I'm having the following issue on a Intel server board (Haswell):
S1200V3RPS
tboot seems to indicate that nvram is locked.
Is my nvram locked? How is it unlocked? How do I establish physical
presence, there is nothing in the BIOS except TPM ON/OFF.
$ tpmnv_defindex -i owner
Haven't input permission value, use default value 0x2
Haven't input data size, use default value 54
*Tspi_NV_DefineSpace failed failed: Bad physical presence value (0x082d)*
$ tpm_nvinfo
NVRAM index : 0x10000001 (268435457)
PCR read selection:
Localities : ALL
PCR write selection:
Localities : ALL
Permissions : 0x00001002 (WRITEALL|OWNERWRITE)
bReadSTClear : FALSE
bWriteSTClear : FALSE
bWriteDefine : FALSE
Size : 20 (0x14)
NVRAM index : 0x1000f000 (268496896)
PCR read selection:
Localities : ALL
PCR write selection:
Localities : ALL
Permissions : 0x00020002 (OWNERREAD|OWNERWRITE)
bReadSTClear : FALSE
bWriteSTClear : FALSE
bWriteDefine : FALSE
Size : 1129 (0x469)
NVRAM index : 0x50000003 (1342177283)
PCR read selection:
Localities : ALL
PCR write selection:
Localities : 0x18
Permissions : 0x00000000 ()
bReadSTClear : FALSE
bWriteSTClear : FALSE
bWriteDefine : FALSE
Size : 96 (0x60)
NVRAM index : 0x50000001 (1342177281)
PCR read selection:
Localities : ALL
PCR write selection:
Localities : ALL
Permissions : 0x00002000 (WRITEDEFINE)
bReadSTClear : FALSE
bWriteSTClear : FALSE
bWriteDefine : TRUE
Size : 54 (0x36)
$ txt-stat
Intel(r) TXT Configuration Registers:
STS: 0x00000002
senter_done: FALSE
sexit_done: TRUE
mem_config_lock: FALSE
private_open: FALSE
locality_1_open: FALSE
locality_2_open: FALSE
ESTS: 0x00
txt_reset: FALSE
E2STS: 0x0000000000000004
secrets: FALSE
ERRORCODE: 0x00000000
DIDVID: 0x00000001b0028086
vendor_id: 0x8086
device_id: 0xb002
revision_id: 0x1
FSBIF: 0xffffffffffffffff
QPIIF: 0x000000009d003000
SINIT.BASE: 0x00000000
SINIT.SIZE: 0B (0x0)
HEAP.BASE: 0x00000000
HEAP.SIZE: 0B (0x0)
DPR: 0x0000000000000000
lock: FALSE
top: 0x00000000
size: 0MB (0B)
PUBLIC.KEY:
...
***********************************************************
TXT measured launch: FALSE
secrets flag set: FALSE
***********************************************************
TBOOT log:
max_size=7fe8
curr_pos=abd
buf:
TBOOT: ******************* TBOOT *******************
TBOOT: 2013-07-05 12:00 +0800 1.7.4
TBOOT: *********************************************
TBOOT: command line: logging=serial,vga,memory
TBOOT: BSP is cpu 0
TBOOT: original e820 map:
TBOOT: 0000000000000000 - 000000000009bc00 (1)
TBOOT: 000000000009bc00 - 00000000000a0000 (2)
TBOOT: 00000000000e0000 - 0000000000100000 (2)
TBOOT: 0000000000100000 - 000000009e828000 (1)
TBOOT: 000000009e828000 - 00000000ae8a9000 (4)
TBOOT: 00000000ae8a9000 - 00000000b21c8000 (1)
TBOOT: 00000000b21c8000 - 00000000b4d2f000 (2)
TBOOT: 00000000b4d2f000 - 00000000b4f2f000 (4)
TBOOT: 00000000b4f2f000 - 00000000b4ff0000 (3)
TBOOT: 00000000b4ff0000 - 00000000b5000000 (1)
TBOOT: 00000000b5000000 - 00000000c0000000 (2)
TBOOT: 00000000f8000000 - 00000000fc000000 (2)
TBOOT: 00000000fec00000 - 00000000fec01000 (2)
TBOOT: 00000000fed19000 - 00000000fed1a000 (2)
TBOOT: 00000000fed1c000 - 00000000fed20000 (2)
TBOOT: 00000000fee00000 - 00000000fee01000 (2)
TBOOT: 00000000ff400000 - 0000000100000000 (2)
TBOOT: 0000000100000000 - 0000000440000000 (1)
TBOOT: TPM is ready
*TBOOT: TPM nv_locked: TRUE
*TBOOT: TPM timeout values: A: 750, B: 750, C: 750, D: 750
TBOOT: Wrong timeout B, fallback to 2000
TBOOT: reading Verified Launch Policy from TPM NV...
TBOOT: TPM: get capability, return value = 00000002
TBOOT: TPM: fail to get public data of 0x20000001 in TPM NV
TBOOT: :reading failed
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT: TPM: get capability, return value = 00000002
TBOOT: TPM: fail to get public data of 0x40000001 in TPM NV
TBOOT: :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
TBOOT: version: 2
TBOOT: policy_type: TB_POLTYPE_CONT_NON_FATAL
TBOOT: hash_alg: TB_HALG_SHA1
TBOOT: policy_control: 00000001 (EXTEND_PCR17)
TBOOT: num_entries: 2
TBOOT: policy entry[0]:
TBOOT: mod_num: 0
TBOOT: pcr: none
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: policy entry[1]:
TBOOT: mod_num: any
TBOOT: pcr: 19
TBOOT: hash_type: TB_HTYPE_ANY
TBOOT: num_hashes: 0
TBOOT: TPM: write nv 20000002, offset 00000000, 00000004 bytes, return =
00000002
TBOOT: Error: write TPM error: 0x2.
TBOOT: no policy in TPM NV.
TBOOT: IA32_FEATURE_CONTROL_MSR: 00000005
TBOOT: CPU is SMX-capable
TBOOT: ERR: SENTER disabled by feature control MSR (5)
TBOOT: SMX not supported.
TBOOT: no LCP module found
TBOOT: Error: ELF magic number is not matched.
TBOOT: assuming kernel is Linux format
TBOOT: Initrd from 0x7f06d000 to 0x7ffff800
TBOOT: Kernel (protected mode) from 0x1000000 to 0x1316860
TBOOT: Kernel (real mode) from 0x90000 to 0x94200
TBOOT: transfering control to kernel @0x1000000...
Alexander
------------------------------------------------------------------------------
Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
