[tboot-devel] "no LCP module found" on Getac X500 G3

[LE ROY Olivier - Contractor]

I have a Getac X500 G3 that I am trying to get TBOOT working on under a
CentOS 7.7 OS with TBOOT 1.9.11. The TBOOT startup, without any policy, looks 
as follows:

TBOOT: IA32_FEATURE_CONTROL_MSR: 0000ff07
TBOOT: CPU is SMX-capable
TBOOT: SMX is enabled
TBOOT: TXT chipset and all needed capabilities present
TBOOT: *********************** TBOOT ***********************
TBOOT:    2019-11-25 16:00 +0200 1.9.11
TBOOT: *****************************************************
TBOOT: command line: extpol=sha256 logging=serial,memory
...
TBOOT: TXT chipset and all needed capabilities present
...
TBOOT: checking if module  is an SINIT for this platform...
TBOOT:      ACM info_table version mismatch (6)
TBOOT: chipset production fused: 1
TBOOT: chipset ids: vendor: 0x8086, device: 0xb006, revision: 0x1
TBOOT: processor family/model/stepping: 0x906e9
TBOOT: platform id: 0x14000000000000
TBOOT:      1 ACM chipset id entries:
TBOOT:          vendor: 0x8086, device: 0xb006, flags: 0x1, revision: 0x1, 
extended: 0x0
TBOOT:      4 ACM processor id entries:
TBOOT:          fms: 0x406e0, fms_mask: 0xfff3ff0, platform_id: 0x0, 
platform_mask: 0x0
TBOOT:          fms: 0x506e0, fms_mask: 0xfff3ff0, platform_id: 0x0, 
platform_mask: 0x0
TBOOT:          fms: 0x806e0, fms_mask: 0xfff3ff0, platform_id: 0x0, 
platform_mask: 0x0
TBOOT:          fms: 0x906e0, fms_mask: 0xfff3ff0, platform_id: 0x0, 
platform_mask: 0x0
...
TBOOT: SINIT matches platform
...
TBOOT: AC mod base alignment OK
TBOOT: AC mod size OK

...
TBOOT: reading Verified Launch Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01200001 in TPM NV
TBOOT:     :reading failed
TBOOT: reading Launch Control Policy from TPM NV...
TBOOT: TPM: fail to get public data of 0x01400001 in TPM NV
TBOOT:     :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:
...
TBOOT: executing GETSEC[SENTER]...


I tried to implement a LCP @ 0x01400001 and a VLP @ 0x01200001. These 2 
policies were known to work on same OS but different platform (Supermicro).

For LCP, I have the following error:

reading Launch Control Policy from TPM NV...
TBOOT:     :70 bytes read
TBOOT: in unwrap_lcp_policy
TBOOT: no LCP module found
TBOOT:     :reading failed
TBOOT: failed to read policy from TPM NV, using default
TBOOT: policy:


I tried to implement the LCP @ 0x01800001, but without success, for this index 
is locked. I.e.: tpm2_nvlist

0x1800001:
  hash algorithm:
    friendly: sha256
    value: 0xB
  attributes:
    friendly: 
authwrite|policydelete|writelocked|writedefine|authread|no_da|written|platformcreate
    value: 0x42C0462
  size: 70
  authorization policy: 
1169A46A813A8CCDD0F3066785207BB9B67AFD3A6CD6DFE5C5AEE120867A96DF

0x1800003:
  hash algorithm:
    friendly: sha256
    value: 0xB
  attributes:
    friendly: 
policywrite|policydelete|write_stclear|authread|no_da|written|platformcreate
    value: 0x8440462
  size: 104
  authorization policy: 
EF9A26FC22D1AE8CECFF59E9481AC1EC533DBE228BEC6D17930F4CB2CC5B9724

0x1800004:
  hash algorithm:
    friendly: sha256
    value: 0xB
  attributes:
    friendly: authwrite|policydelete|authread|no_da|written|platformcreate
    value: 0x4040462
  size: 8
  authorization policy: 
1169A46A813A8CCDD0F3066785207BB9B67AFD3A6CD6DFE5C5AEE120867A96DF

0x1c00002:
  hash algorithm:
    friendly: sha256
    value: 0xB
  attributes:
    friendly: 
ppwrite|writeall|ppread|ownerread|authread|policyread|no_da|written|platformcreate
    value: 0x1100F62
  size: 991

0x1c0000a:
  hash algorithm:
    friendly: sha256
    value: 0xB
  attributes:
    friendly: 
ppwrite|writeall|ppread|ownerread|authread|policyread|no_da|written|platformcreate
    value: 0x1100F62
  size: 788


My LCP is created the following manner:


        tpm2_nvdefine -x 0x01400001 -a 0x40000001 -s 70 -t 0x204000a -P 
$TPM_OWNER_PASSWORD
        lcp2_mlehash --create --alg sha256 --cmdline "extpol=sha256 
logging=serial,memory" /boot/tboot.gz > mle_hash
        lcp2_crtpolelt --create --type mle --alg sha256 --ctrl 0x00 --minver 0 
--out mle.elt mle_hash
        lcp2_crtpollist --create --out list_unsig.lst mle.elt
        lcp2_crtpol --create --type list --pol list.pol --alg sha256 --sign 
0x0A --ctrl 0x00 --data list.data list_unsig.lst
        tpm2_nvwrite -x 0x01400001 -a 0x40000001 -P $TPM_OWNER_PASSWORD list.pol
        cp -f list.data /boot/


Any idea why this LCP, which consists in just an mle element, could be 
functional on a platform and not on another?


Cordialement / regards,

Olivier le Roy (contractor)

HW – SW development engineer
Thales LAS France


_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel