There is an Intel TXT enabling guide from Intel website: https://software.intel.com/en-us/articles/intel-trusted-execution-technology-intel-txt-enabling-guide#_Toc383534400.
-ning -----Original Message----- From: Jason Zaman [mailto:ja...@perfinion.com] Sent: Wednesday, August 10, 2016 10:36 PM To: Brian E Luckau <bluc...@sgi.com> Cc: 'tboot-devel@lists.sourceforge.net' <tboot-devel@lists.sourceforge.net> Subject: Re: [tboot-devel] no console will be available to OS On Wed, Aug 10, 2016 at 07:51:16PM -0600, Brian E Luckau wrote: > Hey, 1.9.4 worked a lot better for me! I had tried a similar exercise > ca few weeks ago with whatever was the latest build at the time, but > could have been doing something else wrong for all I know. > > This time, I took the same configuration that I mentioned from 30 > minutes ago but with tboot 1.9.4 and now it is booting. Hopefully I > can move on to the next steps in using Trusted Boot. The documentation for this all is a bit all over the place. I tried to document it all in the gentoo wiki when I got things working from help from this ML. https://wiki.gentoo.org/wiki/Trusted_Boot > On 08/10/2016 07:26 PM, Brian E Luckau wrote: > > Thank you for the tips. I had indeed been trying to get output on > > serial as well but not getting anything. > > I got serial output to happen successfully this time; this is my > > current line in grub.cfg: > > > > multiboot2 /tboot.gz /tboot.gz logging=serial,memory,vga > > loglvl=all serial=115200,8n1,0x2f8 > > > > Now I'm able to get more information on serial (after adding that > > serial= entry) > > > > It turns out it is hanging at > > > > TBOOT: transfering control to kernel @0x1000000... > > > > SO... I would venture to say people who write in with the "no > > console will be available to OS" problem are barking up the wrong > > tree, like I was. If you can get the serial output then more might > > come to light about what is really happening. > > > > We may need to try this on better TXT-enabled hardware with the > > right BIOS. However, I'm confused at the fact that it hangs here if > > we are using UEFI but not if we are using legacy grub. Tboot isnt a UEFI aware thing, so you still need to have some compat stuff turned on. In my Thinkpad T440s, I have to enable "CSM" otherwise it just dies. With CSM enabled, UEFI+grub2+multiboot2 works fine tho. https://wiki.gentoo.org/wiki/Trusted_Boot#BIOS_configuration Another thing you can try, if it is resetting and you want to be sure that its happening after tboot, put a while(1) {} in tboot right before the jump to the kernel and see if it hangs. You can also boot into the UEFI shell after a reset and run "mem fed30030 4" and see what the error code was set to when it died. -- Jason > > > > I'm accustomed to the system booting regardless of whether you have > > the hardware, bios, etc. for it. You just would not get a measured > > boot. So, still scratching my head here. > > > > > > -- Brian > > > > On 07/31/2016 01:54 PM, Brian Luckau wrote: > >> Re: [tboot-devel] no console will be available to OS Will try that > >> when I Wade back onto it again. Last week tried we could get it to > >> work with legacy bios but not EFI > >> > >> -----Original Message----- > >> *From: *Jason Zaman [ja...@perfinion.com > >> <mailto:ja...@perfinion.com>] > >> *Sent: *Sunday, July 31, 2016 09:51 AM Central Standard Time > >> *To: *Justin King-Lacroix > >> *Cc: *tboot-devel@lists.sourceforge.net > >> *Subject: *Re: [tboot-devel] no console will be available to OS > >> > >> On Fri, Jul 29, 2016 at 01:01:46PM -0700, Justin King-Lacroix wrote: > >> > Nope, doesn't work on (at least) recent Lenovo laptops. Tried it > >> > a few weeks back. > >> > > >> > Getting the same "WARNING: no console will be available to OS" on > >> 1.9.4, > >> > too. > >> > > >> > On 29 July 2016 at 09:26, Sun, Ning <ning....@intel.com> wrote: > >> > > >> > > There is a latest tboot 1.9.4 to download on sourceforge > >> > > https://sourceforge.net/projects/tboot/ > >> > > You can collect tboot output through serial port in a UEFI boot. > >> > > For install and run tboot in UEFI, you also can follow the wiki > >> > > here https://sourceforge.net/p/tboot/wiki/Home/. > >> > > README in tboot source code tree is very helpful as well. > >> > > Hope this helps. > >> > > > >> > > -ning > >> > > > >> > > -----Original Message----- > >> > > From: Brian E Luckau [mailto:bluc...@sgi.com] > >> > > Sent: Thursday, July 28, 2016 3:21 PM > >> > > To: tboot-devel@lists.sourceforge.net > >> > > Subject: [tboot-devel] no console will be available to OS > >> > > > >> > > Hi, > >> > > > >> > > I have tried searching the archives with no luck. When I try to > >> use tboot > >> > > with UEFI, it gives me: > >> > > > >> > > Loading tboot 1.8.1 > >> > > WARNING: no console will be available to OS Loading Linux > >> > > 3.10.0-327.el7.x86_64 Loading initial ramdisk ... > >> > > > >> > > Then nowhere. I have tried using console=tty0, > >> console=ttyS1,115200 and > >> > > various different variations of this. > >> > >> You need to use something like this: > >> loglvl=all logging=memory,serial serial=115200,8n1,0x30b0 > >> > >> console= is a linux cmdline option. tboot needs serial=. also you > >> need to find the hex addr of the serial port which Ive forgotten how to do. > >> that addr is for my the AMT serial thing on my Lenovo T440s > >> > >> -- Jason > >> > >> > > > >> > > My colleagues and I have not been able to get tboot to work on > >> > > EFI platforms. I am sure there may be something wrong with our > >> config but we > >> > > are flying blind. How do others deal with this when it occurs? > >> > > > >> > > > >> > > > >> > > > >> ------------------------------------------------------------------- > >> ----------- > >> > > _______________________________________________ > >> > > tboot-devel mailing list > >> > > tboot-devel@lists.sourceforge.net > >> > > https://lists.sourceforge.net/lists/listinfo/tboot-devel > >> > > > >> > > > >> > > > >> ------------------------------------------------------------------- > >> ----------- > >> > > _______________________________________________ > >> > > tboot-devel mailing list > >> > > tboot-devel@lists.sourceforge.net > >> > > https://lists.sourceforge.net/lists/listinfo/tboot-devel > >> > > > >> > >> > > >> ------------------------------------------------------------------- > >> ----------- > >> > >> > _______________________________________________ > >> > tboot-devel mailing list > >> > tboot-devel@lists.sourceforge.net > >> > https://lists.sourceforge.net/lists/listinfo/tboot-devel > >> > >> > >> ------------------------------------------------------------------- > >> ----------- _______________________________________________ > >> tboot-devel mailing list > >> tboot-devel@lists.sourceforge.net > >> https://lists.sourceforge.net/lists/listinfo/tboot-devel > >> > >> > >> > >> ------------------------------------------------------------------- > >> ----------- > >> > >> > >> _______________________________________________ > >> tboot-devel mailing list > >> tboot-devel@lists.sourceforge.net > >> https://lists.sourceforge.net/lists/listinfo/tboot-devel > > > > > > > > -------------------------------------------------------------------- > > ---------- What NetFlow Analyzer can do for you? Monitors network > > bandwidth and traffic patterns at an interface-level. Reveals which > > users, apps, and protocols are consuming the most bandwidth. > > Provides multi-vendor support for NetFlow, J-Flow, sFlow and other > > flows. Make informed decisions using capacity planning reports. > > http://sdm.link/zohodev2dev > > > > > > _______________________________________________ > > tboot-devel mailing list > > tboot-devel@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/tboot-devel > ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. http://sdm.link/zohodev2dev _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. http://sdm.link/zohodev2dev _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel