David,
 
Bit 0 in the TPM access reg just indicates whether a dynamic launch had ever been done on that TPM.  Hal's indicates that his did, and yours that it has not.  This is not important to SENTER working (and once it does work, yours will show 0x81 as well ;-).
 
Are you sure that you're using the release version of SINIT (i.e. the one on the tboot SourceForge site)?
 
Joe


From: David Dorsey [mailto:trogdorsey@gmail.com]
Sent: Tuesday, January 15, 2008 10:17 AM
To: Hal Finney
Cc: Cihula, Joseph; Wei, Gang; tboot-devel@lists.sourceforge.net
Subject: Re: [tboot-devel] Infineon TPM problems and fixes

Hal,

I've attached a log where there is no policy.  It reboots after GETSEC[SENTER].  I've compared my log to yours and I noticed that the TPM Access reg content was different.  Yours returns 0x80 and mine returns 0x81.  I don't know if that would make any big differences though.

Also, what TPM version do you have.  Here's the output of the tpm_version command for me:

TPM 1.2 Version Info:
Chip Version:        1.2.1.2
Spec Level:          2
Errata Revision:     0
TPM Vendor ID:       IFX
TPM Version:         01010000
Manufacturer Info:   4946580


David


On Jan 14, 2008 9:10 PM, David Dorsey <trogdorsey@gmail.com> wrote:
Hal,

Yes, in the log I included I have a policy set.  But I've also tried it with no policy set and it still fails.  I didn't post that since I didn't think it would add any value.


David



On Jan 14, 2008 7:02 PM, Hal Finney <hal.finney@gmail.com> wrote:
It looks to me like you do have a policy set, David:

TBOOT: TPM: read nv index 20000001 from offset 00000100, return value = 00000000
TBOOT: tb_policy_index:
TBOOT:   version = 1
TBOOT:   policy_type = 0
TBOOT:   num_policies = 2
TBOOT:   policy[0]:
TBOOT:           uuid = {0x756a5bfe, 0x5b0b, 0x4d33, 0xb867,
               {0xd7, 0x83, 0xfb, 0x46, 0x36, 0xbf}}
TBOOT:           hash_alg = 0
TBOOT:           hash_type = 1
TBOOT:           num_hashes = 1
TBOOT:           hashes[0] = 67 8a 89 be 3f 5d db ae 93 b4 fe b9 bb ba
3d 27 de 92 a
TBOOT:   policy[1]:
TBOOT:           uuid = {0x894c909f, 0xd614, 0x4625, 0x8a2d,
               {0x45, 0x3b, 0x80, 0x10, 0xca, 0x8c}}
TBOOT:           hash_alg = 0
TBOOT:           hash_type = 1
TBOOT:           num_hashes = 1
TBOOT:           hashes[0] = e7 a2 26 58 55 69 67 18 34 dc c4 58 2f 16
33 36 1f f9 0

You might want to use tpmnv_relindex -i 20000001 to delete this entry
from the TPM.

I have attached a log of what a successful tboot launch looks like on
my system -

Hal