Hi Rusty, Hi all,

Le 01/12/2016 à 20:23, Rusty Bird a écrit :
>> Uh... Lines 17-19 are all FF

> Well, the good news is we've definitely narrowed down the problem. :)
> Are you sure you've successfully copied the *right* SINIT blob for your
> system to /boot? (Intel's download page is... not great.)

Stupid me. I had first thought that if I could see the PCR-* lines and
initialize TPM, it meant that my kernel managed the TPM by itself and
didn't need this file... So I had't installed it at all.

I now have downloaded 3rd_gen_i5_i7_SINIT_67.BIN from Intel, installed
it per instructions, completely redone everything (including resetting
the TPM chip in BIOS, uninstalling and reinstallind the AEM RPM...

But still, lines 17-19 remain all FF :-(

> Does "ls /boot/*SINIT*.BIN" - note the uppercase for both the name and
> the extension) show exactly one file?

Yes, it does.

Thanks again for your help.


Swâmi Petaramesh <sw...@petaramesh.org> PGP 9076E32E

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to