I'm using a Thinkpad T420. When I first installed AEM, I had to disable TXT in order to get any output from `cat /sys/devices/*/*/pcrs`. I wasn't really sure if TXT was needed back then, but I understand now that it is.
A few hours ago I did my dom0 update from qubes-dom0-current-testing, and I got the AEM related upgrades. After rereading the docs on installing I decided to reinstall AEM the proper way with TXT. Here are the steps I took and the results (tl;dr: I can't see the tpm no matter what now). 1. I shutdown and go to BIOS where I enable TXT. 2. Startup with AEM does not work. 3. Startup without AEM. No output from `cat /sys/devices/*/*/pcrs`, even though the file exists. 4. Shutdown, to BIOS, disable TXT. 6. Startup without AEM. Output from `cat /sys/devices/*/*/pcrs` is normal. Following docs I issue `tpm_clear -y`. Output and docs tell me to restart (docs mention clearing tpm in BIOS, but stdout does not). 7. Restart, to BIOS, option for clearing tpm is gone from BIOS?!?! 8. Whether TXT is enabled or not, the pcrs file is always blank and no tpm commands can communicate with the device. Any ideas? I've attempted disabling and reenabling the chip in BIOS to no effect. -- qubenix GPG: B536812904D455B491DCDCDD04BE1E61A3C2E500 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/52e404fd-0b2d-8df8-9f5b-c3acabe0c970%40riseup.net. For more options, visit https://groups.google.com/d/optout.
