tboot-devel — Developer support

Re: [tboot-devel] [PATCH, TRIVIAL] Add more explicit dependencies for CONFIG_INTEL_TXT

[Wang, S. <sha...@in...>]

HAVE_INTEL_TXT definition is in arch/x86/Kconfig. It is the same as your patch.
When we put it into x86 folder, we intend to disable all TXT code on non-x86 platforms currently.

config HAVE_INTEL_TXT
         def_bool y
         depends on EXPERIMENTAL && DMAR && ACPI

The story is at the threads beginning with http://lkml.org/lkml/2009/6/30/664.

Thanks.
Shane

> -----Original Message-----
> From: Jonathan McCune [mailto:jon...@cm...]
> Sent: Saturday, January 22, 2011 3:10 AM
> To: tbo...@li...
> Subject: Re: [tboot-devel] [PATCH, TRIVIAL] Add more explicit dependencies
> for CONFIG_INTEL_TXT
> 
> Hi Joe et al.,
> 
> What is the thinking behind the HAVE_INTEL_TXT option?  Is the
> intention to disable all TXT-related code on non-x86 platforms?
> Wouldn't it be cleaner to add a dependency such as CONFIG_X86 to the
> CONFIG_INTEL_TXT line, instead of the pseudo-automatic
> HAVE_INTEL_TXT?
> 
> Thanks,
> -Jon
> 
> 
> 
> On Fri, Jan 21, 2011 at 1:58 PM, Randy Dunlap <rd...@xe...>
> wrote:
> > On Fri, 21 Jan 2011 13:39:19 -0500 Jonathan McCune wrote:
> >
> >> This patch makes the documentation slightly more explicit about how to
> >> enable Intel TXT support in the kernel, and adds two dependencies to
> >> the relevant option in Kconfig.  Without this patch it is difficult to
> >> determine how to enable Intel TXT support without some knowledge of
> >> Kconfig.
> >>
> >> Signed-off-by: Jonathan McCune <jon...@cm...>
> >>
> >> ---
> >>  Documentation/intel_txt.txt |    4 +++-
> >>  security/Kconfig            |    2 +-
> >>  2 files changed, 4 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/Documentation/intel_txt.txt b/Documentation/intel_txt.txt
> >> index 849de1a..8487f76 100644
> >> --- a/Documentation/intel_txt.txt
> >> +++ b/Documentation/intel_txt.txt
> >> @@ -196,7 +196,9 @@ Execution Technology (TXT)".  It is marked as
> >> EXPERIMENTAL and
> >>  depends on the generic x86 support (to allow maximum flexibility in
> >>  kernel build options), since the tboot code will detect whether the
> >>  platform actually supports Intel TXT and thus whether any of the
> >> -kernel code is executed.
> >> +kernel code is executed. The kernel option for enabling Intel TXT
> >> +support will only appear if its dependencies are also enabled.
> >> +These are CONFIG_DMAR and CONFIG_PCI_MSI.
> >
> > Shouldn't that comment match the "depends on" line below??
> >
> >
> >>  The Q35_SINIT_17.BIN file is what Intel TXT refers to as an
> >>  Authenticated Code Module.  It is specific to the chipset in the
> >> diff --git a/security/Kconfig b/security/Kconfig
> >> index 95accd4..5fd4e35 100644
> >> --- a/security/Kconfig
> >> +++ b/security/Kconfig
> >> @@ -136,7 +136,7 @@ config SECURITY_PATH
> >>
> >>  config INTEL_TXT
> >>       bool "Enable Intel(R) Trusted Execution Technology (Intel(R)
> TXT)"
> >> -     depends on HAVE_INTEL_TXT
> >> +     depends on HAVE_INTEL_TXT && EXPERIMENTAL && DMAR &&
> ACPI
> >>       help
> >>         This option enables support for booting the kernel with the
> >>         Trusted Boot (tboot) module. This will utilize
> >> --
> >
> >
> > ---
> > ~Randy
> > *** Remember to use Documentation/SubmitChecklist when testing your
> code ***
> >
> 
> ------------------------------------------------------------------------------
> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
> Finally, a world-class log management solution at an even better price-free!
> Download using promo code Free_Logger_4_Dev2Dev. Offer expires
> February 28th, so secure your free ArcSight Logger TODAY!
> http://p.sf.net/sfu/arcsight-sfd2d
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Cihula, J. <jos...@in...>]

The usual cause of BIOS reboot loops or boot failures is a BIOS that doesn't correctly call the BIOS ACM to unlock memory.  However, memory should only be locked on boot if the system did an SENTER and set the secrets flag but then didn't clear it on shutdown (or if the coin battery is removed).

On the E6500 series, there is also the TXT_RESET flag that gets set if code generates a TXT reset (e.g. failed SINIT) and which, when set, prevents BIOS from calling the BIOS ACM until it performs a power cycle (which it should detect and do; but another source of potential bugs).

Joe

> -----Original Message-----
> From: Jonathan McCune [mailto:jon...@cm...]
> Sent: Friday, January 21, 2011 12:53 PM
> To: Jeff Cleveland
> Cc: tbo...@li...
> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
> 
> I know that for the HP 8530p BIOS revision F.0B exhibits the problem,
> and F.0E does not.  I have not tried to disassemble / difference them.
> 
> -Jon
> 
> 
> On Fri, Jan 21, 2011 at 3:16 PM, Jeff Cleveland <jcl...@bb...> wrote:
> > Yes I can confirm that I was using the latest BIOS version (Latitude E6500
> > System BIOS A24) and TPM firmware (Dell Control Vault 14.x.132.0, A17). I
> > pulled all the RAM and that didn't make a difference, according to Dell
> > there was no physical means of clearing the CMOS. A new motherboard is on
> > the way.
> >
> > Are there any resources regarding what it is that causes the "reboot loop"
> > such as a flag that isn't being reset properly upon reboot? In cases where
> > version /x/ of a BIOS causes a reboot loop and version  /x+1/ is stable, do
> > we know what changes were made between those two version? If a specific
> > state can be identified as causing these problems perhaps it would be
> > possible to check for them ahead of time. It seems like an interesting
> > problem, unfortunately the cost of obtaining each data point (i.e. a new
> > motherboard) is unfortunately rather high.
> >
> > The events that lead to my situation are along the lines of:
> > 1. Launch tboot, SENTER seems to execute successfully including error code
> > /0xc0000001 /being reported.
> > 2. Reboot, launch linux installation running kernel 2.6.30, run go.sh
> > (hellopal) output seems to be correct.  Turn off machine.
> > 3. Boot into same linux install (2.6.30), run go.sh output seems correct.
> > Change from an xterm to tty1 for extra output, run go.sh, system hangs at
> >  SENTER.
> > 4. System now in reboot loop.
> >
> > -Jeff
> >
> > Jonathan McCune wrote:
> >>
> >> Ugh. That's really unfortunate that you found a "reboot loop".  Every
> >> system I did that to ended up getting replaced under warranty, but
> >> it's still a headache.
> >>
> >> I've tried clearing CMOS (if your system has such a jumper or
> >> battery), and changing the amount of RAM in the system.  I.e., pull
> >> out some DIMMs or whatever your system takes.  I've seen those hints
> >> in HP service documents, though they haven't worked for me.  Can you
> >> confirm whether you had the latest BIOS firmware in that system?
> >>
> >> I have never seen a system successfully execute SENTER and _then_ get
> >> stuck in one of those loops.
> >>
> >> -Jon
> >>
> >>
> >> On Thu, Jan 20, 2011 at 11:22 AM, Jeff Cleveland <jcl...@bb...>
> >> wrote:
> >>
> >>>
> >>> Hi List,
> >>>
> >>> So the TPM FW upgrade worked on a second machine I had, a Dell E6500
> >>> with a similar (possibly the same) Broadcom TPM. I was able to execute
> >>> the SENTER during the TBOOT start up, and was able to execute the
> >>> Flicker example code. Unfortunately, after a few more tests with Flicker
> >>> the machine hung after the SENTER and is now stuck in a reboot loop
> >>> similar to what others have described.
> >>>
> >>> Has anyone been able to recover from one of these loops? I've looked
> >>> through the mailing lists archives and haven't found anything but
> >>> figured I should ask as I try to contact Dell support.
> >>>
> >>> Thanks,
> >>> Jeff
> >>>
> >>> Jeff Cleveland wrote:
> >>>
> >>>>
> >>>> Thanks for the suggestion, unfortunately installing the newest TPM FW
> >>>> has not made a difference.
> >>>>
> >>>> Jeff
> >>>>
> >>>> On 01/14/2011 02:59 PM, Cihula, Joseph wrote:
> >>>>
> >>>>
> >>>>>
> >>>>> You should make sure that your TPM FW is the latest version, which you
> >>>>> can get from:
> >>>>>
> http://support.dell.com/support/downloads/download.aspx?c=us&cs=08W&l=en&s=bsdv&releaseid=R267
> 128&SystemID=LAT_E4310&servicetag=&os=W732&osl=en&deviceid=21505&devlib=0&typecnt=0&vercnt=1&c
> atid=-1&impid=-1&formatcnt=0&libid=60&typeid=-1&dateid=-1&formatid=-1&source=-1&fileid=392801
> >>>>>
> >>>>> Joe
> >>>>>
> >>>>>
> >>>>>
> >>>>>>
> >>>>>> -----Original Message-----
> >>>>>> From: Jeff Cleveland [mailto:jcl...@bb...]
> >>>>>> Sent: Friday, January 14, 2011 9:53 AM
> >>>>>> To: Cihula, Joseph
> >>>>>> Cc: Jonathan McCune; tbo...@li...
> >>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized
> >>>>>> (flicker)
> >>>>>>
> >>>>>> The system is a Dell Latitude E4310 and the TPM is manufactured by
> >>>>>> Broadcom.
> >>>>>>
> >>>>>> Jeff
> >>>>>>
> >>>>>> On 01/14/2011 12:24 PM, Cihula, Joseph wrote:
> >>>>>>
> >>>>>>
> >>>>>>>
> >>>>>>> What model system is this and who is the TPM manufactured by?
> >>>>>>>
> >>>>>>> Joe
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>>
> >>>>>>>> -----Original Message-----
> >>>>>>>> From: Jonathan McCune [mailto:jon...@cm...]
> >>>>>>>> Sent: Friday, January 14, 2011 8:50 AM
> >>>>>>>> To: Jeff Cleveland
> >>>>>>>> Cc: tbo...@li...
> >>>>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized
> >>>>>>>> (flicker)
> >>>>>>>>
> >>>>>>>> Although there are some distinct error codes for locality access
> >>>>>>>> problems, you might check whether the Linux TPM driver is active.
> >>>>>>>>  If
> >>>>>>>> the TPM has an active locality (which would be locality 1 with
> >>>>>>>> Linux's
> >>>>>>>> tpm_tis), then SENTER will not succeed.  The easiest way to test if
> >>>>>>>> this makes a difference is to boot Linux without loading tpm_tis,
> >>>>>>>> then
> >>>>>>>> try a Flicker session, and see if it makes any difference.
> >>>>>>>>
> >>>>>>>> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined
> >>>>>>>> in
> >>>>>>>> flicker.h is too small in flicker-0.2.  I generally use 64K instead
> >>>>>>>> of
> >>>>>>>> 32K these days.  Unfortunately the error handling in flicker-0.2
> >>>>>>>> just
> >>>>>>>> prints a small warning message and blindly keeps going with an
> >>>>>>>> incomplete SINIT module if the buffer is too small.  However, I
> >>>>>>>> would
> >>>>>>>> expect that you would observe a different failure mode under those
> >>>>>>>> conditions.
> >>>>>>>>
> >>>>>>>> Hope this helps,
> >>>>>>>> -Jon
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...>
> >>>>>>>>   wrote:
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>
> >>>>>>>>> Hi list,
> >>>>>>>>>
> >>>>>>>>> My question stems from a TXT error I'm getting while trying to run
> >>>>>>>>> Flicker. I have a dual core i5 laptop I'm testing on and using the
> >>>>>>>>> sinit
> >>>>>>>>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my
> >>>>>>>>> computer
> >>>>>>>>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which
> >>>>>>>>> parses
> >>>>>>>>> as acm_type=1, progress=0d, error=f, and according to
> >>>>>>>>> sinit_errors.txt
> >>>>>>>>> that is "TPM PCR 17 was not properly initialized"
> >>>>>>>>>
> >>>>>>>>> The MLE Software Development Guide is pretty clear on how PCR 17
> >>>>>>>>> should
> >>>>>>>>> be initialized, and yet I can't find in the Flicker or tboot source
> >>>>>>>>> code
> >>>>>>>>> where this initialization is happening. I was hoping to use the
> >>>>>>>>> tboot
> >>>>>>>>> source as a reference because on this machine GETSEC[SENTER] does
> >>>>>>>>> successfully execute when I try launching tboot (loading the
> >>>>>>>>> operating
> >>>>>>>>> system fails afterwards but I believe thats a kernel configuration
> >>>>>>>>> issue
> >>>>>>>>> I haven't fixed yet).
> >>>>>>>>>
> >>>>>>>>> Any advice or pointers to where tboot initializes PCR 17 would be
> >>>>>>>>> greatly appreciated.
> >>>>>>>>>
> >>>>>>>>> Thanks,
> >>>>>>>>> Jeff
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> ------------------------------------------------------------------------------
> >>>>>>>>> Protect Your Site and Customers from Malware Attacks
> >>>>>>>>> Learn about various malware tactics and how to avoid them.
> >>>>>>>>> Understand
> >>>>>>>>> malware threats, the impact they can have on your business, and how
> >>>>>>>>> you
> >>>>>>>>> can protect your company and customers by using code signing.
> >>>>>>>>> http://p.sf.net/sfu/oracle-sfdevnl
> >>>>>>>>> _______________________________________________
> >>>>>>>>> tboot-devel mailing list
> >>>>>>>>> tbo...@li...
> >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> ------------------------------------------------------------------------------
> >>>>>>>> Protect Your Site and Customers from Malware Attacks
> >>>>>>>> Learn about various malware tactics and how to avoid them.
> >>>>>>>> Understand
> >>>>>>>> malware threats, the impact they can have on your business, and how
> >>>>>>>> you
> >>>>>>>> can protect your company and customers by using code signing.
> >>>>>>>> http://p.sf.net/sfu/oracle-sfdevnl
> >>>>>>>> _______________________________________________
> >>>>>>>> tboot-devel mailing list
> >>>>>>>> tbo...@li...
> >>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> >>>>>>>>
> >>>>>>>>
> >>>>>>
> >>>>>> --
> >>>>>> Jeff Cleveland
> >>>>>> Raytheon - BBN Technologies
> >>>>>> 617-873-2515
> >>>>>> jcl...@bb...
> >>>>>>
> >>>>>>
> >>>>
> >>>>
> >>>
> >>>
> >>> ------------------------------------------------------------------------------
> >>> Protect Your Site and Customers from Malware Attacks
> >>> Learn about various malware tactics and how to avoid them. Understand
> >>> malware threats, the impact they can have on your business, and how you
> >>> can protect your company and customers by using code signing.
> >>> http://p.sf.net/sfu/oracle-sfdevnl
> >>> _______________________________________________
> >>> tboot-devel mailing list
> >>> tbo...@li...
> >>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> >>>
> >>>
> >
> >
> 
> ------------------------------------------------------------------------------
> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
> Finally, a world-class log management solution at an even better price-free!
> Download using promo code Free_Logger_4_Dev2Dev. Offer expires
> February 28th, so secure your free ArcSight Logger TODAY!
> http://p.sf.net/sfu/arcsight-sfd2d
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Jonathan M. <jon...@cm...>]

I know that for the HP 8530p BIOS revision F.0B exhibits the problem,
and F.0E does not.  I have not tried to disassemble / difference them.

-Jon


On Fri, Jan 21, 2011 at 3:16 PM, Jeff Cleveland <jcl...@bb...> wrote:
> Yes I can confirm that I was using the latest BIOS version (Latitude E6500
> System BIOS A24) and TPM firmware (Dell Control Vault 14.x.132.0, A17). I
> pulled all the RAM and that didn't make a difference, according to Dell
> there was no physical means of clearing the CMOS. A new motherboard is on
> the way.
>
> Are there any resources regarding what it is that causes the "reboot loop"
> such as a flag that isn't being reset properly upon reboot? In cases where
> version /x/ of a BIOS causes a reboot loop and version  /x+1/ is stable, do
> we know what changes were made between those two version? If a specific
> state can be identified as causing these problems perhaps it would be
> possible to check for them ahead of time. It seems like an interesting
> problem, unfortunately the cost of obtaining each data point (i.e. a new
> motherboard) is unfortunately rather high.
>
> The events that lead to my situation are along the lines of:
> 1. Launch tboot, SENTER seems to execute successfully including error code
> /0xc0000001 /being reported.
> 2. Reboot, launch linux installation running kernel 2.6.30, run go.sh
> (hellopal) output seems to be correct.  Turn off machine.
> 3. Boot into same linux install (2.6.30), run go.sh output seems correct.
> Change from an xterm to tty1 for extra output, run go.sh, system hangs at
>  SENTER.
> 4. System now in reboot loop.
>
> -Jeff
>
> Jonathan McCune wrote:
>>
>> Ugh. That's really unfortunate that you found a "reboot loop".  Every
>> system I did that to ended up getting replaced under warranty, but
>> it's still a headache.
>>
>> I've tried clearing CMOS (if your system has such a jumper or
>> battery), and changing the amount of RAM in the system.  I.e., pull
>> out some DIMMs or whatever your system takes.  I've seen those hints
>> in HP service documents, though they haven't worked for me.  Can you
>> confirm whether you had the latest BIOS firmware in that system?
>>
>> I have never seen a system successfully execute SENTER and _then_ get
>> stuck in one of those loops.
>>
>> -Jon
>>
>>
>> On Thu, Jan 20, 2011 at 11:22 AM, Jeff Cleveland <jcl...@bb...>
>> wrote:
>>
>>>
>>> Hi List,
>>>
>>> So the TPM FW upgrade worked on a second machine I had, a Dell E6500
>>> with a similar (possibly the same) Broadcom TPM. I was able to execute
>>> the SENTER during the TBOOT start up, and was able to execute the
>>> Flicker example code. Unfortunately, after a few more tests with Flicker
>>> the machine hung after the SENTER and is now stuck in a reboot loop
>>> similar to what others have described.
>>>
>>> Has anyone been able to recover from one of these loops? I've looked
>>> through the mailing lists archives and haven't found anything but
>>> figured I should ask as I try to contact Dell support.
>>>
>>> Thanks,
>>> Jeff
>>>
>>> Jeff Cleveland wrote:
>>>
>>>>
>>>> Thanks for the suggestion, unfortunately installing the newest TPM FW
>>>> has not made a difference.
>>>>
>>>> Jeff
>>>>
>>>> On 01/14/2011 02:59 PM, Cihula, Joseph wrote:
>>>>
>>>>
>>>>>
>>>>> You should make sure that your TPM FW is the latest version, which you
>>>>> can get from:
>>>>> http://support.dell.com/support/downloads/download.aspx?c=us&cs=08W&l=en&s=bsdv&releaseid=R267128&SystemID=LAT_E4310&servicetag=&os=W732&osl=en&deviceid=21505&devlib=0&typecnt=0&vercnt=1&catid=-1&impid=-1&formatcnt=0&libid=60&typeid=-1&dateid=-1&formatid=-1&source=-1&fileid=392801
>>>>>
>>>>> Joe
>>>>>
>>>>>
>>>>>
>>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Jeff Cleveland [mailto:jcl...@bb...]
>>>>>> Sent: Friday, January 14, 2011 9:53 AM
>>>>>> To: Cihula, Joseph
>>>>>> Cc: Jonathan McCune; tbo...@li...
>>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized
>>>>>> (flicker)
>>>>>>
>>>>>> The system is a Dell Latitude E4310 and the TPM is manufactured by
>>>>>> Broadcom.
>>>>>>
>>>>>> Jeff
>>>>>>
>>>>>> On 01/14/2011 12:24 PM, Cihula, Joseph wrote:
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> What model system is this and who is the TPM manufactured by?
>>>>>>>
>>>>>>> Joe
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> -----Original Message-----
>>>>>>>> From: Jonathan McCune [mailto:jon...@cm...]
>>>>>>>> Sent: Friday, January 14, 2011 8:50 AM
>>>>>>>> To: Jeff Cleveland
>>>>>>>> Cc: tbo...@li...
>>>>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized
>>>>>>>> (flicker)
>>>>>>>>
>>>>>>>> Although there are some distinct error codes for locality access
>>>>>>>> problems, you might check whether the Linux TPM driver is active.
>>>>>>>>  If
>>>>>>>> the TPM has an active locality (which would be locality 1 with
>>>>>>>> Linux's
>>>>>>>> tpm_tis), then SENTER will not succeed.  The easiest way to test if
>>>>>>>> this makes a difference is to boot Linux without loading tpm_tis,
>>>>>>>> then
>>>>>>>> try a Flicker session, and see if it makes any difference.
>>>>>>>>
>>>>>>>> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined
>>>>>>>> in
>>>>>>>> flicker.h is too small in flicker-0.2.  I generally use 64K instead
>>>>>>>> of
>>>>>>>> 32K these days.  Unfortunately the error handling in flicker-0.2
>>>>>>>> just
>>>>>>>> prints a small warning message and blindly keeps going with an
>>>>>>>> incomplete SINIT module if the buffer is too small.  However, I
>>>>>>>> would
>>>>>>>> expect that you would observe a different failure mode under those
>>>>>>>> conditions.
>>>>>>>>
>>>>>>>> Hope this helps,
>>>>>>>> -Jon
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...>
>>>>>>>>   wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hi list,
>>>>>>>>>
>>>>>>>>> My question stems from a TXT error I'm getting while trying to run
>>>>>>>>> Flicker. I have a dual core i5 laptop I'm testing on and using the
>>>>>>>>> sinit
>>>>>>>>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my
>>>>>>>>> computer
>>>>>>>>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which
>>>>>>>>> parses
>>>>>>>>> as acm_type=1, progress=0d, error=f, and according to
>>>>>>>>> sinit_errors.txt
>>>>>>>>> that is "TPM PCR 17 was not properly initialized"
>>>>>>>>>
>>>>>>>>> The MLE Software Development Guide is pretty clear on how PCR 17
>>>>>>>>> should
>>>>>>>>> be initialized, and yet I can't find in the Flicker or tboot source
>>>>>>>>> code
>>>>>>>>> where this initialization is happening. I was hoping to use the
>>>>>>>>> tboot
>>>>>>>>> source as a reference because on this machine GETSEC[SENTER] does
>>>>>>>>> successfully execute when I try launching tboot (loading the
>>>>>>>>> operating
>>>>>>>>> system fails afterwards but I believe thats a kernel configuration
>>>>>>>>> issue
>>>>>>>>> I haven't fixed yet).
>>>>>>>>>
>>>>>>>>> Any advice or pointers to where tboot initializes PCR 17 would be
>>>>>>>>> greatly appreciated.
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Jeff
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>>> Protect Your Site and Customers from Malware Attacks
>>>>>>>>> Learn about various malware tactics and how to avoid them.
>>>>>>>>> Understand
>>>>>>>>> malware threats, the impact they can have on your business, and how
>>>>>>>>> you
>>>>>>>>> can protect your company and customers by using code signing.
>>>>>>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>>>>>>> _______________________________________________
>>>>>>>>> tboot-devel mailing list
>>>>>>>>> tbo...@li...
>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>> Protect Your Site and Customers from Malware Attacks
>>>>>>>> Learn about various malware tactics and how to avoid them.
>>>>>>>> Understand
>>>>>>>> malware threats, the impact they can have on your business, and how
>>>>>>>> you
>>>>>>>> can protect your company and customers by using code signing.
>>>>>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>>>>>> _______________________________________________
>>>>>>>> tboot-devel mailing list
>>>>>>>> tbo...@li...
>>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Jeff Cleveland
>>>>>> Raytheon - BBN Technologies
>>>>>> 617-873-2515
>>>>>> jcl...@bb...
>>>>>>
>>>>>>
>>>>
>>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Protect Your Site and Customers from Malware Attacks
>>> Learn about various malware tactics and how to avoid them. Understand
>>> malware threats, the impact they can have on your business, and how you
>>> can protect your company and customers by using code signing.
>>> http://p.sf.net/sfu/oracle-sfdevnl
>>> _______________________________________________
>>> tboot-devel mailing list
>>> tbo...@li...
>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>
>>>
>
>

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Jeff C. <jcl...@bb...>]

Yes I can confirm that I was using the latest BIOS version (Latitude 
E6500 System BIOS A24) and TPM firmware (Dell Control Vault 14.x.132.0, 
A17). I pulled all the RAM and that didn't make a difference, according 
to Dell there was no physical means of clearing the CMOS. A new 
motherboard is on the way.

Are there any resources regarding what it is that causes the "reboot 
loop" such as a flag that isn't being reset properly upon reboot? In 
cases where version /x/ of a BIOS causes a reboot loop and version  
/x+1/ is stable, do we know what changes were made between those two 
version? If a specific state can be identified as causing these problems 
perhaps it would be possible to check for them ahead of time. It seems 
like an interesting problem, unfortunately the cost of obtaining each 
data point (i.e. a new motherboard) is unfortunately rather high.

The events that lead to my situation are along the lines of:
1. Launch tboot, SENTER seems to execute successfully including error 
code /0xc0000001 /being reported.
2. Reboot, launch linux installation running kernel 2.6.30, run go.sh 
(hellopal) output seems to be correct.  Turn off machine.
3. Boot into same linux install (2.6.30), run go.sh output seems 
correct. Change from an xterm to tty1 for extra output, run go.sh, 
system hangs at  SENTER.
4. System now in reboot loop.

-Jeff

Jonathan McCune wrote:
> Ugh. That's really unfortunate that you found a "reboot loop".  Every
> system I did that to ended up getting replaced under warranty, but
> it's still a headache.
>
> I've tried clearing CMOS (if your system has such a jumper or
> battery), and changing the amount of RAM in the system.  I.e., pull
> out some DIMMs or whatever your system takes.  I've seen those hints
> in HP service documents, though they haven't worked for me.  Can you
> confirm whether you had the latest BIOS firmware in that system?
>
> I have never seen a system successfully execute SENTER and _then_ get
> stuck in one of those loops.
>
> -Jon
>
>
> On Thu, Jan 20, 2011 at 11:22 AM, Jeff Cleveland <jcl...@bb...> wrote:
>   
>> Hi List,
>>
>> So the TPM FW upgrade worked on a second machine I had, a Dell E6500
>> with a similar (possibly the same) Broadcom TPM. I was able to execute
>> the SENTER during the TBOOT start up, and was able to execute the
>> Flicker example code. Unfortunately, after a few more tests with Flicker
>> the machine hung after the SENTER and is now stuck in a reboot loop
>> similar to what others have described.
>>
>> Has anyone been able to recover from one of these loops? I've looked
>> through the mailing lists archives and haven't found anything but
>> figured I should ask as I try to contact Dell support.
>>
>> Thanks,
>> Jeff
>>
>> Jeff Cleveland wrote:
>>     
>>> Thanks for the suggestion, unfortunately installing the newest TPM FW
>>> has not made a difference.
>>>
>>> Jeff
>>>
>>> On 01/14/2011 02:59 PM, Cihula, Joseph wrote:
>>>
>>>       
>>>> You should make sure that your TPM FW is the latest version, which you can get from: http://support.dell.com/support/downloads/download.aspx?c=us&cs=08W&l=en&s=bsdv&releaseid=R267128&SystemID=LAT_E4310&servicetag=&os=W732&osl=en&deviceid=21505&devlib=0&typecnt=0&vercnt=1&catid=-1&impid=-1&formatcnt=0&libid=60&typeid=-1&dateid=-1&formatid=-1&source=-1&fileid=392801
>>>>
>>>> Joe
>>>>
>>>>
>>>>         
>>>>> -----Original Message-----
>>>>> From: Jeff Cleveland [mailto:jcl...@bb...]
>>>>> Sent: Friday, January 14, 2011 9:53 AM
>>>>> To: Cihula, Joseph
>>>>> Cc: Jonathan McCune; tbo...@li...
>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
>>>>>
>>>>> The system is a Dell Latitude E4310 and the TPM is manufactured by Broadcom.
>>>>>
>>>>> Jeff
>>>>>
>>>>> On 01/14/2011 12:24 PM, Cihula, Joseph wrote:
>>>>>
>>>>>           
>>>>>> What model system is this and who is the TPM manufactured by?
>>>>>>
>>>>>> Joe
>>>>>>
>>>>>>
>>>>>>             
>>>>>>> -----Original Message-----
>>>>>>> From: Jonathan McCune [mailto:jon...@cm...]
>>>>>>> Sent: Friday, January 14, 2011 8:50 AM
>>>>>>> To: Jeff Cleveland
>>>>>>> Cc: tbo...@li...
>>>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
>>>>>>>
>>>>>>> Although there are some distinct error codes for locality access
>>>>>>> problems, you might check whether the Linux TPM driver is active.  If
>>>>>>> the TPM has an active locality (which would be locality 1 with Linux's
>>>>>>> tpm_tis), then SENTER will not succeed.  The easiest way to test if
>>>>>>> this makes a difference is to boot Linux without loading tpm_tis, then
>>>>>>> try a Flicker session, and see if it makes any difference.
>>>>>>>
>>>>>>> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in
>>>>>>> flicker.h is too small in flicker-0.2.  I generally use 64K instead of
>>>>>>> 32K these days.  Unfortunately the error handling in flicker-0.2 just
>>>>>>> prints a small warning message and blindly keeps going with an
>>>>>>> incomplete SINIT module if the buffer is too small.  However, I would
>>>>>>> expect that you would observe a different failure mode under those
>>>>>>> conditions.
>>>>>>>
>>>>>>> Hope this helps,
>>>>>>> -Jon
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...>   wrote:
>>>>>>>
>>>>>>>               
>>>>>>>> Hi list,
>>>>>>>>
>>>>>>>> My question stems from a TXT error I'm getting while trying to run
>>>>>>>> Flicker. I have a dual core i5 laptop I'm testing on and using the sinit
>>>>>>>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer
>>>>>>>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses
>>>>>>>> as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt
>>>>>>>> that is "TPM PCR 17 was not properly initialized"
>>>>>>>>
>>>>>>>> The MLE Software Development Guide is pretty clear on how PCR 17 should
>>>>>>>> be initialized, and yet I can't find in the Flicker or tboot source code
>>>>>>>> where this initialization is happening. I was hoping to use the tboot
>>>>>>>> source as a reference because on this machine GETSEC[SENTER] does
>>>>>>>> successfully execute when I try launching tboot (loading the operating
>>>>>>>> system fails afterwards but I believe thats a kernel configuration issue
>>>>>>>> I haven't fixed yet).
>>>>>>>>
>>>>>>>> Any advice or pointers to where tboot initializes PCR 17 would be
>>>>>>>> greatly appreciated.
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> Jeff
>>>>>>>>
>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>> Protect Your Site and Customers from Malware Attacks
>>>>>>>> Learn about various malware tactics and how to avoid them. Understand
>>>>>>>> malware threats, the impact they can have on your business, and how you
>>>>>>>> can protect your company and customers by using code signing.
>>>>>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>>>>>> _______________________________________________
>>>>>>>> tboot-devel mailing list
>>>>>>>> tbo...@li...
>>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>>>>
>>>>>>>>
>>>>>>>>                 
>>>>>>> ------------------------------------------------------------------------------
>>>>>>> Protect Your Site and Customers from Malware Attacks
>>>>>>> Learn about various malware tactics and how to avoid them. Understand
>>>>>>> malware threats, the impact they can have on your business, and how you
>>>>>>> can protect your company and customers by using code signing.
>>>>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>>>>> _______________________________________________
>>>>>>> tboot-devel mailing list
>>>>>>> tbo...@li...
>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>>>
>>>>>>>               
>>>>> --
>>>>> Jeff Cleveland
>>>>> Raytheon - BBN Technologies
>>>>> 617-873-2515
>>>>> jcl...@bb...
>>>>>
>>>>>           
>>>
>>>       
>> ------------------------------------------------------------------------------
>> Protect Your Site and Customers from Malware Attacks
>> Learn about various malware tactics and how to avoid them. Understand
>> malware threats, the impact they can have on your business, and how you
>> can protect your company and customers by using code signing.
>> http://p.sf.net/sfu/oracle-sfdevnl
>> _______________________________________________
>> tboot-devel mailing list
>> tbo...@li...
>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>
>>     

Re: [tboot-devel] [PATCH, TRIVIAL] Add more explicit dependencies for CONFIG_INTEL_TXT

[Randy D. <rd...@xe...>]

On Fri, 21 Jan 2011 13:39:19 -0500 Jonathan McCune wrote:

> This patch makes the documentation slightly more explicit about how to
> enable Intel TXT support in the kernel, and adds two dependencies to
> the relevant option in Kconfig.  Without this patch it is difficult to
> determine how to enable Intel TXT support without some knowledge of
> Kconfig.
> 
> Signed-off-by: Jonathan McCune <jon...@cm...>
> 
> ---
>  Documentation/intel_txt.txt |    4 +++-
>  security/Kconfig            |    2 +-
>  2 files changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/Documentation/intel_txt.txt b/Documentation/intel_txt.txt
> index 849de1a..8487f76 100644
> --- a/Documentation/intel_txt.txt
> +++ b/Documentation/intel_txt.txt
> @@ -196,7 +196,9 @@ Execution Technology (TXT)".  It is marked as
> EXPERIMENTAL and
>  depends on the generic x86 support (to allow maximum flexibility in
>  kernel build options), since the tboot code will detect whether the
>  platform actually supports Intel TXT and thus whether any of the
> -kernel code is executed.
> +kernel code is executed. The kernel option for enabling Intel TXT
> +support will only appear if its dependencies are also enabled.
> +These are CONFIG_DMAR and CONFIG_PCI_MSI.

Shouldn't that comment match the "depends on" line below??


>  The Q35_SINIT_17.BIN file is what Intel TXT refers to as an
>  Authenticated Code Module.  It is specific to the chipset in the
> diff --git a/security/Kconfig b/security/Kconfig
> index 95accd4..5fd4e35 100644
> --- a/security/Kconfig
> +++ b/security/Kconfig
> @@ -136,7 +136,7 @@ config SECURITY_PATH
> 
>  config INTEL_TXT
>  	bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)"
> -	depends on HAVE_INTEL_TXT
> +	depends on HAVE_INTEL_TXT && EXPERIMENTAL && DMAR && ACPI
>  	help
>  	  This option enables support for booting the kernel with the
>  	  Trusted Boot (tboot) module. This will utilize
> -- 


---
~Randy
*** Remember to use Documentation/SubmitChecklist when testing your code ***

Re: [tboot-devel] [PATCH, TRIVIAL] Add more explicit dependencies for CONFIG_INTEL_TXT

[Jonathan M. <jon...@cm...>]

Hi Joe et al.,

What is the thinking behind the HAVE_INTEL_TXT option?  Is the
intention to disable all TXT-related code on non-x86 platforms?
Wouldn't it be cleaner to add a dependency such as CONFIG_X86 to the
CONFIG_INTEL_TXT line, instead of the pseudo-automatic HAVE_INTEL_TXT?

Thanks,
-Jon



On Fri, Jan 21, 2011 at 1:58 PM, Randy Dunlap <rd...@xe...> wrote:
> On Fri, 21 Jan 2011 13:39:19 -0500 Jonathan McCune wrote:
>
>> This patch makes the documentation slightly more explicit about how to
>> enable Intel TXT support in the kernel, and adds two dependencies to
>> the relevant option in Kconfig.  Without this patch it is difficult to
>> determine how to enable Intel TXT support without some knowledge of
>> Kconfig.
>>
>> Signed-off-by: Jonathan McCune <jon...@cm...>
>>
>> ---
>>  Documentation/intel_txt.txt |    4 +++-
>>  security/Kconfig            |    2 +-
>>  2 files changed, 4 insertions(+), 2 deletions(-)
>>
>> diff --git a/Documentation/intel_txt.txt b/Documentation/intel_txt.txt
>> index 849de1a..8487f76 100644
>> --- a/Documentation/intel_txt.txt
>> +++ b/Documentation/intel_txt.txt
>> @@ -196,7 +196,9 @@ Execution Technology (TXT)".  It is marked as
>> EXPERIMENTAL and
>>  depends on the generic x86 support (to allow maximum flexibility in
>>  kernel build options), since the tboot code will detect whether the
>>  platform actually supports Intel TXT and thus whether any of the
>> -kernel code is executed.
>> +kernel code is executed. The kernel option for enabling Intel TXT
>> +support will only appear if its dependencies are also enabled.
>> +These are CONFIG_DMAR and CONFIG_PCI_MSI.
>
> Shouldn't that comment match the "depends on" line below??
>
>
>>  The Q35_SINIT_17.BIN file is what Intel TXT refers to as an
>>  Authenticated Code Module.  It is specific to the chipset in the
>> diff --git a/security/Kconfig b/security/Kconfig
>> index 95accd4..5fd4e35 100644
>> --- a/security/Kconfig
>> +++ b/security/Kconfig
>> @@ -136,7 +136,7 @@ config SECURITY_PATH
>>
>>  config INTEL_TXT
>>       bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)"
>> -     depends on HAVE_INTEL_TXT
>> +     depends on HAVE_INTEL_TXT && EXPERIMENTAL && DMAR && ACPI
>>       help
>>         This option enables support for booting the kernel with the
>>         Trusted Boot (tboot) module. This will utilize
>> --
>
>
> ---
> ~Randy
> *** Remember to use Documentation/SubmitChecklist when testing your code ***
>

[tboot-devel] [PATCH, TRIVIAL] Add more explicit dependencies for CONFIG_INTEL_TXT

[Jonathan M. <jon...@cm...>]

This patch makes the documentation slightly more explicit about how to
enable Intel TXT support in the kernel, and adds two dependencies to
the relevant option in Kconfig.  Without this patch it is difficult to
determine how to enable Intel TXT support without some knowledge of
Kconfig.

Signed-off-by: Jonathan McCune <jon...@cm...>

---
 Documentation/intel_txt.txt |    4 +++-
 security/Kconfig            |    2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/Documentation/intel_txt.txt b/Documentation/intel_txt.txt
index 849de1a..8487f76 100644
--- a/Documentation/intel_txt.txt
+++ b/Documentation/intel_txt.txt
@@ -196,7 +196,9 @@ Execution Technology (TXT)".  It is marked as
EXPERIMENTAL and
 depends on the generic x86 support (to allow maximum flexibility in
 kernel build options), since the tboot code will detect whether the
 platform actually supports Intel TXT and thus whether any of the
-kernel code is executed.
+kernel code is executed. The kernel option for enabling Intel TXT
+support will only appear if its dependencies are also enabled.
+These are CONFIG_DMAR and CONFIG_PCI_MSI.

 The Q35_SINIT_17.BIN file is what Intel TXT refers to as an
 Authenticated Code Module.  It is specific to the chipset in the
diff --git a/security/Kconfig b/security/Kconfig
index 95accd4..5fd4e35 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -136,7 +136,7 @@ config SECURITY_PATH

 config INTEL_TXT
 	bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)"
-	depends on HAVE_INTEL_TXT
+	depends on HAVE_INTEL_TXT && EXPERIMENTAL && DMAR && ACPI
 	help
 	  This option enables support for booting the kernel with the
 	  Trusted Boot (tboot) module. This will utilize
-- 
1.5.6.5

[tboot-devel] Enabling TXT in Linux kernel 2.6.37

[Jonathan M. <jon...@cm...>]

I was originally going to post "how do I enable TXT in Linux kernel
2.6.37?" but I figured it out.  As the process was rather non-obvious,
I post here with hopes that this information will be useful.

Working with the vanilla linux-2.6.37.tar.bz2 from kernel.org...

Documentation/intel_txt.txt does not actually explain how to enable
Linux kernel support.

Searching for "TXT" using the "/" feature in `make menuconfig` gives
the following:

--------------------------------------------
Symbol: INTEL_TXT [=n]
 Type  : boolean
 Prompt: Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)
   Defined at security/Kconfig:106
   Depends on: HAVE_INTEL_TXT [=n]
   Location:
     -> Security options


 Symbol: HAVE_INTEL_TXT [=n]
 Type  : boolean
--------------------------------------------

However, the "Enable Intel(R) Trusted Execution Technology (Intel(R)
TXT)" does not actually appear by default.

After recursively grepping Kconfig files, I found that HAVE_INTEL_TXT
is defined in
arch/x86/Kconfig:

config HAVE_INTEL_TXT
        def_bool y
        depends on EXPERIMENTAL && DMAR && ACPI

...however the search result page (i.e., using "/" in `make
menuconfig`) does not show these dependencies.  The search result page
for CONFIG_DMAR does suggest that CONFIG_PCI_MSI is necessary, and
after enabling CONFIG_PCI_MSI, CONFIG_DMAR becomes available, and
after enabling that, then CONFIG_INTEL_TXT becomes available back in
the Security Options menu.

I'm not very knowledgeable about the internals of the kernel config /
build process, but it seems like there is probably some kind of parse
error or missing information in arch/x86/Kconfig.  I have a few
minutes and I'll see if I can figure it out and perhaps create a
patch.

Cheers,
-Jon

Re: [tboot-devel] SINIT module for PM965?

[Cihula, J. <jos...@in...>]

The PM965/GM965/GL960 chipsets do not support TXT.

Joe

From: Mark Reynolds [mailto:mre...@bb...]
Sent: Thursday, January 20, 2011 2:46 PM
To: tbo...@li...
Subject: [tboot-devel] SINIT module for PM965?


Is there an SINIT AC module that supports the PM965/GM965/GL960 chipset, host bridge ID 0x2a00?

Can the GM45/GS45/PM45 SINIT module (host id 0x2a40) be used with this chipset?

- Mark Reynolds

[tboot-devel] SINIT module for PM965?

[Mark R. <mre...@bb...>]

Is there an SINIT AC module that supports the PM965/GM965/GL960 chipset, host bridge ID 0x2a00?

Can the GM45/GS45/PM45 SINIT module (host id 0x2a40) be used with this chipset?

- Mark Reynolds

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Jonathan M. <jon...@cm...>]

Ugh. That's really unfortunate that you found a "reboot loop".  Every
system I did that to ended up getting replaced under warranty, but
it's still a headache.

I've tried clearing CMOS (if your system has such a jumper or
battery), and changing the amount of RAM in the system.  I.e., pull
out some DIMMs or whatever your system takes.  I've seen those hints
in HP service documents, though they haven't worked for me.  Can you
confirm whether you had the latest BIOS firmware in that system?

I have never seen a system successfully execute SENTER and _then_ get
stuck in one of those loops.

-Jon


On Thu, Jan 20, 2011 at 11:22 AM, Jeff Cleveland <jcl...@bb...> wrote:
> Hi List,
>
> So the TPM FW upgrade worked on a second machine I had, a Dell E6500
> with a similar (possibly the same) Broadcom TPM. I was able to execute
> the SENTER during the TBOOT start up, and was able to execute the
> Flicker example code. Unfortunately, after a few more tests with Flicker
> the machine hung after the SENTER and is now stuck in a reboot loop
> similar to what others have described.
>
> Has anyone been able to recover from one of these loops? I've looked
> through the mailing lists archives and haven't found anything but
> figured I should ask as I try to contact Dell support.
>
> Thanks,
> Jeff
>
> Jeff Cleveland wrote:
>> Thanks for the suggestion, unfortunately installing the newest TPM FW
>> has not made a difference.
>>
>> Jeff
>>
>> On 01/14/2011 02:59 PM, Cihula, Joseph wrote:
>>
>>> You should make sure that your TPM FW is the latest version, which you can get from: http://support.dell.com/support/downloads/download.aspx?c=us&cs=08W&l=en&s=bsdv&releaseid=R267128&SystemID=LAT_E4310&servicetag=&os=W732&osl=en&deviceid=21505&devlib=0&typecnt=0&vercnt=1&catid=-1&impid=-1&formatcnt=0&libid=60&typeid=-1&dateid=-1&formatid=-1&source=-1&fileid=392801
>>>
>>> Joe
>>>
>>>
>>>> -----Original Message-----
>>>> From: Jeff Cleveland [mailto:jcl...@bb...]
>>>> Sent: Friday, January 14, 2011 9:53 AM
>>>> To: Cihula, Joseph
>>>> Cc: Jonathan McCune; tbo...@li...
>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
>>>>
>>>> The system is a Dell Latitude E4310 and the TPM is manufactured by Broadcom.
>>>>
>>>> Jeff
>>>>
>>>> On 01/14/2011 12:24 PM, Cihula, Joseph wrote:
>>>>
>>>>> What model system is this and who is the TPM manufactured by?
>>>>>
>>>>> Joe
>>>>>
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Jonathan McCune [mailto:jon...@cm...]
>>>>>> Sent: Friday, January 14, 2011 8:50 AM
>>>>>> To: Jeff Cleveland
>>>>>> Cc: tbo...@li...
>>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
>>>>>>
>>>>>> Although there are some distinct error codes for locality access
>>>>>> problems, you might check whether the Linux TPM driver is active.  If
>>>>>> the TPM has an active locality (which would be locality 1 with Linux's
>>>>>> tpm_tis), then SENTER will not succeed.  The easiest way to test if
>>>>>> this makes a difference is to boot Linux without loading tpm_tis, then
>>>>>> try a Flicker session, and see if it makes any difference.
>>>>>>
>>>>>> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in
>>>>>> flicker.h is too small in flicker-0.2.  I generally use 64K instead of
>>>>>> 32K these days.  Unfortunately the error handling in flicker-0.2 just
>>>>>> prints a small warning message and blindly keeps going with an
>>>>>> incomplete SINIT module if the buffer is too small.  However, I would
>>>>>> expect that you would observe a different failure mode under those
>>>>>> conditions.
>>>>>>
>>>>>> Hope this helps,
>>>>>> -Jon
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...>   wrote:
>>>>>>
>>>>>>> Hi list,
>>>>>>>
>>>>>>> My question stems from a TXT error I'm getting while trying to run
>>>>>>> Flicker. I have a dual core i5 laptop I'm testing on and using the sinit
>>>>>>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer
>>>>>>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses
>>>>>>> as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt
>>>>>>> that is "TPM PCR 17 was not properly initialized"
>>>>>>>
>>>>>>> The MLE Software Development Guide is pretty clear on how PCR 17 should
>>>>>>> be initialized, and yet I can't find in the Flicker or tboot source code
>>>>>>> where this initialization is happening. I was hoping to use the tboot
>>>>>>> source as a reference because on this machine GETSEC[SENTER] does
>>>>>>> successfully execute when I try launching tboot (loading the operating
>>>>>>> system fails afterwards but I believe thats a kernel configuration issue
>>>>>>> I haven't fixed yet).
>>>>>>>
>>>>>>> Any advice or pointers to where tboot initializes PCR 17 would be
>>>>>>> greatly appreciated.
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Jeff
>>>>>>>
>>>>>>> ------------------------------------------------------------------------------
>>>>>>> Protect Your Site and Customers from Malware Attacks
>>>>>>> Learn about various malware tactics and how to avoid them. Understand
>>>>>>> malware threats, the impact they can have on your business, and how you
>>>>>>> can protect your company and customers by using code signing.
>>>>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>>>>> _______________________________________________
>>>>>>> tboot-devel mailing list
>>>>>>> tbo...@li...
>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>>>
>>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Protect Your Site and Customers from Malware Attacks
>>>>>> Learn about various malware tactics and how to avoid them. Understand
>>>>>> malware threats, the impact they can have on your business, and how you
>>>>>> can protect your company and customers by using code signing.
>>>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>>>> _______________________________________________
>>>>>> tboot-devel mailing list
>>>>>> tbo...@li...
>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>>
>>>> --
>>>> Jeff Cleveland
>>>> Raytheon - BBN Technologies
>>>> 617-873-2515
>>>> jcl...@bb...
>>>>
>>
>>
>>
>
>
> ------------------------------------------------------------------------------
> Protect Your Site and Customers from Malware Attacks
> Learn about various malware tactics and how to avoid them. Understand
> malware threats, the impact they can have on your business, and how you
> can protect your company and customers by using code signing.
> http://p.sf.net/sfu/oracle-sfdevnl
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Jeff C. <jcl...@bb...>]

Hi List,

So the TPM FW upgrade worked on a second machine I had, a Dell E6500 
with a similar (possibly the same) Broadcom TPM. I was able to execute 
the SENTER during the TBOOT start up, and was able to execute the 
Flicker example code. Unfortunately, after a few more tests with Flicker 
the machine hung after the SENTER and is now stuck in a reboot loop 
similar to what others have described.

Has anyone been able to recover from one of these loops? I've looked 
through the mailing lists archives and haven't found anything but 
figured I should ask as I try to contact Dell support.

Thanks,
Jeff

Jeff Cleveland wrote:
> Thanks for the suggestion, unfortunately installing the newest TPM FW 
> has not made a difference.
>
> Jeff
>
> On 01/14/2011 02:59 PM, Cihula, Joseph wrote:
>   
>> You should make sure that your TPM FW is the latest version, which you can get from: http://support.dell.com/support/downloads/download.aspx?c=us&cs=08W&l=en&s=bsdv&releaseid=R267128&SystemID=LAT_E4310&servicetag=&os=W732&osl=en&deviceid=21505&devlib=0&typecnt=0&vercnt=1&catid=-1&impid=-1&formatcnt=0&libid=60&typeid=-1&dateid=-1&formatid=-1&source=-1&fileid=392801
>>
>> Joe
>>
>>     
>>> -----Original Message-----
>>> From: Jeff Cleveland [mailto:jcl...@bb...]
>>> Sent: Friday, January 14, 2011 9:53 AM
>>> To: Cihula, Joseph
>>> Cc: Jonathan McCune; tbo...@li...
>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
>>>
>>> The system is a Dell Latitude E4310 and the TPM is manufactured by Broadcom.
>>>
>>> Jeff
>>>
>>> On 01/14/2011 12:24 PM, Cihula, Joseph wrote:
>>>       
>>>> What model system is this and who is the TPM manufactured by?
>>>>
>>>> Joe
>>>>
>>>>         
>>>>> -----Original Message-----
>>>>> From: Jonathan McCune [mailto:jon...@cm...]
>>>>> Sent: Friday, January 14, 2011 8:50 AM
>>>>> To: Jeff Cleveland
>>>>> Cc: tbo...@li...
>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
>>>>>
>>>>> Although there are some distinct error codes for locality access
>>>>> problems, you might check whether the Linux TPM driver is active.  If
>>>>> the TPM has an active locality (which would be locality 1 with Linux's
>>>>> tpm_tis), then SENTER will not succeed.  The easiest way to test if
>>>>> this makes a difference is to boot Linux without loading tpm_tis, then
>>>>> try a Flicker session, and see if it makes any difference.
>>>>>
>>>>> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in
>>>>> flicker.h is too small in flicker-0.2.  I generally use 64K instead of
>>>>> 32K these days.  Unfortunately the error handling in flicker-0.2 just
>>>>> prints a small warning message and blindly keeps going with an
>>>>> incomplete SINIT module if the buffer is too small.  However, I would
>>>>> expect that you would observe a different failure mode under those
>>>>> conditions.
>>>>>
>>>>> Hope this helps,
>>>>> -Jon
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...>   wrote:
>>>>>           
>>>>>> Hi list,
>>>>>>
>>>>>> My question stems from a TXT error I'm getting while trying to run
>>>>>> Flicker. I have a dual core i5 laptop I'm testing on and using the sinit
>>>>>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer
>>>>>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses
>>>>>> as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt
>>>>>> that is "TPM PCR 17 was not properly initialized"
>>>>>>
>>>>>> The MLE Software Development Guide is pretty clear on how PCR 17 should
>>>>>> be initialized, and yet I can't find in the Flicker or tboot source code
>>>>>> where this initialization is happening. I was hoping to use the tboot
>>>>>> source as a reference because on this machine GETSEC[SENTER] does
>>>>>> successfully execute when I try launching tboot (loading the operating
>>>>>> system fails afterwards but I believe thats a kernel configuration issue
>>>>>> I haven't fixed yet).
>>>>>>
>>>>>> Any advice or pointers to where tboot initializes PCR 17 would be
>>>>>> greatly appreciated.
>>>>>>
>>>>>> Thanks,
>>>>>> Jeff
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Protect Your Site and Customers from Malware Attacks
>>>>>> Learn about various malware tactics and how to avoid them. Understand
>>>>>> malware threats, the impact they can have on your business, and how you
>>>>>> can protect your company and customers by using code signing.
>>>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>>>> _______________________________________________
>>>>>> tboot-devel mailing list
>>>>>> tbo...@li...
>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>>
>>>>>>             
>>>>> ------------------------------------------------------------------------------
>>>>> Protect Your Site and Customers from Malware Attacks
>>>>> Learn about various malware tactics and how to avoid them. Understand
>>>>> malware threats, the impact they can have on your business, and how you
>>>>> can protect your company and customers by using code signing.
>>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>>> _______________________________________________
>>>>> tboot-devel mailing list
>>>>> tbo...@li...
>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>           
>>> --
>>> Jeff Cleveland
>>> Raytheon - BBN Technologies
>>> 617-873-2515
>>> jcl...@bb...
>>>       
>
>
>   

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Jeff C. <jcl...@bb...>]

Thanks for the suggestion, unfortunately installing the newest TPM FW 
has not made a difference.

Jeff

On 01/14/2011 02:59 PM, Cihula, Joseph wrote:
> You should make sure that your TPM FW is the latest version, which you can get from: http://support.dell.com/support/downloads/download.aspx?c=us&cs=08W&l=en&s=bsdv&releaseid=R267128&SystemID=LAT_E4310&servicetag=&os=W732&osl=en&deviceid=21505&devlib=0&typecnt=0&vercnt=1&catid=-1&impid=-1&formatcnt=0&libid=60&typeid=-1&dateid=-1&formatid=-1&source=-1&fileid=392801
>
> Joe
>
>> -----Original Message-----
>> From: Jeff Cleveland [mailto:jcl...@bb...]
>> Sent: Friday, January 14, 2011 9:53 AM
>> To: Cihula, Joseph
>> Cc: Jonathan McCune; tbo...@li...
>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
>>
>> The system is a Dell Latitude E4310 and the TPM is manufactured by Broadcom.
>>
>> Jeff
>>
>> On 01/14/2011 12:24 PM, Cihula, Joseph wrote:
>>> What model system is this and who is the TPM manufactured by?
>>>
>>> Joe
>>>
>>>> -----Original Message-----
>>>> From: Jonathan McCune [mailto:jon...@cm...]
>>>> Sent: Friday, January 14, 2011 8:50 AM
>>>> To: Jeff Cleveland
>>>> Cc: tbo...@li...
>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
>>>>
>>>> Although there are some distinct error codes for locality access
>>>> problems, you might check whether the Linux TPM driver is active.  If
>>>> the TPM has an active locality (which would be locality 1 with Linux's
>>>> tpm_tis), then SENTER will not succeed.  The easiest way to test if
>>>> this makes a difference is to boot Linux without loading tpm_tis, then
>>>> try a Flicker session, and see if it makes any difference.
>>>>
>>>> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in
>>>> flicker.h is too small in flicker-0.2.  I generally use 64K instead of
>>>> 32K these days.  Unfortunately the error handling in flicker-0.2 just
>>>> prints a small warning message and blindly keeps going with an
>>>> incomplete SINIT module if the buffer is too small.  However, I would
>>>> expect that you would observe a different failure mode under those
>>>> conditions.
>>>>
>>>> Hope this helps,
>>>> -Jon
>>>>
>>>>
>>>>
>>>> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...>   wrote:
>>>>> Hi list,
>>>>>
>>>>> My question stems from a TXT error I'm getting while trying to run
>>>>> Flicker. I have a dual core i5 laptop I'm testing on and using the sinit
>>>>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer
>>>>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses
>>>>> as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt
>>>>> that is "TPM PCR 17 was not properly initialized"
>>>>>
>>>>> The MLE Software Development Guide is pretty clear on how PCR 17 should
>>>>> be initialized, and yet I can't find in the Flicker or tboot source code
>>>>> where this initialization is happening. I was hoping to use the tboot
>>>>> source as a reference because on this machine GETSEC[SENTER] does
>>>>> successfully execute when I try launching tboot (loading the operating
>>>>> system fails afterwards but I believe thats a kernel configuration issue
>>>>> I haven't fixed yet).
>>>>>
>>>>> Any advice or pointers to where tboot initializes PCR 17 would be
>>>>> greatly appreciated.
>>>>>
>>>>> Thanks,
>>>>> Jeff
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Protect Your Site and Customers from Malware Attacks
>>>>> Learn about various malware tactics and how to avoid them. Understand
>>>>> malware threats, the impact they can have on your business, and how you
>>>>> can protect your company and customers by using code signing.
>>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>>> _______________________________________________
>>>>> tboot-devel mailing list
>>>>> tbo...@li...
>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>
>>>> ------------------------------------------------------------------------------
>>>> Protect Your Site and Customers from Malware Attacks
>>>> Learn about various malware tactics and how to avoid them. Understand
>>>> malware threats, the impact they can have on your business, and how you
>>>> can protect your company and customers by using code signing.
>>>> http://p.sf.net/sfu/oracle-sfdevnl
>>>> _______________________________________________
>>>> tboot-devel mailing list
>>>> tbo...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>
>> --
>> Jeff Cleveland
>> Raytheon - BBN Technologies
>> 617-873-2515
>> jcl...@bb...


-- 
Jeff Cleveland
Raytheon - BBN Technologies
617-873-2515
jcl...@bb...

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Cihula, J. <jos...@in...>]

You should make sure that your TPM FW is the latest version, which you can get from: http://support.dell.com/support/downloads/download.aspx?c=us&cs=08W&l=en&s=bsdv&releaseid=R267128&SystemID=LAT_E4310&servicetag=&os=W732&osl=en&deviceid=21505&devlib=0&typecnt=0&vercnt=1&catid=-1&impid=-1&formatcnt=0&libid=60&typeid=-1&dateid=-1&formatid=-1&source=-1&fileid=392801

Joe

> -----Original Message-----
> From: Jeff Cleveland [mailto:jcl...@bb...]
> Sent: Friday, January 14, 2011 9:53 AM
> To: Cihula, Joseph
> Cc: Jonathan McCune; tbo...@li...
> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
> 
> The system is a Dell Latitude E4310 and the TPM is manufactured by Broadcom.
> 
> Jeff
> 
> On 01/14/2011 12:24 PM, Cihula, Joseph wrote:
> > What model system is this and who is the TPM manufactured by?
> >
> > Joe
> >
> >> -----Original Message-----
> >> From: Jonathan McCune [mailto:jon...@cm...]
> >> Sent: Friday, January 14, 2011 8:50 AM
> >> To: Jeff Cleveland
> >> Cc: tbo...@li...
> >> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
> >>
> >> Although there are some distinct error codes for locality access
> >> problems, you might check whether the Linux TPM driver is active.  If
> >> the TPM has an active locality (which would be locality 1 with Linux's
> >> tpm_tis), then SENTER will not succeed.  The easiest way to test if
> >> this makes a difference is to boot Linux without loading tpm_tis, then
> >> try a Flicker session, and see if it makes any difference.
> >>
> >> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in
> >> flicker.h is too small in flicker-0.2.  I generally use 64K instead of
> >> 32K these days.  Unfortunately the error handling in flicker-0.2 just
> >> prints a small warning message and blindly keeps going with an
> >> incomplete SINIT module if the buffer is too small.  However, I would
> >> expect that you would observe a different failure mode under those
> >> conditions.
> >>
> >> Hope this helps,
> >> -Jon
> >>
> >>
> >>
> >> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...>  wrote:
> >>> Hi list,
> >>>
> >>> My question stems from a TXT error I'm getting while trying to run
> >>> Flicker. I have a dual core i5 laptop I'm testing on and using the sinit
> >>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer
> >>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses
> >>> as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt
> >>> that is "TPM PCR 17 was not properly initialized"
> >>>
> >>> The MLE Software Development Guide is pretty clear on how PCR 17 should
> >>> be initialized, and yet I can't find in the Flicker or tboot source code
> >>> where this initialization is happening. I was hoping to use the tboot
> >>> source as a reference because on this machine GETSEC[SENTER] does
> >>> successfully execute when I try launching tboot (loading the operating
> >>> system fails afterwards but I believe thats a kernel configuration issue
> >>> I haven't fixed yet).
> >>>
> >>> Any advice or pointers to where tboot initializes PCR 17 would be
> >>> greatly appreciated.
> >>>
> >>> Thanks,
> >>> Jeff
> >>>
> >>> ------------------------------------------------------------------------------
> >>> Protect Your Site and Customers from Malware Attacks
> >>> Learn about various malware tactics and how to avoid them. Understand
> >>> malware threats, the impact they can have on your business, and how you
> >>> can protect your company and customers by using code signing.
> >>> http://p.sf.net/sfu/oracle-sfdevnl
> >>> _______________________________________________
> >>> tboot-devel mailing list
> >>> tbo...@li...
> >>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> >>>
> >> ------------------------------------------------------------------------------
> >> Protect Your Site and Customers from Malware Attacks
> >> Learn about various malware tactics and how to avoid them. Understand
> >> malware threats, the impact they can have on your business, and how you
> >> can protect your company and customers by using code signing.
> >> http://p.sf.net/sfu/oracle-sfdevnl
> >> _______________________________________________
> >> tboot-devel mailing list
> >> tbo...@li...
> >> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> 
> 
> --
> Jeff Cleveland
> Raytheon - BBN Technologies
> 617-873-2515
> jcl...@bb...

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Jeff C. <jcl...@bb...>]

I do not believe the tpm_tis driver was loaded, however if I do load the 
module I get the same error code.

It does seem the TPM has an active locality. I'm getting the debug 
output from this snippet of code in tpm.c:

     /*
      * must ensure TPM_ACCESS_0.activeLocality bit is clear
      * (: locality is not active)
      */
     read_tpm_reg(locality, TPM_REG_ACCESS,&reg_acc);
     if ( reg_acc.active_locality != 0 ) {
         dbg("(in tpm.c) reg_acc.active_locality != 0\n");
         /* make inactive by writing a 1 */
         reg_acc.active_locality = 1;
         write_tpm_reg(locality, TPM_REG_ACCESS,&reg_acc);
     }

At this point in the code before it enters the if statement and after it 
exits it reg_acc.active_locality is 1. I changed the line

         reg_acc.active_locality = 1;

to

         reg_acc.active_locality = 0;

but even after doing this the value of active_locality is 1. My guess is 
that there is something else I need to do to make it inactive.

Thanks for the help, this has given me more of a direction to focus on.
-Jeff

On 01/14/2011 11:50 AM, Jonathan McCune wrote:
> Although there are some distinct error codes for locality access
> problems, you might check whether the Linux TPM driver is active.  If
> the TPM has an active locality (which would be locality 1 with Linux's
> tpm_tis), then SENTER will not succeed.  The easiest way to test if
> this makes a difference is to boot Linux without loading tpm_tis, then
> try a Flicker session, and see if it makes any difference.
>
> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in
> flicker.h is too small in flicker-0.2.  I generally use 64K instead of
> 32K these days.  Unfortunately the error handling in flicker-0.2 just
> prints a small warning message and blindly keeps going with an
> incomplete SINIT module if the buffer is too small.  However, I would
> expect that you would observe a different failure mode under those
> conditions.
>
> Hope this helps,
> -Jon
>
>
>
> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...>  wrote:
>> Hi list,
>>
>> My question stems from a TXT error I'm getting while trying to run
>> Flicker. I have a dual core i5 laptop I'm testing on and using the sinit
>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer
>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses
>> as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt
>> that is "TPM PCR 17 was not properly initialized"
>>
>> The MLE Software Development Guide is pretty clear on how PCR 17 should
>> be initialized, and yet I can't find in the Flicker or tboot source code
>> where this initialization is happening. I was hoping to use the tboot
>> source as a reference because on this machine GETSEC[SENTER] does
>> successfully execute when I try launching tboot (loading the operating
>> system fails afterwards but I believe thats a kernel configuration issue
>> I haven't fixed yet).
>>
>> Any advice or pointers to where tboot initializes PCR 17 would be
>> greatly appreciated.
>>
>> Thanks,
>> Jeff
>>
>> ------------------------------------------------------------------------------
>> Protect Your Site and Customers from Malware Attacks
>> Learn about various malware tactics and how to avoid them. Understand
>> malware threats, the impact they can have on your business, and how you
>> can protect your company and customers by using code signing.
>> http://p.sf.net/sfu/oracle-sfdevnl
>> _______________________________________________
>> tboot-devel mailing list
>> tbo...@li...
>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>


-- 
Jeff Cleveland
Raytheon - BBN Technologies
617-873-2515
jcl...@bb...

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Jeff C. <jcl...@bb...>]

The system is a Dell Latitude E4310 and the TPM is manufactured by Broadcom.

Jeff

On 01/14/2011 12:24 PM, Cihula, Joseph wrote:
> What model system is this and who is the TPM manufactured by?
>
> Joe
>
>> -----Original Message-----
>> From: Jonathan McCune [mailto:jon...@cm...]
>> Sent: Friday, January 14, 2011 8:50 AM
>> To: Jeff Cleveland
>> Cc: tbo...@li...
>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
>>
>> Although there are some distinct error codes for locality access
>> problems, you might check whether the Linux TPM driver is active.  If
>> the TPM has an active locality (which would be locality 1 with Linux's
>> tpm_tis), then SENTER will not succeed.  The easiest way to test if
>> this makes a difference is to boot Linux without loading tpm_tis, then
>> try a Flicker session, and see if it makes any difference.
>>
>> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in
>> flicker.h is too small in flicker-0.2.  I generally use 64K instead of
>> 32K these days.  Unfortunately the error handling in flicker-0.2 just
>> prints a small warning message and blindly keeps going with an
>> incomplete SINIT module if the buffer is too small.  However, I would
>> expect that you would observe a different failure mode under those
>> conditions.
>>
>> Hope this helps,
>> -Jon
>>
>>
>>
>> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jcl...@bb...>  wrote:
>>> Hi list,
>>>
>>> My question stems from a TXT error I'm getting while trying to run
>>> Flicker. I have a dual core i5 laptop I'm testing on and using the sinit
>>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer
>>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses
>>> as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt
>>> that is "TPM PCR 17 was not properly initialized"
>>>
>>> The MLE Software Development Guide is pretty clear on how PCR 17 should
>>> be initialized, and yet I can't find in the Flicker or tboot source code
>>> where this initialization is happening. I was hoping to use the tboot
>>> source as a reference because on this machine GETSEC[SENTER] does
>>> successfully execute when I try launching tboot (loading the operating
>>> system fails afterwards but I believe thats a kernel configuration issue
>>> I haven't fixed yet).
>>>
>>> Any advice or pointers to where tboot initializes PCR 17 would be
>>> greatly appreciated.
>>>
>>> Thanks,
>>> Jeff
>>>
>>> ------------------------------------------------------------------------------
>>> Protect Your Site and Customers from Malware Attacks
>>> Learn about various malware tactics and how to avoid them. Understand
>>> malware threats, the impact they can have on your business, and how you
>>> can protect your company and customers by using code signing.
>>> http://p.sf.net/sfu/oracle-sfdevnl
>>> _______________________________________________
>>> tboot-devel mailing list
>>> tbo...@li...
>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>
>> ------------------------------------------------------------------------------
>> Protect Your Site and Customers from Malware Attacks
>> Learn about various malware tactics and how to avoid them. Understand
>> malware threats, the impact they can have on your business, and how you
>> can protect your company and customers by using code signing.
>> http://p.sf.net/sfu/oracle-sfdevnl
>> _______________________________________________
>> tboot-devel mailing list
>> tbo...@li...
>> https://lists.sourceforge.net/lists/listinfo/tboot-devel


-- 
Jeff Cleveland
Raytheon - BBN Technologies
617-873-2515
jcl...@bb...

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Cihula, J. <jos...@in...>]

What model system is this and who is the TPM manufactured by?

Joe

> -----Original Message-----
> From: Jonathan McCune [mailto:jon...@cm...]
> Sent: Friday, January 14, 2011 8:50 AM
> To: Jeff Cleveland
> Cc: tbo...@li...
> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)
> 
> Although there are some distinct error codes for locality access
> problems, you might check whether the Linux TPM driver is active.  If
> the TPM has an active locality (which would be locality 1 with Linux's
> tpm_tis), then SENTER will not succeed.  The easiest way to test if
> this makes a difference is to boot Linux without loading tpm_tis, then
> try a Flicker session, and see if it makes any difference.
> 
> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in
> flicker.h is too small in flicker-0.2.  I generally use 64K instead of
> 32K these days.  Unfortunately the error handling in flicker-0.2 just
> prints a small warning message and blindly keeps going with an
> incomplete SINIT module if the buffer is too small.  However, I would
> expect that you would observe a different failure mode under those
> conditions.
> 
> Hope this helps,
> -Jon
> 
> 
> 
> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland <jcl...@bb...> wrote:
> > Hi list,
> >
> > My question stems from a TXT error I'm getting while trying to run
> > Flicker. I have a dual core i5 laptop I'm testing on and using the sinit
> > module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer
> > reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses
> > as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt
> > that is "TPM PCR 17 was not properly initialized"
> >
> > The MLE Software Development Guide is pretty clear on how PCR 17 should
> > be initialized, and yet I can't find in the Flicker or tboot source code
> > where this initialization is happening. I was hoping to use the tboot
> > source as a reference because on this machine GETSEC[SENTER] does
> > successfully execute when I try launching tboot (loading the operating
> > system fails afterwards but I believe thats a kernel configuration issue
> > I haven't fixed yet).
> >
> > Any advice or pointers to where tboot initializes PCR 17 would be
> > greatly appreciated.
> >
> > Thanks,
> > Jeff
> >
> > ------------------------------------------------------------------------------
> > Protect Your Site and Customers from Malware Attacks
> > Learn about various malware tactics and how to avoid them. Understand
> > malware threats, the impact they can have on your business, and how you
> > can protect your company and customers by using code signing.
> > http://p.sf.net/sfu/oracle-sfdevnl
> > _______________________________________________
> > tboot-devel mailing list
> > tbo...@li...
> > https://lists.sourceforge.net/lists/listinfo/tboot-devel
> >
> 
> ------------------------------------------------------------------------------
> Protect Your Site and Customers from Malware Attacks
> Learn about various malware tactics and how to avoid them. Understand
> malware threats, the impact they can have on your business, and how you
> can protect your company and customers by using code signing.
> http://p.sf.net/sfu/oracle-sfdevnl
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel

Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Jonathan M. <jon...@cm...>]

Although there are some distinct error codes for locality access
problems, you might check whether the Linux TPM driver is active.  If
the TPM has an active locality (which would be locality 1 with Linux's
tpm_tis), then SENTER will not succeed.  The easiest way to test if
this makes a difference is to boot Linux without loading tpm_tis, then
try a Flicker session, and see if it makes any difference.

Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined in
flicker.h is too small in flicker-0.2.  I generally use 64K instead of
32K these days.  Unfortunately the error handling in flicker-0.2 just
prints a small warning message and blindly keeps going with an
incomplete SINIT module if the buffer is too small.  However, I would
expect that you would observe a different failure mode under those
conditions.

Hope this helps,
-Jon



On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland <jcl...@bb...> wrote:
> Hi list,
>
> My question stems from a TXT error I'm getting while trying to run
> Flicker. I have a dual core i5 laptop I'm testing on and using the sinit
> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer
> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses
> as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt
> that is "TPM PCR 17 was not properly initialized"
>
> The MLE Software Development Guide is pretty clear on how PCR 17 should
> be initialized, and yet I can't find in the Flicker or tboot source code
> where this initialization is happening. I was hoping to use the tboot
> source as a reference because on this machine GETSEC[SENTER] does
> successfully execute when I try launching tboot (loading the operating
> system fails afterwards but I believe thats a kernel configuration issue
> I haven't fixed yet).
>
> Any advice or pointers to where tboot initializes PCR 17 would be
> greatly appreciated.
>
> Thanks,
> Jeff
>
> ------------------------------------------------------------------------------
> Protect Your Site and Customers from Malware Attacks
> Learn about various malware tactics and how to avoid them. Understand
> malware threats, the impact they can have on your business, and how you
> can protect your company and customers by using code signing.
> http://p.sf.net/sfu/oracle-sfdevnl
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>

[tboot-devel] TPM PCR 17 was not properly initialized (flicker)

[Jeff C. <jcl...@bb...>]

Hi list,

My question stems from a TXT error I'm getting while trying to run 
Flicker. I have a dual core i5 laptop I'm testing on and using the sinit 
module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my computer 
reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which parses 
as acm_type=1, progress=0d, error=f, and according to sinit_errors.txt 
that is "TPM PCR 17 was not properly initialized"

The MLE Software Development Guide is pretty clear on how PCR 17 should 
be initialized, and yet I can't find in the Flicker or tboot source code 
where this initialization is happening. I was hoping to use the tboot 
source as a reference because on this machine GETSEC[SENTER] does 
successfully execute when I try launching tboot (loading the operating 
system fails afterwards but I believe thats a kernel configuration issue 
I haven't fixed yet).

Any advice or pointers to where tboot initializes PCR 17 would be 
greatly appreciated.

Thanks,
Jeff

[tboot-devel] SS, DS and other registers in the MLE runtime environment

[Jonathan M. <jon...@cm...>]

Hi all,

Some observations and questions below.  Answers would be great, but I
also feel compelled to make some of this information available in case
others find it useful.  Happy reading!

I am writing in regard to some ambiguities in the MLE Developer's
Guide and in Chapter 6 (Safer Mode Extensions Reference) of Volume 2B
of the Intel Software Developer's Manual. I have been launching my MLE
using the i5_i7_DUAL_SINIT_18.BIN.  In particular, I am interested in
a position-independent MLE that does not know its base address until
runtime.  I am trying to avoid "patching" the MLE any more than
necessary prior to launch as this complicates verification of correct
PCR values.

The Intel MLE Developer's guide's Listing 7: MLE Initialization
Pseudocode is written for an MLE that knows its runtime base address
and immediately enables paging.  Another important set of requirements
are for a relocatable MLE that does not immediately enable paging.

Chapter 6 of Volume 2B of the Intel Software Developer's Manual (Safer
Mode Extensions Reference) describes the runtime environment for the
MLE:

"The SENTER leaf function also initializes some processor architecture
state for the ILP from contents held in the header of the
authenticated code module. Since the authenticated code module is
relocatable, all address references are relative to the base address
passed in via EBX. The ILP GDTR base value is initialized to EBX +
[GDTBasePtr] and GDTR limit set to [GDTLimit]. The CS selector is
initialized to the value held in the AC module header field SegSel,
while the DS, SS, and ES selectors are initialized to CS+8. The
segment descriptor fields are initialized implicitly with BASE=0,
LIMIT=FFFFFh, G=1, D=1, P=1, S=1, read/write/accessed for DS, SS, and
ES, while execute/read/accessed for CS. Execution in the authenticated
code module for the ILP begins with the EIP set to EBX + [EntryPoint].
AC module defined fields used for initializing processor state are
consistency checked with a failure resulting in an TXT-shutdown
condition."

This is somewhat troubling, as it sounds as though an MLE writer who
wishes to write a position-independent MLE, especially one that does
not immediately enable paging, is somewhat dependent on the
"left-overs" of the SINIT module.  There does not seem to be much of a
"contract" regarding what the SINIT module must provide.  Table 6-6 in
Ch 6 Vol 2B comes close, stating that EBX should contain an unchanged
SINIT.BASE, and that EBP should also contain SINIT.BASE.  The above
paragraph also suggests that CS, DS, and SS will all be flat 4GB
segments.

My observations contradict this.  I have been unable to easily
determine precisely what the base of the stack segment descriptor is,
but it does not appear to be 0.  I can push and pop values, but using
the SS segment-override prefix has not allowed me to reference memory
in a sane way.  Dumping the GDT from within the SINIT binary file
prior to launch, all entries do appear to be flat 4GB, so I am not
sure why I observe strange behavior with SS.  Does the SINIT module
dynamically change the base for the stack segment descriptor at
runtime?  DS and CS do seem to be flat, and they work as expected.
EBP does seem to contain SINIT.BASE, but EBX contains the MLE Entry
Point on my system, not SINIT.BASE as suggested by Table 6-6.  Is this
an error in the Table?

ECX appears to point to the base of the MLE page tables, which I
believe is a feature supported by only *some* SINIT modules.

To distill out some specific questions:

1. Is the entry in Table 6-6 for the value of EBX following SENTER
incorrect?  Should it instead read [EntryPoint from MLE Header]?
2. Will all future SINIT modules set ECX to be the MLE page table base
address? I realize GETSEC[CAPABILITIES] may enable me to infer this
prior to invoking SENTER, but if the check fails it's still somewhat
unsatisfying.
3. What is going on with the stack segment descriptor following
SENTER?  I am afraid of clobbering unknown addresses by pushing and
popping values before reloading a GDT, etc.  ESP is initialized to
0x20000 (128K), which seems like a fairly reasonable default for an
MLE.  Or is this leftover from SINIT?  Is SS set with the base address
of the SINIT environment?

I have *not* yet tried to store the GDTR prior to reloading it and
lookup the active GDT upon entry into the MLE.  This may be one route
to provide an answer to question 3, however I'm hoping to avoid having
to reverse-engineer it.

Many thanks!
-Jon

Re: [tboot-devel] Problem in desktop display with TBOOT & Custom Kernel (FC13)

[Martin P. <Mar...@ia...>]

Cihula, Joseph wrote:
>> From: 黄文超 [mailto:hua...@gm...]
>> Sent: Tuesday, October 12, 2010 8:20 AM
>> I'm facing with the similar problem as yours:
>> (My laptop is X201)
>>
>>  " It boots properly and shows TBOOT messages during boot but it does
>> not shows proper desktop/display. It shows some square boxes/lines on
>> my display. Cursor is square box which i was able to move it.".
> 
> You should try the latest 2.6.36 kernel, which contains fixes for this issue.


A fresh kernel, another try:
Tboot-ing 2.6.36.1 on a X201s:

Issues:
* Upon Intel KMS framebuffer activation the display gets messed up.
* 45s kernel boot hang/delay[1] (only in TXT mode) still present

Thus, this current generation platform is still unuseable for TXT development
:-/

Martin


[1] http://lkml.indiana.edu/hypermail//linux/kernel/1008.2/02892.html

Re: [tboot-devel] tboot error

[Cihula, J. <jos...@in...>]

Some BIOSes may not have a an option to enable VT-d and may either always enable it or tie it to VT.

After enabling VT and the TPM (which should then allow you to enable TXT), give tboot another try and see if you still get an error.  And if you get a reset after “executing GETSEC[SENTER]…” then let it reboot and execute tboot again, saving the serial output from both boots (tboot will print the TXT.ERRORCODE when it runs).

Joe

From: Wang, Shane [mailto:sha...@in...]
Sent: Monday, November 22, 2010 10:44 PM
To: Prashant Kulkarni; tbo...@li...
Subject: Re: [tboot-devel] tboot error

Yes, VT-d is required to run tboot.

Please check other menus like PCI device, North Bridge, etc to see whether you can find VT-d option.

Thanks.
Shane
________________________________
From: Prashant Kulkarni [mailto:pra...@gm...]
Sent: 2010年11月23日 13:16
To: Wang, Shane; tbo...@li...
Subject: Re: [tboot-devel] tboot error
Thank you very much for the quick response.

 i enabled the following feature in BIOS

a) Embedded Security Device Support
b) Virtualization Technology  (VT- X)

but there is no option for Virtualization Technology Directed I/O (VT- D)

so my doubt is Virtualization Technology Directed I/O (VT- D) is it required to install tboot ?


-- Prashant Kulkarni


2010/11/23 Wang, Shane <sha...@in...<mailto:sha...@in...>>
Please check your BIOS.

It seems your BIOS has disabled TXT. If so, enable it.

Thanks.
Shane
________________________________
From: Prashant Kulkarni [mailto:pra...@gm...<mailto:pra...@gm...>]
Sent: 2010年11月22日 14:45
To: tbo...@li...<mailto:tbo...@li...>
Subject: [tboot-devel] tboot error
Hello all,

I am trying installing tboot, but I have several problems. My PC is HP Compaq 6000 Pro microtower ("Intel Core-2-due E8400 processor" and "Intel Q43 chipset")  with Fedora 13.

I have downloaded SINIT(Q45_Q43_SINIT_19.BIN) and tboot-20101005.tar.gz.

I compiled the "tboot-20101005" sorce code and  following is my grub.conf I have modified.

title Fedora (2.6.36 )
    root (hd0,0)
    kernel /tboot.gz logging=serial,vga,memory
    module /vmlinuz-2.6.36 ro root=LABEL=/ rhgb quiet intel_iommu=on console=ttyS0,115200
    module /initrd-2.6.36.img
    module /Q45_Q43_SINIT_19.BIN


But I am getting following error message whenever booting this kernel,


TBOOT:mod_num:0
TBOOT:PCR:None
TBOOT:hash_Type:TB_HType_Any
TBOOT:num hashesh:0
TBOOT:policy entry [1]
TBOOT:mod_num any
TBOOT:pcr:19
TBOOT:hash_Type:TB_HType_Any
TBOOT:num_hashesh:0
TBOOT:TPM: Write n11 20000002, offset 000000,000004 bytes return=000000
TBOOT:CPU is SMX_capable
TBOOT:Error:SENTERT disabled by feature control MSR(d)
TBOOT:SMX not supported
TBOOT:no LCP Module found
TBOOT:Error: ELF margin number not matched
TBOOT:Assuming kernel is linux format
TBOOT:initrd from 0x7b208000 to 0x7b9a1400
TBOOT:kernel (procted mode) from 0x0c000000 to 0xf415c0
TBOOT:kernel (real mode) from 0x90000 to 0x94200
TBOOT:Trasfering control to kernel !0xc00000


Can someone help me solve this problem?
Do you have any suggestions?

Thanks very much.


-- Prashant Kulkarni

Re: [tboot-devel] tboot error

[Wang, S. <sha...@in...>]

Yes, VT-d is required to run tboot.

Please check other menus like PCI device, North Bridge, etc to see whether you can find VT-d option.

Thanks.
Shane
________________________________
From: Prashant Kulkarni [mailto:pra...@gm...]
Sent: 2010年11月23日 13:16
To: Wang, Shane; tbo...@li...
Subject: Re: [tboot-devel] tboot error

Thank you very much for the quick response.

 i enabled the following feature in BIOS

a) Embedded Security Device Support
b) Virtualization Technology  (VT- X)

but there is no option for Virtualization Technology Directed I/O (VT- D)

so my doubt is Virtualization Technology Directed I/O (VT- D) is it required to install tboot ?


-- Prashant Kulkarni




2010/11/23 Wang, Shane <sha...@in...<mailto:sha...@in...>>
Please check your BIOS.

It seems your BIOS has disabled TXT. If so, enable it.

Thanks.
Shane
________________________________
From: Prashant Kulkarni [mailto:pra...@gm...<mailto:pra...@gm...>]
Sent: 2010年11月22日 14:45
To: tbo...@li...<mailto:tbo...@li...>
Subject: [tboot-devel] tboot error

Hello all,

I am trying installing tboot, but I have several problems. My PC is HP Compaq 6000 Pro microtower ("Intel Core-2-due E8400 processor" and "Intel Q43 chipset")  with Fedora 13.

I have downloaded SINIT(Q45_Q43_SINIT_19.BIN) and tboot-20101005.tar.gz.

I compiled the "tboot-20101005" sorce code and  following is my grub.conf I have modified.

title Fedora (2.6.36 )
    root (hd0,0)
    kernel /tboot.gz logging=serial,vga,memory
    module /vmlinuz-2.6.36 ro root=LABEL=/ rhgb quiet intel_iommu=on console=ttyS0,115200
    module /initrd-2.6.36.img
    module /Q45_Q43_SINIT_19.BIN


But I am getting following error message whenever booting this kernel,


TBOOT:mod_num:0
TBOOT:PCR:None
TBOOT:hash_Type:TB_HType_Any
TBOOT:num hashesh:0
TBOOT:policy entry [1]
TBOOT:mod_num any
TBOOT:pcr:19
TBOOT:hash_Type:TB_HType_Any
TBOOT:num_hashesh:0
TBOOT:TPM: Write n11 20000002, offset 000000,000004 bytes return=000000
TBOOT:CPU is SMX_capable
TBOOT:Error:SENTERT disabled by feature control MSR(d)
TBOOT:SMX not supported
TBOOT:no LCP Module found
TBOOT:Error: ELF margin number not matched
TBOOT:Assuming kernel is linux format
TBOOT:initrd from 0x7b208000 to 0x7b9a1400
TBOOT:kernel (procted mode) from 0x0c000000 to 0xf415c0
TBOOT:kernel (real mode) from 0x90000 to 0x94200
TBOOT:Trasfering control to kernel !0xc00000


Can someone help me solve this problem?
Do you have any suggestions?

Thanks very much.


-- Prashant Kulkarni

Re: [tboot-devel] tboot error

[Prashant K. <pra...@gm...>]

Thank you very much for the quick response.

 i enabled the following feature in BIOS

a) Embedded Security Device Support
b) Virtualization Technology  (VT- X)

*but there is no option for Virtualization Technology Directed I/O (VT- D)

*so my doubt is *Virtualization Technology Directed I/O (VT- D) *is it
required to install tboot ?


-- Prashant Kulkarni




2010/11/23 Wang, Shane <sha...@in...>

>  Please check your BIOS.
>
> It seems your BIOS has disabled TXT. If so, enable it.
>
> Thanks.
> Shane
>  ------------------------------
> *From:* Prashant Kulkarni [mailto:pra...@gm...]
> *Sent:* 2010年11月22日 14:45
> *To:* tbo...@li...
> *Subject:* [tboot-devel] tboot error
>
>  Hello all,
>
> I am trying installing tboot, but I have several problems. My PC is HP
> Compaq 6000 Pro microtower ("Intel Core-2-due E8400 processor" and "Intel
> Q43 chipset")  with Fedora 13.
>
> I have downloaded SINIT(Q45_Q43_SINIT_19.BIN) and tboot-20101005.tar.gz.
>
> I compiled the "tboot-20101005" sorce code and  following is my grub.conf I
> have modified.
>
> title Fedora (2.6.36 )
>     root (hd0,0)
>     kernel /tboot.gz logging=serial,vga,memory
>     module /vmlinuz-2.6.36 ro root=LABEL=/ rhgb quiet intel_iommu=on
> console=ttyS0,115200
>     module /initrd-2.6.36.img
>     module /Q45_Q43_SINIT_19.BIN
>
>
> But I am getting following error message whenever booting this kernel,
>
>
> TBOOT:mod_num:0
> TBOOT:PCR:None
> TBOOT:hash_Type:TB_HType_Any
> TBOOT:num hashesh:0
> TBOOT:policy entry [1]
> TBOOT:mod_num any
> TBOOT:pcr:19
> TBOOT:hash_Type:TB_HType_Any
> TBOOT:num_hashesh:0
> TBOOT:TPM: Write n11 20000002, offset 000000,000004 bytes return=000000
> TBOOT:CPU is SMX_capable
> TBOOT:Error:SENTERT disabled by feature control MSR(d)
> TBOOT:SMX not supported
> TBOOT:no LCP Module found
> TBOOT:Error: ELF margin number not matched
> TBOOT:Assuming kernel is linux format
> TBOOT:initrd from 0x7b208000 to 0x7b9a1400
> TBOOT:kernel (procted mode) from 0x0c000000 to 0xf415c0
> TBOOT:kernel (real mode) from 0x90000 to 0x94200
> TBOOT:Trasfering control to kernel !0xc00000
>
>
> Can someone help me solve this problem?
> Do you have any suggestions?
>
> Thanks very much.
>
>
> -- Prashant Kulkarni
>
>
>

Re: [tboot-devel] tboot error

[Wang, S. <sha...@in...>]

Please check your BIOS.

It seems your BIOS has disabled TXT. If so, enable it.

Thanks.
Shane
________________________________
From: Prashant Kulkarni [mailto:pra...@gm...]
Sent: 2010年11月22日 14:45
To: tbo...@li...
Subject: [tboot-devel] tboot error

Hello all,

I am trying installing tboot, but I have several problems. My PC is HP Compaq 6000 Pro microtower ("Intel Core-2-due E8400 processor" and "Intel Q43 chipset")  with Fedora 13.

I have downloaded SINIT(Q45_Q43_SINIT_19.BIN) and tboot-20101005.tar.gz.

I compiled the "tboot-20101005" sorce code and  following is my grub.conf I have modified.

title Fedora (2.6.36 )
    root (hd0,0)
    kernel /tboot.gz logging=serial,vga,memory
    module /vmlinuz-2.6.36 ro root=LABEL=/ rhgb quiet intel_iommu=on console=ttyS0,115200
    module /initrd-2.6.36.img
    module /Q45_Q43_SINIT_19.BIN


But I am getting following error message whenever booting this kernel,


TBOOT:mod_num:0
TBOOT:PCR:None
TBOOT:hash_Type:TB_HType_Any
TBOOT:num hashesh:0
TBOOT:policy entry [1]
TBOOT:mod_num any
TBOOT:pcr:19
TBOOT:hash_Type:TB_HType_Any
TBOOT:num_hashesh:0
TBOOT:TPM: Write n11 20000002, offset 000000,000004 bytes return=000000
TBOOT:CPU is SMX_capable
TBOOT:Error:SENTERT disabled by feature control MSR(d)
TBOOT:SMX not supported
TBOOT:no LCP Module found
TBOOT:Error: ELF margin number not matched
TBOOT:Assuming kernel is linux format
TBOOT:initrd from 0x7b208000 to 0x7b9a1400
TBOOT:kernel (procted mode) from 0x0c000000 to 0xf415c0
TBOOT:kernel (real mode) from 0x90000 to 0x94200
TBOOT:Trasfering control to kernel !0xc00000


Can someone help me solve this problem?
Do you have any suggestions?

Thanks very much.


-- Prashant Kulkarni