On 05/09/2016 07:51 PM, Sun, Ning wrote: > BanDan, Tony, > > We tried out your patch, unfortunately it did not work on our > machines, did you test your patch before submitting it?> > -ning
Yes, I did test it, and I just tested it again, on bare metal and on the virtual guest. Below is what I got from the bare metal boot. What are your lpc settings? Loading tboot 1.8.3 ... Loading Linux 3.10.0-352.el7.x86_64 ... Loading initial ramdisk ... TBOOT: CPU is SMX-capable TBOOT: ERR: IA32_FEATURE_CONTROL_MSR_LOCK is not locked TBOOT: ******************* TBOOT ******************* TBOOT: 2015-05-08 12:00 -0800 1.8.3 TBOOT: ********************************************* TBOOT: command line: logging=serial,memory,vga TBOOT: CPU is SMX-capable TBOOT: ERR: IA32_FEATURE_CONTROL_MSR_LOCK is not locked TBOOT: CPU is SMX-capable TBOOT: ERR: IA32_FEATURE_CONTROL_MSR_LOCK is not locked TBOOT: BSP is cpu 0 TBOOT: original e820 map: TBOOT: 0000000000000000 - 000000000009e000 (1) TBOOT: 0000000000100000 - 00000000bd2f0000 (1) TBOOT: 00000000bd2f0000 - 00000000bd31c000 (2) TBOOT: 00000000bd31c000 - 00000000bd35b000 (3) TBOOT: 00000000bd35b000 - 00000000c0000000 (2) TBOOT: 00000000e0000000 - 00000000f0000000 (2) TBOOT: 00000000fe000000 - 0000000100000000 (2) TBOOT: 0000000100000000 - 0000000840000000 (1) TBOOT: checking if module is an SINIT for this platform... TBOOT: ACM size is too small: acmod_size=1ccd685, acm_hdr->size*4=c0c0c0c0 TBOOT: no SINIT AC module found TBOOT: TXT.SINIT.BASE: 0xbf700000 TBOOT: TXT.SINIT.SIZE: 0x20000 (131072) TBOOT: BIOS has already loaded an SINIT module TBOOT: chipset production fused: 1 TBOOT: chipset ids: vendor: 0x8086, device: 0xb001, revision: 0x1 TBOOT: processor family/model/stepping: 0x206d7 TBOOT: platform id: 0xc000000000000 TBOOT: 1 ACM chipset id entries: TBOOT: vendor: 0x8086, device: 0xb001, flags: 0x1, revision: 0x3f, extended: 0x0 TBOOT: 2 ACM processor id entries: TBOOT: fms: 0x306e0, fms_mask: 0xfff0ff0, platform_id: 0x0, platform_mask: 0x0 TBOOT: fms: 0x206d0, fms_mask: 0xfff0ff0, platform_id: 0x0, platform_mask: 0x0 TBOOT: no SINIT provided by bootloader; using BIOS SINIT TBOOT: AC mod base alignment OK TBOOT: SMXE not enabled, can't read parameters TBOOT: get_parameters() failed TBOOT: verifying AC module failed. TBOOT: no LCP module found TBOOT: ELF magic number is not matched, image is not ELF format. TBOOT: assuming kernel is Linux format TBOOT: Initrd from 0x7e332000 to 0x7ffff685 TBOOT: Kernel (protected mode) from 0x1000000 to 0x14ef070 TBOOT: Kernel (real mode) from 0x90000 to 0x94200 TBOOT: Linux cmdline placed in header: root=/dev/mapper/rhel_dell--pem520--02-root ro crashkernel=auto rd.lvm TBOOT: .lv=rhel_dell-pem520-02/root rd.lvm.lv=rhel_dell-pem520-02/swap consol TBOOT: e=ttyS0,115200n81 intel_iommu=on TBOOT: TBOOT: transfering control to kernel @0x1000000... [ 0.000000] Initializing cgroup subsys cpuset [ 0.000000] Initializing cgroup subsys cpu [ 0.000000] Initializing cgroup subsys cpuacct [ 0.000000] Linux version 3.10.0-352.el7.x86_64 (mockbu...@x86-034.build.eng.bos.redhat.com) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC) ) #1 SMP Fri Feb 26 08:30:34 EST 2016 -- snip -- ------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel