Just to finish up this chain I figured I should report in. We set the NV flag (tpm_nvdefine -i 0xffffffff -s 0), and just type in the owner password for everything. The PCRs still seem to lock the data. The presence flag doesn't get set, but it seems to work. Once all the flags are set up properly, the nvread (without trousers) works properly and the TPM seems to abide by the proper rules.
David, if you are still up for posting the command to initialize the TPM, that would be really good, if for nothing other than reference. The internet seems to have forgotten the command to do that. I do appreciate everyone's help on the issue. On Tue, Sep 15, 2015 at 10:06 AM, Ken Goldman <[email protected]> wrote: > On 9/14/2015 12:57 AM, Todd Griggins wrote: > >> This is mildly confusing to me - as the TPM module on sale is for >> end-users (for the most part, what we are), not of OEMs. This is also >> confusing because this is not the state other TPMs come in, such as from >> Dell or HP. >> > > If you are buying uninitialized TPM chips, you are not an end user. You > are in the same position as an OEM, and you must initialize it. > > AS for the rest of the email, remember that we are volunteers. It's > unlikely that anyone will give priority to analyzing your 5 page blog over > their day job. I suggest that you create a much shorter version of your > post, with one precise question and a meaningful subject. > > > >
------------------------------------------------------------------------------
_______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
