Charles F.,
The processor is a Xeon X5675. Sorry for the omission in the last email as
my first reply bounced back. Yes, /boot/list.data exists and is present in
grub.conf. I don't have an SINIT defined in my grub.conf because previous
instances in using it gave a message saying the one included in my BIOS is
a newer version, so it was ignoring the supplied one and using the BIOS
provided SINIT module. I will try adding it
(Xeon-5600-3500-SINIT-v1.1.BIN) back in to grub conf and see if that
helps. Thanks for the suggestion to only use the mle element.
grub.conf:
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.32-279.5.1.el6.x86_64)
root (hd0,0)
kernel /tboot.gz logging=vga,serial,memory vga_delay=15 loglvl=all
module /vmlinuz-2.6.32-279.5.1.el6.x86_64 ro
root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS
rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet
SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8
KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255
module /initramfs-2.6.32-279.5.1.el6.x86_64.img
module /Xeon-5600-3500-SINIT-v1.1.BIN
module /list.data
I tried creating a policy with just the MLE element, and wrote it to the
owner index:
# tpmnv_relindex -i 0x20000001 -p $TPM_PASS
# lcp_writepol -i owner -f list.pol -p $TPM_PASS
Successfully write policy into index 0x40000001
# lcp_readpol -i owner -p $TPM_PASS
No size has been specified. Will read all index data.
begin to call the tss Tspi_NV_ReadValue
the policy is:
02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 e1 88 37 d8 77 00 16 e2 a0 4d 56 ae 61 e0
0b eb 28 1f f0 b9
version: 2
hash_alg: 2
policy_type: 0 - LCP_POLTYPE_HASHONLY
sinit_revocation_counter: 0
policy_control: 0
policy_hash: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Successfully read value from index: 0x40000001.
Upon reboot, I got the following:
TBOOT: reading Verified Launch Policy from TPM NV...
TBOOT: TPM: get capability, return value = 00000002
TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV
TBOOT: :reading failed
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT: :54 bytes read
TBOOT: v2 LCP policy data found
TBOOT: :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
<default policy>
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return =
00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: no policy in TPM NV
TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
<etc>
TBOOT: executing GETSEC[SENTER]...
<Machine reboot>
One interesting thing I noticed this go around is that the TBOOT header
says it's version 1.7.2, even though I downloaded the 1.7.3 source and
compiled it for this machine. Did someone just forget to increment the
version? Or am I incorrect about the code I got from sourceforge?
-Charles B
On Wed, Mar 27, 2013 at 2:06 PM, <charles.fis...@gdc4s.com> wrote:
> Also,****
>
> ** **
>
> To just get things working, I would skip creating the policy elements for
> the pcrs andcustom, and just go with the mle element. After you get things
> working, then is the time to add additional stuff.****
>
> ** **
>
> Charles****
>
> ** **
>
> *From:* Charles Bushong [mailto:busho...@gmail.com]
> *Sent:* Wednesday, March 27, 2013 10:50 AM
> *To:* Fisher, Charles-p99463
> *Cc:* tboot-devel@lists.sourceforge.net
> *Subject:* Re: [tboot-devel] verifying module against policy failed****
>
> ** **
>
> Charles F.,****
>
> Alright, I looked a bit more into this and tried to run something along
> these lines:
>
> #Hash tboot.gz
> lcp_mlehash –c "logging=vga,serial,memory vga_delay=10 loglvl=all"
> /boot/tboot.gz > tboot_hash
> #Create the MLE Element
> lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt
> tboot_hash
> #Get current pcr's
> export pcr_file=`find /sys/devices -name pcrs`
> cat $pcr_file | grep -e PCR-00 -e PCR-01 > pcrs
> #Create PCONF element
> lcp_crtpolelt --create --type pconf --out pconf.elt pcrs
> #Create CUSTOM element (this references the VLP .pol file)
> lcp_crtpolelt --create --type custom --out custom.elt --uuid tboot
> vl_ver1.pol
> #Combine the elements into an unsigned list
> lcp_crtpollist --create --out list_unsig.lst mle.elt pconf.elt custom.elt
> #Sign the list
> openssl genrsa -out privkey.pem 2048
> openssl rsa -pubout -in privkey.pem -out pubkey.pem
> cp list_unsig.lst list_sig.lst
> lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out
> list_sig.lst
> lcp_crtpol2 --create --type list --pol list.pol --data list.data
> list_{unsig,sig}.lst
> #Write the policy to nvram
> lcp_writepol -i owner -f list.pol -p $TPM_PASS****
>
> When I tried to run this, it spit out the following. I had to transcribe
> this myself as I don't have access to the serial printout right now. Since
> it wont boot, just restarts after trying to execute SENTER, I can't access
> txt-stat either.****
>
> TBOOT: TPM: get capability, return value = 00000002****
>
> TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV****
>
> TBOOT: :reading failed****
>
> <I expected this, because I removed the 20000001 index to try and narrow
> down the problem>****
>
> TBOOT: reading Launch Control Policy from TPM NV...****
>
> TBOOT: :54 bytes read****
>
> TBOOT: no LCP module found
> TBOOT: :reading failed****
>
> TBOOT: failed to read policy from TPM NV, using default
> TBOOT: policy:****
>
> <default policy>****
>
> TBOOT: no policy in TPM NV.****
>
> <continued on like normal, then rebooted the machine when trying to
> execute SENTER>****
>
> Any thoughts?****
>
>
> ****
>
> -Charles B.****
>
> ** **
>
> On Tue, Mar 26, 2013 at 11:16 AM, Charles Bushong <busho...@gmail.com>
> wrote:****
>
> Charles F,****
>
> You're right. I haven't written anything to the owner index. It seems in
> my shuffling of various configurations, that part was lost. The problem
> is, now that I'm writing this, it's stopping on SENTER and rebooting the
> system. I have tried with the following configurations:
>
> ###Attempt 1
> ###VLP****
>
>
> tb_polgen --create --type nonfatal vl_ver1.pol****
>
> tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro
> root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS
> rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet
> SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8
> KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255"
> --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
> tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image
> /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
>
> #### Create and write Launch Control Policy (LCPv1)
> lcp_mlehash -c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz >
> mle_hash
> lcp_crtpol -t hashonly -m mle_hash -o lcp_v1.pol
>
> lcp_writepol -i owner -f lcp_v1.pol -p $TPM_PASS****
>
>
> lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS****
>
> #### Result: Instant system reset once it hit SENTER
>
> ####Attempt 2
> ###VLP****
>
>
> tb_polgen --create --type nonfatal vl_ver1.pol****
>
> tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro
> root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS
> rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet
> SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8
> KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255"
> --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
> tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image
> /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
>
> ###LCPv2
> lcp_mlehash –c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz >
> tboot_hash
> lcp_crtpolelt --create --type mle --ctrl 0x00 --out mle.elt tboot_hash
> lcp_crtpollist --create --out list_unsig.lst mle.elt
> lcp_crtpol2 --create --type list --pol list.pol --data list.data
> list_unsig.lst
> cp list.data /boot
>
> tcsd
> lcp_writepol -i owner -f list.pol -p $TPM_PASS****
>
>
> lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS****
>
> ###Add /list.data to /boot/grub/grub.conf
>
> #### Result: Instant system reset once it hit SENTER****
>
> The processor is a Xeon X5675. I'll keep playing around with the LCP,
> because it seems like this might be the root of my problems. Any insight
> you can offer would be a big help.****
>
> ** **
>
> -Charles B.****
>
> ** **
>
> ** **
>
> On Mon, Mar 25, 2013 at 9:14 PM, <charles.fis...@gdc4s.com> wrote:****
>
> There appear to be a couple of things that I don’t understand. It appears
> that while you have written you VL policy, you haven’t written a Launch
> Control Policy (which goes in the owner NV index). What your LCP will be
> depends on the processor, which you didn’t mention in you post. That is the
> place the tboot is validated by the SINIT module, and then when it returns
> tboot validates the remainder of the modules in grub.****
>
> ****
>
> It may be possible to do what you tried, but I have always had to have a
> LCP, which is where tboot and it command line are validated, so the first
> tb_polgen line is the one for vmlinuz-2.6.32-279…****
>
> ****
>
> Charles****
>
> ****
>
> *From:* Charles Bushong [mailto:busho...@gmail.com]
> *Sent:* Monday, March 25, 2013 8:52 AM
> *To:* tboot-devel@lists.sourceforge.net
> *Subject:* [tboot-devel] verifying module against policy failed****
>
> ****
>
> Hi all,****
>
> I'm trying to get tboot up and running for my first time, and this list
> has been a great help. However it seems I'm running into some problems
> when actually validating the modules. I was hoping someone might have some
> insight as to what I'm doing wrong. I'm using tboot 1.7.3 and legacy grub
> if it makes a difference.****
>
> I get ownership and define the nvram indicies without much issue
> (finally). Then I create and write the v1 policy with this:
>
> tb_polgen --create --type nonfatal vl_ver1.pol
> tb_polgen --add --num 0 --pcr 18 --hash image --cmdline
> "logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz vl_ver1.pol
> tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "$kernel_cmdline"
> --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
> tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image
> /boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
> lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS****
>
> There are a few red flags that are sticking out to me.****
>
> 1) Does this post-GETSEC[SENTER] error code mean anything?****
>
> TBOOT: TXT.ERRORCODE: 0xc0000001
> TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0****
>
> ****
>
> 2) Modules failing.
> TBOOT: verifying module "
> /vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"...
> TBOOT: verification failed
> TBOOT: verifying module against policy failed.
> TBOOT: verifying module "
> /initramfs-2.6.32-279.5.1.el6.x86_64.img"...
> TBOOT: verification failed
> TBOOT: verifying module against policy failed.
> TBOOT: all modules are verified****
>
> I can't figure out why it's reading the policy without issue, getting into
> GETSEC[SENTER], and then still failing the policy check. Any help or
> points in the right direction would be appreciated. Thanks!****
>
>
> ****
>
> -Charles****
>
> ** **
>
> ** **
>
------------------------------------------------------------------------------
Own the Future-Intel® Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest.
Compete for recognition, cash, and the chance to get your game
on Steam. $5K grand prize plus 10 genre and skill prizes.
Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
