The usual cause of BIOS reboot loops or boot failures is a BIOS that doesn't correctly call the BIOS ACM to unlock memory. However, memory should only be locked on boot if the system did an SENTER and set the secrets flag but then didn't clear it on shutdown (or if the coin battery is removed).
On the E6500 series, there is also the TXT_RESET flag that gets set if code generates a TXT reset (e.g. failed SINIT) and which, when set, prevents BIOS from calling the BIOS ACM until it performs a power cycle (which it should detect and do; but another source of potential bugs). Joe > -----Original Message----- > From: Jonathan McCune [mailto:jonmcc...@cmu.edu] > Sent: Friday, January 21, 2011 12:53 PM > To: Jeff Cleveland > Cc: tboot-devel@lists.sourceforge.net > Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized (flicker) > > I know that for the HP 8530p BIOS revision F.0B exhibits the problem, > and F.0E does not. I have not tried to disassemble / difference them. > > -Jon > > > On Fri, Jan 21, 2011 at 3:16 PM, Jeff Cleveland <jclevel...@bbn.com> wrote: > > Yes I can confirm that I was using the latest BIOS version (Latitude E6500 > > System BIOS A24) and TPM firmware (Dell Control Vault 14.x.132.0, A17). I > > pulled all the RAM and that didn't make a difference, according to Dell > > there was no physical means of clearing the CMOS. A new motherboard is on > > the way. > > > > Are there any resources regarding what it is that causes the "reboot loop" > > such as a flag that isn't being reset properly upon reboot? In cases where > > version /x/ of a BIOS causes a reboot loop and version /x+1/ is stable, do > > we know what changes were made between those two version? If a specific > > state can be identified as causing these problems perhaps it would be > > possible to check for them ahead of time. It seems like an interesting > > problem, unfortunately the cost of obtaining each data point (i.e. a new > > motherboard) is unfortunately rather high. > > > > The events that lead to my situation are along the lines of: > > 1. Launch tboot, SENTER seems to execute successfully including error code > > /0xc0000001 /being reported. > > 2. Reboot, launch linux installation running kernel 2.6.30, run go.sh > > (hellopal) output seems to be correct. Turn off machine. > > 3. Boot into same linux install (2.6.30), run go.sh output seems correct. > > Change from an xterm to tty1 for extra output, run go.sh, system hangs at > > SENTER. > > 4. System now in reboot loop. > > > > -Jeff > > > > Jonathan McCune wrote: > >> > >> Ugh. That's really unfortunate that you found a "reboot loop". Every > >> system I did that to ended up getting replaced under warranty, but > >> it's still a headache. > >> > >> I've tried clearing CMOS (if your system has such a jumper or > >> battery), and changing the amount of RAM in the system. I.e., pull > >> out some DIMMs or whatever your system takes. I've seen those hints > >> in HP service documents, though they haven't worked for me. Can you > >> confirm whether you had the latest BIOS firmware in that system? > >> > >> I have never seen a system successfully execute SENTER and _then_ get > >> stuck in one of those loops. > >> > >> -Jon > >> > >> > >> On Thu, Jan 20, 2011 at 11:22 AM, Jeff Cleveland <jclevel...@bbn.com> > >> wrote: > >> > >>> > >>> Hi List, > >>> > >>> So the TPM FW upgrade worked on a second machine I had, a Dell E6500 > >>> with a similar (possibly the same) Broadcom TPM. I was able to execute > >>> the SENTER during the TBOOT start up, and was able to execute the > >>> Flicker example code. Unfortunately, after a few more tests with Flicker > >>> the machine hung after the SENTER and is now stuck in a reboot loop > >>> similar to what others have described. > >>> > >>> Has anyone been able to recover from one of these loops? I've looked > >>> through the mailing lists archives and haven't found anything but > >>> figured I should ask as I try to contact Dell support. > >>> > >>> Thanks, > >>> Jeff > >>> > >>> Jeff Cleveland wrote: > >>> > >>>> > >>>> Thanks for the suggestion, unfortunately installing the newest TPM FW > >>>> has not made a difference. > >>>> > >>>> Jeff > >>>> > >>>> On 01/14/2011 02:59 PM, Cihula, Joseph wrote: > >>>> > >>>> > >>>>> > >>>>> You should make sure that your TPM FW is the latest version, which you > >>>>> can get from: > >>>>> > http://support.dell.com/support/downloads/download.aspx?c=us&cs=08W&l=en&s=bsdv&releaseid=R267 > 128&SystemID=LAT_E4310&servicetag=&os=W732&osl=en&deviceid=21505&devlib=0&typecnt=0&vercnt=1&c > atid=-1&impid=-1&formatcnt=0&libid=60&typeid=-1&dateid=-1&formatid=-1&source=-1&fileid=392801 > >>>>> > >>>>> Joe > >>>>> > >>>>> > >>>>> > >>>>>> > >>>>>> -----Original Message----- > >>>>>> From: Jeff Cleveland [mailto:jclevel...@bbn.com] > >>>>>> Sent: Friday, January 14, 2011 9:53 AM > >>>>>> To: Cihula, Joseph > >>>>>> Cc: Jonathan McCune; tboot-devel@lists.sourceforge.net > >>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized > >>>>>> (flicker) > >>>>>> > >>>>>> The system is a Dell Latitude E4310 and the TPM is manufactured by > >>>>>> Broadcom. > >>>>>> > >>>>>> Jeff > >>>>>> > >>>>>> On 01/14/2011 12:24 PM, Cihula, Joseph wrote: > >>>>>> > >>>>>> > >>>>>>> > >>>>>>> What model system is this and who is the TPM manufactured by? > >>>>>>> > >>>>>>> Joe > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>>> > >>>>>>>> -----Original Message----- > >>>>>>>> From: Jonathan McCune [mailto:jonmcc...@cmu.edu] > >>>>>>>> Sent: Friday, January 14, 2011 8:50 AM > >>>>>>>> To: Jeff Cleveland > >>>>>>>> Cc: tboot-devel@lists.sourceforge.net > >>>>>>>> Subject: Re: [tboot-devel] TPM PCR 17 was not properly initialized > >>>>>>>> (flicker) > >>>>>>>> > >>>>>>>> Although there are some distinct error codes for locality access > >>>>>>>> problems, you might check whether the Linux TPM driver is active. > >>>>>>>> If > >>>>>>>> the TPM has an active locality (which would be locality 1 with > >>>>>>>> Linux's > >>>>>>>> tpm_tis), then SENTER will not succeed. The easiest way to test if > >>>>>>>> this makes a difference is to boot Linux without loading tpm_tis, > >>>>>>>> then > >>>>>>>> try a Flicker session, and see if it makes any difference. > >>>>>>>> > >>>>>>>> Also, with the SINIT module you're using, ACMOD_SIZE_MAX as defined > >>>>>>>> in > >>>>>>>> flicker.h is too small in flicker-0.2. I generally use 64K instead > >>>>>>>> of > >>>>>>>> 32K these days. Unfortunately the error handling in flicker-0.2 > >>>>>>>> just > >>>>>>>> prints a small warning message and blindly keeps going with an > >>>>>>>> incomplete SINIT module if the buffer is too small. However, I > >>>>>>>> would > >>>>>>>> expect that you would observe a different failure mode under those > >>>>>>>> conditions. > >>>>>>>> > >>>>>>>> Hope this helps, > >>>>>>>> -Jon > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> On Fri, Jan 14, 2011 at 10:54 AM, Jeff Cleveland<jclevel...@bbn.com> > >>>>>>>> wrote: > >>>>>>>> > >>>>>>>> > >>>>>>>>> > >>>>>>>>> Hi list, > >>>>>>>>> > >>>>>>>>> My question stems from a TXT error I'm getting while trying to run > >>>>>>>>> Flicker. I have a dual core i5 laptop I'm testing on and using the > >>>>>>>>> sinit > >>>>>>>>> module i5_i7_DUAL_SINIT_18.bin. During execution of Flicker my > >>>>>>>>> computer > >>>>>>>>> reboots, upon startup I see the TXT ERRORCODE 0xc0003cd1, which > >>>>>>>>> parses > >>>>>>>>> as acm_type=1, progress=0d, error=f, and according to > >>>>>>>>> sinit_errors.txt > >>>>>>>>> that is "TPM PCR 17 was not properly initialized" > >>>>>>>>> > >>>>>>>>> The MLE Software Development Guide is pretty clear on how PCR 17 > >>>>>>>>> should > >>>>>>>>> be initialized, and yet I can't find in the Flicker or tboot source > >>>>>>>>> code > >>>>>>>>> where this initialization is happening. I was hoping to use the > >>>>>>>>> tboot > >>>>>>>>> source as a reference because on this machine GETSEC[SENTER] does > >>>>>>>>> successfully execute when I try launching tboot (loading the > >>>>>>>>> operating > >>>>>>>>> system fails afterwards but I believe thats a kernel configuration > >>>>>>>>> issue > >>>>>>>>> I haven't fixed yet). > >>>>>>>>> > >>>>>>>>> Any advice or pointers to where tboot initializes PCR 17 would be > >>>>>>>>> greatly appreciated. > >>>>>>>>> > >>>>>>>>> Thanks, > >>>>>>>>> Jeff > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> ------------------------------------------------------------------------------ > >>>>>>>>> Protect Your Site and Customers from Malware Attacks > >>>>>>>>> Learn about various malware tactics and how to avoid them. > >>>>>>>>> Understand > >>>>>>>>> malware threats, the impact they can have on your business, and how > >>>>>>>>> you > >>>>>>>>> can protect your company and customers by using code signing. > >>>>>>>>> http://p.sf.net/sfu/oracle-sfdevnl > >>>>>>>>> _______________________________________________ > >>>>>>>>> tboot-devel mailing list > >>>>>>>>> tboot-devel@lists.sourceforge.net > >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> ------------------------------------------------------------------------------ > >>>>>>>> Protect Your Site and Customers from Malware Attacks > >>>>>>>> Learn about various malware tactics and how to avoid them. > >>>>>>>> Understand > >>>>>>>> malware threats, the impact they can have on your business, and how > >>>>>>>> you > >>>>>>>> can protect your company and customers by using code signing. > >>>>>>>> http://p.sf.net/sfu/oracle-sfdevnl > >>>>>>>> _______________________________________________ > >>>>>>>> tboot-devel mailing list > >>>>>>>> tboot-devel@lists.sourceforge.net > >>>>>>>> https://lists.sourceforge.net/lists/listinfo/tboot-devel > >>>>>>>> > >>>>>>>> > >>>>>> > >>>>>> -- > >>>>>> Jeff Cleveland > >>>>>> Raytheon - BBN Technologies > >>>>>> 617-873-2515 > >>>>>> jclevel...@bbn.com > >>>>>> > >>>>>> > >>>> > >>>> > >>> > >>> > >>> ------------------------------------------------------------------------------ > >>> Protect Your Site and Customers from Malware Attacks > >>> Learn about various malware tactics and how to avoid them. Understand > >>> malware threats, the impact they can have on your business, and how you > >>> can protect your company and customers by using code signing. > >>> http://p.sf.net/sfu/oracle-sfdevnl > >>> _______________________________________________ > >>> tboot-devel mailing list > >>> tboot-devel@lists.sourceforge.net > >>> https://lists.sourceforge.net/lists/listinfo/tboot-devel > >>> > >>> > > > > > > ------------------------------------------------------------------------------ > Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! > Finally, a world-class log management solution at an even better price-free! > Download using promo code Free_Logger_4_Dev2Dev. Offer expires > February 28th, so secure your free ArcSight Logger TODAY! > http://p.sf.net/sfu/arcsight-sfd2d > _______________________________________________ > tboot-devel mailing list > tboot-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tboot-devel ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
