Screen shots will have to do for now (txt-stat can't retrieve the tboot memory
log and I can't find a null modem cable):
http://www.tnld.net/~mikenel/txt.html
I included the txt-stat log with the TXT.ERRORCODE as well.
Thanks,-mike
From: joseph.cih...@intel.com
To: miken...@hotmail.com; tboot-devel@lists.sourceforge.net
Subject: RE: [tboot-devel] MLE measurement not in policy - tboot-1.6 on Q45
Date: Sat, 1 Oct 2011 22:09:49 +0000
Hmm… I don’t see any posting from you after the one below. But if you want to
continue with this system, can you post your serial or memory log.
Joe
From: Michael Nelson [mailto:miken...@hotmail.com]
Sent: Saturday, October 01, 2011 3:05 PM
To: Cihula, Joseph; tboot-devel@lists.sourceforge.net
Subject: RE: [tboot-devel] MLE measurement not in policy - tboot-1.6 on Q45
In the case below, I wasn't passing any options in GRUB. As I noted in a later
posting, I was able to get past the MLE error by doing a cold reboot after
configuring things
correctly.
Unfortunately now the machine reboots shortly after SENTER is called. Looking
at the TXT error code on reboot, the progress code is 0xf and the error code is
unlisted in sinit_errors.txt
(can't remember the exact #). I looked around in the BIOS settings, but I
don't see options that might help that situation.
I will be getting a Q67 system (Intel motherboard) next week, so hopefully I
will have better luck with that.
Thanks for your help.
-mike
From:
joseph.cih...@intel.com
To: miken...@hotmail.com;
tboot-devel@lists.sourceforge.net
Subject: RE: [tboot-devel] MLE measurement not in policy - tboot-1.6 on Q45
Date: Thu, 29 Sep 2011 17:49:08 +0000
You aren’t passing a command line string (-c “…”) to lcp_mlehash—is it the case
that your grub.conf file doesn’t have any command line options for tboot?
Joe
From: Michael Nelson
[mailto:miken...@hotmail.com]
Sent: Tuesday, September 27, 2011 7:06 PM
To: tboot-devel@lists.sourceforge.net
Subject: [tboot-devel] MLE measurement not in policy - tboot-1.6 on Q45
(Using tboot-1.6 + Q45_Q43_SINIT_19.BIN)
I am trying to get tboot working on a Dell Optiplex 960 and getting an "MLE
measurement not in policy" (TXT ERRORCODE=0xc0003501) error. I've tried a
number of different things
but I am stuck at this point trying to figure out what's wrong.
Here are the commands that I have run (after taking ownership and creating the
NV storage):
lcp_mlehash /boot/tboot.gz > mlehash
lcp_crtpol -t hashonly -m mle_hash -o lcp.pol
lcp_writepol -i owner -f lcp.pol -p password
I have also configured the tboot policy with tb_polgen (which tboot summarizes
during bootup), but I don't think I am getting far enough for that to be
relevant yet.
Any help would be appreciated.
Thanks,
-mike
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
