On Tue, 2019-11-05 at 23:02 +0000, travis.gilb...@dell.com wrote: > > -----Original Message----- > > From: Paul Moore (pmoore2) via tboot-devel <tboot- > > de...@lists.sourceforge.net> > > Sent: Tuesday, November 5, 2019 16:50 > > To: lukasz.hawry...@linux.intel.com; > > tboot-devel@lists.sourceforge.net > > Subject: [tboot-devel] Creating a TXT/tboot policy suitable for a > > modern > > system with TXT+TPM2 > > > > > > > > Hi Lukasz, others, > > > > I'm in the process of working on the TXT/sig extensions to the LCP > > but I'm > > running into problems using the tboot tools to create a working LCP > > as a > > baseline. Simply put, the instructions I've been able to find > > either in the > > sources, the mailing list archives, or through Google searches do > > not produce > > a working LCP on my test system. The tools/arguments are either > > wrong, or > > the resulting LCP is bogus. > > I had to patch lcptools-v2 because I found the same problem. Nothing > would produce a good LCP. > > > Before I start hacking away at the tools to get them to create a > > functional LCP > > that tboot understands, does anyone have a working how-to for > > creating a > > LCP using the current sources? > > When I patched lcptools-v2, I added a simple how-to for an MLE LCP, > it's in the mailing list archives at the link below. If you need more, > I have a few other examples. > > https://sourceforge.net/p/tboot/mailman/message/35976955/
Thanks Travis, that got me going in the right direction; I needed to add a tboot policy element to make my system happy, but that was a trivial addition to your instructions above. If you're willing to share your other examples, I'd love to see them, and I'm sure others would as well. Thanks again. _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
