Hi Vicky, No problem! Just rebooted my sw TPM and it seems OK this time. However there is one thing I dont' quite understand. Even though my createek and take_onwership commands went through, there is this error message always popped up. As you can see in the following example:
$ tpm_createek Tspi_TPM_CreateEndorsementKey failed: 0x00000008 - layer=tpm, code=0008 (8), The TPM target command has been disabled ←- NOT Sure why this message!!!??? $ ./getcapability -cap 4 -scap 108 Result for capability 0x4, subcapability 0x108 is : Permanent flags: Disabled: FALSE Ownership: TRUE Deactivated: FALSE Read Pubek: TRUE Disable Owner Clear: FALSE Allow Maintenance: TRUE Physical Presence Lifetime Lock: FALSE Physical Presence HW Enable: FALSE Physical Presence CMD Enable: TRUE CEKPUsed: TRUE TPMpost: FALSE TPMpost Lock: FALSE FIPS: FALSE Operator: FALSE Enable Revoke EK: FALSE NV Locked: TRUE Read SRK pub: FALSE TPM established: FALSE Maintenance done: FALSE Disable full DA logic info: FALSE [$ tpm_takeownership -zy $ tpm_getpubek -z Tspi_TPM_GetPubEndorsementKey failed: 0x00000008 - layer=tpm, code=0008 (8), The TPM target command has been disabled Public Endorsement Key: Version: 01010000 Usage: 0x0002 (Unknown) Flags: 0x00000000 (!VOLATILE, !MIGRATABLE, !REDIRECTION) AuthUsage: 0x00 (Never) Algorithm: 0x00000020 (Unknown) Encryption Scheme: 0x00000012 (Unknown) Signature Scheme: 0x00000010 (Unknown) Public Key: f64ff2a0 76db20e9 aa5f5bc8 d931333e 2a4c38e9 87b729fb 165fe2ae 376346a5 18a30d4d 60a8eff2 d15336c5 64435ff7 13a66a44 b2a7ca8d d2252028 3efe8be6 6ec22842 4abf2899 41453392 4012a031 4fc82774 677524f8 d50601d1 ab93cb32 c91fc96f 8d6fd338 26c862e4 82ff08dd 2ce6634e 8f8b5115 81ec8da5 5f3e27f2 6e3a2c1a ba5f3366 ccbde800 950eff68 3b9dc108 638f3ccc 1ce78d55 b6ae3743 db2b7ada a0b7bd37 d96112c6 71e5ce65 48e9d099 8bcea038 9cc05311 0e4d175b d9c35338 601676a1 bd2c5724 a0cce5e1 b4f7ff50 02cd6fe0 5ca91c09 b42cc00b 45534fe9 e770fad1 f5594cb2 67b77c11 3cb78931 fd9cc4d9 3ea923bc 71fa1b47 On Thu, Mar 26, 2015 at 10:32 AM, Hon Ching Lo <[email protected]> wrote: > David, Sorry, I misread your email thinking that it was for a real HW > TPM.. > > On Thu, Mar 26, 2015 at 11:31 AM, David Li <[email protected]> wrote: >> >> Hi Vicky, >> >> Do you mean that the machine I am running this test needs to have >> virtualization enabled? >> >> And I am not sure I understand why virtualization is needed for SW TPM to >> work. >> >> David >> >> >> On Wed, Mar 25, 2015 at 6:19 PM, Hon Ching Lo <[email protected]> >> wrote: >> > Hi, >> > >> > You need to make sure that you enable virtualization in the BIOS. >> > Depending >> > on your hardware, you >> > may have to tweak a couple times to make it work. >> > >> > >> > Vicky >> > >> > On Wed, Mar 25, 2015 at 7:58 PM, David Li <[email protected]> wrote: >> >> >> >> Hi, >> >> >> >> I see this problem was discussed before for a real HW TPM. >> >> I am running SW TPM and TSS stack on top of it. Now I am trying to >> >> take ownership, after clearing it, >> >> >> >> tpm_clear -f >> >> Tspi_TPM_ClearOwner failed: 0x00000007 - layer=tpm, code=0007 (7), TPM >> >> is disabled >> >> >> >> $ tpm_takeownership -zy >> >> Tspi_TPM_TakeOwnership failed: 0x00000007 - layer=tpm, code=0007 (7), >> >> TPM is disabled >> >> >> >> I use getcapability tool to dump the following: >> >> >> >> $ ./getcapability -cap 4 -scap 0108 >> >> Result for capability 0x4, subcapability 0x108 is : >> >> Permanent flags: >> >> Disabled: TRUE >> >> Ownership: TRUE >> >> Deactivated: TRUE >> >> Read Pubek: TRUE >> >> Disable Owner Clear: FALSE >> >> Allow Maintenance: TRUE >> >> Physical Presence Lifetime Lock: FALSE >> >> Physical Presence HW Enable: FALSE >> >> Physical Presence CMD Enable: TRUE >> >> CEKPUsed: TRUE >> >> TPMpost: FALSE >> >> TPMpost Lock: FALSE >> >> FIPS: FALSE >> >> Operator: FALSE >> >> Enable Revoke EK: FALSE >> >> NV Locked: TRUE >> >> Read SRK pub: FALSE >> >> TPM established: FALSE >> >> Maintenance done: FALSE >> >> Disable full DA logic info: FALSE >> >> >> >> Any suggestions what command I need to run next to solve this problem? >> >> >> >> Thanks. >> >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> Dive into the World of Parallel Programming The Go Parallel Website, >> >> sponsored >> >> by Intel and developed in partnership with Slashdot Media, is your hub >> >> for >> >> all >> >> things parallel software development, from weekly thought leadership >> >> blogs >> >> to >> >> news, videos, case studies, tutorials and more. Take a look and join >> >> the >> >> conversation now. http://goparallel.sourceforge.net/ >> >> _______________________________________________ >> >> TrouSerS-users mailing list >> >> [email protected] >> >> https://lists.sourceforge.net/lists/listinfo/trousers-users >> > >> > > > ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
