I guess you are using pv guests, I don't know exactly if Quan finished development for hvm. I suggest to take a look at tcsd log: pkill tcsd tcsd -f & tpm_takeownership -z -y -l debug Also can you see if /sys/devices/vtpm-0 and /dev/tpm0 are present?
On Wed, Jun 24, 2015 at 6:16 PM, Marcos Simó Picó <marco...@kth.se> wrote: > Hello everyone, > > > I would like to try the vTPM feature, but I'm having some issues. > Basically, I followed the steps explained in > https://mhsamsal.wordpress.com/2013/12/05/configuring-virtual-tpm-vtpm-for-xen-4-3-guest-virtual-machines/ > > > I'm running Ubuntu 14.04 as Dom0 on a Dell optiplex-9020. I compiled Xen > 4.5.0 from source. After creating vtpmmgr and vtpm stubdoms, and DomU, I > can invoke tpm_version from DomU: > > > root@DomU:/home/xen# tpm_version > TPM 1.2 Version Info: > Chip Version: 1.2.0.7 > Spec Level: 2 > Errata Revision: 1 > TPM Vendor ID: ETHZ > TPM Version: 01010000 > Manufacturer Info: 4554485a > > > I can also see the PCRs status by invoking cat > /sys/class/misc/tpm0/device/pcrs, however, most of the commands return an > error. When I invoke takeownership I get the following error: > > > root@DomU:/home/xen# tpm_takeownership -y -z -l debug > Tspi_Context_Create success > Tspi_Context_Connect success > Tspi_Context_GetTpmObject success > Tspi_GetPolicyObject success > Tspi_Policy_SetSecret success > Tspi_Context_CreateObject success > Tspi_GetPolicyObject success > Tspi_Policy_SetSecret success > Tspi_TPM_TakeOwnership failed: 0x00002004 - layer=tcs, code=0004 (4), > Internal software error > Tspi_Context_CloseObject success > Tspi_Context_FreeMemory success > Tspi_Context_Close success > > > The same error is given when invoking tpm_getpubkey. I have already > tried after clearing the TPM from BIOS, after having taken ownership and > with ownership no taken with the same result when using the vTPM. I have > also installed Xen 4.3.4, with the same result too. > > > In the end, I would like to use the vTPM to generate and use RSA keys > for TLS session establishing (using the API provided with GnuTLS). Since I > cannot take ownership of the vTPM, the GnuTLS' tpmtool complains it doesn't > find any SRK. > > > I really appreciate any help you can provide. > > > Best regards, > > Marcos > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > http://lists.xen.org/xen-devel > >
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
