Dell - Internal Use - Confidential > -----Original Message----- > From: Dr. Greg Wettstein [mailto:g...@wind.enjellic.com] > Sent: Friday, December 9, 2016 02:33 > To: Gilbert, Travis <travis_gilb...@dell.com>; tboot- > de...@lists.sourceforge.net > Cc: bluc...@sgi.com > Subject: Re: [tboot-devel] TPM 2.0 + TXT + EFI tboot > > On Dec 8, 10:22pm, <travis.gilb...@dell.com> wrote: > } Subject: [tboot-devel] TPM 2.0 + TXT + EFI tboot > > Good morning, I hope this note finds the end of the week going well for > everyone. > > > I am trying to perform a simple trusted boot on SLES 12 SP2 with TPM > > 2.0 and EFI mode. I can verify that TXT works using getsec64.efi and > > performing SENTER, setting the secrets flag, rebooting and doing > > SENTER then SEXIT. When I select the "tboot 1.9.4" entry in grub2, my > > server pauses for a bit after the loading initial RAM disk step and > > then reboots. I then get an SINIT error notification from BIOS that > > points to a log error (ERR_BAD_LOG_POINTER_PTR2_MATCH). > > > > I am working with a freshly provisioned TPM and a new install of SLES > > 12 SP2. I added the tboot and tpm2.0-tools packages to that install > > and modified grub2 to give me a tboot prompt (I think I added a file > > grub-tboot to /etc/default/ to accomplish this). > > > > Am I missing anything? > > We've been working for almost 10 months, albeit intermittently, attempting > to get a TPM2/TXT environment operational for our security platforms > without complete success. I see that Brian Luckau from SGI commented > downthread and it appears they are still struggling to get something working > as well. > > So you folks at Dell are probably not missing anything as much as the fact > that > we are not convinced that anyone has worked out all of the issues with > Trusted Boot on modern Intel hardware, ie. TPM2 based systems. > > If possible, could you provide some feedback on the hardware platform you > are working on. I'm assuming it is a Dell box of some sort... :-) I'm also > assuming it is vPro compliant, with hardware TPM2 and that you are able to > successfully access the TPM2 hardware from a standard Linux boot and read > NVram, dump PCR's etc?
Yes, I can list PCRs and read NV RAM with the tpm2-tools package. I can read PCR contents with the TPM vendor's tools. > For your reference purposes, I see that you are attempting an EFI based > boot, have you tried to demonstrate a successful measured launch > environment (MLE) with legacy boot enabled? We are currently able to > demonstrate a successful, but minimal, MLE with legacy boot on our > Broadwell NUC5i5MYBE development platforms. We are currently avoiding > EFI due to complexity and firmware vagary issues. I have not tried this on legacy boot. > I see that Ning Sun from Intel replied downthread as well and recommended > that you restrict algorithm agility to SHA256 with the > extpol=sha256 command-line directive to tboot. We have been using that > for months in our minimal boot environment but that doesn't get us past > where we are currently blocked on more advanced MLE configurations. Adding extpol=sha256 got me a successful regular (non-MLE) tboot (thank you Ning Sun!). My first attempt at an MLE policy failed. It appears BootGuard is getting involved and puts me in a reboot loop. I had to do a reinstall of SLES 12 SP2 to get the extpol fix to work. All I added (plus dependencies that were auto-detected) to the base Xen install was tboot, tpm2.0-tools, and tpm2-0-tss. Then I added the "extpol=sha256" to my /etc/grub.d/20_linux_tboot, ran "grub2-mkconfig -o /boot/grub2/grub.cfg", and rebooted. I may have had to run "grub2-install /dev/sda" as well. > Secondly, do you have a Platform Owner Launch Control Policy PO/LCP > defined? You can check this by seeing whether or not the NVram index > location 0x1400001 has been defined. I'm assuming your hardware/ACM > environment is not so new that it would be using the newer 0x1c10106 index > location. We are using the 0x1c10106 location for PO. > The tpm2-tools package should have a utility for dumping out NVram index > locations. We wrote our own TPM2 tooling from scratch based on Ken > Goldman's TSS2 reference library, which comes out of IBM's TJ Watson labs > and which is rock solid from a standards conformance perspective. I can send > you a Linux statically linked diagnostic binary if you have problems looking > for > the PO policy indexes. > > Provided, of course, that you have basic userspace control of the TPM2 chip > in hand. I'm assuming your hardware is implementing a > TIS/MSFT0101 ACPI interface? ACPI/CRB support seems to be a big dodgy > unless you are using custom rolled Linux kernels. > > Hopefully the above information is helpful in moving your work forward. We > would be interested in any feedback you might have on our questions > above. > > Have a good day. > > Greg > > }-- End of excerpt from <travis.gilb...@dell.com> > > As always, > Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC. > 4206 N. 19th Ave. Specializing in information infra-structure > Fargo, ND 58102 development. > PH: 701-281-1686 > FAX: 701-281-3949 EMAIL: g...@enjellic.com > ------------------------------------------------------------------------------ > "If you get to thinkin' you're a person of some influence, try orderin' > somebody else's dog around." > -- Cowboy Wisdom > > > -- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel