Menu
▾
▴
Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
|
From: Cihula, J. <jos...@in...> - 2011-01-14 19:59:49
|
You should make sure that your TPM FW is the latest version, which you can get from: http://support.dell.com/support/downloads/download.aspx?c=us&cs=08W&l=en&s=bsdv&releaseid=R267128&SystemID=LAT_E4310&servicetag=&os=W732&osl=en&deviceid=21505&devlib=0&typecnt=0&vercnt=1&catid=-1&impid=-1&formatcnt=0&libid=60&typeid=-1&dateid=-1&formatid=-1&source=-1&fileid=392801 Joe > -----Original Message----- > From: Jeff Cleveland [mailto:jcl...@bb...] > Sent: Friday, January 14, 2011 9:53 AM > To: Cihula, Joseph > Cc: Jonathan McCune; tbo...@li... > Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker) > > The system is a Dell Latitude E4310 and the TPM is manufactured by Broadcom. > > Jeff > > On 01/14/2011 12:24 PM, Cihula, Joseph wrote: > > What model system is this and who is the TPM manufactured by? > > > > Joe > > > >> -----Original Message----- > >> From: Jonathan McCune [mailto:jon...@cm...] > >> Sent: Friday, January 14, 2011 8:50 AM > >> To: Jeff Cleveland > >> Cc: tbo...@li... > >> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker) > >> > >> Although there are some distinct error codes for locality access > >> problems, you might check whether the Linux TPM driver is active. If > >> the TPM has an active locality (which would be locality 1 with Linux's > >> tpm_tis), then SENTER will not succeed. The easiest way to test if > >> this makes a difference is to boot Linux without loading tpm_tis, then > >> try a Flicker session, and see if it makes any difference. > >> > >> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in > >> flicker.h is too small in flicker-0.2. I generally use 64K instead of > >> 32K these days. Unfortunately the error handling in flicker-0.2 just > >> prints a small warning message and blindly keeps going with an > >> incomplete SINIT module if the buffer is too small. However, I would > >> expect that you would observe a different failure mode under those > >> conditions. > >> > >> Hope this helps, > >> -Jon > >> > >> > >> > >> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...> wrote: > >>> Hi list, > >>> > >>> My question stems from a TXT error I'm getting while trying to run > >>> Flicker. I have a dual core i5 laptop I'm testing on and using the sinit > >>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer > >>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses > >>> as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt > >>> that is "TPM PCR 17 was not properly initialized" > >>> > >>> The MLE Software Development Guide is pretty clear on how PCR 17 should > >>> be initialized, and yet I can't find in the Flicker or tboot source code > >>> where this initialization is happening. I was hoping to use the tboot > >>> source as a reference because on this machine GETSEC[SENTER] does > >>> successfully execute when I try launching tboot (loading the operating > >>> system fails afterwards but I believe thats a kernel configuration issue > >>> I haven't fixed yet). > >>> > >>> Any advice or pointers to where tboot initializes PCR 17 would be > >>> greatly appreciated. > >>> > >>> Thanks, > >>> Jeff > >>> > >>> ------------------------------------------------------------------------------ > >>> Protect Your Site and Customers from Malware Attacks > >>> Learn about various malware tactics and how to avoid them. Understand > >>> malware threats, the impact they can have on your business, and how you > >>> can protect your company and customers by using code signing. > >>> http://p.sf.net/sfu/oracle-sfdevnl > >>> _______________________________________________ > >>> tboot-devel mailing list > >>> tbo...@li... > >>> https://lists.sourceforge.net/lists/listinfo/tboot-devel > >>> > >> ------------------------------------------------------------------------------ > >> Protect Your Site and Customers from Malware Attacks > >> Learn about various malware tactics and how to avoid them. Understand > >> malware threats, the impact they can have on your business, and how you > >> can protect your company and customers by using code signing. > >> http://p.sf.net/sfu/oracle-sfdevnl > >> _______________________________________________ > >> tboot-devel mailing list > >> tbo...@li... > >> https://lists.sourceforge.net/lists/listinfo/tboot-devel > > > -- > Jeff Cleveland > Raytheon - BBN Technologies > 617-873-2515 > jcl...@bb... |
