Hello,
tboot-20101005 is rebooting at GETSEC[SENTER]. Here is information
about the system:
Laptop: Dell Latitude E6400 with BIOS rev A28 (latest available as of
2011.03.20). VT-d, VT-x, TXT, TPM are all enabled in BIOS.
SINIT: GM45_GS45_PM45_SINIT_21.BIN
tboot-20101005, both default and debug builds. No LCP configured.
TPM: Broadcom:
$ tpm_version
TPM 1.2 Version Info:
Chip Version: 1.2.7.11
Spec Level: 2
Errata Revision: 1
TPM Vendor ID: BRCM
TPM Version: 01010000
Manufacturer Info: 4252434d
Note that it did not ship with an Endorsement Key. I did tpm_createek
and tpm_takeownership with trousers from Ubuntu Linux v9.04.
Attached is the logfile harvested with txt-stat after a reboot.
TXT.ERRORCODE is 0xc00040d1, which is "AC module error : acm_type=1,
progress=0d, error=0", with description "TPM_Extend Attempt" in
sinit_errors.txt.
I haven't seen this before and I'm not sure how to interpret it. The
TPM works fine in Linux. It looks like tboot's GetCapability calls to
the TPM are returning meaningful values, so it looks like tboot is
interacting with the TPM in a reasonable way.
Any ideas on what might be wrong?
Thanks,
-Jon
ERROR: reading public config registers failed by read()
Try to map memory to read by mmap()......
Intel(r) TXT Configuration Registers:
STS: 0x00000012
senter_done: FALSE
sexit_done: TRUE
mem_unlock: TRUE
mem_config_lock: FALSE
private_open: FALSE
mem_config_ok: FALSE
ESTS: 0x01
txt_reset: TRUE
txt_wake_error: FALSE
E2STS: 0x000000000000001c
slp_entry_error: FALSE
secrets: FALSE
block_mem: TRUE
reset: TRUE
ERRORCODE: 0xc00040d1
DIDVID: 0x0000007f90008086
vendor_id: 0x8086
device_id: 0x9000
revision_id: 0x7f
SINIT.BASE: 0x79a00000
SINIT.SIZE: 131072B (0x20000)
HEAP.BASE: 0x00000000
HEAP.SIZE: 0B (0x0)
DPR: 0x0000000079b00031
lock: TRUE
top: 0x79b00000
size: 3MB (3145728B)
***********************************************************
TXT measured launch: FALSE
secrets flag set: FALSE
***********************************************************
TBOOT log:
max_size=7fe8
curr_pos=b3b
buf:
TBOOT: ******************* TBOOT *******************
TBOOT: unavailable
TBOOT: *********************************************
TBOOT: command line: logging=vga,memory,serial
TBOOT: BSP is cpu 0
TBOOT: original e820 map:
TBOOT: 0000000000000000 - 000000000009f000 (1)
TBOOT: 000000000009f000 - 00000000000a0000 (2)
TBOOT: 0000000000100000 - 000000007904d400 (1)
TBOOT: 000000007904f400 - 0000000079b00000 (2)
TBOOT: 000000007904d400 - 000000007904f400 (4)
TBOOT: 0000000079c00000 - 000000007c000000 (2)
TBOOT: 00000000feda0000 - 00000000feda6000 (2)
TBOOT: 00000000f8000000 - 00000000fc000000 (2)
TBOOT: 00000000fed18000 - 00000000fed1c000 (2)
TBOOT: 00000000fed20000 - 00000000fed90000 (2)
TBOOT: 0000000079b00000 - 0000000079c00000 (2)
TBOOT: 00000000ffe60000 - 0000000100000000 (2)
TBOOT: 00000000fec00000 - 00000000fec10000 (2)
TBOOT: 00000000fee00000 - 00000000fee10000 (2)
TBOOT: TPM is ready
TBOOT: TPM nv_locked: TRUE
TBOOT: TPM timeout values: A: 750, B: 750, C: 2000, D: 750
TBOOT: reading Verified Launch Policy from TPM NV...
TBOOT: TPM: get capability, return value = 00000002
TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV
TBOOT: :reading failed
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT: TPM: get capability, return value = 00000002
TBOOT: TPM: fail to get public data of 0x40000001 in TPM NV
TBOOT: :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
TBOOT: version: 2
TBOOT: policy_type: TB_POLTYPE_CONT_NON_FATAL
TBOOT: hash_alg: TB_HALG_SHA1
TBOOT: policy_control: 00000001 (EXTEND_PCR17)
TBOOT: num_entries: 2
TBOOT: policy entry[0]:
TBOOT: mod_num: 0
TBOOT: pcr: none
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[1]:
TBOOT: mod_num: any
TBOOT: pcr: 19
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return = 00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: no policy in TPM NV.
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff0b
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT.ERRORCODE=c00040d1
TBOOT: AC module error : acm_type=1, progress=0d, error=0
TBOOT: LT.ESTS=1
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff0b
TBOOT: CPU is SMX-capable
TBOOT: CPU is VMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: TXT_RESET.STS is set and SENTER is disabled (0x01)
TBOOT: SMX not supported.
TBOOT: no LCP module found
TBOOT: Error: ELF magic number is not matched.
TBOOT: assuming kernel is Linux format
TBOOT: Initrd from 0x77b72000 to 0x7904d400
TBOOT: Kernel (protected mode) from 0x900000 to 0xd392a0
TBOOT: Kernel (real mode) from 0x90000 to 0x93c00
TBOOT: transfering control to kernel @0x900000...
------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
