Menu
▾
▴
Re: [TrouSerS-tech] Trousers in Xen / get_max_auths failure
|
From: Kent Y. <shp...@gm...> - 2006-06-16 19:06:13
|
Hi Anna, On 6/6/06, Fischer, Anna <ann...@hp...> wrote: > Hi, > > I'd like to run trousers in a Xen user domain. As far as I understand > this is like running trousers on the TPM emulator. But trousers doesn't > initialize correctly on the system. When I start the trousers daemon > with "tcsd -f" I get the following output: The output here is from the get_tpm_metrics function in tcs_utils.c... > TCS cxt.c:214 Success: 30000000 is an Internal Context > TCS tcspbg.c:1879 Entering Get Cap > TDDL tddl.c:106 Calling write to driver The first one of these initial requests to the TPM was to get the TPM's version info, apparently that succeeded... > TCS cxt.c:214 Success: 30000000 is an Internal Context > TCS tcspbg.c:1879 Entering Get Cap > TDDL tddl.c:106 Calling write to driver The 2nd was to see if the TPM supported the save key context ordinal... > TCS cxt.c:214 Success: 30000000 is an Internal Context > TCS tcspbg.c:1879 Entering Get Cap > TDDL tddl.c:106 Calling write to driver The 3rd was to see if the TPM supported the save auth context ordinal... > TCS cxt.c:214 Success: 30000000 is an Internal Context > TCS tcspbg.c:1879 Entering Get Cap > TDDL tddl.c:106 Calling write to driver Get number of PCRs... > TCS cxt.c:214 Success: 30000000 is an Internal Context > TCS tcspbg.c:1879 Entering Get Cap > TDDL tddl.c:106 Calling write to driver Get number of DIRs > TCS cxt.c:214 Success: 30000000 is an Internal Context > TCS tcspbg.c:1879 Entering Get Cap > TDDL tddl.c:106 Calling write to driver This should be the request for the number of supported key slots, but if that failed, the next error you see should look like: TCS GetCapability failed with result = 0x%x So I'm confused... > TCS tcs_utils.c:193 ERROR: get_max_auths reported only 0 auth available! > TCS tcs_utils.c:194 ERROR: Your TPM must be reset before the TCSD can be > started. > > My TPM emulator log tells me > "Info: TPM command failed: (0x2c) A mode parameter is bad, such as > capArea or subCapArea for TPM_GetCapability" > > Has anyone seen this error before and can help me with that? Can you step through the tcsd code in a debugger to see which getCap is failing? Perhaps trousers is mangling the version info it got from the TPM emu and is therefore sending down the wrong getCap for auth sessions... Kent > Thanks a lot, > Anna > > > _______________________________________________ > TrouSerS-tech mailing list > Tro...@li... > https://lists.sourceforge.net/lists/listinfo/trousers-tech > -- Kent Yoder IBM LTC Security Dev. |