documentation for
limitations)

Add to CCFLAGS

	-DTPM_TSS_NOFILE

6) To remove the requirement for crypto (see documentation for
limitations)

Add to CCFLAGS

	-DTPM_TSS_NOCRYPTO

7) To remove print tracing support

Add to CCFLAGS

	-DTPM_TSS_NO_PRINT

8) To remove elliptic curve dependencies

Add to CCFLAGS

	-DTPM_TSS_NOECC
Switch to version 1470 2020-07-08 13:39:29 +02:00			`Linux Specific build notes`
			`--------------------------`
			`Written by Ken Goldman`
			`IBM Thomas J. Watson Research Center`
Initial commit 2020-07-14 09:41:29 +08:00

Switch to version 1470 2020-07-08 13:39:29 +02:00			`Prior to the autotools support, most users began by untarring the`
			`tarball or cloning the git repo, and then executing 'make' or 'make -f`
			`<makefile>' in the utils and utils12 directories. For autotools and the`
			`existing makefiles to co-exist, the existing "makefile" was renamed to`
			`"makefiletpmc".`
Initial commit 2020-07-14 09:41:29 +08:00
Switch to version 1470 2020-07-08 13:39:29 +02:00			`$ cd utils`
			`$ make -f makefiletpmc`
			`$ cd utils12`
			`$ make -f makefiletpmc`
Initial commit 2020-07-14 09:41:29 +08:00
Switch to version 1470 2020-07-08 13:39:29 +02:00			`This builds a TSS`
			`- with TPM 2.0 and TPM 1.2 support,`
			`- connecting to a TPM 2.0 SW TPM,`
			`- with TSS state files in cwd,`
			`- with tracing support,`
			`- and with elliptic curve support.`
Initial commit 2020-07-14 09:41:29 +08:00
Switch to version 1470 2020-07-08 13:39:29 +02:00			`Refer to the "Advanced options", below, for additional compiler options.`
Initial commit 2020-07-14 09:41:29 +08:00

Switch to version 1470 2020-07-08 13:39:29 +02:00			`Autotools`
			`---------`
Initial commit 2020-07-14 09:41:29 +08:00
Switch to version 1470 2020-07-08 13:39:29 +02:00			`On Linux (and probably other Unix systems), open source projects expect`
			`the normal shell command 'autoreconf -i && ./configure && make && make install'`
			`should configure and build the package.`
Initial commit 2020-07-14 09:41:29 +08:00
Switch to version 1470 2020-07-08 13:39:29 +02:00			`Example 1: To configure the TSS library to use the software TPM, build and`
			`install the package in ${HOME}/local/bin and ${HOME}/local/lib directories`
			`execute the following shell commands:`
Initial commit 2020-07-14 09:41:29 +08:00
Switch to version 1470 2020-07-08 13:39:29 +02:00			`$ autoreconf -i`
			`$ ./configure --prefix=${HOME}/local --disable-hwtpm`
			`$ make clean`
			`$ make`
			`$ make install`
Initial commit 2020-07-14 09:41:29 +08:00
Switch to version 1470 2020-07-08 13:39:29 +02:00			`An initial set of the most common TSS "./configure" options are defined`
			`to enable/disable different features.`
Initial commit 2020-07-14 09:41:29 +08:00
Switch to version 1470 2020-07-08 13:39:29 +02:00			`--disable-tpm-2.0 - include only TPM 1.2 support`
			`--disable-tpm-1.2 - include only TPM 2.0 support`
			`--disable-hwtpm - don't use the hardware TPM, use a software one instead`
			`--disable-rmtpm - when using a hardware TPM, don't use the resource manager`
			`--enable-noprint - build a TSS library without tracing or prints`
			`--enable-nofile - build a TSS library that does not use files to preserve state`
			`--enable-nocrypto - build a TSS library that does not require a crypto library`
			`(dependency on "--enable-nofile")`
			`--enable-noecc - build a TSS library that does not require OpenSSL elliptic curve support`
			`--enable-debug - build a TSS library used for debugging.`

			`Example 2: To configure the TSS library to use the hardware TPM, build and`
			`install the package in the default /usr/local directories requires root`
			`privileges. Executing the following shell commands will make and install the`
			`package in the default directories.`

			`$ autoreconf -i`
			`$ ./configure`
			`$ make clean`
			`$ make`
			`$ sudo make install`

			`Other TSS features can be modified by specifying them directly as CFLAGS`
			`"./configure" options.`

			`CFLAGS='<options>'`
			`options:`
			`-O0 - change compiler optimization (default: 02)`
			`-DTPM_DEVICE_DEFAULT="\"/dev/tpmrm0\"" - change hardware TPM (default: /dev/tpm0)`
			`-DTPM_DATA_DIR_DEFAULT="\"<pathname>\"" - specify directory for TSS state files`
			`-DTPM_TRACE_LEVEL_DEFAULT="\"<level>"" - change level of tracing (default: 0)`
			`0 - no tracing`
			`1 - trace errors`
			`2 - trace errors and execution flow`

			`Example 3: To install the package in ${HOME}/local/bin and ${HOME}/local/lib`
			`directories, compile for the gdb debugger, and connect by default to a socket`
			`simulator TPM at command port 3333, execute the following shell commands:`

			`$ autoreconf -i`
			`$ ./configure --prefix=${HOME}/local --enable-debug --disable-hwtpm \`
			`CFLAGS='-DTPM_INTERFACE_TYPE_DEFAULT="\"socsim\"" -DTPM_COMMAND_PORT_DEFAULT="\"3333\""'`
			`$ make clean`
			`$ make`
			`$ make install`

			`The TPM utility binaries are stored in utils/.lib and utils12/.lib directories`
			`of the source directory.[1] To debug using these binaries in the source tree,`
			`use either the binary stored in .lib or the libtool command.`

			`$ libtool --mode=execute gdb <.lib/utility>`

			`[1] For an explanation, refer to the GNU documentation`
			`https://www.gnu.org/software/libtool/manual/libtool.html#Debugging-executables.`


			`Advanced options`
			`----------------`

			`For all options and details, see the documentation in ibmtss.doc or`
			`ibmtss.html.`

			`Some of the more common options are below.`

			`1-3 can also be specified in an environment variable or at run time.`

			`4-8, which are used to reduce the size of the library, must be`
			`specified at compile time.`

			`1) To default to a hardware TPM (rather than the SW TPM)`

			`Add to CCLFLAGS:`

			`-DTPM_INTERFACE_TYPE_DEFAULT="\"dev\""`

			`2) To default to /dev/tpmrm0 (rather than /dev/tpm0)`

			`Add to CCLFLAGS:`

			`-DTPM_DEVICE_DEFAULT="\"/dev/tpm0\""`

			`3) To default to a different directory for TSS state files (rather`
			`than cwd)`

			`Add to CCLFLAGS:`

			`-DTPM_DATA_DIR_DEFAULT="\"directory\""`

			`4) To remove TPM 1.2 support`

			`Delete from CCLFLAGS and CCAFLAGS`

			`-DTPM_TPM12`

			`5) To remove the requirement for a filesystem (see documentation for`
			`limitations)`

			`Add to CCFLAGS`

			`-DTPM_TSS_NOFILE`

			`6) To remove the requirement for crypto (see documentation for`
			`limitations)`

			`Add to CCFLAGS`

			`-DTPM_TSS_NOCRYPTO`

			`7) To remove print tracing support`

			`Add to CCFLAGS`

			`-DTPM_TSS_NO_PRINT`

			`8) To remove elliptic curve dependencies`

			`Add to CCFLAGS`

			`-DTPM_TSS_NOECC`