Hi Olivier On Tue, 2020-02-04 at 13:50 +0000, LE ROY Olivier - Contractor wrote: > Hi, > > I am trying to get a simple LCP_ANY launch control policy to work on a > Supermicro X11SPM-TF server with AOM-TPM-9670V TPM 2.0 module, without > success. I get the "read error" from SINIT ACM each time. > > I am using tboot version 1.9.9. > > The LCP_ANY policy was created using two different ways: > > 1/ with lcp-gen2 python tools available in tboot sources, > > 2/ using a ready-made binary file, which is known to work, that is provided > by Dr. G.W. Wettstein, and was contributed on this mailing list: > (https://sourceforge.net/p/tboot/mailman/message/36477790/) > Dump of the platform owner NVram definition with functional LCP_ANY policy: > > 00000016: 00 03 0b 00 01 00 00 00 00 00 00 00 00 00 00 00 ................ > 00000032: 00 00 00 00 00 00 02 00 00 00 00 00 c8 00 08 30 ...............0 > 00000048: 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ > 00000064: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ > 00000070: 00 00 00 00 00 00 ................ > > Attributes: 0x224000a > OWNERWRITE > POLICYWRITE > AUTHREAD > NO_DA > WRITTEN > and NVram index to 0x1c10106 for my Cascade Lake Intel Xeon Silver 4216 CPU > based chipset. > > These two policies fail with following tboot error: > TBOOT: no SINIT provided by bootloader; using BIOS SINIT > ... > TBOOT: reading Verified Launch Policy from TPM NV... > TBOOT: TPM: fail to get public data of 0x01C10131 in TPM NV > TBOOT: :reading failed > TBOOT: reading Launch Control Policy from TPM NV... > TBOOT: :70 bytes read > TBOOT: :reading failed > TBOOT: failed to read policy from TPM NV, using default > TBOOT: policy:
What exactly did you add to that policy in lcp-gen2 tool? LCP is a policy dedicated for SINIT, not for TBOOT. There is a possibility to add additional data to LCP called custom element. TBOOT reads LCP and than checks if there is a custom element that it can use as its own policy (called VLP). If it does not find any, it will throw "reading failed" error. The another approach is to create separate index for VLP (0x01C10131) and put VLP there. > The point is the SINIT ACM reads my LCP_ANY policy from TPM2 NVram but > doesn't seem to understand it. > > There are no reason indicated in the TBOOT log. What do mean "doesn't seem to understand it"? With LCP_ANY SINIT will allow any MLE to be executed. As I write above - TBOOT does not parse and apply LCP it only searches for embedded VLP, so you will not get any information in logs. > > One reason I think of could be that the NVram index 0x01C10106 wasn't defined > with proper attributes. > I define it with: > > tpm2_nvdefine -x 0x01c10106 -a 0x40000001 -s 70 -t 0x0204000a -P password That looks correct. Thanks, Lukasz _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
