On Friday, July 15, 2016 at 3:34:12 PM UTC+2, Chris Laprise wrote: > On 07/13/2016 11:15 AM, Chris Laprise wrote: > > On 07/12/2016 11:15 AM, Chris Laprise wrote: > >> On 07/12/2016 01:48 AM, Chris Laprise wrote: > >>> On 07/05/2016 02:21 PM, Marek Marczykowski-Górecki wrote: > >>>> -----BEGIN PGP SIGNED MESSAGE----- > >>>> Hash: SHA256 > >>>> > >>>> On Mon, Jul 04, 2016 at 10:26:51AM -0400, Chris Laprise wrote: > >>>>> If I replace the kernel with 4.1 from R3.1, it can make it to the > >>>>> AEM target > >>>>> and the decrypt prompt. It chokes just after decrypting the > >>>>> volumes, but > >>>>> that's to be expected. The 4.4 kernel appears to introduce some > >>>>> factor that > >>>>> causes the crash. > >>>> Interesting, have you tried 4.2 kernel from R3.1 unstable repository? > >>>> Do you have any means of collecting kernel/xen messages? I guess > >>>> you've > >>>> already disabled "quiet" kernel option and also removed "console=none" > >>>> from xen cmdline. > >>>> If this doesn't help, try adding "noreboot" and "sync_console" to > >>>> xen cmdline. > >>>> > >>>> If you have serial console (on docking station?) if would be easier to > >>>> reliably get log messages. > >>>> > >>>> - -- > >>> > >>> I just tried the 4.2 kernel on the stick created by AEM under > >>> R3.2rc1; It seems to work as well as 4.1. > >>> > >>> I'll try 4.4 again removing those boot options. > >>> > >>> Unfortunately, the only docking station here is the kind lacking > >>> serial ports. > >>> > >>> Chris > >>> > >> > >> A bit more info: > >> > >> Removing rd.antievilmaid from 4.4.12 options doesn't help; it still > >> restarts. I also tried 4.4.14 in the unstable repo but that did not > >> help. > >> > >> It appears to be an incompatibility between kernel version 4.4 and > >> tboot. > >> > >> Chris > >> > > > > I am able to get 4.4.* to boot now! The trick was to add > > 'min_ram=0x2000000' to the tboot options like I used to do--the AEM > > README describes how. > > > > But now I cannot get AEM to seal the secret. Nothing at all about AEM > > is displayed during startup, even though rd.antievilmaid is on the > > kernel options line. > > > > Chris > > > > For the record, AEM is now working on my system. The other thing that > was required was to update the anti-evil-maid package to version 3.0.3. > > Chris
Hi Chris, can you confirm that AEM is working now on this preceise laptop : LENOVO T450s (20BWS01D00) If yes, please describe what is required to be modified/setup to make it work. And if confirmed, can someone update the line on the HCL page ? https://www.qubes-os.org/hcl/ Regards -- Fred -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bd3423bf-4a89-40e7-8f2f-366528a733ff%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
