tboot-devel — Developer support

Re: [tboot-devel] tboot broke my laptop! (twice!)

[Wang, S. <sha...@in...>]

I am not sure. But the secret flag is not in the TPM NV.
There is no evidence to prove the reason should be the secret flag.
Since the laptop is broken, no further information (like BIOS) can be seen.
I am just suggesting to try ways to recover from it. And also, I have no idea
how to cut the power of TPM.

PS: We have tried on the same model and can't reproduce the issue.

Shane

Martin Thiim wrote:
> Just out of curiosity: Is the mentioned "secrets"-flag stored in the
> TPM NV storage? By the way, if it is a chipset register flag (as
> suggested in another mail) I don't see how it would be persisted
> across reboots.
> 
> The behaviour of the laptop suggests that at least something has been
> persisted somewhere... in BIOS flash memory or in TPM NV storage. I
> don't understand why this is necessary - is it so that the BIOS can
> clear memory thoroughly post boot, when there have been secrets in
> memory (to guard against coldboot attacks)? Also, does this imply that
> "flashings" take place on each entering/leaving TXT mode? This in
> itself might cause problems, since flash memory (or EEPROM which I
> think most TPM's use) has a limited number of erase/write-cycles and
> some use cases for TXT might involve frequent transitions back and
> forth.
> 
> It is always unfortunate when it is possible for software to render a
> machine inoperable. This could be exploited by viruses, using this as
> a mechanism for (permanently?) ruining the victim's computer. :/
> 
> Best regards,
> 
> Martin Thiim
> 
> On Tue, Sep 1, 2009 at 8:01 AM, Wang, Shane<sha...@in...>
> wrote: 
>> Hi Hal,
>> 
>> I hear If HP has a means of cutting the power to the TPM or keeping
>> it in reset then you could boot the machine and flash an updated
>> BIOS.  
>> 
>> Can you try to cut the power of TPM?
>> 
>> Thanks
>> Shane
>> 
>> Wang, Shane wrote:
>>> Hi all,
>>> 
>>> For Hal's question, I didn't get any message/hint to clear the flag
>>> and restore the laptop by removing the RTC battery. The flag should
>>> be in MSR register on the chipset.
>>> 
>>> Jon, did you succeed to restore your laptop? Or, does "no change"
>>> mean "fail"? 
>>> 
>>> Shane
>>> 
>>> Jonathan M. McCune wrote:
>>>> Hi Hal et al.,
>>>> 
>>>> When I had this problem on an 8530p, I tried the following
>>>> (unsuccessfully) to restore the machine to a state where it will
>>>> boot: 
>>>> 
>>>>  > 1. Remove memory on left slot (as shown in DIMM1.jpg) and
>>>> restart the unit. 
>>>> 
>>>> No change.
>>>> 
>>>>  > 2. Remove the memory on the right slot, replace it back and
>>>> restart the unit (keep the left slot still empty).
>>>> 
>>>> No change.
>>>> 
>>>>  > 3. Replace with memory on the right slot with another one that
>>>> has a different frequency (e.g. if you have 800Mhz DIMM replace it
>>>> with 667Mhz one). Keep the left slot still empty.
>>>> 
>>>> I don't have a DIMM of a different speed lying around.  I have one
>>>> other model of HP laptop but it takes the identical stuff.  I
>>>> tried it anyways. No change. 
>>>> 
>>>>  > 4. Remove the RTC battery (will find it next to DIMMs) and let
>>>> it stay there for a while. After that connect it back and restart
>>>> the unit. 
>>>> 
>>>> Left DIMM still out. I left the battery out for a few minutes and
>>>> tried booting up with it removed. No change.  I also removed the
>>>> CD-ROM drive and tried again. No change.
>>>> 
>>>> I left the battery out for about half hour, then put it back in,
>>>> then tried booting up with the left DIMM still removed. No change.
>>>> 
>>>> Cheers,
>>>> -Jon
>>>> 
>>>> 
>>>> Hal Finney wrote:
>>>>> Thanks very much for the responses. Unfortunately I can't give you
>>>>> the BIOS version because the machine is a brick. I am at a
>>>>> conference this week so it may take a few days to get it fixed.
>>>>> 
>>>>> The first time it broke I used the 20090330 version of tboot, with
>>>>> the latest SINIT downloaded from SourceForge. The second time,
>>>>> this past weekend, I believe I used tboot built from the
>>>>> mercurial tip, which I had downloaded moments before.
>>>>> 
>>>>> I am not sure how to proceed after I get my laptop fixed. I can
>>>>> tell you what BIOS version is in the new one, but I will be
>>>>> hesitant to do another run of tboot to see if it breaks it again.
>>>>> Last time, they replaced the motherboard, so I don't expect that
>>>>> the new BIOS version will necessarily be the same as the one that
>>>>> broke. 
>>>>> 
>>>>> As far as the hang, I believe it occured immediately after the
>>>>> GETSEC[SENTER]. The display went blank. The one thing I noticed,
>>>>> at least the second time, is that the disk drive light was
>>>>> flickering in a smooth, uniform pattern. Maybe 30 times a second,
>>>>> just flickering on and off uniformly. This kind of worried me as I
>>>>> wondered if the failure mode was trashing my disk. After a few
>>>>> seconds, I pressed and held the power button to turn the laptop
>>>>> off. Trying to turn it back on led to the problem I described,
>>>>> where it repeatedly turns itself back off (and back on).
>>>>> 
>>>>> One question, would you think that removing and replacing the RTC
>>>>> battery might clear enough internal state to let it boot? Any
>>>>> other interventions or resets that might be possible if I take
>>>>> the laptop apart somewhat? HP does have instructions to do so on
>>>>> the web site. 
>>>>> 
>>>>> Hal Finney
>>>>> 
>>>>> On Mon, Aug 17, 2009 at 6:18 PM, Wang, Shane<sha...@in...>
>>>>> wrote:
>>>>>> Hi Hal,
>>>>>> 
>>>>>> The reset behavior seems like it is due to the secret flag of
>>>>>> TXT. It looks like BIOS ACM does not clear the secret flag of
>>>>>> TXT when hang and reset happen. 
>>>>>> 
>>>>>> What version of SINIT and tboot are you using on that laptop?
>>>>>> What did you do to get hang? hang where?
>>>>>> 
>>>>>> I am trying to find where the root cause is.
>>>>>> 
>>>>>> Thanks.
>>>>>> Shane
>>>>>> 
>>>>>> Hal Finney wrote:
>>>>>>> I was traveling recently, and I wanted to do some experiments
>>>>>>> with TXT on the road, so I bought an HP laptop that supports the
>>>>>>> technology. It is an HP EliteBook 6930p. I got it set up with
>>>>>>> Linux and tboot, enabled TPM, VT and TXT, and tried booting
>>>>>>> tboot and a Linux kernel. 
>>>>>>> 
>>>>>>> Something went wrong. My laptop hung and I restarted it. But it
>>>>>>> didn't start properly. The power light and other lights came on,
>>>>>>> but the display did not light up. The fan started and disk began
>>>>>>> spinning, but after about a second, the whole thing powered
>>>>>>> down. The fan and disk stopped, and all of the lights went out.
>>>>>>> Then, after a few seconds, it turned itself back on. But once
>>>>>>> again, after starting the fan and disk, and before lighting the
>>>>>>> display, the laptop shut off. This cycle would repeat
>>>>>>> indefinitely, the laptop turning itself on and off. I have to
>>>>>>> make it stop by pressing and holding the power button.
>>>>>>> 
>>>>>>> In short, my laptop was completely broken and useless.
>>>>>>> 
>>>>>>> Fortunately, being new it was covered by HP's warranty. They
>>>>>>> talked me through the usual minor fixits on the phone, removing
>>>>>>> the disk and such, and nothing helped. They finally told me to
>>>>>>> take it to an authorized repair shop. The nearest one is 80
>>>>>>> miles away so it was not super convenient, but I did it.
>>>>>>> Unfortunately it meant that I was not able to take the laptop
>>>>>>> on my trip and was not able to do my experiments.
>>>>>>> 
>>>>>>> I got back this week and picked up my laptop from the repair
>>>>>>> shop. They had replaced the motherboard and it worked fine. So
>>>>>>> I tried again. I enabled the new TPM, got VT and TXT enabled,
>>>>>>> and tried launching tboot. 
>>>>>>> 
>>>>>>> It broke again.
>>>>>>> 
>>>>>>> Once again my laptop is useless. It repeatedly turns itself on
>>>>>>> and off, and does not even light up the display. It does not
>>>>>>> get far enough into BIOS to boot from a CD or any other medium.
>>>>>>> 
>>>>>>> I am a little worried about once again demanding that HP fix
>>>>>>> this machine under the terms of my warranty. I did not go into
>>>>>>> any detail about what I was doing when it broke the first time.
>>>>>>> In fact I thought it was probably just a defective machine; I
>>>>>>> did not necessarily connect it that much with tboot since I was
>>>>>>> just getting started with it and had only used it for an hour
>>>>>>> or so. But with the same thing happening twice now, it is clear
>>>>>>> that I am breaking it. And I am not running Windows, I am using
>>>>>>> experimental software, etc. Of course the machine is claimed to
>>>>>>> support TXT, so obviously it should not break from running
>>>>>>> tboot. But this is such a little-known and new technology that
>>>>>>> I'm sure only a few people at HP are familiar with it. I am not
>>>>>>> sure how to proceed with regard to the warranty. 
>>>>>>> 
>>>>>>> I wonder if anyone at HP reading this might be able to comment?
>>>>>>> It will not be good if HP laptops are turned into bricks by
>>>>>>> running tboot. 
>>>>>>> 
>>>>>>> Hal Finney
>>>>>>> 
>>>>>>> ------------------------------------------------------------------------------
>>>>>>> Let Crystal Reports handle the reporting - Free Crystal Reports
>>>>>>> 2008 30-Day trial. Simplify your report design, integration and
>>>>>>> deployment - and focus on what you do best, core application
>>>>>>> coding. Discover what's new with Crystal Reports now.
>>>>>>> http://p.sf.net/sfu/bobj-july
>>>>>>> _______________________________________________ 
>>>>>>> tboot-devel mailing list
>>>>>>> tbo...@li...
>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>> 
>>>>> 
>>>>> ------------------------------------------------------------------------------
>>>>> Let Crystal Reports handle the reporting - Free Crystal Reports
>>>>> 2008 30-Day trial. Simplify your report design, integration and
>>>>> deployment - and focus on what you do best, core application
>>>>> coding. Discover what's new with Crystal Reports now.
>>>>> http://p.sf.net/sfu/bobj-july
>>>>> _______________________________________________ 
>>>>> tboot-devel mailing list
>>>>> tbo...@li...
>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>> 
>>> 
>>> ------------------------------------------------------------------------------
>>> Let Crystal Reports handle the reporting - Free Crystal Reports
>>> 2008 30-Day trial. Simplify your report design, integration and
>>> deployment - and focus on what you do best, core application
>>> coding. Discover what's new with Crystal Reports now.
>>> http://p.sf.net/sfu/bobj-july
>>> _______________________________________________ 
>>> tboot-devel mailing list
>>> tbo...@li...
>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>> 
>> 
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>> 30-Day 
>> trial. Simplify your report design, integration and deployment - and
>> focus on 
>> what you do best, core application coding. Discover what's new with
>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>> _______________________________________________
>> tboot-devel mailing list
>> tbo...@li...
>> https://lists.sourceforge.net/lists/listinfo/tboot-devel

Re: [tboot-devel] tboot broke my laptop! (twice!)

[Martin T. <ma...@th...>]

Just out of curiosity: Is the mentioned "secrets"-flag stored in the
TPM NV storage? By the way, if it is a chipset register flag (as
suggested in another mail) I don't see how it would be persisted
across reboots.

The behaviour of the laptop suggests that at least something has been
persisted somewhere... in BIOS flash memory or in TPM NV storage. I
don't understand why this is necessary - is it so that the BIOS can
clear memory thoroughly post boot, when there have been secrets in
memory (to guard against coldboot attacks)? Also, does this imply that
"flashings" take place on each entering/leaving TXT mode? This in
itself might cause problems, since flash memory (or EEPROM which I
think most TPM's use) has a limited number of erase/write-cycles and
some use cases for TXT might involve frequent transitions back and
forth.

It is always unfortunate when it is possible for software to render a
machine inoperable. This could be exploited by viruses, using this as
a mechanism for (permanently?) ruining the victim's computer. :/

Best regards,

Martin Thiim

On Tue, Sep 1, 2009 at 8:01 AM, Wang, Shane<sha...@in...> wrote:
> Hi Hal,
>
> I hear If HP has a means of cutting the power to the TPM or keeping it in reset then you could boot the machine and flash an updated BIOS.
>
> Can you try to cut the power of TPM?
>
> Thanks
> Shane
>
> Wang, Shane wrote:
>> Hi all,
>>
>> For Hal's question, I didn't get any message/hint to clear the flag
>> and restore the laptop by removing the RTC battery. The flag should
>> be in MSR register on the chipset.
>>
>> Jon, did you succeed to restore your laptop? Or, does "no change"
>> mean "fail"?
>>
>> Shane
>>
>> Jonathan M. McCune wrote:
>>> Hi Hal et al.,
>>>
>>> When I had this problem on an 8530p, I tried the following
>>> (unsuccessfully) to restore the machine to a state where it will
>>> boot:
>>>
>>>  > 1. Remove memory on left slot (as shown in DIMM1.jpg) and restart
>>> the unit.
>>>
>>> No change.
>>>
>>>  > 2. Remove the memory on the right slot, replace it back and
>>> restart the unit (keep the left slot still empty).
>>>
>>> No change.
>>>
>>>  > 3. Replace with memory on the right slot with another one that has
>>> a different frequency (e.g. if you have 800Mhz DIMM replace it with
>>> 667Mhz one). Keep the left slot still empty.
>>>
>>> I don't have a DIMM of a different speed lying around.  I have one
>>> other model of HP laptop but it takes the identical stuff.  I tried
>>> it anyways. No change.
>>>
>>>  > 4. Remove the RTC battery (will find it next to DIMMs) and let it
>>> stay there for a while. After that connect it back and restart the
>>> unit.
>>>
>>> Left DIMM still out. I left the battery out for a few minutes and
>>> tried booting up with it removed. No change.  I also removed the
>>> CD-ROM drive and tried again. No change.
>>>
>>> I left the battery out for about half hour, then put it back in, then
>>> tried booting up with the left DIMM still removed. No change.
>>>
>>> Cheers,
>>> -Jon
>>>
>>>
>>> Hal Finney wrote:
>>>> Thanks very much for the responses. Unfortunately I can't give you
>>>> the BIOS version because the machine is a brick. I am at a
>>>> conference this week so it may take a few days to get it fixed.
>>>>
>>>> The first time it broke I used the 20090330 version of tboot, with
>>>> the latest SINIT downloaded from SourceForge. The second time, this
>>>> past weekend, I believe I used tboot built from the mercurial tip,
>>>> which I had downloaded moments before.
>>>>
>>>> I am not sure how to proceed after I get my laptop fixed. I can tell
>>>> you what BIOS version is in the new one, but I will be hesitant to
>>>> do another run of tboot to see if it breaks it again. Last time,
>>>> they replaced the motherboard, so I don't expect that the new BIOS
>>>> version will necessarily be the same as the one that broke.
>>>>
>>>> As far as the hang, I believe it occured immediately after the
>>>> GETSEC[SENTER]. The display went blank. The one thing I noticed, at
>>>> least the second time, is that the disk drive light was flickering
>>>> in a smooth, uniform pattern. Maybe 30 times a second, just
>>>> flickering on and off uniformly. This kind of worried me as I
>>>> wondered if the failure mode was trashing my disk. After a few
>>>> seconds, I pressed and held the power button to turn the laptop
>>>> off. Trying to turn it back on led to the problem I described,
>>>> where it repeatedly turns itself back off (and back on).
>>>>
>>>> One question, would you think that removing and replacing the RTC
>>>> battery might clear enough internal state to let it boot? Any other
>>>> interventions or resets that might be possible if I take the laptop
>>>> apart somewhat? HP does have instructions to do so on the web site.
>>>>
>>>> Hal Finney
>>>>
>>>> On Mon, Aug 17, 2009 at 6:18 PM, Wang, Shane<sha...@in...>
>>>> wrote:
>>>>> Hi Hal,
>>>>>
>>>>> The reset behavior seems like it is due to the secret flag of TXT.
>>>>> It looks like BIOS ACM does not clear the secret flag of TXT when
>>>>> hang and reset happen.
>>>>>
>>>>> What version of SINIT and tboot are you using on that laptop?
>>>>> What did you do to get hang? hang where?
>>>>>
>>>>> I am trying to find where the root cause is.
>>>>>
>>>>> Thanks.
>>>>> Shane
>>>>>
>>>>> Hal Finney wrote:
>>>>>> I was traveling recently, and I wanted to do some experiments with
>>>>>> TXT on the road, so I bought an HP laptop that supports the
>>>>>> technology. It is an HP EliteBook 6930p. I got it set up with
>>>>>> Linux and tboot, enabled TPM, VT and TXT, and tried booting tboot
>>>>>> and a Linux kernel.
>>>>>>
>>>>>> Something went wrong. My laptop hung and I restarted it. But it
>>>>>> didn't start properly. The power light and other lights came on,
>>>>>> but the display did not light up. The fan started and disk began
>>>>>> spinning, but after about a second, the whole thing powered down.
>>>>>> The fan and disk stopped, and all of the lights went out. Then,
>>>>>> after a few seconds, it turned itself back on. But once again,
>>>>>> after starting the fan and disk, and before lighting the display,
>>>>>> the laptop shut off. This cycle would repeat indefinitely, the
>>>>>> laptop turning itself on and off. I have to make it stop by
>>>>>> pressing and holding the power button.
>>>>>>
>>>>>> In short, my laptop was completely broken and useless.
>>>>>>
>>>>>> Fortunately, being new it was covered by HP's warranty. They
>>>>>> talked me through the usual minor fixits on the phone, removing
>>>>>> the disk and such, and nothing helped. They finally told me to
>>>>>> take it to an authorized repair shop. The nearest one is 80 miles
>>>>>> away so it was not super convenient, but I did it. Unfortunately
>>>>>> it meant that I was not able to take the laptop on my trip and was
>>>>>> not able to do my experiments.
>>>>>>
>>>>>> I got back this week and picked up my laptop from the repair shop.
>>>>>> They had replaced the motherboard and it worked fine. So I tried
>>>>>> again. I enabled the new TPM, got VT and TXT enabled, and tried
>>>>>> launching tboot.
>>>>>>
>>>>>> It broke again.
>>>>>>
>>>>>> Once again my laptop is useless. It repeatedly turns itself on and
>>>>>> off, and does not even light up the display. It does not get far
>>>>>> enough into BIOS to boot from a CD or any other medium.
>>>>>>
>>>>>> I am a little worried about once again demanding that HP fix this
>>>>>> machine under the terms of my warranty. I did not go into any
>>>>>> detail about what I was doing when it broke the first time. In
>>>>>> fact I thought it was probably just a defective machine; I did not
>>>>>> necessarily connect it that much with tboot since I was just
>>>>>> getting started with it and had only used it for an hour or so.
>>>>>> But with the same thing happening twice now, it is clear that I am
>>>>>> breaking it. And I am not running Windows, I am using experimental
>>>>>> software, etc. Of course the machine is claimed to support TXT, so
>>>>>> obviously it should not break from running tboot. But this is such
>>>>>> a little-known and new technology that I'm sure only a few people
>>>>>> at HP are familiar with it. I am not sure how to proceed with
>>>>>> regard to the warranty.
>>>>>>
>>>>>> I wonder if anyone at HP reading this might be able to comment? It
>>>>>> will not be good if HP laptops are turned into bricks by running
>>>>>> tboot.
>>>>>>
>>>>>> Hal Finney
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Let Crystal Reports handle the reporting - Free Crystal Reports
>>>>>> 2008 30-Day trial. Simplify your report design, integration and
>>>>>> deployment - and focus on what you do best, core application
>>>>>> coding. Discover what's new with Crystal Reports now.
>>>>>> http://p.sf.net/sfu/bobj-july
>>>>>> _______________________________________________
>>>>>> tboot-devel mailing list
>>>>>> tbo...@li...
>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>>>> 30-Day trial. Simplify your report design, integration and
>>>> deployment - and focus on what you do best, core application
>>>> coding. Discover what's new with Crystal Reports now.
>>>> http://p.sf.net/sfu/bobj-july
>>>> _______________________________________________
>>>> tboot-devel mailing list
>>>> tbo...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>
>>
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>> 30-Day
>> trial. Simplify your report design, integration and deployment - and
>> focus on
>> what you do best, core application coding. Discover what's new with
>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>> _______________________________________________
>> tboot-devel mailing list
>> tbo...@li...
>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
> trial. Simplify your report design, integration and deployment - and focus on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>

Re: [tboot-devel] tboot broke my laptop! (twice!)

[Wang, S. <sha...@in...>]

Hi Hal,

I hear If HP has a means of cutting the power to the TPM or keeping it in reset then you could boot the machine and flash an updated BIOS. 

Can you try to cut the power of TPM?

Thanks
Shane

Wang, Shane wrote:
> Hi all,
> 
> For Hal's question, I didn't get any message/hint to clear the flag
> and restore the laptop by removing the RTC battery. The flag should
> be in MSR register on the chipset. 
> 
> Jon, did you succeed to restore your laptop? Or, does "no change"
> mean "fail"? 
> 
> Shane
> 
> Jonathan M. McCune wrote:
>> Hi Hal et al.,
>> 
>> When I had this problem on an 8530p, I tried the following
>> (unsuccessfully) to restore the machine to a state where it will
>> boot: 
>> 
>>  > 1. Remove memory on left slot (as shown in DIMM1.jpg) and restart
>> the unit. 
>> 
>> No change.
>> 
>>  > 2. Remove the memory on the right slot, replace it back and
>> restart the unit (keep the left slot still empty).
>> 
>> No change.
>> 
>>  > 3. Replace with memory on the right slot with another one that has
>> a different frequency (e.g. if you have 800Mhz DIMM replace it with
>> 667Mhz one). Keep the left slot still empty.
>> 
>> I don't have a DIMM of a different speed lying around.  I have one
>> other model of HP laptop but it takes the identical stuff.  I tried
>> it anyways. No change. 
>> 
>>  > 4. Remove the RTC battery (will find it next to DIMMs) and let it
>> stay there for a while. After that connect it back and restart the
>> unit. 
>> 
>> Left DIMM still out. I left the battery out for a few minutes and
>> tried booting up with it removed. No change.  I also removed the
>> CD-ROM drive and tried again. No change.
>> 
>> I left the battery out for about half hour, then put it back in, then
>> tried booting up with the left DIMM still removed. No change.
>> 
>> Cheers,
>> -Jon
>> 
>> 
>> Hal Finney wrote:
>>> Thanks very much for the responses. Unfortunately I can't give you
>>> the BIOS version because the machine is a brick. I am at a
>>> conference this week so it may take a few days to get it fixed.
>>> 
>>> The first time it broke I used the 20090330 version of tboot, with
>>> the latest SINIT downloaded from SourceForge. The second time, this
>>> past weekend, I believe I used tboot built from the mercurial tip,
>>> which I had downloaded moments before.
>>> 
>>> I am not sure how to proceed after I get my laptop fixed. I can tell
>>> you what BIOS version is in the new one, but I will be hesitant to
>>> do another run of tboot to see if it breaks it again. Last time,
>>> they replaced the motherboard, so I don't expect that the new BIOS
>>> version will necessarily be the same as the one that broke.
>>> 
>>> As far as the hang, I believe it occured immediately after the
>>> GETSEC[SENTER]. The display went blank. The one thing I noticed, at
>>> least the second time, is that the disk drive light was flickering
>>> in a smooth, uniform pattern. Maybe 30 times a second, just
>>> flickering on and off uniformly. This kind of worried me as I
>>> wondered if the failure mode was trashing my disk. After a few
>>> seconds, I pressed and held the power button to turn the laptop
>>> off. Trying to turn it back on led to the problem I described,
>>> where it repeatedly turns itself back off (and back on). 
>>> 
>>> One question, would you think that removing and replacing the RTC
>>> battery might clear enough internal state to let it boot? Any other
>>> interventions or resets that might be possible if I take the laptop
>>> apart somewhat? HP does have instructions to do so on the web site.
>>> 
>>> Hal Finney
>>> 
>>> On Mon, Aug 17, 2009 at 6:18 PM, Wang, Shane<sha...@in...>
>>> wrote:
>>>> Hi Hal,
>>>> 
>>>> The reset behavior seems like it is due to the secret flag of TXT.
>>>> It looks like BIOS ACM does not clear the secret flag of TXT when
>>>> hang and reset happen. 
>>>> 
>>>> What version of SINIT and tboot are you using on that laptop?
>>>> What did you do to get hang? hang where?
>>>> 
>>>> I am trying to find where the root cause is.
>>>> 
>>>> Thanks.
>>>> Shane
>>>> 
>>>> Hal Finney wrote:
>>>>> I was traveling recently, and I wanted to do some experiments with
>>>>> TXT on the road, so I bought an HP laptop that supports the
>>>>> technology. It is an HP EliteBook 6930p. I got it set up with
>>>>> Linux and tboot, enabled TPM, VT and TXT, and tried booting tboot
>>>>> and a Linux kernel. 
>>>>> 
>>>>> Something went wrong. My laptop hung and I restarted it. But it
>>>>> didn't start properly. The power light and other lights came on,
>>>>> but the display did not light up. The fan started and disk began
>>>>> spinning, but after about a second, the whole thing powered down.
>>>>> The fan and disk stopped, and all of the lights went out. Then,
>>>>> after a few seconds, it turned itself back on. But once again,
>>>>> after starting the fan and disk, and before lighting the display,
>>>>> the laptop shut off. This cycle would repeat indefinitely, the
>>>>> laptop turning itself on and off. I have to make it stop by
>>>>> pressing and holding the power button.
>>>>> 
>>>>> In short, my laptop was completely broken and useless.
>>>>> 
>>>>> Fortunately, being new it was covered by HP's warranty. They
>>>>> talked me through the usual minor fixits on the phone, removing
>>>>> the disk and such, and nothing helped. They finally told me to
>>>>> take it to an authorized repair shop. The nearest one is 80 miles
>>>>> away so it was not super convenient, but I did it. Unfortunately
>>>>> it meant that I was not able to take the laptop on my trip and was
>>>>> not able to do my experiments.
>>>>> 
>>>>> I got back this week and picked up my laptop from the repair shop.
>>>>> They had replaced the motherboard and it worked fine. So I tried
>>>>> again. I enabled the new TPM, got VT and TXT enabled, and tried
>>>>> launching tboot. 
>>>>> 
>>>>> It broke again.
>>>>> 
>>>>> Once again my laptop is useless. It repeatedly turns itself on and
>>>>> off, and does not even light up the display. It does not get far
>>>>> enough into BIOS to boot from a CD or any other medium.
>>>>> 
>>>>> I am a little worried about once again demanding that HP fix this
>>>>> machine under the terms of my warranty. I did not go into any
>>>>> detail about what I was doing when it broke the first time. In
>>>>> fact I thought it was probably just a defective machine; I did not
>>>>> necessarily connect it that much with tboot since I was just
>>>>> getting started with it and had only used it for an hour or so.
>>>>> But with the same thing happening twice now, it is clear that I am
>>>>> breaking it. And I am not running Windows, I am using experimental
>>>>> software, etc. Of course the machine is claimed to support TXT, so
>>>>> obviously it should not break from running tboot. But this is such
>>>>> a little-known and new technology that I'm sure only a few people
>>>>> at HP are familiar with it. I am not sure how to proceed with
>>>>> regard to the warranty. 
>>>>> 
>>>>> I wonder if anyone at HP reading this might be able to comment? It
>>>>> will not be good if HP laptops are turned into bricks by running
>>>>> tboot. 
>>>>> 
>>>>> Hal Finney
>>>>> 
>>>>> ------------------------------------------------------------------------------
>>>>> Let Crystal Reports handle the reporting - Free Crystal Reports
>>>>> 2008 30-Day trial. Simplify your report design, integration and
>>>>> deployment - and focus on what you do best, core application
>>>>> coding. Discover what's new with Crystal Reports now.
>>>>> http://p.sf.net/sfu/bobj-july
>>>>> _______________________________________________ 
>>>>> tboot-devel mailing list
>>>>> tbo...@li...
>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>> 
>>> 
>>> ------------------------------------------------------------------------------
>>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>>> 30-Day trial. Simplify your report design, integration and
>>> deployment - and focus on what you do best, core application
>>> coding. Discover what's new with Crystal Reports now. 
>>> http://p.sf.net/sfu/bobj-july
>>> _______________________________________________ 
>>> tboot-devel mailing list
>>> tbo...@li...
>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> 
> 
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
> 30-Day 
> trial. Simplify your report design, integration and deployment - and
> focus on 
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel

[tboot-devel] FYI: jTpmTools goes TBoot

[Martin P. <Mar...@ia...>]

Today, the Trusted Computing for the Java Platform project[1]
released an update of jTSS, a Trusted Software Stack (TSS)
implemented in 100% Java, and jTpmTools, a command-line tool to
exercise various TPM features.
This update adds a comprehensive set of new commands to allow
manipulation of TPM NV storage. This also allows to setup
the proper policies for Trusted Boot[2], a tool to perform a
measured "late launch" via Intel TXT technology.


The new commands are:

* Non Volatile Storage:
nv_decode:         decode data in non-volatile storage of the TPM
nv_definespace:    define an index and space in TPM NV RAM
nv_lock:           set the global lock for the NV storage - FOREVER!
nv_releasespace:   release a defined index
nv_write:          write data to TPM's NV RAM

* Intel(R) Trusted eXecution Technology (TXT):
txt_policy:        create a TXT Launch Control Policy (LCP)
txt_policyinfo:    show informations about a LCP file

* TBoot:
tboot_pcr18:       calculate value of PCR 18 after trusted boot
tboot_pcr19-22:    calculate values of PCRs above PCR 18 after trusted boot
tboot_policy:      create and modify TBoot Verified Launch Policy (VLP)
tboot_policyinfo:  show informations about a VLP file


This release is EXPERIMENTAL!
You can PERMANENTLY DAMAGE YOUR HARDWARE with this software!
USE AT YOUR OWN RISK!

We succeeded in setting up a measured TBoot on a HP dc7900,
solely by using jTpmTools. However, a Intel DQ45CB got fried upon
executing SINIT.
Thus, your experience may vary.... :-)


This release is a little bit rushed as we are hosting the
4th European Trusted Infrastructure Summerschool[3] this year
and things are kinda hectic currently.
If you come to ETISS - say hello!

Thanks to all who contributed to this release!


Have fun,
  Martin


[1] http://trustedjava.sourceforge.net/
[2] http://sourceforge.net/projects/tboot/
[3] http://www.etiss.org/

[tboot-devel] tboot tools miss libz

[Martin P. <Mar...@ia...>]

Hi list...

makeing from tip:

[...]
gcc -Wall -Wformat-security -Werror -Wstrict-prototypes -fno-strict-aliasing -std=gnu99 -Wno-array-bounds -O2 -m64  mlehash.o lcptools.o lcputils.o -lcrypto
-ltspi -o lcp_mlehash
mlehash.o: In function `read_file':
mlehash.c:(.text+0x91): undefined reference to `gzopen'
mlehash.c:(.text+0xd4): undefined reference to `gzeof'
mlehash.c:(.text+0xec): undefined reference to `gzread'
mlehash.c:(.text+0x126): undefined reference to `gzclose'
mlehash.c:(.text+0x261): undefined reference to `gzclose'
collect2: ld returned 1 exit status
make[2]: *** [lcp_mlehash] Error 1
make[2]: Leaving directory `/repo-extern/tboot.hg/lcptools'
make[1]: *** [build-lcptools] Error 2
make[1]: Leaving directory `/repo-extern/tboot.hg'
make: *** [build] Error 2



This helps:


diff -r d0e88a1b340e lcptools/Makefile
--- a/lcptools/Makefile Mon Aug 17 16:29:54 2009 -0700
+++ b/lcptools/Makefile Fri Aug 21 10:34:13 2009 +0200
@@ -24,7 +24,7 @@


 # libraries
-LIBS += -lcrypto -ltspi
+LIBS += -lcrypto -ltspi -lz


 #
diff -r d0e88a1b340e tb_polgen/Makefile
--- a/tb_polgen/Makefile        Mon Aug 17 16:29:54 2009 -0700
+++ b/tb_polgen/Makefile        Fri Aug 21 10:34:13 2009 +0200
@@ -10,7 +10,7 @@
 TARGET = tb_polgen

 # libraries
-LIBS += -lcrypto
+LIBS += -lcrypto -lz


 #

Re: [tboot-devel] SINIT bricks Intel DQ45CB

[Martin P. <Mar...@ia...>]

Hal Finney wrote:
> TBOOT: LT.ERRORCODE=c0002cd1
> TBOOT: AC module error : acm_type=1, progress=0d, error=b
> 
> Progress 0xd, error 0xb is:
>            1011      TPM NV RAM is unlocked

Yes, I remembered there is a list somewhere - I looked into
the TXT docs, the chipset docs - but not into the SINIT package...


I locked the NV ram.

Then, SINIT complained about a pre-production AC module, as the
platform default policy does not allow one.

Then I wrote a user policy which allows a pre-production module.

I tboot-ed again and it stucks at GETSEC[SENTER].


Hardware reboot -> box does not boot anymore.
Lights come up, fan starts for a sec, lights go off, fan too.
Neverending cycle.

Hmm.... kinda looks like Hal's problem?


I now have a box which is a brick :-(((((
(Removing CMOS battery to clear TPM NV does not help)


FYI (AFAIR):
 Intel DQ45CB, BIOS version 0085
 TBoot f332236d7183
 bootlog before crash captured from serial console attached

Martin


PS: Intel, if you want to debug this bricked DQ45CB - send me a new one?

Re: [tboot-devel] tboot broke my laptop! (twice!)

[Wang, S. <sha...@in...>]

Hi all,

For Hal's question, I didn't get any message/hint to clear the flag and restore the laptop by removing the RTC battery.
The flag should be in MSR register on the chipset.

Jon, did you succeed to restore your laptop? Or, does "no change" mean "fail"?

Shane

Jonathan M. McCune wrote:
> Hi Hal et al.,
> 
> When I had this problem on an 8530p, I tried the following
> (unsuccessfully) to restore the machine to a state where it will boot:
> 
>  > 1. Remove memory on left slot (as shown in DIMM1.jpg) and restart
> the unit.
> 
> No change.
> 
>  > 2. Remove the memory on the right slot, replace it back and restart
> the unit (keep the left slot still empty).
> 
> No change.
> 
>  > 3. Replace with memory on the right slot with another one that has
> a different frequency (e.g. if you have 800Mhz DIMM replace it with
> 667Mhz one). Keep the left slot still empty.
> 
> I don't have a DIMM of a different speed lying around.  I have one
> other model of HP laptop but it takes the identical stuff.  I tried it
> anyways. No change.
> 
>  > 4. Remove the RTC battery (will find it next to DIMMs) and let it
> stay there for a while. After that connect it back and restart the
> unit. 
> 
> Left DIMM still out. I left the battery out for a few minutes and
> tried booting up with it removed. No change.  I also removed the
> CD-ROM drive and tried again. No change.
> 
> I left the battery out for about half hour, then put it back in, then
> tried booting up with the left DIMM still removed. No change.
> 
> Cheers,
> -Jon
> 
> 
> Hal Finney wrote:
>> Thanks very much for the responses. Unfortunately I can't give you
>> the 
>> BIOS version because the machine is a brick. I am at a conference
>> this 
>> week so it may take a few days to get it fixed.
>> 
>> The first time it broke I used the 20090330 version of tboot, with
>> the latest SINIT downloaded from SourceForge. The second time, this
>> past weekend, I believe I used tboot built from the mercurial tip,
>> which I 
>> had downloaded moments before.
>> 
>> I am not sure how to proceed after I get my laptop fixed. I can tell
>> you what BIOS version is in the new one, but I will be hesitant to do
>> another run of tboot to see if it breaks it again. Last time, they
>> replaced the motherboard, so I don't expect that the new BIOS version
>> will necessarily be the same as the one that broke.
>> 
>> As far as the hang, I believe it occured immediately after the
>> GETSEC[SENTER]. The display went blank. The one thing I noticed, at
>> least the second time, is that the disk drive light was flickering in
>> a smooth, uniform pattern. Maybe 30 times a second, just flickering
>> on 
>> and off uniformly. This kind of worried me as I wondered if the
>> failure mode was trashing my disk. After a few seconds, I pressed and
>> held the power button to turn the laptop off. Trying to turn it back
>> on led to the problem I described, where it repeatedly turns itself
>> back off (and back on).
>> 
>> One question, would you think that removing and replacing the RTC
>> battery might clear enough internal state to let it boot? Any other
>> interventions or resets that might be possible if I take the laptop
>> apart somewhat? HP does have instructions to do so on the web site.
>> 
>> Hal Finney
>> 
>> On Mon, Aug 17, 2009 at 6:18 PM, Wang, Shane<sha...@in...>
>> wrote: 
>>> Hi Hal,
>>> 
>>> The reset behavior seems like it is due to the secret flag of TXT.
>>> It looks like BIOS ACM does not clear the secret flag of TXT when
>>> hang and reset happen. 
>>> 
>>> What version of SINIT and tboot are you using on that laptop?
>>> What did you do to get hang? hang where?
>>> 
>>> I am trying to find where the root cause is.
>>> 
>>> Thanks.
>>> Shane
>>> 
>>> Hal Finney wrote:
>>>> I was traveling recently, and I wanted to do some experiments with
>>>> TXT on the road, so I bought an HP laptop that supports the
>>>> technology. It is an HP EliteBook 6930p. I got it set up with
>>>> Linux and tboot, enabled TPM, VT and TXT, and tried booting tboot
>>>> and a Linux kernel. 
>>>> 
>>>> Something went wrong. My laptop hung and I restarted it. But it
>>>> didn't start properly. The power light and other lights came on,
>>>> but the display did not light up. The fan started and disk began
>>>> spinning, but after about a second, the whole thing powered down.
>>>> The fan and disk stopped, and all of the lights went out. Then,
>>>> after a few seconds, it turned itself back on. But once again,
>>>> after starting the fan and disk, and before lighting the display,
>>>> the laptop shut off. This cycle would repeat indefinitely, the
>>>> laptop turning itself on and off. I have to make it stop by
>>>> pressing and holding the power button. 
>>>> 
>>>> In short, my laptop was completely broken and useless.
>>>> 
>>>> Fortunately, being new it was covered by HP's warranty. They
>>>> talked me through the usual minor fixits on the phone, removing
>>>> the disk and such, and nothing helped. They finally told me to
>>>> take it to an authorized repair shop. The nearest one is 80 miles
>>>> away so it was not super convenient, but I did it. Unfortunately
>>>> it meant that I was not able to take the laptop on my trip and was
>>>> not able to do my experiments. 
>>>> 
>>>> I got back this week and picked up my laptop from the repair shop.
>>>> They had replaced the motherboard and it worked fine. So I tried
>>>> again. I enabled the new TPM, got VT and TXT enabled, and tried
>>>> launching tboot. 
>>>> 
>>>> It broke again.
>>>> 
>>>> Once again my laptop is useless. It repeatedly turns itself on and
>>>> off, and does not even light up the display. It does not get far
>>>> enough into BIOS to boot from a CD or any other medium.
>>>> 
>>>> I am a little worried about once again demanding that HP fix this
>>>> machine under the terms of my warranty. I did not go into any
>>>> detail about what I was doing when it broke the first time. In
>>>> fact I thought it was probably just a defective machine; I did not
>>>> necessarily connect it that much with tboot since I was just
>>>> getting started with it and had only used it for an hour or so.
>>>> But with the same thing happening twice now, it is clear that I am
>>>> breaking it. And I am not running Windows, I am using experimental
>>>> software, etc. Of course the machine is claimed to support TXT, so
>>>> obviously it should not break from running tboot. But this is such
>>>> a little-known and new technology that I'm sure only a few people
>>>> at HP are familiar with it. I am not sure how to proceed with
>>>> regard to the warranty. 
>>>> 
>>>> I wonder if anyone at HP reading this might be able to comment? It
>>>> will not be good if HP laptops are turned into bricks by running
>>>> tboot. 
>>>> 
>>>> Hal Finney
>>>> 
>>>> ------------------------------------------------------------------------------
>>>> Let Crystal Reports handle the reporting - Free Crystal Reports
>>>> 2008 30-Day trial. Simplify your report design, integration and
>>>> deployment - and focus on what you do best, core application
>>>> coding. Discover what's new with Crystal Reports now. 
>>>> http://p.sf.net/sfu/bobj-july
>>>> _______________________________________________ 
>>>> tboot-devel mailing list
>>>> tbo...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>> 
>> 
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>> 30-Day trial. Simplify your report design, integration and
>> deployment - and focus on what you do best, core application coding.
>> Discover what's new with 
>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>> _______________________________________________
>> tboot-devel mailing list
>> tbo...@li...
>> https://lists.sourceforge.net/lists/listinfo/tboot-devel

Re: [tboot-devel] tboot broke my laptop! (twice!)

[Jonathan M. M. <jon...@cm...>]

Hi Hal et al.,

When I had this problem on an 8530p, I tried the following 
(unsuccessfully) to restore the machine to a state where it will boot:

 > 1. Remove memory on left slot (as shown in DIMM1.jpg) and restart the 
unit.

No change.

 > 2. Remove the memory on the right slot, replace it back and restart 
the unit (keep the left slot still empty).

No change.

 > 3. Replace with memory on the right slot with another one that has a 
different frequency (e.g. if you have 800Mhz DIMM replace it with 667Mhz 
one). Keep the left slot still empty.

I don't have a DIMM of a different speed lying around.  I have one other
model of HP laptop but it takes the identical stuff.  I tried it 
anyways. No change.

 > 4. Remove the RTC battery (will find it next to DIMMs) and let it 
stay there for a while. After that connect it back and restart the unit.

Left DIMM still out. I left the battery out for a few minutes and tried 
booting up with it removed. No change.  I also removed the CD-ROM drive 
and tried again. No change.

I left the battery out for about half hour, then put it back in, then 
tried booting up with the left DIMM still removed. No change.

Cheers,
-Jon


Hal Finney wrote:
> Thanks very much for the responses. Unfortunately I can't give you the
> BIOS version because the machine is a brick. I am at a conference this
> week so it may take a few days to get it fixed.
> 
> The first time it broke I used the 20090330 version of tboot, with the
> latest SINIT downloaded from SourceForge. The second time, this past
> weekend, I believe I used tboot built from the mercurial tip, which I
> had downloaded moments before.
> 
> I am not sure how to proceed after I get my laptop fixed. I can tell
> you what BIOS version is in the new one, but I will be hesitant to do
> another run of tboot to see if it breaks it again. Last time, they
> replaced the motherboard, so I don't expect that the new BIOS version
> will necessarily be the same as the one that broke.
> 
> As far as the hang, I believe it occured immediately after the
> GETSEC[SENTER]. The display went blank. The one thing I noticed, at
> least the second time, is that the disk drive light was flickering in
> a smooth, uniform pattern. Maybe 30 times a second, just flickering on
> and off uniformly. This kind of worried me as I wondered if the
> failure mode was trashing my disk. After a few seconds, I pressed and
> held the power button to turn the laptop off. Trying to turn it back
> on led to the problem I described, where it repeatedly turns itself
> back off (and back on).
> 
> One question, would you think that removing and replacing the RTC
> battery might clear enough internal state to let it boot? Any other
> interventions or resets that might be possible if I take the laptop
> apart somewhat? HP does have instructions to do so on the web site.
> 
> Hal Finney
> 
> On Mon, Aug 17, 2009 at 6:18 PM, Wang, Shane<sha...@in...> wrote:
>> Hi Hal,
>>
>> The reset behavior seems like it is due to the secret flag of TXT.
>> It looks like BIOS ACM does not clear the secret flag of TXT when hang and reset happen.
>>
>> What version of SINIT and tboot are you using on that laptop?
>> What did you do to get hang? hang where?
>>
>> I am trying to find where the root cause is.
>>
>> Thanks.
>> Shane
>>
>> Hal Finney wrote:
>>> I was traveling recently, and I wanted to do some experiments with TXT
>>> on the road, so I bought an HP laptop that supports the technology. It
>>> is an HP EliteBook 6930p. I got it set up with Linux and tboot,
>>> enabled TPM, VT and TXT, and tried booting tboot and a Linux kernel.
>>>
>>> Something went wrong. My laptop hung and I restarted it. But it didn't
>>> start properly. The power light and other lights came on, but the
>>> display did not light up. The fan started and disk began spinning, but
>>> after about a second, the whole thing powered down. The fan and disk
>>> stopped, and all of the lights went out. Then, after a few seconds, it
>>> turned itself back on. But once again, after starting the fan and
>>> disk, and before lighting the display, the laptop shut off. This cycle
>>> would repeat indefinitely, the laptop turning itself on and off. I
>>> have to make it stop by pressing and holding the power button.
>>>
>>> In short, my laptop was completely broken and useless.
>>>
>>> Fortunately, being new it was covered by HP's warranty. They talked me
>>> through the usual minor fixits on the phone, removing the disk and
>>> such, and nothing helped. They finally told me to take it to an
>>> authorized repair shop. The nearest one is 80 miles away so it was not
>>> super convenient, but I did it. Unfortunately it meant that I was not
>>> able to take the laptop on my trip and was not able to do my
>>> experiments.
>>>
>>> I got back this week and picked up my laptop from the repair shop.
>>> They had replaced the motherboard and it worked fine. So I tried
>>> again. I enabled the new TPM, got VT and TXT enabled, and tried
>>> launching tboot.
>>>
>>> It broke again.
>>>
>>> Once again my laptop is useless. It repeatedly turns itself on and
>>> off, and does not even light up the display. It does not get far
>>> enough into BIOS to boot from a CD or any other medium.
>>>
>>> I am a little worried about once again demanding that HP fix this
>>> machine under the terms of my warranty. I did not go into any detail
>>> about what I was doing when it broke the first time. In fact I thought
>>> it was probably just a defective machine; I did not necessarily
>>> connect it that much with tboot since I was just getting started with
>>> it and had only used it for an hour or so. But with the same thing
>>> happening twice now, it is clear that I am breaking it. And I am not
>>> running Windows, I am using experimental software, etc. Of course the
>>> machine is claimed to support TXT, so obviously it should not break
>>> from running tboot. But this is such a little-known and new technology
>>> that I'm sure only a few people at HP are familiar with it. I am not
>>> sure how to proceed with regard to the warranty.
>>>
>>> I wonder if anyone at HP reading this might be able to comment? It
>>> will not be good if HP laptops are turned into bricks by running
>>> tboot.
>>>
>>> Hal Finney
>>>
>>> ------------------------------------------------------------------------------
>>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>>> 30-Day trial. Simplify your report design, integration and deployment
>>> - and focus on what you do best, core application coding. Discover
>>> what's new with
>>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>>> _______________________________________________
>>> tboot-devel mailing list
>>> tbo...@li...
>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>
> 
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
> trial. Simplify your report design, integration and deployment - and focus on 
> what you do best, core application coding. Discover what's new with 
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> 

Re: [tboot-devel] tboot broke my laptop! (twice!)

[Hal F. <hal...@gm...>]

Thanks very much for the responses. Unfortunately I can't give you the
BIOS version because the machine is a brick. I am at a conference this
week so it may take a few days to get it fixed.

The first time it broke I used the 20090330 version of tboot, with the
latest SINIT downloaded from SourceForge. The second time, this past
weekend, I believe I used tboot built from the mercurial tip, which I
had downloaded moments before.

I am not sure how to proceed after I get my laptop fixed. I can tell
you what BIOS version is in the new one, but I will be hesitant to do
another run of tboot to see if it breaks it again. Last time, they
replaced the motherboard, so I don't expect that the new BIOS version
will necessarily be the same as the one that broke.

As far as the hang, I believe it occured immediately after the
GETSEC[SENTER]. The display went blank. The one thing I noticed, at
least the second time, is that the disk drive light was flickering in
a smooth, uniform pattern. Maybe 30 times a second, just flickering on
and off uniformly. This kind of worried me as I wondered if the
failure mode was trashing my disk. After a few seconds, I pressed and
held the power button to turn the laptop off. Trying to turn it back
on led to the problem I described, where it repeatedly turns itself
back off (and back on).

One question, would you think that removing and replacing the RTC
battery might clear enough internal state to let it boot? Any other
interventions or resets that might be possible if I take the laptop
apart somewhat? HP does have instructions to do so on the web site.

Hal Finney

On Mon, Aug 17, 2009 at 6:18 PM, Wang, Shane<sha...@in...> wrote:
> Hi Hal,
>
> The reset behavior seems like it is due to the secret flag of TXT.
> It looks like BIOS ACM does not clear the secret flag of TXT when hang and reset happen.
>
> What version of SINIT and tboot are you using on that laptop?
> What did you do to get hang? hang where?
>
> I am trying to find where the root cause is.
>
> Thanks.
> Shane
>
> Hal Finney wrote:
>> I was traveling recently, and I wanted to do some experiments with TXT
>> on the road, so I bought an HP laptop that supports the technology. It
>> is an HP EliteBook 6930p. I got it set up with Linux and tboot,
>> enabled TPM, VT and TXT, and tried booting tboot and a Linux kernel.
>>
>> Something went wrong. My laptop hung and I restarted it. But it didn't
>> start properly. The power light and other lights came on, but the
>> display did not light up. The fan started and disk began spinning, but
>> after about a second, the whole thing powered down. The fan and disk
>> stopped, and all of the lights went out. Then, after a few seconds, it
>> turned itself back on. But once again, after starting the fan and
>> disk, and before lighting the display, the laptop shut off. This cycle
>> would repeat indefinitely, the laptop turning itself on and off. I
>> have to make it stop by pressing and holding the power button.
>>
>> In short, my laptop was completely broken and useless.
>>
>> Fortunately, being new it was covered by HP's warranty. They talked me
>> through the usual minor fixits on the phone, removing the disk and
>> such, and nothing helped. They finally told me to take it to an
>> authorized repair shop. The nearest one is 80 miles away so it was not
>> super convenient, but I did it. Unfortunately it meant that I was not
>> able to take the laptop on my trip and was not able to do my
>> experiments.
>>
>> I got back this week and picked up my laptop from the repair shop.
>> They had replaced the motherboard and it worked fine. So I tried
>> again. I enabled the new TPM, got VT and TXT enabled, and tried
>> launching tboot.
>>
>> It broke again.
>>
>> Once again my laptop is useless. It repeatedly turns itself on and
>> off, and does not even light up the display. It does not get far
>> enough into BIOS to boot from a CD or any other medium.
>>
>> I am a little worried about once again demanding that HP fix this
>> machine under the terms of my warranty. I did not go into any detail
>> about what I was doing when it broke the first time. In fact I thought
>> it was probably just a defective machine; I did not necessarily
>> connect it that much with tboot since I was just getting started with
>> it and had only used it for an hour or so. But with the same thing
>> happening twice now, it is clear that I am breaking it. And I am not
>> running Windows, I am using experimental software, etc. Of course the
>> machine is claimed to support TXT, so obviously it should not break
>> from running tboot. But this is such a little-known and new technology
>> that I'm sure only a few people at HP are familiar with it. I am not
>> sure how to proceed with regard to the warranty.
>>
>> I wonder if anyone at HP reading this might be able to comment? It
>> will not be good if HP laptops are turned into bricks by running
>> tboot.
>>
>> Hal Finney
>>
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>> 30-Day trial. Simplify your report design, integration and deployment
>> - and focus on what you do best, core application coding. Discover
>> what's new with
>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>> _______________________________________________
>> tboot-devel mailing list
>> tbo...@li...
>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>
>

Re: [tboot-devel] SINIT fails on Q45

[Hal F. <hal...@gm...>]

Hi Martin. The error from your log is:

TBOOT: LT.ERRORCODE=c0002cd1
TBOOT: AC module error : acm_type=1, progress=0d, error=b

Progress 0xd, error 0xb is:

           1011      TPM NV RAM is unlocked

I'm surprised it cares about this. The nonvolatile memory in the TPM
is shipped in a rather permissive, "unlocked" state. At some point it
is supposed to be "locked" after which time a degree of authentication
is necessary for certain instructions. Sounds like SINIT wants the TPM
to have been converted to the locked state.

The lcptools directory in tboot contains a command nvlock which will
lock the TPM. As the Readme.txt warns:

"Warning
        The tools can only run on the machine with TPM 1.2 Device. And
be careful on using the nvlock command, because after the tpm device
is locked, it could not be unlocked again."

But I don't think there's probably any harm. I think you can still add
NV areas, like if you want to define a policy someday as to which
versions of tboot can load, etc. Maybe someone else can confirm that
(A) locking the NV RAM is necessary for the SINIT to run; and (B)
locking it won't cause any trouble with future things you might want
to do with the TPM.

Hal Finney

On Tue, Aug 18, 2009 at 8:03 AM, Martin
Pirker<Mar...@ia...> wrote:
> Hi list....
>
> Trying tboot on a Intel DQ45CB,
> SENTER fails with - see attached log.
> What does the LT.ERRORCODE want to tell me?
>
> Any hints appreciated :-)
> Martin

[tboot-devel] SINIT fails on Q45

[Martin P. <Mar...@ia...>]

Hi list....

Trying tboot on a Intel DQ45CB,
SENTER fails with - see attached log.
What does the LT.ERRORCODE want to tell me?

Any hints appreciated :-)
Martin

Re: [tboot-devel] tboot broke my laptop! (twice!)

[Wang, S. <sha...@in...>]

Hi Hal,

The reset behavior seems like it is due to the secret flag of TXT.
It looks like BIOS ACM does not clear the secret flag of TXT when hang and reset happen.

What version of SINIT and tboot are you using on that laptop?
What did you do to get hang? hang where?

I am trying to find where the root cause is.

Thanks.
Shane

Hal Finney wrote:
> I was traveling recently, and I wanted to do some experiments with TXT
> on the road, so I bought an HP laptop that supports the technology. It
> is an HP EliteBook 6930p. I got it set up with Linux and tboot,
> enabled TPM, VT and TXT, and tried booting tboot and a Linux kernel.
> 
> Something went wrong. My laptop hung and I restarted it. But it didn't
> start properly. The power light and other lights came on, but the
> display did not light up. The fan started and disk began spinning, but
> after about a second, the whole thing powered down. The fan and disk
> stopped, and all of the lights went out. Then, after a few seconds, it
> turned itself back on. But once again, after starting the fan and
> disk, and before lighting the display, the laptop shut off. This cycle
> would repeat indefinitely, the laptop turning itself on and off. I
> have to make it stop by pressing and holding the power button.
> 
> In short, my laptop was completely broken and useless.
> 
> Fortunately, being new it was covered by HP's warranty. They talked me
> through the usual minor fixits on the phone, removing the disk and
> such, and nothing helped. They finally told me to take it to an
> authorized repair shop. The nearest one is 80 miles away so it was not
> super convenient, but I did it. Unfortunately it meant that I was not
> able to take the laptop on my trip and was not able to do my
> experiments.
> 
> I got back this week and picked up my laptop from the repair shop.
> They had replaced the motherboard and it worked fine. So I tried
> again. I enabled the new TPM, got VT and TXT enabled, and tried
> launching tboot.
> 
> It broke again.
> 
> Once again my laptop is useless. It repeatedly turns itself on and
> off, and does not even light up the display. It does not get far
> enough into BIOS to boot from a CD or any other medium.
> 
> I am a little worried about once again demanding that HP fix this
> machine under the terms of my warranty. I did not go into any detail
> about what I was doing when it broke the first time. In fact I thought
> it was probably just a defective machine; I did not necessarily
> connect it that much with tboot since I was just getting started with
> it and had only used it for an hour or so. But with the same thing
> happening twice now, it is clear that I am breaking it. And I am not
> running Windows, I am using experimental software, etc. Of course the
> machine is claimed to support TXT, so obviously it should not break
> from running tboot. But this is such a little-known and new technology
> that I'm sure only a few people at HP are familiar with it. I am not
> sure how to proceed with regard to the warranty.
> 
> I wonder if anyone at HP reading this might be able to comment? It
> will not be good if HP laptops are turned into bricks by running
> tboot.
> 
> Hal Finney
> 
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
> 30-Day trial. Simplify your report design, integration and deployment
> - and focus on what you do best, core application coding. Discover
> what's new with 
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel

Re: [tboot-devel] tboot broke my laptop! (twice!)

[Tondapu, K. <kar...@hp...>]

Hi Hal,
The last time I checked tboot on 6930p was with Changeset:d9eaaaa7279b and BIOS:F.10 and I haven't seen any issues (no hang or restart). The txt-stat log looked fine too. Can you please tell me which bios version you are using? 

Will have to check if any recent changes to tboot are breaking on the unit.

Karthik

-----Original Message-----
From: Hal Finney [mailto:hal...@gm...] 
Sent: Sunday, August 16, 2009 11:14 AM
To: tbo...@li...
Cc: Tondapu, Karthik
Subject: tboot broke my laptop! (twice!)

I was traveling recently, and I wanted to do some experiments with TXT
on the road, so I bought an HP laptop that supports the technology. It
is an HP EliteBook 6930p. I got it set up with Linux and tboot,
enabled TPM, VT and TXT, and tried booting tboot and a Linux kernel.

Something went wrong. My laptop hung and I restarted it. But it didn't
start properly. The power light and other lights came on, but the
display did not light up. The fan started and disk began spinning, but
after about a second, the whole thing powered down. The fan and disk
stopped, and all of the lights went out. Then, after a few seconds, it
turned itself back on. But once again, after starting the fan and
disk, and before lighting the display, the laptop shut off. This cycle
would repeat indefinitely, the laptop turning itself on and off. I
have to make it stop by pressing and holding the power button.

In short, my laptop was completely broken and useless.

Fortunately, being new it was covered by HP's warranty. They talked me
through the usual minor fixits on the phone, removing the disk and
such, and nothing helped. They finally told me to take it to an
authorized repair shop. The nearest one is 80 miles away so it was not
super convenient, but I did it. Unfortunately it meant that I was not
able to take the laptop on my trip and was not able to do my
experiments.

I got back this week and picked up my laptop from the repair shop.
They had replaced the motherboard and it worked fine. So I tried
again. I enabled the new TPM, got VT and TXT enabled, and tried
launching tboot.

It broke again.

Once again my laptop is useless. It repeatedly turns itself on and
off, and does not even light up the display. It does not get far
enough into BIOS to boot from a CD or any other medium.

I am a little worried about once again demanding that HP fix this
machine under the terms of my warranty. I did not go into any detail
about what I was doing when it broke the first time. In fact I thought
it was probably just a defective machine; I did not necessarily
connect it that much with tboot since I was just getting started with
it and had only used it for an hour or so. But with the same thing
happening twice now, it is clear that I am breaking it. And I am not
running Windows, I am using experimental software, etc. Of course the
machine is claimed to support TXT, so obviously it should not break
from running tboot. But this is such a little-known and new technology
that I'm sure only a few people at HP are familiar with it. I am not
sure how to proceed with regard to the warranty.

I wonder if anyone at HP reading this might be able to comment? It
will not be good if HP laptops are turned into bricks by running
tboot.

Hal Finney

[tboot-devel] tboot broke my laptop! (twice!)

[Hal F. <hal...@gm...>]

I was traveling recently, and I wanted to do some experiments with TXT
on the road, so I bought an HP laptop that supports the technology. It
is an HP EliteBook 6930p. I got it set up with Linux and tboot,
enabled TPM, VT and TXT, and tried booting tboot and a Linux kernel.

Something went wrong. My laptop hung and I restarted it. But it didn't
start properly. The power light and other lights came on, but the
display did not light up. The fan started and disk began spinning, but
after about a second, the whole thing powered down. The fan and disk
stopped, and all of the lights went out. Then, after a few seconds, it
turned itself back on. But once again, after starting the fan and
disk, and before lighting the display, the laptop shut off. This cycle
would repeat indefinitely, the laptop turning itself on and off. I
have to make it stop by pressing and holding the power button.

In short, my laptop was completely broken and useless.

Fortunately, being new it was covered by HP's warranty. They talked me
through the usual minor fixits on the phone, removing the disk and
such, and nothing helped. They finally told me to take it to an
authorized repair shop. The nearest one is 80 miles away so it was not
super convenient, but I did it. Unfortunately it meant that I was not
able to take the laptop on my trip and was not able to do my
experiments.

I got back this week and picked up my laptop from the repair shop.
They had replaced the motherboard and it worked fine. So I tried
again. I enabled the new TPM, got VT and TXT enabled, and tried
launching tboot.

It broke again.

Once again my laptop is useless. It repeatedly turns itself on and
off, and does not even light up the display. It does not get far
enough into BIOS to boot from a CD or any other medium.

I am a little worried about once again demanding that HP fix this
machine under the terms of my warranty. I did not go into any detail
about what I was doing when it broke the first time. In fact I thought
it was probably just a defective machine; I did not necessarily
connect it that much with tboot since I was just getting started with
it and had only used it for an hour or so. But with the same thing
happening twice now, it is clear that I am breaking it. And I am not
running Windows, I am using experimental software, etc. Of course the
machine is claimed to support TXT, so obviously it should not break
from running tboot. But this is such a little-known and new technology
that I'm sure only a few people at HP are familiar with it. I am not
sure how to proceed with regard to the warranty.

I wonder if anyone at HP reading this might be able to comment? It
will not be good if HP laptops are turned into bricks by running
tboot.

Hal Finney

Re: [tboot-devel] Canonical list of processors supporting TXT

[Martin T. <ma...@th...>]

Hello

I would be interested in this also, including which of the Nehalem's
support it. By the way, please be aware that the chipset must also
support it and a TPM must be present. Previously it seems only the X's
and the Q's supported it. How will this be for the 55-series and what
is the situation for the atom chipsets?

Thank you in advance!

Best regards,

Martin Thiim

On Tue, Aug 11, 2009 at 11:05 AM, Mike Hearn<mi...@pl...> wrote:
> Hiya,
>
> I'm trying to find out if Atom and the upcoming Moorestown chips will
> support TXT. I see that some but not all atoms support VT, but I guess
> that's not enough.
>
> What plans does Intel have to actually deploy this technology en-masse?
>
> thanks -mike
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>
>

[tboot-devel] Canonical list of processors supporting TXT

[Mike H. <mi...@pl...>]

Hiya,

I'm trying to find out if Atom and the upcoming Moorestown chips will
support TXT. I see that some but not all atoms support VT, but I guess
that's not enough.

What plans does Intel have to actually deploy this technology en-masse?

thanks -mike

Re: [tboot-devel] GETSEC[SENTER] fail on HP 8530p

[Tondapu, K. <kar...@hp...>]

Hello list,

Here is the feedback from HP's Desktop team:
    We could not reproduce this issue on the dc7800 using the 1.28 BIOS. We downloaded the q35_sinit_17.bin SINIT from    
    http://sourceforge.net/projects/tboot/files website.
    We have seen the case where the TPM gets in a unknown state occasionally and will cause an issue. Ask them to go into the BIOS F10 Setup menu and 
    perform a Reset to the TPM and try it again to see if this resolves there issue. 
    Thank you.
    Best Regards,
    Dalvis Desselle 

Hi Jon, 
I have started to look into the issue you have mentioned on 8530p(F.0C), will let you know the status once I have an update. 

Thanks
Karthik

-----Original Message-----
From: Jonathan M. McCune [mailto:jon...@cm...] 
Sent: Monday, August 03, 2009 12:10 PM
To: Martin Thiim
Cc: Hal Finney; tbo...@li...; Tondapu, Karthik
Subject: GETSEC[SENTER] fail on HP 8530p

Hello list, cc Karthik,

I have recently upgraded the BIOS on an HP 8530p laptop (to version F.0C), and am experiencing what sound like extremely similar SENTER failures to those Hal is getting on his dc7800.  I cannot do a regression test, however, as the previous BIOS version did not support SENTER at all on this system.  This laptop does not have a serial port, so all I can capture is the in-memory log from the system following SENTER-inspired reboot (see attached).

The error code in the log decodes to "BARs in VT-d DMAR DRHD struct mismatch".

Note that I believe Hal's dc7800 has a Q35 Express chipset, and this laptop has "Mobile Intel PM45 Express Chipset ICH9M-Enhanced." 
Interesting that the possibly similar / related failures are across different chipsets.

In following along with attempting to debug Hal's system, I decided to go ahead and disable Audio and USB Legacy Support in BIOS, and to attach the output of `lspci -v` and Ross's dmardump.

I've copied Karthik from HP as he has previously been very helpful in determining that there were issues with SENTER and the previous BIOS version for this laptop.

I'm happy to execute additional tests to help track down the cause of these problems.

Thanks to all for their time and suggestions, -Jon



Martin Thiim wrote:
> Hi
> 
> Great. However, I'm still curious about what caused it to fail. I hope 
> in the future more info will be released on what SINIT actually does.
> 
> As my last posts indicated, it probably isn't/wasn't an inconsistency 
> in the tables themselves, but rather an inconsistency with the tables 
> and something outside the tables, such as either the PCI device BAR 
> registers, or perhaps the register base of the DMA units that are off 
> (i.e. maybe these registers don't actually point to a DMA unit).
> 
> Best regards,
> 
> Martin Thiim
> 
> On Sat, Aug 1, 2009 at 8:40 AM, Hal Finney<hal...@gm...> wrote:
>> As an update, I successfully rolled back my BIOS to an earlier 
>> version. With this change, tboot works again! GETSEC[SENTER] executes 
>> with no errors and I get into the secure state. So it is definitely 
>> some problem relating to the new BIOS.
>>
>> Interestingly, I dumped the DMAR tables created by the working BIOS 
>> and they are byte for byte identical to what they were with the 
>> non-working BIOS. So clearly there is no point in going over those 
>> tables with a fine tooth comb to figure out what SINIT doesn't like 
>> about them. Something else must be different. I'd say the SINIT error 
>> codes are not particularly informative about what is going wrong in 
>> this case.
>>
>> I hope the SINIT team will still look into this. I can easily go back 
>> to the newer BIOS in order to reproduce the failing state. The new 
>> BIOS has the advantage that I can reboot after an SINIT failure and 
>> read the errorcode register. With the old BIOS, attempts to reboot 
>> hang in the BIOS and it's not possible to read the errorcodes, which 
>> made debugging TXT almost impossible.
>>
>> So I can either use the new BIOS which would allow some debugging but 
>> which unfortunately doesn't work with SINIT; or I can use the old 
>> BIOS which works with SINIT but reveals nothing when there is a failure.
>> Neither is a great alternative.
>>
>> Hal Finney
>>
> 
> ----------------------------------------------------------------------
> -------- Let Crystal Reports handle the reporting - Free Crystal 
> Reports 2008 30-Day trial. Simplify your report design, integration 
> and deployment - and focus on what you do best, core application 
> coding. Discover what's new with Crystal Reports now.  
> http://p.sf.net/sfu/bobj-july 
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> 

Re: [tboot-devel] Calculation of PCR 17

[Michael G. <m.g...@tu...>]

hi list,

one of my question ended in smoke. I was confused ;-)

Michael Gissing wrote:
> 4) tboot seems to extend SinitMleData.PolicyControl | SinitMleData.LcpPolicyHash after ML to PCR 17
>     too. Why extend a second time?

tboot doesn't extend as above, it extends its hashed verified launch policy and the policy control 
of this policy... (tb_policy_t)

btw: The description of SinitMleData.LcpPolicyHash in Appendix C is not clear. It says it's the hash 
of the policy, actually it seems to be the same value as LCP_POLICY.PolicyHash (at least if 
LCP_POLICY.PolicyType = POLTYPE_HASHONLY - in that case of course (hopefully) the same as 
SinitMleData.MleHash)

greetz Michael

Re: [tboot-devel] Calculation of PCR 17

[Michael G. <m.g...@tu...>]

Hi Jon, list,

thanks for the script, it was realy helpful to see that you did the
same as I did. When feeding with the same values, our script's output is
the same. The problem is: it doesn't match the values in my pcr.

Here's my SINIT to MLE Data

06 00 00 00 80 00 00 00 20 08 06 25 00 00 2e 00
00 00 00 00 ff ff ff ff 00 00 00 00 00 00 00 00
00 00 00 00 bd 7a 2c 80 0a 93 de 4c c6 35 ee 63
a8 80 49 f6 cf c7 02 f3 e7 82 65 05 88 55 26 72
83 54 90 1d 6d e6 80 a4 c0 64 22 80 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
e7 82 65 05 88 55 26 72 83 54 90 1d 6d e6 80 a4
c0 64 22 80 00 00 00 00 c0 19 90 dd 00 00 00 00
07 00 00 00 98 00 00 00 c8 01 00 00 40 01 00 00
00 00 00 00 00 00 00 00 00 00 0a 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00
00 00 f0 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 01 00 00 00 00 00 00 90 dc 00 00 00 00
00 00 00 00 00 00 00 00 00 00 a0 dd 00 00 00 00
00 00 20 00 00 00 00 00 02 00 00 00 00 00 00 00
00 00 00 f4 00 00 00 00 00 00 00 04 00 00 00 00
03 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00
00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 01 00 00 00 00 00 00 10 00 00 00 00
00 00 00 00

Due to SinitMleData.PolicyControl = 0x00000000 for calculation
SinitMleData.LcpPolicyHash has to be zero'ed, right?

OsSinitData.Capabilities is 0x2 (uint32 little endian)

Here is the expected value as reported by tboot. The step from
"before extending" to "after extending" is clear to me. But I can't
recalculate the value "before extending".

TBOOT:   VL measurements:
TBOOT:     PCR 17: e4 d6 78 d8 71 60 c7 38 ab c6 2e f8 92 2c 1e ee 12 fb 50 4c
TBOOT: PCRs before extending:
TBOOT:   PCR 17: e0 8f f9 be 75 75 31 63 af 1a eb 4d c3 5f ca 6e db 6b 89 98
TBOOT: PCRs after extending:
TBOOT:   PCR 17: 3b 0c 5f fe e8 c7 7e 13 93 68 6a 53 9d d8 53 10 83 4b d2 c7

greetz, Michael

Jonathan M. McCune wrote:
> Hi Michael, list,
> 
> Attached is a script that I threw together to recreate the contents of 
> the PCR values on a system I've been using, by looking at some of the 
> debug values.  I hope that you find it useful.
> 
> -Jon
> 
> 
> Michael Gissing wrote:
>> Hi!
>>
>> Now I'm trying to calculate PCR 17 by hand. I'm making only little 
>> progress on that issue. Here's what I'm doing, there are some 
>> Questions in there, what I haven't understood. The informations below 
>> are based on "Measured Launched Environment Developer's Guide - June 
>> 2008".

Re: [tboot-devel] Calculation of PCR 17

[Jonathan M. M. <jon...@cm...>]

Hi Michael, list,

Attached is a script that I threw together to recreate the contents of 
the PCR values on a system I've been using, by looking at some of the 
debug values.  I hope that you find it useful.

-Jon


Michael Gissing wrote:
> Hi!
>
> Now I'm trying to calculate PCR 17 by hand. I'm making only little progress on that issue. Here's 
> what I'm doing, there are some Questions in there, what I haven't understood. The informations below 
> are based on "Measured Launched Environment Developer's Guide - June 2008".
>
> 1) Set PCR to all 0s
>
> 2) Extend ( SHA-1( SinitMleData.SinitHash | SinitMleData.EdxSenterFlags ) )
>    2a) concatenate SinitMleData.SinitHash and SinitMleData.EdxSenterFlags
>        *) EdxSenterFlags are reported to be 0x00000000 - is that right?
>        *) how can I calculate SinitHash on my own? tboot copies hole SINIT image to memory, but
>           a hash over the image file isn't the same as SinitMleData.SinitHash
>
> 3) MLE Developer's Guide says that all other items are concatenated and extended at one single 
> extend. Is that right?
>    3a) MLE Dev Guid says "SHA-1 hash of BIOS ACM - SinitMleData.BiosAcmID"
>        *) SinitMleData.BiosAcmID is not a hash, must it be hashed or not before concatenation?
>        *) Where can I get the BiosAcmID of a system?
>    3b) MsegValid is 8 byte data, but has only two possible values, 0x0 and 0x1, right?
>        The only purpose is to indicate whether StmHash is a hash or 0s, right?
>    3c) How is determined whether OsSinitData.Capabilities is extended or not?
>
> 4) tboot seems to extend SinitMleData.PolicyControl | SinitMleData.LcpPolicyHash after ML to PCR 17
>     too. Why extend a second time?
>
> any help would be appreciated,
> greetz Michael
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
> trial. Simplify your report design, integration and deployment - and focus on 
> what you do best, core application coding. Discover what's new with 
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>
>   

[tboot-devel] Calculation of PCR 17

[Michael G. <m.g...@tu...>]

Hi!

Now I'm trying to calculate PCR 17 by hand. I'm making only little progress on that issue. Here's 
what I'm doing, there are some Questions in there, what I haven't understood. The informations below 
are based on "Measured Launched Environment Developer's Guide - June 2008".

1) Set PCR to all 0s

2) Extend ( SHA-1( SinitMleData.SinitHash | SinitMleData.EdxSenterFlags ) )
   2a) concatenate SinitMleData.SinitHash and SinitMleData.EdxSenterFlags
       *) EdxSenterFlags are reported to be 0x00000000 - is that right?
       *) how can I calculate SinitHash on my own? tboot copies hole SINIT image to memory, but
          a hash over the image file isn't the same as SinitMleData.SinitHash

3) MLE Developer's Guide says that all other items are concatenated and extended at one single 
extend. Is that right?
   3a) MLE Dev Guid says "SHA-1 hash of BIOS ACM - SinitMleData.BiosAcmID"
       *) SinitMleData.BiosAcmID is not a hash, must it be hashed or not before concatenation?
       *) Where can I get the BiosAcmID of a system?
   3b) MsegValid is 8 byte data, but has only two possible values, 0x0 and 0x1, right?
       The only purpose is to indicate whether StmHash is a hash or 0s, right?
   3c) How is determined whether OsSinitData.Capabilities is extended or not?

4) tboot seems to extend SinitMleData.PolicyControl | SinitMleData.LcpPolicyHash after ML to PCR 17
    too. Why extend a second time?

any help would be appreciated,
greetz Michael

[tboot-devel] GETSEC[SENTER] fail on HP 8530p

[Jonathan M. M. <jon...@cm...>]

Hello list, cc Karthik,

I have recently upgraded the BIOS on an HP 8530p laptop (to version 
F.0C), and am experiencing what sound like extremely similar SENTER 
failures to those Hal is getting on his dc7800.  I cannot do a 
regression test, however, as the previous BIOS version did not support 
SENTER at all on this system.  This laptop does not have a serial port, 
so all I can capture is the in-memory log from the system following 
SENTER-inspired reboot (see attached).

The error code in the log decodes to "BARs in VT-d DMAR DRHD struct 
mismatch".

Note that I believe Hal's dc7800 has a Q35 Express chipset, and this 
laptop has "Mobile Intel PM45 Express Chipset ICH9M-Enhanced." 
Interesting that the possibly similar / related failures are across 
different chipsets.

In following along with attempting to debug Hal's system, I decided to 
go ahead and disable Audio and USB Legacy Support in BIOS, and to attach 
the output of `lspci -v` and Ross's dmardump.

I've copied Karthik from HP as he has previously been very helpful in 
determining that there were issues with SENTER and the previous BIOS 
version for this laptop.

I'm happy to execute additional tests to help track down the cause of 
these problems.

Thanks to all for their time and suggestions,
-Jon



Martin Thiim wrote:
> Hi
> 
> Great. However, I'm still curious about what caused it to fail. I hope
> in the future more info will be released on what SINIT actually does.
> 
> As my last posts indicated, it probably isn't/wasn't an inconsistency
> in the tables themselves, but rather an inconsistency with the tables
> and something outside the tables, such as either the PCI device BAR
> registers, or perhaps the register base of the DMA units that are off
> (i.e. maybe these registers don't actually point to a DMA unit).
> 
> Best regards,
> 
> Martin Thiim
> 
> On Sat, Aug 1, 2009 at 8:40 AM, Hal Finney<hal...@gm...> wrote:
>> As an update, I successfully rolled back my BIOS to an earlier
>> version. With this change, tboot works again! GETSEC[SENTER] executes
>> with no errors and I get into the secure state. So it is definitely
>> some problem relating to the new BIOS.
>>
>> Interestingly, I dumped the DMAR tables created by the working BIOS
>> and they are byte for byte identical to what they were with the
>> non-working BIOS. So clearly there is no point in going over those
>> tables with a fine tooth comb to figure out what SINIT doesn't like
>> about them. Something else must be different. I'd say the SINIT error
>> codes are not particularly informative about what is going wrong in
>> this case.
>>
>> I hope the SINIT team will still look into this. I can easily go back
>> to the newer BIOS in order to reproduce the failing state. The new
>> BIOS has the advantage that I can reboot after an SINIT failure and
>> read the errorcode register. With the old BIOS, attempts to reboot
>> hang in the BIOS and it's not possible to read the errorcodes, which
>> made debugging TXT almost impossible.
>>
>> So I can either use the new BIOS which would allow some debugging but
>> which unfortunately doesn't work with SINIT; or I can use the old BIOS
>> which works with SINIT but reveals nothing when there is a failure.
>> Neither is a great alternative.
>>
>> Hal Finney
>>
> 
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
> trial. Simplify your report design, integration and deployment - and focus on 
> what you do best, core application coding. Discover what's new with 
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> 

Re: [tboot-devel] GETSEC[SENTER] fail on HP dc7800

[Martin T. <ma...@th...>]

Hi

Great. However, I'm still curious about what caused it to fail. I hope
in the future more info will be released on what SINIT actually does.

As my last posts indicated, it probably isn't/wasn't an inconsistency
in the tables themselves, but rather an inconsistency with the tables
and something outside the tables, such as either the PCI device BAR
registers, or perhaps the register base of the DMA units that are off
(i.e. maybe these registers don't actually point to a DMA unit).

Best regards,

Martin Thiim

On Sat, Aug 1, 2009 at 8:40 AM, Hal Finney<hal...@gm...> wrote:
> As an update, I successfully rolled back my BIOS to an earlier
> version. With this change, tboot works again! GETSEC[SENTER] executes
> with no errors and I get into the secure state. So it is definitely
> some problem relating to the new BIOS.
>
> Interestingly, I dumped the DMAR tables created by the working BIOS
> and they are byte for byte identical to what they were with the
> non-working BIOS. So clearly there is no point in going over those
> tables with a fine tooth comb to figure out what SINIT doesn't like
> about them. Something else must be different. I'd say the SINIT error
> codes are not particularly informative about what is going wrong in
> this case.
>
> I hope the SINIT team will still look into this. I can easily go back
> to the newer BIOS in order to reproduce the failing state. The new
> BIOS has the advantage that I can reboot after an SINIT failure and
> read the errorcode register. With the old BIOS, attempts to reboot
> hang in the BIOS and it's not possible to read the errorcodes, which
> made debugging TXT almost impossible.
>
> So I can either use the new BIOS which would allow some debugging but
> which unfortunately doesn't work with SINIT; or I can use the old BIOS
> which works with SINIT but reveals nothing when there is a failure.
> Neither is a great alternative.
>
> Hal Finney
>

Re: [tboot-devel] GETSEC[SENTER] fail on HP dc7800

[Hal F. <hal...@gm...>]

As an update, I successfully rolled back my BIOS to an earlier
version. With this change, tboot works again! GETSEC[SENTER] executes
with no errors and I get into the secure state. So it is definitely
some problem relating to the new BIOS.

Interestingly, I dumped the DMAR tables created by the working BIOS
and they are byte for byte identical to what they were with the
non-working BIOS. So clearly there is no point in going over those
tables with a fine tooth comb to figure out what SINIT doesn't like
about them. Something else must be different. I'd say the SINIT error
codes are not particularly informative about what is going wrong in
this case.

I hope the SINIT team will still look into this. I can easily go back
to the newer BIOS in order to reproduce the failing state. The new
BIOS has the advantage that I can reboot after an SINIT failure and
read the errorcode register. With the old BIOS, attempts to reboot
hang in the BIOS and it's not possible to read the errorcodes, which
made debugging TXT almost impossible.

So I can either use the new BIOS which would allow some debugging but
which unfortunately doesn't work with SINIT; or I can use the old BIOS
which works with SINIT but reveals nothing when there is a failure.
Neither is a great alternative.

Hal Finney

Re: [tboot-devel] GETSEC[SENTER] fail on HP dc7800

[Martin T. <ma...@th...>]

Hi

Sounds like some interesting tests. I wonder if the BIOS could have
locked the memory somehow after it is initialized - should be easy to
test :)

I agree that the "Register Base Address" in the DRHD is the register
base for the DMA hardware itself. Hence it wouldn't equal the BAR
reported by PCI devices themselves. But I would have expected more
correlation for the RMRR's.

You could also try to inspect some of the registers reported for the
DMA units in DRHD (0xfed90000, 0xfed91000) etc. to see if it looks
like there really sits DMA units there? Say the version or capability
registers (offset 0x0 and 0x4, according to section 10.4). It could be
such checks that make SINIT conclude that the BAR "mismatches".

Wild alternatives to what BAR could refer to (VT-d spec):
- Page 98: Register indicating Base Address of Interrupt Remapping Table.
- Page 113: Register providing the Base Address of Root-entry table.

Best regards,

Martin Thiim


On Fri, Jul 31, 2009 at 10:11 PM, Hal Finney<hal...@gm...> wrote:
> Hi Martin, thanks for those links. I've attached the output of lspci
> -v when my system is booted with USB disabled. Here is an excerpt, the
> only ones that have addresses listed:
>
> 00:02.0 VGA compatible controller: Intel Corporation 82Q35 Express
> Integrated Graphics Controller (rev 02)
>        Subsystem: Hewlett-Packard Company Device 2819
>        Flags: bus master, fast devsel, latency 0, IRQ 16
>        Memory at f0100000 (32-bit, non-prefetchable) [size=512K]
>        I/O ports at 1230 [size=8]
>        Memory at e0000000 (32-bit, prefetchable) [size=256M]
>        Memory at f0000000 (32-bit, non-prefetchable) [size=1M]
>        Capabilities: [90] Message Signalled Interrupts: Mask- 64bit- Queue=0/0 Enable-
>        Capabilities: [d0] Power Management version 2
>
> 00:19.0 Ethernet controller: Intel Corporation 82566DM-2 Gigabit
> Network Connection (rev 02)
>        Subsystem: Hewlett-Packard Company Device 2818
>        Flags: bus master, fast devsel, latency 0, IRQ 221
>        Memory at f0180000 (32-bit, non-prefetchable) [size=128K]
>        Memory at f01a1000 (32-bit, non-prefetchable) [size=4K]
>        I/O ports at 1100 [size=32]
>        Capabilities: [c8] Power Management version 2
>        Capabilities: [d0] Message Signalled Interrupts: Mask- 64bit+ Queue=0/0 Enable+
>        Capabilities: [e0] PCIe advanced features <?>
>        Kernel driver in use: e1000e
>        Kernel modules: e1000e
>
> Deviice 02.00 is the video controller. It has BARs at f0100000,
> e0000000, and f0000000. This device is listed in the DMAR table as
> having the DMA remapping registers at fed91000. It is also the device
> listed in the RMRR reserved memory table as having addresses
> 0x3e600000 - 0x3effffff. My interpretation is that the PCI BAR
> addresses are mapped to the card itself; the DMA remapping registers
> are on a different device, part of the bus controller or chipset; and
> the reserved memory region, 10 MB of system RAM, is the video display
> RAM. I don't see any problem with all these addresses being different.
>
> The only other device with a BAR in the lspci output is the ethernet
> controller at 19.00. It has BARs at f0180000 and f01a1000. The first
> one immediately follows the video controller BAR, but it is on a
> separate page boundary so is consistent with the advice in the VT-d
> spec about BARS not overlapping pages.
>
> The one odd element is that the DMAR table shows DMA remapping
> hardware #2 in a DRHD table, which covers PCI devices 03.00, 03.02,
> and 03.03. However, lspci does not show any PCI devices at 03.XX. So I
> don't know what devices those would be, if they exist. I don't know if
> there is any requirement that the DHRD entries refer to actually
> existing PCI devices. I wonder where the BIOS came up with these.
>
> One other big question I have is, where does SINIT get the DMAR table?
> Is it just looking at known addresses in RAM and parsing ACPI data?
> Would it be possible for TBOOT to patch the DMAR table in memory
> before launching SINIT, in order to see if SINIT liked it any better?
> I should try an experiment of changing the DMAR checksum, see if SINIT
> complains about that (it's an earlier error code so presumably is
> checked sooner). If so, I could take out all of the DRHD's and RMRR's
> and see if SINIT likes it any better.
>
> Hal
>
>
> On Fri, Jul 31, 2009 at 12:17 PM, Martin Thiim<ma...@th...> wrote:
>> Hello Hal
>>
>> For a bit more on the PCI BAR, see this:
>>
>> http://docs.sun.com/app/docs/doc/819-3196/6n5ed4hmv?a=view
>>
>> Every PCI device has these registers that give the base address/range
>> of its registers. It seems these ranges don't match those in DMAR. It
>> makes sense SINIT would/could check this.
>>
>> Best regards,
>>
>> Martin Thiim
>>
>> On Thu, Jul 30, 2009 at 10:07 PM, Martin Thiim<ma...@th...> wrote:
>>> Hello Hal
>>>
>>> I could be wrong, but I think what the "Enable VT-d" option in the
>>> BIOS really refers to is whether the BIOS should set up the ACPI
>>> tables related to VT-d.
>>>
>>> You could use acpidump to see if those tables contain anything VT-d
>>> related (DMAR and the like) - the VT-d spec would be helpful for this.
>>>
>>> http://download.intel.com/technology/computing/vptech/Intel(r)_VT_for_Direct_IO.pdf
>>>
>>> I currently don't have access to my VT-d system so I can't give you a
>>> table of what it looks like on my machine but perhaps others could.
>>>
>>> Best regards,
>>>
>>> Martin Thiim
>>>
>>> On Thu, Jul 30, 2009 at 7:28 PM, Hal Finney<hal...@gm...> wrote:
>>>> Hi Shane - I'm not sure what it would do to add these switches, since
>>>> tboot doesn't get as far as launching the kernel, since it hangs in
>>>> SENTER. However I can try doing it and then just booting into the
>>>> kernel, in case I get any error reports about VT-d.
>>>>
>>>> Are there any MSRs or other registers I can patch tboot to dump out,
>>>> to indicate whether VT-d is turned on?
>>>>
>>>> My HP dc7800 was one of the very first commercially released systems
>>>> to support TXT. I bought one as soon as they became available in order
>>>> to experiment with this technology. It has an E6550 "Conroe" processor
>>>> with a Q35 "Bearlake" chipset.
>>>>
>>>> Hal
>>>>
>>>> On Thu, Jul 30, 2009 at 12:24 AM, Shane Wang<sha...@in...> wrote:
>>>>> Hal,
>>>>>
>>>>> If you work with Xen, please try to add "iommu=1 vtd=1" in Xen command line
>>>>> (i.e. the end of "module /boot/xen.gz ...")
>>>>> If you work with Linux, please try to add "iommu=on" in the command
>>>>> line (i.e. the end of "module /boot/vmlinuz-2.6.30 ..."
>>>>>
>>>>> PS: do you know which platform HP dc7800 is? *Field or *Dale?
>>>>> Can you see VTd lsoc (Azalia) WA in BIOS or somewhere?
>>>>>
>>>>> Thanks.
>>>>> Shane
>>>>>
>>>>> Hal Finney wrote:
>>>>>>
>>>>>> Thanks for the reply, Shane. VT-d is enabled in the BIOS; in fact, the
>>>>>> BIOS automatically enables VT-d when TXT is enabled.
>>>>>>
>>>>>> I don't know of anything I would do in any grub configuration file to
>>>>>> enable VT-d for tboot and SINIT. Do you have any suggestions?
>>>>>>
>>>>>> Hal
>>>>>>
>>>>>> On Wed, Jul 29, 2009 at 10:04 PM, Shane Wang<sha...@in...> wrote:
>>>>>>>
>>>>>>> Hi Hal
>>>>>>>
>>>>>>> The error code means VTd is disabled.
>>>>>>> Is your VT-d enabled in your new BIOS and grub.conf?
>>>>>>>
>>>>>>> Thanks.
>>>>>>> Shane
>>>>>>>
>>>>>>> Hal Finney wrote:
>>>>>>>>
>>>>>>>> I haven't run tboot in a while, but I'm trying it on my HP dc7800 and
>>>>>>>> finding it hangs in GETSEC[SENTER]. This is even true with old
>>>>>>>> versions of tboot that used to work. My system has no USB ports
>>>>>>>> plugged in, and no hardware changes.
>>>>>>>>
>>>>>>>> The one change is I recently updated my BIOS. I suspect this has to be
>>>>>>>> the cause. One nice thing about the new BIOS is that the tboot hang
>>>>>>>> actually reboots the machine with the ERRORCODE register intact. Its
>>>>>>>> value is c00020a1. This is progress code 0ah, error code 1000,
>>>>>>>> meaning: "device scope of VT-d DMAR ACPI table is invalid". Not clear
>>>>>>>> what this means.
>>>>>>>>
>>>>>>>> My log is attached, including the hang and the relaunch of tboot. This
>>>>>>>> is version 20090330 of tboot. Thanks very much -
>>>>>>>>
>>>>>>>> Hal Finney
>>>>>>>
>>>>>
>>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
>>>> trial. Simplify your report design, integration and deployment - and focus on
>>>> what you do best, core application coding. Discover what's new with
>>>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>>>> _______________________________________________
>>>> tboot-devel mailing list
>>>> tbo...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>>>>
>>>
>>
>