Hi there,
Having just visited the site mentioned in the text here > For more information, see http://www.intel.com/technology/security/. This > site also has a link to the Intel(R) TXT MLE Developers Manual, which has > been updated for the new released platforms. I'm reasonable sure that there's no link to the developers manual there... In fact, searching "All of Intel.com" for "TXT MLE Developers Manual" doesn't seem to return anything obviously useful... (not in the first 10 results, anyway). Are the tboot error codes documented in some other place? I'm getting the following error: ERRORCODE: 0xc0002cd1 AC module error : acm_type=0x1, progress=0x0d, error=0xb And the only pseudo-meaningful output in the log (for the uninitiated, in any case) is this: TBOOT: TXT_RESET.STS is set and SENTER is disabled (0x01) I'd guess this _may_ indicate that the BIOS doesn't quite get this LT business right, but I'm only speculating. The full log from txt-stat is included at the end of this mail. On cold boot, the machine reboots immediately just after the tboot sequence, but succeeds on the second try... (again, I have no idea if this is the intended behaviour or not, but I personally find this rather strange...) This, of course, implies (I think) that the included log is for the second "warm" boot... Best, --andraxin ------------------------------------------------TBOOT LOG--- Intel(r) TXT Configuration Registers: STS: 0x00000012 senter_done: FALSE sexit_done: TRUE mem_config_lock: FALSE private_open: FALSE locality_1_open: FALSE locality_2_open: FALSE ESTS: 0x01 txt_reset: TRUE E2STS: 0xffffffffffffffff secrets: TRUE ERRORCODE: 0xc0002cd1 DIDVID: 0x0000001f80038086 vendor_id: 0x8086 device_id: 0x8003 revision_id: 0x1f FSBIF: 0x0000000080001000 QPIIF: 0x00000000044a1000 SINIT.BASE: 0xb7b00000 SINIT.SIZE: 131072B (0x20000) HEAP.BASE: 0xb7b20000 HEAP.SIZE: 917504B (0xe0000) DPR: 0x00000000b7c00031 lock: TRUE top: 0xb7c00000 size: 3MB (3145728B) PUBLIC.KEY: 12 e7 f9 a6 51 4a 3d 61 00 02 e3 e5 f4 a4 9f 61 a3 98 44 de 00 00 00 00 00 00 00 00 00 00 00 00 *********************************************************** TXT measured launch: FALSE secrets flag set: TRUE *********************************************************** TXT.HEAP.BASE: 0xb7b20000 TXT.HEAP.SIZE: 0xe0000 (917504) bios_data (@0x7f9701625018, 24): version: 3 bios_sinit_size: 0x0 (0) lcp_pd_base: 0x0 lcp_pd_size: 0x0 (0) num_logical_procs: 4 flags: 0x00000000 TBOOT log: max_size=7fe8 curr_pos=a52 buf: TBOOT: ******************* TBOOT ******************* TBOOT: unavailable TBOOT: ********************************************* TBOOT: command line: logging=vga,memory TBOOT: BSP is cpu 0 TBOOT: original e820 map: TBOOT: 0000000000000000 - 000000000009dc00 (1) TBOOT: 00000000000f0000 - 0000000000100000 (2) TBOOT: 00000000fec00000 - 0000000100000000 (2) TBOOT: 00000000c0000000 - 00000000d0000000 (2) TBOOT: 000000000009f800 - 00000000000a0000 (2) TBOOT: 00000000b7900000 - 00000000b7c00000 (2) TBOOT: 00000000b7d00000 - 00000000c0000000 (2) TBOOT: 00000000b78f0000 - 00000000b7900000 (2) TBOOT: 0000000000100000 - 00000000b78b0000 (1) TBOOT: 00000000b78e3000 - 00000000b78f0000 (3) TBOOT: 00000000b78b0000 - 00000000b78e3000 (4) TBOOT: 0000000100000000 - 0000000438000000 (1) TBOOT: TPM is ready TBOOT: TPM nv_locked: FALSE TBOOT: TPM timeout values: A: 0, B: 0, C: 2, D: 0 TBOOT: Wrong timeout A, fallback to 750 TBOOT: Wrong timeout B, fallback to 2000 TBOOT: Wrong timeout C, fallback to 750 TBOOT: Wrong timeout D, fallback to 750 TBOOT: reading Verified Launch Policy from TPM NV... TBOOT: :256 bytes read TBOOT: policy: TBOOT: version: 2 TBOOT: policy_type: TB_POLTYPE_CONT_NON_FATAL TBOOT: hash_alg: TB_HALG_SHA1 TBOOT: policy_control: 00000001 (EXTEND_PCR17) TBOOT: num_entries: 2 TBOOT: policy entry[0]: TBOOT: mod_num: 0 TBOOT: pcr: none TBOOT: hash_type: TB_HTYPE_IMAGE TBOOT: num_hashes: 1 TBOOT: hashes[0]: 78 51 9d 81 d3 20 93 55 af 4e 96 79 ac 63 b9 c5 c9 f1 df a7 TBOOT: policy entry[1]: TBOOT: mod_num: 1 TBOOT: pcr: 19 TBOOT: hash_type: TB_HTYPE_IMAGE TBOOT: num_hashes: 1 TBOOT: hashes[0]: 18 df d4 55 68 bc 4b 22 39 ae 4e 4b 14 c6 23 22 5e b9 e3 73 TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07 TBOOT: CPU is SMX-capable TBOOT: CPU is VMX-capable TBOOT: SMX is enabled TBOOT: TXT chipset and all needed capabilities present TBOOT: TXT.ERRORCODE: 0xc0002cd1 TBOOT: AC module error : acm_type=0x1, progress=0x0d, error=0xb TBOOT: TXT.ESTS: 0x1 TBOOT: TXT.E2STS: 0xffffffffffffffff TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07 TBOOT: CPU is SMX-capable TBOOT: CPU is VMX-capable TBOOT: SMX is enabled TBOOT: TXT chipset and all needed capabilities present TBOOT: TXT_RESET.STS is set and SENTER is disabled (0x01) TBOOT: SMX not supported. TBOOT: v2 LCP policy data found TBOOT: Error: ELF magic number is not matched. TBOOT: assuming kernel is Linux format TBOOT: Initrd from 0x7fd85000 to 0x7ffff03d TBOOT: Kernel (protected mode) from 0x100000 to 0x3d9780 TBOOT: Kernel (real mode) from 0x90000 to 0x93400 TBOOT: transfering control to kernel @0x100000... ------------------------------------------------------------------------- ------------------------------------------------------------------------------ Learn Windows Azure Live! Tuesday, Dec 13, 2011 Microsoft is holding a special Learn Windows Azure training event for developers. It will provide a great way to learn Windows Azure and what it provides. You can attend the event by watching it streamed LIVE online. Learn more at http://p.sf.net/sfu/ms-windowsazure _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
