Re: [Trustedjava-support] nv_definespace fails

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,

Am 12.03.2015 um 22:25 schrieb Raja:
[...]
> Hi,
>
> I tried using jTPM to define NVRam space using both Local binding and
> SOAP binding (by changing the binding Type in jtss_tsp.ini file).
> SOAP works but Local bindind does not. Any ideas?
[...]

This likely is related to the windows user account / permissions used to
run your application, respectively the SOAP service daemon. TPM base
services by default block access to a number of TPM ordinals
(for good reason!) by non-administrator users. Check [1] for more details.

As far as I recall, the SOAP service daemon is run under the "Local
System" account - therefore access to the blocked ordinals should be
possible.

When you run your application with local bindings, the TBS syscalls will
be done from within your application, which (likely) runs under
your (unprivileged?) user account - therefore access to the blocked
ordinals will fail (with the errors you mentioned).

To work around this issues, you can try to run your application with
administrator privileges (e.g. using [2]) - this should resolve your
problems.

Best,
Johannes

[1]https://msdn.microsoft.com/en-us/library/windows/desktop/aa965898(v=vs.85).aspx

[2]https://technet.microsoft.com/en-us/library/bb490994.aspx
-- 
Johannes Winter, IAIK - Graz University of Technology       __
Inffeldgasse 16a, 8010 Graz, Austria                  __  _|  |_
Phone: +43 316 873 5578                              |  ||      |
Fax: +43 316 873 5520                                |_    _||__|
http://www.iaik.tugraz.at/                             |__| IAIK