I did another experiment, disabling USB and also audio in BIOS, and
trying tboot. It hung again in GETSEC[SENTER] as before. Upon
restarting it, it dumped the error code register, which was different
this time: Progress 0ah, error 6. That is:

"BARs in VT-d DMAR DRHD struct mismatch"

I am attaching the log of the two boot attempts (the first which hangs
in SENTER, followed by the reboot which displays the error code). Here
is the output of Ross's dmardump program in this state with USB
disabled:

DMAR dump utility - reading memory
DMA Remapping Reporting Structure
==================================================
Signature:        DMAR
Length:           0x000000a0
Revision:         0x01
Checksum:         0xb0
OEMID:            COMPAQ
OEM Table ID:     BEARLAKE
OEM Revision:     0x00000001
Creator ID:
Creator Revision: 0x00000000
HAW:              0x23
Flags:            0x00
Reserved[10]: 00 00 00 00 00 00 00 00 00 00

Remapping Structures...

DMA Remapping Hardware Unit Definition (DRHD) Structure #1
Type:           0x0000 (ACPI_DMAR_DRHD)
Length:         0x0018
Flags:          0x00  -- INCLUDE_ALL = no
Reserved:       0x00
Segment Number: 0x0000
Register Base:  0xfed91000
    Device Scope Structure #1
    ==========================
    Type:           0x01 (ACPI_DEV_ENDPOINT)
    Length:         0x08
    Reserved:       00 00
    Enumeration ID: 0x00 - Reserved
    Start Bus Num:  0x00
    Path Depth = 1, Path Entries:
       -- Device: 0x02 Function: 0x00

DMA Remapping Hardware Unit Definition (DRHD) Structure #2
Type:           0x0000 (ACPI_DMAR_DRHD)
Length:         0x0028
Flags:          0x00  -- INCLUDE_ALL = no
Reserved:       0x00
Segment Number: 0x0000
Register Base:  0xfed92000
    Device Scope Structure #1
    ==========================
    Type:           0x01 (ACPI_DEV_ENDPOINT)
    Length:         0x08
    Reserved:       00 00
    Enumeration ID: 0x00 - Reserved
    Start Bus Num:  0x00
    Path Depth = 1, Path Entries:
       -- Device: 0x03 Function: 0x00
    Device Scope Structure #2
    ==========================
    Type:           0x01 (ACPI_DEV_ENDPOINT)
    Length:         0x08
    Reserved:       00 00
    Enumeration ID: 0x00 - Reserved
    Start Bus Num:  0x00
    Path Depth = 1, Path Entries:
       -- Device: 0x03 Function: 0x02
    Device Scope Structure #3
    ==========================
    Type:           0x01 (ACPI_DEV_ENDPOINT)
    Length:         0x08
    Reserved:       00 00
    Enumeration ID: 0x00 - Reserved
    Start Bus Num:  0x00
    Path Depth = 1, Path Entries:
       -- Device: 0x03 Function: 0x03

DMA Remapping Hardware Unit Definition (DRHD) Structure #3
Type:           0x0000 (ACPI_DMAR_DRHD)
Length:         0x0010
Flags:          0x01  -- INCLUDE_ALL = yes
Reserved:       0x00
Segment Number: 0x0000
Register Base:  0xfed93000

Reserved Memory Region Reporting (RMRR) Structure #1
Type:           0x0001 (ACPI_DMAR_RMRR)
Length:         0x0020
Reserved:       0x0000
Segment Number: 0x0000
Base Address:   0x3e600000
End Address:    0x3effffff
    Device Scope Structure #1
    ==========================
    Type:           0x01 (ACPI_DEV_ENDPOINT)
    Length:         0x08
    Reserved:       00 00
    Enumeration ID: 0x00 - Reserved
    Start Bus Num:  0x00
    Path Depth = 1, Path Entries:
       -- Device: 0x02 Function: 0x00

==================================================
End DMAR


A couple of differences: there is one fewer DRHD structure, 3 instead
of 4, and there is only one RMRR structure instead of several. This
one also avoids the potential problem Martin pointed out, that the
device scopes under the RMRR's don't explicitly match any of the ones
under the DRHD's. In this one, the only RMRR is device 2, function 0,
which is covered explicitly under the first DRHD. I do agree with Ross
that the full DMAR struct I posted earlier is kosher because of the
INCLUDE_ALL DRHD which should cover all devices in PCI segment 0000,
but just because we read the spec this way, that doesn't mean the
SINIT author read it that way.

(The frustrating thing is, SINIT doesn't actually seem to do anything
with this DMAR data. It just copies it to the SinitMleData struct, for
use by the MLE. SINIT wants to put the data into the TXT heap so it is
protected. It is apparently just doing some sanity checks on the data
structures before doing the copy, and obviously the SINIT author and
the HP BIOS author were not on the same page. This happens a lot in
implementing specs. But for me it means that we have two opaque pieces
of code which are incompatible, and both only get updated a couple of
times a year at best.)

Anyway, back to the SINIT error, "BARs in Vt-d DMAR DRHD struct
mismatch". It's like a Zen koan, what is the sound of one hand
clapping. You have to try to puzzle out what on earth this could mean.
First, what's a BAR? The closest thing I can see in the table is
Register Base Address, which maybe could be called Base Address
Register or BAR. Then, we have a complaint about a mismatch. Mismatch?
What is it supposed to match against? It's just an address.

The base addresses in the 3 DRHD structs are 0xfed91000, 0xfed92000,
and 0xfed93000. Is that a problem? They seem reasonable enough to me.
I can't figure out what it means to complain about a mismatch.

This error code, 6, is less than the earlier error code with USB
enabled, 8. I'm guessing that SINIT applies all these sanity checks to
the DMAR data in order, and errors out when it doesn't like one. This
suggests that it is not getting as far as it got earlier, so I don't
know whether it still would have hit error code 8 or not (which was
device scope invalid).

The one other unusual aspect of my machine is that it has only 1 gig
of memory. I was cheap when I ordered it, and it's run fine for what
I've used it for. Conceivably the SINIT authors may have accidentally
assumed a larger memory configuration would have been in use, in
sanity checking some addresses. I suppose I could add a second gig and
see if that makes a difference, but it seems like a long shot.

At this point I will wait and hope to hear something from the SINIT
group, if they have any ideas. I would of course be happy to run an
experimental SINIT with additional debugging outputs or error codes if
that would help. I'll also try reverting the BIOS version and see if
that makes a difference.

Thanks for all your help -

Hal Finney
Press any key to continue.
Press any key to continue.
Press any key to continue.
Press any key to continue.
Press any key to continue.
TBOOT: ******************* TBOOT *******************
TBOOT:    unavailable
TBOOT: *********************************************
TBOOT: command line: logging=serial,vga,memory
TBOOT: TPM is ready
TBOOT: TPM nv_locked: TRUE
TBOOT: TPM: get capability, return value = 00000003
TBOOT: failed to get actual policy size in TPM NV
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
TBOOT: 	 version: 2
TBOOT: 	 policy_type: TB_POLTYPE_CONT_NON_FATAL
TBOOT: 	 hash_alg: TB_HALG_SHA1
TBOOT: 	 policy_control: 00000001 (EXTEND_PCR17)
TBOOT: 	 num_entries: 2
TBOOT: 	 policy entry[0]:
TBOOT: 		 mod_num: 0
TBOOT: 		 pcr: none
TBOOT: 		 hash_type: TB_HTYPE_ANY
TBOOT: 		 num_hashes: 0
TBOOT: 	 policy entry[1]:
TBOOT: 		 mod_num: any
TBOOT: 		 pcr: 19
TBOOT: 		 hash_type: TB_HTYPE_ANY
TBOOT: 		 num_hashes: 0
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return = 00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: no policy in TPM NV.
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return = 00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: LT.ERRORCODE=0
TBOOT: LT.ESTS=0
TBOOT: bios_data (@3e520008, 24):
TBOOT: 	 version: 2
TBOOT: 	 bios_sinit_size: 0x0 (0)
TBOOT: 	 lcp_pd_base: 0x0
TBOOT: 	 lcp_pd_size: 0x0 (0)
TBOOT: 	 num_logical_procs: 2
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return = 00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: CR0.NE not set
TBOOT: CR0 and EFLAGS OK
TBOOT: no machine check errors
TBOOT: CPU is ready for SENTER
TBOOT: checking previous errors on the last boot.
	TPM: read nv index 20000002 offset 00000000, return value = 00000002
TBOOT: Error: read TPM error: 0x2.
TBOOT: last boot has no error.
TBOOT: user-provided SINIT found: /boot/Q35_SINIT_17.BIN
TBOOT: chipset ids: vendor=8086, device=8001, revision=7
TBOOT: 1 ACM chipset id entries:
TBOOT: 	vendor=8086, device=8001, flags=1, revision=7, extended=0
TBOOT: copied SINIT (size=6300) to 3e500000
TBOOT: AC mod base alignment OK
TBOOT: AC mod size OK
TBOOT: AC module header dump for SINIT:
TBOOT: 	 type: 0x2 (ACM_TYPE_CHIPSET)
TBOOT: 	 length: 0xa1 (161)
TBOOT: 	 version: 0
TBOOT: 	 chipset_id: 0x29c0
TBOOT: 	 flags: 0x0
TBOOT: 		 pre_production: 0
TBOOT: 		 debug_signed: 0
TBOOT: 	 vendor: 0x8086
TBOOT: 	 date: 0x20081017
TBOOT: 	 size*4: 0x6300 (25344)
TBOOT: 	 code_control: 0x0
TBOOT: 	 entry point: 0x00000008:00003fb2
TBOOT: 	 scratch_size: 0x8f (143)
TBOOT: 	 info_table:
TBOOT: 		 uuid: {0x7fc03aaa, 0x46a7, 0x18db, 0xac2e,
		{0x69, 0x8f, 0x8d, 0x41, 0x7f, 0x5a}}
TBOOT: 		     ACM_UUID_V3
TBOOT: 		 chipset_acm_type: 0x1 (SINIT)
TBOOT: 		 version: 3
TBOOT: 		 length: 0x28 (40)
TBOOT: 		 chipset_id_list: 0x4e8
TBOOT: 		 os_sinit_data_ver: 0x4
TBOOT: 		 min_mle_hdr_ver: 0x00020000
TBOOT: 		 capabilities: 0x00000002
TBOOT: 		     rlp_wake_getsec: 0
TBOOT: 		     rlp_wake_monitor: 1
TBOOT: 		 acm_ver: 17
TBOOT: 	 chipset list:
TBOOT: 		 count: 1
TBOOT: 		 entry 0:
TBOOT: 		     flags: 0x1
TBOOT: 		     vendor_id: 0x8086
TBOOT: 		     device_id: 0x8001
TBOOT: 		     revision_id: 0x7
TBOOT: 		     extended_id: 0x0
TBOOT: file addresses:
TBOOT: 	 &_start=00803000
TBOOT: 	 &_end=0084fc4c
TBOOT: 	 &_mle_start=00803000
TBOOT: 	 &_mle_end=00822000
TBOOT: 	 &_post_launch_entry=00803020
TBOOT: 	 &_txt_wakeup=008031f0
TBOOT: 	 &g_mle_hdr=00819380
TBOOT: MLE header:
TBOOT: 	 uuid={0x9082ac5a, 0x476f, 0x74a7, 0x5c0f,
		{0x55, 0xa2, 0xcb, 0x51, 0xb6, 0x42}}
TBOOT: 	 length=34
TBOOT: 	 version=00020001
TBOOT: 	 entry_point=00000020
TBOOT: 	 first_valid_page=00000000
TBOOT: 	 mle_start_off=0
TBOOT: 	 mle_end_off=1f000
TBOOT: 	 capabilities: 0x00000003
TBOOT: 	     rlp_wake_getsec: 1
TBOOT: 	     rlp_wake_monitor: 1
TBOOT: MLE start=803000, end=822000, size=1f000
TBOOT: ptab_size=3000, ptab_base=00800000
TBOOT: bios_data (@3e520008, 24):
TBOOT: 	 version: 2
TBOOT: 	 bios_sinit_size: 0x0 (0)
TBOOT: 	 lcp_pd_base: 0x0
TBOOT: 	 lcp_pd_size: 0x0 (0)
TBOOT: 	 num_logical_procs: 2
TBOOT: min_lo_ram: 0x0, max_lo_ram: 0x3e2afe00
TBOOT: min_hi_ram: 0x0, max_hi_ram: 0x0
TBOOT: no LCP manifest found
TBOOT: os_sinit_data (@3e52014c, 5c):
TBOOT: 	 version: 4
TBOOT: 	 mle_ptab: 0x800000
TBOOT: 	 mle_size: 0x1f000 (126976)
TBOOT: 	 mle_hdr_base: 0x16380
TBOOT: 	 vtd_pmr_lo_base: 0x0
TBOOT: 	 vtd_pmr_lo_size: 0x3e200000
TBOOT: 	 vtd_pmr_hi_base: 0x0
TBOOT: 	 vtd_pmr_hi_size: 0x0
TBOOT: 	 lcp_po_base: 0x0
TBOOT: 	 lcp_po_size: 0x0 (0)
TBOOT: 	 capabilities: 0x00000002
TBOOT: 	     rlp_wake_getsec: 0
TBOOT: 	     rlp_wake_monitor: 1
TBOOT: setting MTRRs for acmod: base=3e500000, size=6300, num_pages=7
TBOOT: executing GETSEC[SENTER]...
Press any key to continue.
Press any key to continue.
Press any key to continue.
TBOOT: ******************* TBOOT *******************
TBOOT:    unavailable
TBOOT: *********************************************
TBOOT: command line: logging=serial,vga,memory
TBOOT: TPM is ready
TBOOT: TPM nv_locked: TRUE
TBOOT: TPM: get capability, return value = 00000003
TBOOT: failed to get actual policy size in TPM NV
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
TBOOT: 	 version: 2
TBOOT: 	 policy_type: TB_POLTYPE_CONT_NON_FATAL
TBOOT: 	 hash_alg: TB_HALG_SHA1
TBOOT: 	 policy_control: 00000001 (EXTEND_PCR17)
TBOOT: 	 num_entries: 2
TBOOT: 	 policy entry[0]:
TBOOT: 		 mod_num: 0
TBOOT: 		 pcr: none
TBOOT: 		 hash_type: TB_HTYPE_ANY
TBOOT: 		 num_hashes: 0
TBOOT: 	 policy entry[1]:
TBOOT: 		 mod_num: any
TBOOT: 		 pcr: 19
TBOOT: 		 hash_type: TB_HTYPE_ANY
TBOOT: 		 num_hashes: 0
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return = 00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: no policy in TPM NV.
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return = 00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: LT.ERRORCODE=c00018a1
TBOOT: AC module error : acm_type=1, progress=0a, error=6
TBOOT: LT.ESTS=1
TBOOT: TXT_RESET.STS is set and SENTER is disabled (0x01)
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return = 00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: SMX not supported.
TBOOT: Error: ELF magic number is not matched.
TBOOT: assuming kernel is Linux format
TBOOT: Initrd from 0x3cbc1000 to 0x3e2af000
TBOOT: Kernel (protected mode) from 0xa00000 to 0xc23250
TBOOT: Kernel (real mode) from 0x90000 to 0x93200
TBOOT: transfering control to kernel @0x00a00000...
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel

Reply via email to