Menu
▾
▴
Re: [TrouSerS-users] tpm_takeownership and private key from previous OS
|
From: Bill M. <bm...@va...> - 2013-08-13 15:17:01
|
Oh I got it taken care of. I sent e-mail yesterday to the users' list of trousers. The error code was Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), Internal software error when I tried the tpm_takeownership command. In fact Alexander Kjeldaas posted on February 28 2013 this same problem. Kent Yoder responded and suggested to rebuild Trousers. Alexander did that and he said it was fixed. I think Alexander's issue was solved by going up a version. I was running 0.3.9 of trousers, I realized. So I upgraded to 0.3.10 and my problem was fixed. regards Bill Martin ________________________________________ From: Ken Goldman [kgo...@us...] Sent: Tuesday, August 13, 2013 6:04 AM To: tro...@li... Subject: Re: [TrouSerS-users] tpm_takeownership and private key from previous OS What specifically do you think is wrong? What is failing that you think should be working differently? Are you confusing the EK and SRK? What is the actual error code? I doubt it's 0004 coming from the TPM, since 0004 pertains to audit, which TPMs typically did not implement. ~~ And the shameful plug. If you debug with the SW TPM, you can get a trace, which greatly helps debug. On 8/7/2013 11:07 AM, Bill Martin wrote: > Hi folks, > > I have a yocto-built system running on a Kontron (arch is i686). I > explicitly instructed the yocto to bring in tpm-tools and TrouSerS. > And I know they are installed. I set my BIOS to clear the tpm, > brought up the system again, and noticed > /sys/class/misc/tpm0/device/pubek is empty. That was to be expected. > Next I enabled the TPM in bios and reset the Kontron. After the power > came up I noticed pubek was not empty. Moreover, I could do the > tpm_version but my tpm_takeownership failed. > > I did a lot of looking through search engines and saw earlier this > year in February someone suggested to rebuild TrouSerS with debug and > see what is happening. That rebuild seemed to work for him. > > But in my case I am wondering if a previous private key was installed > in Kontron's TPM chip, which would make the tpm_takeonership useless? > Here's what I got... ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-users mailing list Tro...@li... https://lists.sourceforge.net/lists/listinfo/trousers-users |