[tboot-devel] no SINIT AC module found

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello,

I'm trying to use tboot-20080613.tar.gz on a Dell Optiplex 755 with a
Q35 chipset.  I built tboot without issue.  I pulled xen-unstable.hg and
built Xen; it boots successfully.  I grabbed the Q35_X38-SINIT.tar.gz
from sourceforge and configured grub to include Q35_SINIT_16.BIN as a
module:

title tboot-20080613 + xen-unstable.hg-20080929
root (hd0,2)
kernel /boot/txt/tboot.gz
module /boot/xen.gz com1=115200,8n1 console=vga,com1
module /boot/vmlinuz-2.6.18.8-xen0 root=/dev/sda3 ro console=tty0
console=ttyS0,115200
#module /boot/initrd.img-2.6.18.8-xen0
module /boot/Q35_SINIT_16.BIN
boot

Here is the serial output from tboot:

TBOOT: ***************************************
TBOOT: begin launch()
TBOOT: TPM is ready
TBOOT: TPM: Access reg content: 0x81
TBOOT: TPM: wait for cmd ready .
TBOOT: TPM: wait for data available timeout.
TBOOT: TPM: read nv index 20000001 from offset 00000000, return value =
00000009
TBOOT: Error: read TPM error: 0x9.
TBOOT: failed to read policy from TPM NV, using default
TBOOT: tb_policy_index:
TBOOT:   version = 1
TBOOT:   policy_type = 0
TBOOT:   num_policies = 2
TBOOT:   policy[0]:
TBOOT:           uuid = {0x756a5bfe, 0x5b0b, 0x4d33, 0xb867,
                {0xd7, 0x83, 0xfb, 0x46, 0x36, 0xbf}}
TBOOT:           hash_alg = 0
TBOOT:           hash_type = 0
TBOOT:           num_hashes = 0
TBOOT:   policy[1]:
TBOOT:           uuid = {0x894c909f, 0xd614, 0x4625, 0x8a2d,
                {0x45, 0x3b, 0x80, 0x10, 0xca, 0x8c}}
TBOOT:           hash_alg = 0
TBOOT:           hash_type = 0
TBOOT:           num_hashes = 0
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff03
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: bios_os_data (@7d420008, 24):
TBOOT:   version=2
TBOOT:   bios_sinit_size=0
TBOOT:   lcp_pd_base=0
TBOOT:   lcp_pd_size=0
TBOOT:   num_logical_procs=2
TBOOT: LT.ERRORCODE=0
TBOOT: LT.ESTS=0
TBOOT: CR0.NE not set
TBOOT: CR0 and EFLAGS OK
TBOOT: no machine check errors
TBOOT: CPU is ready for SENTER
TBOOT: checking previous errors on the last boot.
        TPM: Access reg content: 0x81
TBOOT: TPM: wait for cmd ready .
TBOOT: TPM: wait for data available timeout.
TBOOT: TPM: read nv index 20000002 from offset 00000000, return value =
00000009
TBOOT: Error: read TPM error: 0x9.
TBOOT: last boot has no error.
TBOOT: ACM info_table version mismatch (3a)
TBOOT: ACM is not an SINIT ACM (aa)
TBOOT: ACM size is too small: acmod_size=546c9c, acm_hdr->size*4=400000
TBOOT: no SINIT AC module found
TBOOT: transfering control to xen @0x00100000...

Xen does boot, but SENTER did not execute.  That acmod_size looks too
_big_ to me, so I thought maybe it depended on a particular number of
entries in the grub config file, so I added the initrd (not strictly
necessary for the default Xen dom0).  The tboot output:

TBOOT: ***************************************
TBOOT: begin launch()
TBOOT: TPM is ready
TBOOT: TPM: Access reg content: 0x81
TBOOT: TPM: wait for cmd ready .
TBOOT: TPM: wait for data available timeout.
TBOOT: TPM: read nv index 20000001 from offset 00000000, return value =
00000009
TBOOT: Error: read TPM error: 0x9.
TBOOT: failed to read policy from TPM NV, using default
TBOOT: tb_policy_index:
TBOOT:   version = 1
TBOOT:   policy_type = 0
TBOOT:   num_policies = 2
TBOOT:   policy[0]:
TBOOT:           uuid = {0x756a5bfe, 0x5b0b, 0x4d33, 0xb867,
                {0xd7, 0x83, 0xfb, 0x46, 0x36, 0xbf}}
TBOOT:           hash_alg = 0
TBOOT:           hash_type = 0
TBOOT:           num_hashes = 0
TBOOT:   policy[1]:
TBOOT:           uuid = {0x894c909f, 0xd614, 0x4625, 0x8a2d,
                {0x45, 0x3b, 0x80, 0x10, 0xca, 0x8c}}
TBOOT:           hash_alg = 0
TBOOT:           hash_type = 0
TBOOT:           num_hashes = 0
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff03
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: bios_os_data (@7d420008, 24):
TBOOT:   version=2
TBOOT:   bios_sinit_size=0
TBOOT:   lcp_pd_base=0
TBOOT:   lcp_pd_size=0
TBOOT:   num_logical_procs=2
TBOOT: LT.ERRORCODE=0
TBOOT: LT.ESTS=0
TBOOT: CR0.NE not set
TBOOT: CR0 and EFLAGS OK
TBOOT: no machine check errors
TBOOT: CPU is ready for SENTER
TBOOT: checking previous errors on the last boot.
        TPM: Access reg content: 0x81
TBOOT: TPM: wait for cmd ready .
TBOOT: TPM: wait for data available timeout.
TBOOT: TPM: read nv index 20000002 from offset 00000000, return value =
00000009
TBOOT: Error: read TPM error: 0x9.
TBOOT: last boot has no error.
TBOOT: ACM info_table version mismatch (3a)
TBOOT: ACM is not an SINIT ACM (aa)
TBOOT: ACM size is too small: acmod_size=19f000, acm_hdr->size*4=48819194
TBOOT: ACM size is too small: acmod_size=546c9c, acm_hdr->size*4=400000
TBOOT: no SINIT AC module found
TBOOT: transfering control to xen @0x00100000...

This is a little bit interesting, in that it is now listing two
different sizes.  Also, 0x19f000 = 1699840, which IS the size of my
initrd.img. The 0x546c9c does not correspond to any of the files in my
grub entry.

If I name a non-existent file as the final module, grub won't proceed,
so I can't think of any problems with my grub config file.

I haven't torn into the MBI structures to see what's going on yet; has
anybody else encountered this issue?

Thanks!
-Jon