I believe the message "WARNING: no console will be available to OS Loading
Linux" appears because UEFI does not support text-mode graphics, which was a
graphics mode supported by legacy BIOS. This issue should only prevent messages
from being displayed on the screen until the kernel configures the graphics
hardware. This issue should not prevent the system from booting.
If tboot is printing " TBOOT: transfering control to kernel @0x1000000...",
then it is likely that TBoot does what it's supposed to do without problems and
then the system is crashing while booting the kernel. I would recommend booting
the Linux kernel with a serial console and see the kernel messages for where
and why the kernel crashes. The serial console can be enabled with the kernel
command-line argument "console=ttyS0,115200n8".
One thing to note is that with tboot and UEFI boot, the Linux kernel had to be
passed the "noefi" argument. This argument is added by default on Ubuntu.
Failing to provide this argument, I've seen the Linux kernel crash in the past.
Although, "noefi" does not appear to be a valid kernel command-line argument in
newer kernels (v3.18 onwards).
Based on the code, I'm not entirely sure that "TBoot isn't UEFI aware". TBoot
is launched using the multiboot or multiboot2 protocol. As a part of the
protocol, TBoot is passed relevant information through the multiboot and
multiboot2 information structures, respectively. TBoot has a function called
"is_loader_launch_efi" in "tboot/common/loader.c". This function checks if the
function "get_loader_efi_ptr" (also in "tboot/common/loader.c") can find
EFI-related tags and variables in the multiboot2 information structure. So,
from what I understand, TBoot can detect an EFI launch if TBoot is booted using
the multiboot2 command. I try to explain below how the boot process works
(based on my understanding of the code).
The main function responsible for launching the follow-on kernel is
"launch_kernel" in "tboot/common/loader.c". If the first module (the follow-on
kernel) loaded after TBoot is NOT an ELF binary, TBoot attempts to boot the
kernel with the Linux boot protocol. As a part of the protocol TBoot unpacks
and places parts of the Linux image in memory and the populates a data
structure called "boot_params_t". TBoot passes the Linux kernel EFI-related
information by populating the appaopriate field in this data structure.
If the first module (the follow-on kernel) loaded after tboot IS an ELF binary
(not a Linux kernel image), TBoot will attempt to launch the kernel using the
multiboot or multiboot2 protocol. Which protocol is used depends on which
protocol is supported by the kernel (which magic number is present in the
kernel image) and how TBoot was launched. However, there are restrictions. The
six different cases are summarized below:
If the follow-on kernel only supports multiboot (not multiboot2)
If TBoot was launched with multiboot2
If TBoot detects an EFI launch
Fail the measured launch (case 1)
Else if TBoot detects no EFI launch
Launch the kernel (case 2)
Fi
Else if TBoot was launched with multiboot
Launch the kernel (case 3)
Fi
Else if the follow-on kernel supports only multiboot2
If TBoot was launched with multiboot2
Launch the kernel (case 4)
Else if TBoot was launched with multiboot
Fail the measured launch (case 5)
Fi
Else if the follow-on kernel supports both multiboot and multiboot2
Launch the kernel (case 6)
Fi
Since this affects the usage of TBoot, it might be useful to document the above.
Safayet N. Ahmed
Computer Engineer
Software, Sciences & Analytics
GE Global Research Center
One Research Circle,
Niskayuna, NY 12309 United States
General Electric Company, GE Global Research
GE imagination at work
-----Original Message-----
From: Jason Zaman [mailto:ja...@perfinion.com]
Sent: Thursday, August 11, 2016 1:36 AM
To: Brian E Luckau <bluc...@sgi.com>
Cc: 'tboot-devel@lists.sourceforge.net' <tboot-devel@lists.sourceforge.net>
Subject: EXT: Re: [tboot-devel] no console will be available to OS
On Wed, Aug 10, 2016 at 07:51:16PM -0600, Brian E Luckau wrote:
> Hey, 1.9.4 worked a lot better for me! I had tried a similar exercise
> ca few weeks ago with whatever was the latest build at the time, but
> could have been doing something else wrong for all I know.
>
> This time, I took the same configuration that I mentioned from 30
> minutes ago but with tboot 1.9.4 and now it is booting. Hopefully I
> can move on to the next steps in using Trusted Boot.
The documentation for this all is a bit all over the place. I tried to document
it all in the gentoo wiki when I got things working from help from this ML.
https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.gentoo.org_wiki_Trusted-5FBoot&d=CwICAg&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1EFfg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=v8YQyjXy00S3XgHTKXb6n1jdffKqaAr5WCIAuDDNPh8&e=
> On 08/10/2016 07:26 PM, Brian E Luckau wrote:
> > Thank you for the tips. I had indeed been trying to get output on
> > serial as well but not getting anything.
> > I got serial output to happen successfully this time; this is my
> > current line in grub.cfg:
> >
> > multiboot2 /tboot.gz /tboot.gz logging=serial,memory,vga
> > loglvl=all serial=115200,8n1,0x2f8
> >
> > Now I'm able to get more information on serial (after adding that
> > serial= entry)
> >
> > It turns out it is hanging at
> >
> > TBOOT: transfering control to kernel @0x1000000...
> >
> > SO... I would venture to say people who write in with the "no
> > console will be available to OS" problem are barking up the wrong
> > tree, like I was. If you can get the serial output then more might
> > come to light about what is really happening.
> >
> > We may need to try this on better TXT-enabled hardware with the
> > right BIOS. However, I'm confused at the fact that it hangs here if
> > we are using UEFI but not if we are using legacy grub.
Tboot isnt a UEFI aware thing, so you still need to have some compat stuff
turned on. In my Thinkpad T440s, I have to enable "CSM" otherwise it just dies.
With CSM enabled, UEFI+grub2+multiboot2 works fine tho.
https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.gentoo.org_wiki_Trusted-5FBoot-23BIOS-5Fconfiguration&d=CwICAg&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1EFfg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=hjxXSjZxrsUl-_O3whKPwi34GXP91rGBUqz_8dWMtaQ&e=
Another thing you can try, if it is resetting and you want to be sure that its
happening after tboot, put a while(1) {} in tboot right before the jump to the
kernel and see if it hangs.
You can also boot into the UEFI shell after a reset and run "mem fed30030 4"
and see what the error code was set to when it died.
-- Jason
> >
> > I'm accustomed to the system booting regardless of whether you have
> > the hardware, bios, etc. for it. You just would not get a measured
> > boot. So, still scratching my head here.
> >
> >
> > -- Brian
> >
> > On 07/31/2016 01:54 PM, Brian Luckau wrote:
> >> Re: [tboot-devel] no console will be available to OS Will try that
> >> when I Wade back onto it again. Last week tried we could get it to
> >> work with legacy bios but not EFI
> >>
> >> -----Original Message-----
> >> *From: *Jason Zaman [ja...@perfinion.com
> >> <mailto:ja...@perfinion.com>]
> >> *Sent: *Sunday, July 31, 2016 09:51 AM Central Standard Time
> >> *To: *Justin King-Lacroix
> >> *Cc: *tboot-devel@lists.sourceforge.net
> >> *Subject: *Re: [tboot-devel] no console will be available to OS
> >>
> >> On Fri, Jul 29, 2016 at 01:01:46PM -0700, Justin King-Lacroix wrote:
> >> > Nope, doesn't work on (at least) recent Lenovo laptops. Tried it
> >> > a few weeks back.
> >> >
> >> > Getting the same "WARNING: no console will be available to OS" on
> >> 1.9.4,
> >> > too.
> >> >
> >> > On 29 July 2016 at 09:26, Sun, Ning <ning....@intel.com> wrote:
> >> >
> >> > > There is a latest tboot 1.9.4 to download on sourceforge
> >> > > https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforg
> >> > > e.net_projects_tboot_&d=CwICAg&c=IV_clAzoPDE253xZdHuilRgztyh_Ri
> >> > > V3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1EFfg&m=n
> >> > > WW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=R426o5Ee62Mj9i9qvT
> >> > > LwlVPROrHIEe0FX1EuiRxNUTE&e= You can collect tboot output
> >> > > through serial port in a UEFI boot.
> >> > > For install and run tboot in UEFI, you also can follow the wiki
> >> > > here
> >> > > https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforge.net_p_tboot_wiki_Home_&d=CwICAg&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1EFfg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=XWGugXjeFe8FiMS9-JQor3hVRJO4EnteUZ3lhVKncwc&e=
> >> > > .
> >> > > README in tboot source code tree is very helpful as well.
> >> > > Hope this helps.
> >> > >
> >> > > -ning
> >> > >
> >> > > -----Original Message-----
> >> > > From: Brian E Luckau [mailto:bluc...@sgi.com]
> >> > > Sent: Thursday, July 28, 2016 3:21 PM
> >> > > To: tboot-devel@lists.sourceforge.net
> >> > > Subject: [tboot-devel] no console will be available to OS
> >> > >
> >> > > Hi,
> >> > >
> >> > > I have tried searching the archives with no luck. When I try to
> >> use tboot
> >> > > with UEFI, it gives me:
> >> > >
> >> > > Loading tboot 1.8.1
> >> > > WARNING: no console will be available to OS Loading Linux
> >> > > 3.10.0-327.el7.x86_64 Loading initial ramdisk ...
> >> > >
> >> > > Then nowhere. I have tried using console=tty0,
> >> console=ttyS1,115200 and
> >> > > various different variations of this.
> >>
> >> You need to use something like this:
> >> loglvl=all logging=memory,serial serial=115200,8n1,0x30b0
> >>
> >> console= is a linux cmdline option. tboot needs serial=. also you
> >> need to find the hex addr of the serial port which Ive forgotten how to do.
> >> that addr is for my the AMT serial thing on my Lenovo T440s
> >>
> >> -- Jason
> >>
> >> > >
> >> > > My colleagues and I have not been able to get tboot to work on
> >> > > EFI platforms. I am sure there may be something wrong with our
> >> config but we
> >> > > are flying blind. How do others deal with this when it occurs?
> >> > >
> >> > >
> >> > >
> >> > >
> >> -------------------------------------------------------------------
> >> -----------
> >> > > _______________________________________________
> >> > > tboot-devel mailing list
> >> > > tboot-devel@lists.sourceforge.net
> >> > > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sour
> >> > > ceforge.net_lists_listinfo_tboot-2Ddevel&d=CwICAg&c=IV_clAzoPDE
> >> > > 253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T
> >> > > 3uK505eKqf1EFfg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s
> >> > > =9P4JuEyP-6qe4vd9yBNOCzeEO6ZW1ml_yf_pSwuKcHA&e=
> >> > >
> >> > >
> >> > >
> >> -------------------------------------------------------------------
> >> -----------
> >> > > _______________________________________________
> >> > > tboot-devel mailing list
> >> > > tboot-devel@lists.sourceforge.net
> >> > > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sour
> >> > > ceforge.net_lists_listinfo_tboot-2Ddevel&d=CwICAg&c=IV_clAzoPDE
> >> > > 253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T
> >> > > 3uK505eKqf1EFfg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s
> >> > > =9P4JuEyP-6qe4vd9yBNOCzeEO6ZW1ml_yf_pSwuKcHA&e=
> >> > >
> >>
> >> >
> >> -------------------------------------------------------------------
> >> -----------
> >>
> >> > _______________________________________________
> >> > tboot-devel mailing list
> >> > tboot-devel@lists.sourceforge.net
> >> > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.source
> >> > forge.net_lists_listinfo_tboot-2Ddevel&d=CwICAg&c=IV_clAzoPDE253x
> >> > ZdHuilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505
> >> > eKqf1EFfg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=9P4JuEy
> >> > P-6qe4vd9yBNOCzeEO6ZW1ml_yf_pSwuKcHA&e=
> >>
> >>
> >> -------------------------------------------------------------------
> >> ----------- _______________________________________________
> >> tboot-devel mailing list
> >> tboot-devel@lists.sourceforge.net
> >> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourcefo
> >> rge.net_lists_listinfo_tboot-2Ddevel&d=CwICAg&c=IV_clAzoPDE253xZdHu
> >> ilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1E
> >> Ffg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=9P4JuEyP-6qe4vd
> >> 9yBNOCzeEO6ZW1ml_yf_pSwuKcHA&e=
> >>
> >>
> >>
> >> -------------------------------------------------------------------
> >> -----------
> >>
> >>
> >> _______________________________________________
> >> tboot-devel mailing list
> >> tboot-devel@lists.sourceforge.net
> >> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourcefo
> >> rge.net_lists_listinfo_tboot-2Ddevel&d=CwICAg&c=IV_clAzoPDE253xZdHu
> >> ilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1E
> >> Ffg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=9P4JuEyP-6qe4vd
> >> 9yBNOCzeEO6ZW1ml_yf_pSwuKcHA&e=
> >
> >
> >
> > --------------------------------------------------------------------
> > ---------- What NetFlow Analyzer can do for you? Monitors network
> > bandwidth and traffic patterns at an interface-level. Reveals which
> > users, apps, and protocols are consuming the most bandwidth.
> > Provides multi-vendor support for NetFlow, J-Flow, sFlow and other
> > flows. Make informed decisions using capacity planning reports.
> > https://urldefense.proofpoint.com/v2/url?u=http-3A__sdm.link_zohodev
> > 2dev&d=CwICAg&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRz
> > n8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1EFfg&m=nWW1UsG1aJ3z32iUfnYnwirEj04D
> > aNuVRSkvNAXJPx0&s=sgEfUWwnilCfpUqVndpwf2-1DBKL_qc1ch7wEPFAHZc&e=
> >
> >
> > _______________________________________________
> > tboot-devel mailing list
> > tboot-devel@lists.sourceforge.net
> > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourcefor
> > ge.net_lists_listinfo_tboot-2Ddevel&d=CwICAg&c=IV_clAzoPDE253xZdHuil
> > Rgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1EFfg
> > &m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=9P4JuEyP-6qe4vd9yBN
> > OCzeEO6ZW1ml_yf_pSwuKcHA&e=
>
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports.
https://urldefense.proofpoint.com/v2/url?u=http-3A__sdm.link_zohodev2dev&d=CwICAg&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1EFfg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=sgEfUWwnilCfpUqVndpwf2-1DBKL_qc1ch7wEPFAHZc&e=
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_tboot-2Ddevel&d=CwICAg&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=lDSLRzn8YUPmwjLuy9Ek9Dy-T15T3uK505eKqf1EFfg&m=nWW1UsG1aJ3z32iUfnYnwirEj04DaNuVRSkvNAXJPx0&s=9P4JuEyP-6qe4vd9yBNOCzeEO6ZW1ml_yf_pSwuKcHA&e=
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
