Stupid question -- are you sure you're not reading them with the wrong
endianness? (As in, should they be 0x10000001, 0x10000050, and 0x30000050?)
Regards,
Justin
On 28 April 2014 19:38, Ross Philipson <ross.philip...@citrix.com> wrote:
> On 04/26/2014 02:09 AM, dknueppel wrote:
> > Hi,
> >
> > I'm getting txt error code 0xc0001c41 with rebooting the system
> afterwards.
> >
> > Mainboard Intel S1200RPL
> > CPU XEON E3-1265L
> > TPM AXXTPME5
> > Boot BIOS (i.e. no EFI, EFI boot shows identical behavior)
> > Distribution Ubuntu 14.04 w/ tboot 1.8
> > SINIT 4th_gen_i5_i7_SINIT_75.BIN
> >
> > Attached below how the TPM is set up and the tboot dump.
> >
> > I don't have any clue why I'm still getting the error.
> > According to SINIT_Errors.pdf error indicates "Invalid TPM NV index"
>
> You may be missing some NV indexes that the OEM is supposed to put
> there. For example on my Dell 6430 where I am using the TXT/TPM I have:
>
> # tpmnv_getcap
> The response data is:
> 10 00 00 01 50 00 00 01 50 00 00 03
>
> 3 indices have been defined
> list of indices for defined NV storage areas:
> 0x10000001 0x50000001 0x50000003
>
> The second two need to be there - the are LCP related indexes
> (0x50000001 is LCP supplier and 0x50000003 is AUX2 IIRC). These are
> supposed to be create by the OEM then locked in NV RAM to prevent removal.
>
> >
> > Help pretty much appreciated.
> >
> > Thanks,
> > Dieter
> >
> >
> > + tpm_takeownership -z
> > Enter owner password:
> > Confirm password:
> > + tpmnv_defindex -i 0x20000002 -s 8 -pv 0 -rl 0x07 -wl 0x07 -p password
> > Tspi_NV_DefineSpace failed failed: NVRAM area already exists (0x08313b)
> >
> > Command DefIndex failed:
> > TSS API failed
> > + tpmnv_defindex -i owner -s 0x36 -p password
> > Haven't input permission value, use default value 0x2
> >
> > Successfully defined index 0x40000001 as permission 0x2, data size is 54
> > + tpmnv_defindex -i 0x20000001 -s 512 -pv 0x02 -p password
> >
> > Successfully defined index 0x20000001 as permission 0x2, data size is 512
> > + rm -r tmp
> > + mkdir tmp
> > + cd tmp
> > + lcp_mlehash -c logging=serial,vga,memory /boot/tboot.gz
> > + lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 0 --out
> tboot_mle.elt tboot_hash
> > + lcp_crtpollist --create --out list_unsig.lst tboot_mle.elt
> > + lcp_crtpol2 --create --type list --ctrl 0x02 --pol owner_list.pol
> --data owner_list.data list_unsig.lst
> > + lcp_writepol -i owner -f owner_list.pol -p password
> >
> > Successfully write policy into index 0x40000001
> > + cp owner_list.data /boot
> > + tb_polgen --create --type nonfatal tcb.pol
> > + tb_polgen --add --num 0 --pcr 18 --hash image --cmdline
> 'root=/dev/mapper/test--node--vg-root ro intel_iommu=on' --image
> /boot/vmlinuz-3.13.0-24-generic tcb.pol
> > + tb_polgen --add --num 1 --pcr 19 --hash image --cmdline '' --image
> /boot/initrd.img-3.13.0-24-generic tcb.pol
> > + lcp_writepol -i 0x20000001 -f tcb.pol -p password
> >
> > Successfully write policy into index 0x20000001
> >
> >
> >
> >
> > TBOOT: ******************* TBOOT *******************
> > TBOOT: 2014-01-30 12:00 +0800 1.8.0
> > TBOOT: *********************************************
> > TBOOT: command line: logging=serial,vga,memory
> > TBOOT: BSP is cpu 0
> > TBOOT: original e820 map:
> > TBOOT: 0000000000000000 - 000000000009bc00 (1)
> > TBOOT: 000000000009bc00 - 00000000000a0000 (2)
> > TBOOT: 00000000000e0000 - 0000000000100000 (2)
> > TBOOT: 0000000000100000 - 00000000bbdc7000 (1)
> > TBOOT: 00000000bbdc7000 - 00000000be782000 (2)
> > TBOOT: 00000000be782000 - 00000000be788000 (4)
> > TBOOT: 00000000be788000 - 00000000be8be000 (2)
> > TBOOT: 00000000be8be000 - 00000000be8c2000 (4)
> > TBOOT: 00000000be8c2000 - 00000000be8e3000 (2)
> > TBOOT: 00000000be8e3000 - 00000000be8e4000 (4)
> > TBOOT: 00000000be8e4000 - 00000000be905000 (2)
> > TBOOT: 00000000be905000 - 00000000be915000 (4)
> > TBOOT: 00000000be915000 - 00000000be925000 (2)
> > TBOOT: 00000000be925000 - 00000000beb2f000 (4)
> > TBOOT: 00000000beb2f000 - 00000000bebf0000 (3)
> > TBOOT: 00000000bebf0000 - 00000000bec00000 (1)
> > TBOOT: 00000000bec00000 - 00000000c0000000 (2)
> > TBOOT: 00000000f8000000 - 00000000fc000000 (2)
> > TBOOT: 00000000fec00000 - 00000000fec01000 (2)
> > TBOOT: 00000000fed19000 - 00000000fed1a000 (2)
> > TBOOT: 00000000fed1c000 - 00000000fed20000 (2)
> > TBOOT: 00000000fee00000 - 00000000fee01000 (2)
> > TBOOT: 00000000ff400000 - 0000000100000000 (2)
> > TBOOT: 0000000100000000 - 0000000440000000 (1)
> > TBOOT: TPM: TPM Family 0x3
> > TBOOT: TPM is ready
> > TBOOT: TPM nv_locked: TRUE
> > TBOOT: TPM timeout values: A: 750, B: 750, C: 750, D: 750
> > TBOOT: Wrong timeout B, fallback to 2000
> > TBOOT: Wrong timeout C, fallback to 75000
> > TBOOT: reading Verified Launch Policy from TPM NV...
> > TBOOT: :512 bytes read
> > TBOOT: policy:
> > TBOOT: version: 2
> > TBOOT: policy_type: TB_POLTYPE_CONT_NON_FATAL
> > TBOOT: hash_alg: TB_HALG_SHA1
> > TBOOT: policy_control: 00000001 (EXTEND_PCR17)
> > TBOOT: num_entries: 2
> > TBOOT: policy entry[0]:
> > TBOOT: mod_num: 0
> > TBOOT: pcr: 18
> > TBOOT: hash_type: TB_HTYPE_IMAGE
> > TBOOT: num_hashes: 1
> > TBOOT: hashes[0]: d4 63 4c 11 a3 0f a3 ee a1 dc 4d 34 98 f8 99
> f6 46 51 ca da
> > TBOOT: policy entry[1]:
> > TBOOT: mod_num: 1
> > TBOOT: pcr: 19
> > TBOOT: hash_type: TB_HTYPE_IMAGE
> > TBOOT: num_hashes: 1
> > TBOOT: hashes[0]: 00 ee 09 19 c8 57 c2 12 ce 23 0a 20 02 b8 10
> 8f 74 18 0f 60
> > TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
> > TBOOT: CPU is SMX-capable
> > TBOOT: CPU is VMX-capable
> > TBOOT: SMX is enabled
> > TBOOT: TXT chipset and all needed capabilities present
> > TBOOT: TXT.ERRORCODE: 0xc0001c41
> > TBOOT: AC module error : acm_type=0x1, progress=0x04, error=0x7
> > TBOOT: TXT.ESTS: 0x0
> > TBOOT: TXT.E2STS: 0xc
> > TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
> > TBOOT: CPU is SMX-capable
> > TBOOT: CPU is VMX-capable
> > TBOOT: SMX is enabled
> > TBOOT: TXT chipset and all needed capabilities present
> > TBOOT: TXT.HEAP.BASE: 0xbef20000
> > TBOOT: TXT.HEAP.SIZE: 0xe0000 (917504)
> > TBOOT: bios_data (@0xbef20008, 0x56):
> > TBOOT: version: 4
> > TBOOT: bios_sinit_size: 0xce40 (52800)
> > TBOOT: lcp_pd_base: 0x0
> > TBOOT: lcp_pd_size: 0x0 (0)
> > TBOOT: num_logical_procs: 8
> > TBOOT: flags: 0x00000000
> > TBOOT: ext_data_elts[]:
> > TBOOT: BIOS_SPEC_VER:
> > TBOOT: major: 0x2
> > TBOOT: minor: 0x1
> > TBOOT: rev: 0x0
> > TBOOT: ACM:
> > TBOOT: num_acms: 1
> > TBOOT: acm_addrs[0]: 0xfff7d000
> > TBOOT: CR0 and EFLAGS OK
> > TBOOT: supports preserving machine check errors
> > TBOOT: CPU is ready for SENTER
> > TBOOT: checking previous errors on the last boot.
> > last boot has error.
> > TBOOT: checking if module /4th_gen_i5_i7_SINIT_75.BIN is an SINIT for
> this platform...
> > TBOOT: chipset production fused: 1
> > TBOOT: chipset ids: vendor: 0x8086, device: 0xb002, revision: 0x1
> > TBOOT: processor family/model/stepping: 0x306c3
> > TBOOT: platform id: 0x4000000000000
> > TBOOT: 1 ACM chipset id entries:
> > TBOOT: vendor: 0x8086, device: 0xb002, flags: 0x1, revision: 0x1,
> extended: 0x0
> > TBOOT: 3 ACM processor id entries:
> > TBOOT: fms: 0x306c0, fms_mask: 0xfff3ff0, platform_id: 0x0,
> platform_mask: 0x0
> > TBOOT: SINIT matches platform
> > TBOOT: TXT.SINIT.BASE: 0xbef00000
> > TBOOT: TXT.SINIT.SIZE: 0x20000 (131072)
> > TBOOT: BIOS has already loaded an SINIT module
> > TBOOT: 1 ACM chipset id entries:
> > TBOOT: vendor: 0x8086, device: 0xb002, flags: 0x1, revision: 0x1,
> extended: 0x0
> > TBOOT: 3 ACM processor id entries:
> > TBOOT: fms: 0x306c0, fms_mask: 0xfff3ff0, platform_id: 0x0,
> platform_mask: 0x0
> > TBOOT: BIOS-provided SINIT is older: date=20130612
> > TBOOT: copied SINIT (size=ce40) to 0xbef00000
> > TBOOT: AC mod base alignment OK
> > TBOOT: AC mod size OK
> > TBOOT: AC module header dump for SINIT:
> > TBOOT: type: 0x2 (ACM_TYPE_CHIPSET)
> > TBOOT: subtype: 0x0
> > TBOOT: length: 0xa1 (161)
> > TBOOT: version: 0
> > TBOOT: chipset_id: 0xb002
> > TBOOT: flags: 0x0
> > TBOOT: pre_production: 0
> > TBOOT: debug_signed: 0
> > TBOOT: vendor: 0x8086
> > TBOOT: date: 0x20130712
> > TBOOT: size*4: 0xce40 (52800)
> > TBOOT: code_control: 0x0
> > TBOOT: entry point: 0x00000008:000062dc
> > TBOOT: scratch_size: 0x8f (143)
> > TBOOT: info_table:
> > TBOOT: uuid: {0x7fc03aaa, 0x46a7, 0x18db, 0xac2e,
> > {0x69, 0x8f, 0x8d, 0x41, 0x7f, 0x5a}}
> > TBOOT: ACM_UUID_V3
> > TBOOT: chipset_acm_type: 0x1 (SINIT)
> > TBOOT: version: 4
> > TBOOT: length: 0x2c (44)
> > TBOOT: chipset_id_list: 0x4ec
> > TBOOT: os_sinit_data_ver: 0x6
> > TBOOT: min_mle_hdr_ver: 0x00020000
> > TBOOT: capabilities: 0x0000002e
> > TBOOT: rlp_wake_getsec: 0
> > TBOOT: rlp_wake_monitor: 1
> > TBOOT: ecx_pgtbl: 1
> > TBOOT: stm: 1
> > TBOOT: pcr_map_no_legacy: 0
> > TBOOT: pcr_map_da: 1
> > TBOOT: platform_type: 0
> > TBOOT: max_phy_addr: 0
> > TBOOT: acm_ver: 75
> > TBOOT: chipset list:
> > TBOOT: count: 1
> > TBOOT: entry 0:
> > TBOOT: flags: 0x1
> > TBOOT: vendor_id: 0x8086
> > TBOOT: device_id: 0xb002
> > TBOOT: revision_id: 0x1
> > TBOOT: extended_id: 0x0
> > TBOOT: processor list:
> > TBOOT: count: 3
> > TBOOT: entry 0:
> > TBOOT: fms: 0x306c0
> > TBOOT: fms_mask: 0xfff3ff0
> > TBOOT: platform_id: 0x0
> > TBOOT: platform_mask: 0x0
> > TBOOT: entry 1:
> > TBOOT: fms: 0x40660
> > TBOOT: fms_mask: 0xfff3ff0
> > TBOOT: platform_id: 0x0
> > TBOOT: platform_mask: 0x0
> > TBOOT: entry 2:
> > TBOOT: fms: 0x40650
> > TBOOT: fms_mask: 0xfff3ff0
> > TBOOT: platform_id: 0x0
> > TBOOT: platform_mask: 0x0
> > TBOOT: file addresses:
> > TBOOT: &_start=0x804000
> > TBOOT: &_end=0xac6460
> > TBOOT: &_mle_start=0x804000
> > TBOOT: &_mle_end=0x834000
> > TBOOT: &_post_launch_entry=0x804010
> > TBOOT: &_txt_wakeup=0x8041f0
> > TBOOT: &g_mle_hdr=0x81b5a0
> > TBOOT: MLE header:
> > TBOOT: uuid={0x9082ac5a, 0x476f, 0x74a7, 0x5c0f,
> > {0x55, 0xa2, 0xcb, 0x51, 0xb6, 0x42}}
> > TBOOT: length=34
> > TBOOT: version=00020001
> > TBOOT: entry_point=00000010
> > TBOOT: first_valid_page=00000000
> > TBOOT: mle_start_off=4000
> > TBOOT: mle_end_off=34000
> > TBOOT: capabilities: 0x00000027
> > TBOOT: rlp_wake_getsec: 1
> > TBOOT: rlp_wake_monitor: 1
> > TBOOT: ecx_pgtbl: 1
> > TBOOT: stm: 0
> > TBOOT: pcr_map_no_legacy: 0
> > TBOOT: pcr_map_da: 1
> > TBOOT: platform_type: 0
> > TBOOT: max_phy_addr: 0
> > TBOOT: MLE start=804000, end=834000, size=30000
> > TBOOT: ptab_size=3000, ptab_base=0x801000
> > TBOOT: TXT.HEAP.BASE: 0xbef20000
> > TBOOT: TXT.HEAP.SIZE: 0xe0000 (917504)
> > TBOOT: bios_data (@0xbef20008, 0x56):
> > TBOOT: version: 4
> > TBOOT: bios_sinit_size: 0xce40 (52800)
> > TBOOT: lcp_pd_base: 0x0
> > TBOOT: lcp_pd_size: 0x0 (0)
> > TBOOT: num_logical_procs: 8
> > TBOOT: flags: 0x00000000
> > TBOOT: ext_data_elts[]:
> > TBOOT: BIOS_SPEC_VER:
> > TBOOT: major: 0x2
> > TBOOT: minor: 0x1
> > TBOOT: rev: 0x0
> > TBOOT: ACM:
> > TBOOT: num_acms: 1
> > TBOOT: acm_addrs[0]: 0xfff7d000
> > TBOOT: discarding RAM above reserved regions: 0xbebf0000 - 0xbec00000
> > TBOOT: min_lo_ram: 0x0, max_lo_ram: 0xbbdc7000
> > TBOOT: min_hi_ram: 0x100000000, max_hi_ram: 0x440000000
> > TBOOT: no LCP module found
> > TBOOT: os_sinit_data (@0xbef3517e, 0x7c):
> > TBOOT: version: 6
> > TBOOT: flags: 0
> > TBOOT: mle_ptab: 0x801000
> > TBOOT: mle_size: 0x30000 (196608)
> > TBOOT: mle_hdr_base: 0x175a0
> > TBOOT: vtd_pmr_lo_base: 0x0
> > TBOOT: vtd_pmr_lo_size: 0xbbc00000
> > TBOOT: vtd_pmr_hi_base: 0x100000000
> > TBOOT: vtd_pmr_hi_size: 0x340000000
> > TBOOT: lcp_po_base: 0x0
> > TBOOT: lcp_po_size: 0x0 (0)
> > TBOOT: capabilities: 0x00000002
> > TBOOT: rlp_wake_getsec: 0
> > TBOOT: rlp_wake_monitor: 1
> > TBOOT: ecx_pgtbl: 0
> > TBOOT: stm: 0
> > TBOOT: pcr_map_no_legacy: 0
> > TBOOT: pcr_map_da: 0
> > TBOOT: platform_type: 0
> > TBOOT: max_phy_addr: 0
> > TBOOT: efi_rsdt_ptr: 0x0
> > TBOOT: ext_data_elts[]:
> > TBOOT: EVENT_LOG_POINTER:
> > TBOOT: size: 16
> > TBOOT: elog_addr: 0xbef30176
> > TBOOT: Event Log Container:
> > TBOOT: Signature: TXT Event Container
> > TBOOT: ContainerVer: 1.0
> > TBOOT: PCREventVer: 1.0
> > TBOOT: Size: 20480
> > TBOOT: EventsOffset: [48,48)
> > TBOOT: setting MTRRs for acmod: base=0xbef00000, size=0xce40,
> num_pages=13
> > TBOOT: executing GETSEC[SENTER]...
> >
> >
> >
> >
> >
> ------------------------------------------------------------------------------
> > Start Your Social Network Today - Download eXo Platform
> > Build your Enterprise Intranet with eXo Platform Software
> > Java Based Open Source Intranet - Social, Extensible, Cloud Ready
> > Get Started Now And Turn Your Intranet Into A Collaboration Platform
> > http://p.sf.net/sfu/ExoPlatform
> > _______________________________________________
> > tboot-devel mailing list
> > tboot-devel@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/tboot-devel
> >
>
>
> --
> Ross Philipson
>
>
> ------------------------------------------------------------------------------
> "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
> Instantly run your Selenium tests across 300+ browser/OS combos. Get
> unparalleled scalability from the best Selenium testing platform available.
> Simple to use. Nothing to install. Get started now for free."
> http://p.sf.net/sfu/SauceLabs
> _______________________________________________
> tboot-devel mailing list
> tboot-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>
------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos. Get
unparalleled scalability from the best Selenium testing platform available.
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
