Also,
To just get things working, I would skip creating the policy elements
for the pcrs andcustom, and just go with the mle element. After you get
things working, then is the time to add additional stuff.
Charles
From: Charles Bushong [mailto:busho...@gmail.com]
Sent: Wednesday, March 27, 2013 10:50 AM
To: Fisher, Charles-p99463
Cc: tboot-devel@lists.sourceforge.net
Subject: Re: [tboot-devel] verifying module against policy failed
Charles F.,
Alright, I looked a bit more into this and tried to run something along
these lines:
#Hash tboot.gz
lcp_mlehash -c "logging=vga,serial,memory vga_delay=10 loglvl=all"
/boot/tboot.gz > tboot_hash
#Create the MLE Element
lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt
tboot_hash
#Get current pcr's
export pcr_file=`find /sys/devices -name pcrs`
cat $pcr_file | grep -e PCR-00 -e PCR-01 > pcrs
#Create PCONF element
lcp_crtpolelt --create --type pconf --out pconf.elt pcrs
#Create CUSTOM element (this references the VLP .pol file)
lcp_crtpolelt --create --type custom --out custom.elt --uuid tboot
vl_ver1.pol
#Combine the elements into an unsigned list
lcp_crtpollist --create --out list_unsig.lst mle.elt pconf.elt
custom.elt
#Sign the list
openssl genrsa -out privkey.pem 2048
openssl rsa -pubout -in privkey.pem -out pubkey.pem
cp list_unsig.lst list_sig.lst
lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out
list_sig.lst
lcp_crtpol2 --create --type list --pol list.pol --data list.data
list_{unsig,sig}.lst
#Write the policy to nvram
lcp_writepol -i owner -f list.pol -p $TPM_PASS
When I tried to run this, it spit out the following. I had to
transcribe this myself as I don't have access to the serial printout
right now. Since it wont boot, just restarts after trying to execute
SENTER, I can't access txt-stat either.
TBOOT: TPM: get capability, return value = 00000002
TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV
TBOOT: :reading failed
<I expected this, because I removed the 20000001 index to try and narrow
down the problem>
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT: :54 bytes read
TBOOT: no LCP module found
TBOOT: :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
<default policy>
TBOOT: no policy in TPM NV.
<continued on like normal, then rebooted the machine when trying to
execute SENTER>
Any thoughts?
-Charles B.
On Tue, Mar 26, 2013 at 11:16 AM, Charles Bushong <busho...@gmail.com>
wrote:
Charles F,
You're right. I haven't written anything to the owner index. It seems
in my shuffling of various configurations, that part was lost. The
problem is, now that I'm writing this, it's stopping on SENTER and
rebooting the system. I have tried with the following configurations:
###Attempt 1
###VLP
tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro
root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS
rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet
SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8
KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255"
--image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image
/boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
#### Create and write Launch Control Policy (LCPv1)
lcp_mlehash -c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz >
mle_hash
lcp_crtpol -t hashonly -m mle_hash -o lcp_v1.pol
lcp_writepol -i owner -f lcp_v1.pol -p $TPM_PASS
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS
#### Result: Instant system reset once it hit SENTER
####Attempt 2
###VLP
tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline "ro
root=/dev/mapper/vg_penguin-lv_root intel_iommu=on rd_NO_LUKS
rd_LVM_LV=vg_penguin/lv_swap rd_LVM_LV=vg_penguin/lv_root rd_NO_MD quiet
SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto LANG=en_US.UTF-8
KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet reboot=pci max_loop=255"
--image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64 vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image
/boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
###LCPv2
lcp_mlehash -c "logging=vga,serial,memory loglvl=all" /boot/tboot.gz >
tboot_hash
lcp_crtpolelt --create --type mle --ctrl 0x00 --out mle.elt tboot_hash
lcp_crtpollist --create --out list_unsig.lst mle.elt
lcp_crtpol2 --create --type list --pol list.pol --data list.data
list_unsig.lst
cp list.data /boot
tcsd
lcp_writepol -i owner -f list.pol -p $TPM_PASS
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS
###Add /list.data to /boot/grub/grub.conf
#### Result: Instant system reset once it hit SENTER
The processor is a Xeon X5675. I'll keep playing around with the LCP,
because it seems like this might be the root of my problems. Any
insight you can offer would be a big help.
-Charles B.
On Mon, Mar 25, 2013 at 9:14 PM, <charles.fis...@gdc4s.com> wrote:
There appear to be a couple of things that I don't understand. It
appears that while you have written you VL policy, you haven't written a
Launch Control Policy (which goes in the owner NV index). What your LCP
will be depends on the processor, which you didn't mention in you post.
That is the place the tboot is validated by the SINIT module, and then
when it returns tboot validates the remainder of the modules in grub.
It may be possible to do what you tried, but I have always had to have a
LCP, which is where tboot and it command line are validated, so the
first tb_polgen line is the one for vmlinuz-2.6.32-279...
Charles
From: Charles Bushong [mailto:busho...@gmail.com]
Sent: Monday, March 25, 2013 8:52 AM
To: tboot-devel@lists.sourceforge.net
Subject: [tboot-devel] verifying module against policy failed
Hi all,
I'm trying to get tboot up and running for my first time, and this list
has been a great help. However it seems I'm running into some problems
when actually validating the modules. I was hoping someone might have
some insight as to what I'm doing wrong. I'm using tboot 1.7.3 and
legacy grub if it makes a difference.
I get ownership and define the nvram indicies without much issue
(finally). Then I create and write the v1 policy with this:
tb_polgen --create --type nonfatal vl_ver1.pol
tb_polgen --add --num 0 --pcr 18 --hash image --cmdline
"logging=vga,serial,memory loglvl=all" --image /boot/tboot.gz
vl_ver1.pol
tb_polgen --add --num 1 --pcr 19 --hash image --cmdline
"$kernel_cmdline" --image /boot/vmlinuz-2.6.32-279.5.1.el6.x86_64
vl_ver1.pol
tb_polgen --add --num 2 --pcr 19 --hash image --cmdline "" --image
/boot/initramfs-2.6.32-279.5.1.el6.x86_64.img vl_ver1.pol
lcp_writepol -i 0x20000001 -f vl_ver1.pol -p $TPM_PASS
There are a few red flags that are sticking out to me.
1) Does this post-GETSEC[SENTER] error code mean anything?
TBOOT: TXT.ERRORCODE: 0xc0000001
TBOOT: AC module error : acm_type=0x1, progress=0x00, error=0x0
2) Modules failing.
TBOOT: verifying module "
/vmlinuz-2.6.32-279.5.1.el6.x86_64 (kernel command line)"...
TBOOT: verification failed
TBOOT: verifying module against policy failed.
TBOOT: verifying module "
/initramfs-2.6.32-279.5.1.el6.x86_64.img"...
TBOOT: verification failed
TBOOT: verifying module against policy failed.
TBOOT: all modules are verified
I can't figure out why it's reading the policy without issue, getting
into GETSEC[SENTER], and then still failing the policy check. Any help
or points in the right direction would be appreciated. Thanks!
-Charles
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
