Already setup TPM trusted boot with Linux Kernel, seems whenever I change
the tboot binary/parameters or kernel binary/parameters, the boot will fail
as expected.
However, I do see some logging information that indicates tboot might use
seal operations, or try to write tpm nv ram, e.g.
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return =
00000002^M
TBOOT: Error: write TPM error: 0x2.
TBOOT: TPM: seal data, return value = 00000001^M
TBOOT: failed to seal data
TBOOT: creation or verification of S3 measurements failed.
Why tboot needs to seal something after/for verification? In that
case, is there any other way to pass the TPM password to tboot instead
of simply setting it as all zero?
Best wishes,
--
Ning Qu
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
