date:20160901

Re: [tboot-devel] reset after GETSEC[SENTER] on redhat platforms

2016-09-01 Thread Brian E Luckau

Hi,

Whever we use tboot 1.9.4 on platforms such as RHEL 7.3 beta, or CentOS 
7.2, with Intel TXT enabled in the BIOS, it reboots constantly and the 
last thing we see before the reboot is:


TBOOT: setting MTRRs for acmod: base=0x7bf0, size=0x2, num_pages=32
TBOOT: The maximum allowed MTRR range size=256 Pages
TBOOT: executing GETSEC[SENTER]...

In centOS 7.2, if I disable Intel TXT in the BIOS then at least the OS is able 
to boot to completion.


Is this a known issue?

--Brian Luckau



--
___
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel

Re: [tboot-devel] PCR values?

2016-09-01 Thread Ross Philipson

On 09/01/2016 10:55 AM, Jan Schermer wrote:
> Do you have the correct TPM driver loaded in kernel? Does 
> /sys/class/misc/tpm0 exist?
> AFAIK you can TXT-launch a kernel that has no driver (as it is likely loaded 
> in initramfs or later anyway), txt-stat will probably also work even without 
> a working in the kernel...
> 

On newer kernels (4.x+ IIRC) the location in sysfs changed:

/sys/class/tpm/tpm0/device/pcrs

> Jan
> 
> 
>> On 01 Sep 2016, at 16:32, Brian E Luckau  wrote:
>>
>> In the past using tboot 1.8.x and versions of trousers, tpm tools, etc, 
>> etc. that came with the distros, I was able to see the PCR values with:
>>
>> cat /sys/class/misc/tpm0/device/pcrs
>>
>> Currently I'm in CentOS 7.2 and have compliled and installed tboot 1.9.4.  I 
>> see this, which with my limited knowledge base tells me something is goign 
>> right:
>>
>>
>> [root@server0 ~]# txt-stat | grep measured
>>  TXT measured launch: TRUE
>> TBOOT: measured launch succeeded
>>
>> [root@server0 ~]# txt-stat | grep senter
>> senter_done: TRUE
>>
>>
>> Any idea why I can't see the PCR values?
>>
>> --
>> ___
>> tboot-devel mailing list
>> tboot-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> 
> 
> --
> ___
> tboot-devel mailing list
> tboot-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
> 


-- 
Ross Philipson

--
___
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel

[tboot-devel] PCR values?

2016-09-01 Thread Ahmed, Safayet (GE Global Research)

The location of the "pcrs" file is changed in newer kernels. Try running "find 
/sys -name pcrs". This will show the path of the "pcrs" file in newer kernels. 
On one of my systems, it is "/sys/devices/pnp0/00:0b/pcrs".

-Original Message-
From: Brian E Luckau [mailto:bluc...@sgi.com] 
Sent: Thursday, September 01, 2016 10:33 AM
To: 'tboot-devel@lists.sourceforge.net' 
Subject: EXT: Re: [tboot-devel] PCR values?

In the past using tboot 1.8.x and versions of trousers, tpm tools, etc, etc. 
that came with the distros, I was able to see the PCR values with:

cat /sys/class/misc/tpm0/device/pcrs

Currently I'm in CentOS 7.2 and have compliled and installed tboot 1.9.4.  I 
see this, which with my limited knowledge base tells me something is goign 
right:

[root@server0 ~]# txt-stat | grep measured
  TXT measured launch: TRUE
TBOOT: measured launch succeeded

[root@server0 ~]# txt-stat | grep senter
 senter_done: TRUE

Any idea why I can't see the PCR values?

--
___
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_tboot-2Ddevel=CwICAg=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1EFfg=NW5BjH-7UaDlGhOrxKFZY_PC9XkHbi0fJfVpYdlK_cg=AAL66FfeskvFTy17cL-vaa91FerkBig24cqkbMWuCxQ=

--
___
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel

Re: [tboot-devel] PCR values?

2016-09-01 Thread Jan Schermer

Do you have the correct TPM driver loaded in kernel? Does /sys/class/misc/tpm0 
exist?
AFAIK you can TXT-launch a kernel that has no driver (as it is likely loaded in 
initramfs or later anyway), txt-stat will probably also work even without a 
working in the kernel...

Jan


> On 01 Sep 2016, at 16:32, Brian E Luckau  wrote:
> 
> In the past using tboot 1.8.x and versions of trousers, tpm tools, etc, 
> etc. that came with the distros, I was able to see the PCR values with:
> 
> cat /sys/class/misc/tpm0/device/pcrs
> 
> Currently I'm in CentOS 7.2 and have compliled and installed tboot 1.9.4.  I 
> see this, which with my limited knowledge base tells me something is goign 
> right:
> 
> 
> [root@server0 ~]# txt-stat | grep measured
>  TXT measured launch: TRUE
> TBOOT: measured launch succeeded
> 
> [root@server0 ~]# txt-stat | grep senter
> senter_done: TRUE
> 
> 
> Any idea why I can't see the PCR values?
> 
> --
> ___
> tboot-devel mailing list
> tboot-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tboot-devel


--
___
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel

Re: [tboot-devel] reset after GETSEC[SENTER] on redhat platforms

Re: [tboot-devel] PCR values?

[tboot-devel] PCR values?

Re: [tboot-devel] PCR values?

4 matches

Site Navigation

Mail list logo

Footer information