Looks like the TPM is not locked and that could be the reason for failure in your case.


From: "Jonathan M. McCune" <jonmccune@cmu.edu>
Subject: Re: [tboot-devel] Buying a machine that will actually work
       with TXT
To: tboot-devel@lists.sourceforge.net
Message-ID: <496BB031.20108@cmu.edu>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Hal Finney wrote:
> When Trusted Execution was announced, 3 models of computers were
> identified as supporting it: The HP Compaq dc7800, Dell OptiPlex 755
> PC, and the Lenovo ThinkCentre M57p. I don't know of any others that
> have been added to that list since then.
>
I tried the latest tboot on a Lenovo M57p and it fails to boot.  The
relevant errors seem to be that the BIOS data version is 1 and tboot
requires 2 or greater (error log below).  I have updated the machine to
the latest BIOS revision "2rj957a" with no luck.  Any ideas?

Thanks,
-Jon


TBOOT: ******************* TBOOT *******************
TBOOT:    2009-01-05 16:33 -0500 111:e009b057d5b0
TBOOT: ******************************
***************
TBOOT: command line: logging=vga,serial,memory
TBOOT: TPM is ready
TBOOT: TPM nv_locked: FALSE
TBOOT: TPM: get capability, return value = 00000002
TBOOT: failed to get actual policy size in TPM NV
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
TBOOT:   version: 2
TBOOT:   policy_type: TB_POLTYPE_CONT_NON_FATAL
TBOOT:   hash_alg: TB_HALG_SHA1
TBOOT:   policy_control: 00000001 (EXTEND_PCR17)
TBOOT:   num_entries: 2
TBOOT:   policy entry[0]:
TBOOT:           mod_num: 0
TBOOT:           pcr: none
TBOOT:           hash_type: TB_HTYPE_ANY
TBOOT:           num_hashes: 0
TBOOT:   policy entry[1]:
TBOOT:           mod_num: any
TBOOT:           pcr: 19
TBOOT:           hash_type: TB_HTYPE_ANY
TBOOT:           num_hashes: 0
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return =
00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: no policy in TPM NV.
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return =
00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: LT.ERRORCODE=0
TBOOT: LT.ESTS=0
TBOOT: unsupported BIOS data version (1)
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return =
00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: TPM: access reg release locality timeout
TBOOT: shutdown_system() called for shutdown_type: TB_SHUTDOWN_HALT