I am not sure. But the secret flag is not in the TPM NV. There is no evidence to prove the reason should be the secret flag. Since the laptop is broken, no further information (like BIOS) can be seen. I am just suggesting to try ways to recover from it. And also, I have no idea how to cut the power of TPM.
PS: We have tried on the same model and can't reproduce the issue. Shane Martin Thiim wrote: > Just out of curiosity: Is the mentioned "secrets"-flag stored in the > TPM NV storage? By the way, if it is a chipset register flag (as > suggested in another mail) I don't see how it would be persisted > across reboots. > > The behaviour of the laptop suggests that at least something has been > persisted somewhere... in BIOS flash memory or in TPM NV storage. I > don't understand why this is necessary - is it so that the BIOS can > clear memory thoroughly post boot, when there have been secrets in > memory (to guard against coldboot attacks)? Also, does this imply that > "flashings" take place on each entering/leaving TXT mode? This in > itself might cause problems, since flash memory (or EEPROM which I > think most TPM's use) has a limited number of erase/write-cycles and > some use cases for TXT might involve frequent transitions back and > forth. > > It is always unfortunate when it is possible for software to render a > machine inoperable. This could be exploited by viruses, using this as > a mechanism for (permanently?) ruining the victim's computer. :/ > > Best regards, > > Martin Thiim > > On Tue, Sep 1, 2009 at 8:01 AM, Wang, Shane<shane.w...@intel.com> > wrote: >> Hi Hal, >> >> I hear If HP has a means of cutting the power to the TPM or keeping >> it in reset then you could boot the machine and flash an updated >> BIOS. >> >> Can you try to cut the power of TPM? >> >> Thanks >> Shane >> >> Wang, Shane wrote: >>> Hi all, >>> >>> For Hal's question, I didn't get any message/hint to clear the flag >>> and restore the laptop by removing the RTC battery. The flag should >>> be in MSR register on the chipset. >>> >>> Jon, did you succeed to restore your laptop? Or, does "no change" >>> mean "fail"? >>> >>> Shane >>> >>> Jonathan M. McCune wrote: >>>> Hi Hal et al., >>>> >>>> When I had this problem on an 8530p, I tried the following >>>> (unsuccessfully) to restore the machine to a state where it will >>>> boot: >>>> >>>> > 1. Remove memory on left slot (as shown in DIMM1.jpg) and >>>> restart the unit. >>>> >>>> No change. >>>> >>>> > 2. Remove the memory on the right slot, replace it back and >>>> restart the unit (keep the left slot still empty). >>>> >>>> No change. >>>> >>>> > 3. Replace with memory on the right slot with another one that >>>> has a different frequency (e.g. if you have 800Mhz DIMM replace it >>>> with 667Mhz one). Keep the left slot still empty. >>>> >>>> I don't have a DIMM of a different speed lying around. I have one >>>> other model of HP laptop but it takes the identical stuff. I >>>> tried it anyways. No change. >>>> >>>> > 4. Remove the RTC battery (will find it next to DIMMs) and let >>>> it stay there for a while. After that connect it back and restart >>>> the unit. >>>> >>>> Left DIMM still out. I left the battery out for a few minutes and >>>> tried booting up with it removed. No change. I also removed the >>>> CD-ROM drive and tried again. No change. >>>> >>>> I left the battery out for about half hour, then put it back in, >>>> then tried booting up with the left DIMM still removed. No change. >>>> >>>> Cheers, >>>> -Jon >>>> >>>> >>>> Hal Finney wrote: >>>>> Thanks very much for the responses. Unfortunately I can't give you >>>>> the BIOS version because the machine is a brick. I am at a >>>>> conference this week so it may take a few days to get it fixed. >>>>> >>>>> The first time it broke I used the 20090330 version of tboot, with >>>>> the latest SINIT downloaded from SourceForge. The second time, >>>>> this past weekend, I believe I used tboot built from the >>>>> mercurial tip, which I had downloaded moments before. >>>>> >>>>> I am not sure how to proceed after I get my laptop fixed. I can >>>>> tell you what BIOS version is in the new one, but I will be >>>>> hesitant to do another run of tboot to see if it breaks it again. >>>>> Last time, they replaced the motherboard, so I don't expect that >>>>> the new BIOS version will necessarily be the same as the one that >>>>> broke. >>>>> >>>>> As far as the hang, I believe it occured immediately after the >>>>> GETSEC[SENTER]. The display went blank. The one thing I noticed, >>>>> at least the second time, is that the disk drive light was >>>>> flickering in a smooth, uniform pattern. Maybe 30 times a second, >>>>> just flickering on and off uniformly. This kind of worried me as I >>>>> wondered if the failure mode was trashing my disk. After a few >>>>> seconds, I pressed and held the power button to turn the laptop >>>>> off. Trying to turn it back on led to the problem I described, >>>>> where it repeatedly turns itself back off (and back on). >>>>> >>>>> One question, would you think that removing and replacing the RTC >>>>> battery might clear enough internal state to let it boot? Any >>>>> other interventions or resets that might be possible if I take >>>>> the laptop apart somewhat? HP does have instructions to do so on >>>>> the web site. >>>>> >>>>> Hal Finney >>>>> >>>>> On Mon, Aug 17, 2009 at 6:18 PM, Wang, Shane<shane.w...@intel.com> >>>>> wrote: >>>>>> Hi Hal, >>>>>> >>>>>> The reset behavior seems like it is due to the secret flag of >>>>>> TXT. It looks like BIOS ACM does not clear the secret flag of >>>>>> TXT when hang and reset happen. >>>>>> >>>>>> What version of SINIT and tboot are you using on that laptop? >>>>>> What did you do to get hang? hang where? >>>>>> >>>>>> I am trying to find where the root cause is. >>>>>> >>>>>> Thanks. >>>>>> Shane >>>>>> >>>>>> Hal Finney wrote: >>>>>>> I was traveling recently, and I wanted to do some experiments >>>>>>> with TXT on the road, so I bought an HP laptop that supports the >>>>>>> technology. It is an HP EliteBook 6930p. I got it set up with >>>>>>> Linux and tboot, enabled TPM, VT and TXT, and tried booting >>>>>>> tboot and a Linux kernel. >>>>>>> >>>>>>> Something went wrong. My laptop hung and I restarted it. But it >>>>>>> didn't start properly. The power light and other lights came on, >>>>>>> but the display did not light up. The fan started and disk began >>>>>>> spinning, but after about a second, the whole thing powered >>>>>>> down. The fan and disk stopped, and all of the lights went out. >>>>>>> Then, after a few seconds, it turned itself back on. But once >>>>>>> again, after starting the fan and disk, and before lighting the >>>>>>> display, the laptop shut off. This cycle would repeat >>>>>>> indefinitely, the laptop turning itself on and off. I have to >>>>>>> make it stop by pressing and holding the power button. >>>>>>> >>>>>>> In short, my laptop was completely broken and useless. >>>>>>> >>>>>>> Fortunately, being new it was covered by HP's warranty. They >>>>>>> talked me through the usual minor fixits on the phone, removing >>>>>>> the disk and such, and nothing helped. They finally told me to >>>>>>> take it to an authorized repair shop. The nearest one is 80 >>>>>>> miles away so it was not super convenient, but I did it. >>>>>>> Unfortunately it meant that I was not able to take the laptop >>>>>>> on my trip and was not able to do my experiments. >>>>>>> >>>>>>> I got back this week and picked up my laptop from the repair >>>>>>> shop. They had replaced the motherboard and it worked fine. So >>>>>>> I tried again. I enabled the new TPM, got VT and TXT enabled, >>>>>>> and tried launching tboot. >>>>>>> >>>>>>> It broke again. >>>>>>> >>>>>>> Once again my laptop is useless. It repeatedly turns itself on >>>>>>> and off, and does not even light up the display. It does not >>>>>>> get far enough into BIOS to boot from a CD or any other medium. >>>>>>> >>>>>>> I am a little worried about once again demanding that HP fix >>>>>>> this machine under the terms of my warranty. I did not go into >>>>>>> any detail about what I was doing when it broke the first time. >>>>>>> In fact I thought it was probably just a defective machine; I >>>>>>> did not necessarily connect it that much with tboot since I was >>>>>>> just getting started with it and had only used it for an hour >>>>>>> or so. But with the same thing happening twice now, it is clear >>>>>>> that I am breaking it. And I am not running Windows, I am using >>>>>>> experimental software, etc. Of course the machine is claimed to >>>>>>> support TXT, so obviously it should not break from running >>>>>>> tboot. But this is such a little-known and new technology that >>>>>>> I'm sure only a few people at HP are familiar with it. I am not >>>>>>> sure how to proceed with regard to the warranty. >>>>>>> >>>>>>> I wonder if anyone at HP reading this might be able to comment? >>>>>>> It will not be good if HP laptops are turned into bricks by >>>>>>> running tboot. >>>>>>> >>>>>>> Hal Finney >>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Let Crystal Reports handle the reporting - Free Crystal Reports >>>>>>> 2008 30-Day trial. Simplify your report design, integration and >>>>>>> deployment - and focus on what you do best, core application >>>>>>> coding. Discover what's new with Crystal Reports now. >>>>>>> http://p.sf.net/sfu/bobj-july >>>>>>> _______________________________________________ >>>>>>> tboot-devel mailing list >>>>>>> tboot-devel@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel >>>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Let Crystal Reports handle the reporting - Free Crystal Reports >>>>> 2008 30-Day trial. Simplify your report design, integration and >>>>> deployment - and focus on what you do best, core application >>>>> coding. Discover what's new with Crystal Reports now. >>>>> http://p.sf.net/sfu/bobj-july >>>>> _______________________________________________ >>>>> tboot-devel mailing list >>>>> tboot-devel@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel >>> >>> >>> ------------------------------------------------------------------------------ >>> Let Crystal Reports handle the reporting - Free Crystal Reports >>> 2008 30-Day trial. Simplify your report design, integration and >>> deployment - and focus on what you do best, core application >>> coding. Discover what's new with Crystal Reports now. >>> http://p.sf.net/sfu/bobj-july >>> _______________________________________________ >>> tboot-devel mailing list >>> tboot-devel@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/tboot-devel >> >> >> ------------------------------------------------------------------------------ >> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 >> 30-Day >> trial. Simplify your report design, integration and deployment - and >> focus on >> what you do best, core application coding. Discover what's new with >> Crystal Reports now. http://p.sf.net/sfu/bobj-july >> _______________________________________________ >> tboot-devel mailing list >> tboot-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/tboot-devel ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
